Network+ Domain 1: Network Architecture
5. Blocking Explanation A backup bridge is in the blocking state. It receives packets addressed specifically to it and packets addressed to all bridges. It does not forward packets or build its database.
A switch running STP is classified as a backup bridge. What state is it in? 1. Learning 2. Disabled 3. Forwarding 4. Listening 5. Blocking
1. ip default-gateway 192.168.10.185 Explanation To enable management from a remote network, configure the default gateway. Use the following command in global configuration mode: switch(config)#ip default-gateway IP_address
Which command would you use on a switch to enable management from a remote network? 1. ip default-gateway 192.168.10.185 2. ip address dhcp 3. no shutdown 4. ip address 192.168.10.185 255.255.255.0
1. Switch Explanation Use a switch to create additional collision domains on a LAN. A switch filters an entire network and creates virtual LANs inside it, rather than dividing it into separate internetworks as a router does.
You want to reduce collisions by creating separate collision domains and virtual LANs. Which of the following devices should you choose? 1. Switch 2. Router 3. Bridge 4. Active hub
Which of the following benefits apply only to creating VLANs with switches and not to segmenting the network with regular switches? 1. You can provide guaranteed bandwidth between two devices. 2. You can segment the network based on physical location. 3. You can create multiple broadcast domains. 4. You can create multiple collision domains.
3. You can create multiple broadcast domains. Explanation By creating a VLAN, you create multiple broadcast domains, with each VLAN being in its own broadcast domain. Using switches without VLANs lets you segment the network based on physical location, create multiple collision domains, and provide guaranteed bandwidth between devices.
3. Access is denied. Explanation Access to the console through a Telnet or SSH session is controlled by the login and password entries. To prevent VTY access, there must be a login entry without a password set. Access is allowed based on the following conditions: • no login, no password = access is allowed without a password • login, no password = access is denied (the error message indicates that a password is required but not set) • no login, password = access is allowed without a password • login, password = access is allowed only with a password
A router is configured with the login, no password condition for console access. Which of the following statements is true about access via a Telnet or SSH session? 1. Access is allowed without a password. 2. Access is allowed only with a password. 3. Access is denied. 4. Access is allowed without a password.
1. It uses the source MAC address and network segment information to build its bridge database, but does not forward the message. Explanation A switch in the learning state will build its database through the information it receives from incoming messages. However, it does not forward messages. Remember, devices forward messages only if they are in the forwarding state.
A switch running STP is in the learning state. A message destined for a different network segment arrives at the switch. Which of the following best describes what the switch will do? 1. It uses the source MAC address and network segment information to build its bridge database, but does not forward the message. 2. It does not record address or segment information. However, the message is forwarded. 3. It places the source address and segment in its database and forwards the message. 4. It does not record address or segment information. It does not forward the message.
4. It does not record address or segment information. It does not forward the message. Explanation A switch in listening state receives packets but does not build its database or forward them. Switches in the listening state are in the process of defining their role on the network.
A switch running STP is in the listening state. A message destined for a different network segment arrives at the switch. Which of the following best describes what the switch will do? 1. It places the source address and segment in its database and forwards the message. 2. It places the source address and segment in its database, but does not forward the message. 3. It does not record address or segment information. However, the message is forwarded. 4. It does not record address or segment information. It does not forward the message.
3. Switch Explanation Use a switch to create virtual LANs (VLANs). The various ports on a switch can be assigned to a specific VLAN to create logically distinct networks on the same physical network topology. Routers, gateways, and hubs are common network devices, but they do not support the creation of VLANs.
A virtual LAN can be created using which of the following? 1. Router 2. Gateway 3. Switch 4. Hub
3. syslog Explanation The syslog standard is used for managing and sending log messages from one computer system to another. It can analyze messages and notify administrators of problems or performance. A packet sniffer is special software that captures (records) frames that are transmitted on the network. A protocol analyzer is a special type of packet sniffer that captures transmitted frames. A load tester simulates a load on a server or service.
Each of the following are tools used to check the health of a network. Which of these is typically used for managing and sending messages from one computer system to another? 1. Packet sniffer 2. Load tester 3. syslog 4. Protocol analyzer
3. Sends a message via email or SMS when an event occurs. Explanation SNMP alerts can be configured so that when an event occurs, a message will be sent via email or SMS (text message). GETNEXT messages are used by Walk. A message sent from a management system requesting information about a specific OID is a Get. An event on an agent that logs details is a trap.
One of the components of Simple Network Management Protocol (SNMP) is an alert. Which of the following best describes an SNMP alert? 1. An event configured on an agent. When the event occurs, the agent logs details regarding the event. 2. Uses GETNEXT messages to navigate the structure of an MIB. 3. Sends a message via email or SMS when an event occurs. 4. A message sent from a management system, requesting information about a specific OID.
3. System Explanation A system log records operating system, system, and hardware events. The system log will contain entries for when the system was shut down or started, when new hardware is added, and when new services are started. A performance log records information about the use of system resources, such as the processor, memory, disk, or network utilization. A firewall log identifies traffic that has been allowed or denied through a firewall. A security log records information related to logons, such as incorrect passwords being used, and the use of user rights.
Over the past few days, a server has gone offline and rebooted automatically several times. You would like to see a record of when each of these restarts has occurred. Which log type should you check? 1. Firewall 2. Performance 3. System 4. Security
2. A broadcast storm occurs when there are so many broadcast messages on the network that they approach or exceed the network bandwidth. Explanation A broadcast storm occurs when there are so many broadcast messages on the network that they approach or exceed the network bandwidth
Select the statement that best describes a broadcast storm. 1. A broadcast storm occurs when the amount of electrical interference on a cable exceeds acceptable levels, broadcasting a storm of noise, and preventing accurate data transfer. 2. A broadcast storm occurs when there are so many broadcast messages on the network that they approach or exceed the network bandwidth. 3. A broadcast storm occurs when the level of TCP/IP transfers overwhelm a gateway. 4. A broadcast storm occurs when a network server loses its connection to the network, and the disconnected cable sends feedback messages that overwhelm the network cable capacity.
1. Listening Explanation Switches that are exchanging STP configuration information to define their roles are in the listening state. After listening, designated bridges progress to learning and then forwarding. Backup bridges return to blocking.
Switches running STP are in the process of exchanging BPDUs and redefining their roles. In what port state are the switches? 1. Listening 2. Forwarding 3. Blocking 4.Learning 5. Disabled
Conf t int fa0/0 no shut show interface status Explanation To complete the requirements of this scenario, you need to use the following commands: • Enter global configuration mode: conf t • Enter interface configuration mode: int fa0/0 • Enable the interface: no shut • Verify the interface status: show interface status
The FastEthernet 0/0 interface on a switch is currently disabled. You need to enable it so a workstation can be connected to it. What is the following commands to accomplish this task? Enter global configuration mode: Enter interface configuration mode: Enable the interface: Verify the interface is disabled:
3. Console Explanation Console Controls the ability to log on to the device through a console connection. VTY Controls the ability to log on to the device using a virtual terminal (VTY) connection. EXEC mode Controls the ability to switch to configuration modes.
What Cisco device password controls the ability to connect to the device using a direct connection? 1. VTY 2. EXEC 3. Console
1. VTY Explanation Console Controls the ability to log on to the device through a console connection. VTY Controls the ability to log on to the device using a virtual terminal (VTY) connection. EXEC mode Controls the ability to switch to configuration modes.
What Cisco device password controls the ability to log on through a LAN or WAN interface configured on the device? 1. VTY 2. EXEC 3. Console
2. EXEC Explanation Console Controls the ability to log on to the device through a console connection. VTY Controls the ability to log on to the device using a virtual terminal (VTY) connection. EXEC mode Controls the ability to switch to configuration modes.
What Cisco device password controls the ability to switch configuration modes? 1. VTY 2. EXEC 3. Console
1. Configures the switch to obtain an IP address from a DHCP server. Explanation You can use the ip address dhcp command to configure a switch (or a router) to get its IP address from a DHCP server. The DHCP server can be configured to deliver the default gateway and DNS server addresses to the Cisco device as well. A manually configured default gateway address overrides any address received from the DHCP server.
What does the ip address dhcp command allow you to do? 1. Configures the switch to obtain an IP address from a DHCP server. 2. Configures the switch to act as a DHCP server. 3. Specifies the DHCP relay server for forwarding DHCP packets. 4. Sends the DHCP server address to all connected devices.
3. Increases network performance 4. Provides a failover solution for network adapters Explanation In a true fault tolerant strategy, all system components must be considered. Ethernet bonding (also called adapter teaming) is a fault tolerant strategy that uses multiple network adapters configured in a failover solution. In the event of a NIC failure, other adapters will automatically provide link redundancy. Multiple adapters can also increase performance by distributing the network load between adapters.
What is the purpose of using Ethernet bonding? (Select two.) 1. Increases read and write operations between the system bus and network adapters 2. Provides increased bus speeds 3. Increases network performance 4. Provides a failover solution for network adapters 5. Enables Dual Remote Access (DRA) over a WAN link
3. Switching loops from developing when redundant paths are implemented between switches. Explanation The Spanning Tree Protocol is a long-standing protocol that runs in the background of bridged and switched networks to keep message loops from occurring.
What problem does the Spanning Tree Protocol prevent? 1. Routing tables from becoming outdated by decreasing the convergence time on a network. 2. Buffer overflows by defining source-quench messages that a receiving device sends to the transmitting device. 3. Switching loops from developing when redundant paths are implemented between switches. 4. Packet blocking on backup bridge ports to allow switches to forward frames to all BPDUs.
3. Switch port Explanation VLAN membership is configured by assigning a switch port to a VLAN. A switch can have multiple VLANs configured on it, but each switch port can only be a member of a single VLAN. All devices connected to a switch port are members of the same VLAN.
When configuring VLANs on a switch, what is used to identify VLAN membership of a device? 1. IP address 2. Hostname 3. Switch port 4. MAC address
1. Switch port Explanation VLAN membership is configured by assigning a switch port to a VLAN. A switch can have multiple VLANs configured on it, but each switch port can only be a member of a single VLAN. All devices connected to a switch port are members of the same VLAN.
When configuring VLANs on a switch, what is used to identify VLAN membership of a device? 1. Switch port 2. Hostname 3. IP address 4. MAC address
4. Trunk ports Explanation A trunk port is a member of all VLANs defined on a switch, and carries traffic between the switches. When trunking is used, frames that are sent over a trunk port are tagged by the first switch with the VLAN ID so that the receiving switch knows to which VLAN the frame belongs. Typically, uplink ports (that are faster than the other switch ports) are used for trunk ports, although any port can be designated as a trunking port. On an unconfigured switch, ports are members of a default VLAN (often designated VLAN 1). When you remove the VLAN membership of a port, it is reassigned back to the default VLAN, therefore the port is always a member of one VLAN.
When configuring VLANs on a switch, what type of switch ports are members of all VLANs defined on the switch? 1. Gigabit and higher Ethernet ports 2. Uplink ports 3. Each port can only be a member of a single VLAN 4. Trunk ports 5. Any port not assigned to a VLAN
When configuring VLANs on a switch, what type of switch ports are members of all VLANs defined on the switch? 1. Trunk ports 2. Each port can only be a member of a single VLAN 3. Uplink ports 4. Gigabit and higher Ethernet ports 5. Any port not assigned to a VLAN Explanation A trunk port is a member of all VLANs defined on a switch, and carries traffic between the switches. When trunking is used, frames that are sent over a trunk port are tagged by the first switch with the VLAN ID so that the receiving switch knows to which VLAN the frame belongs. Typically, uplink ports (that are faster than the other switch ports) are used for trunk ports, although any port can be designated as a trunking port. On an unconfigured switch, ports are members of a default VLAN (often designated VLAN 1). When you remove the VLAN membership of a port, it is reassigned back to the default VLAN, therefore the port is always a member of one VLAN.
When configuring VLANs on a switch, what type of switch ports are members of all VLANs defined on the switch? 1. Trunk ports 2. Each port can only be a member of a single VLAN 3. Uplink ports 4. Gigabit and higher Ethernet ports 5. Any port not assigned to a VLAN
2. Based on the 802.3ad standard. 3. Passive mode places the port into a passive negotiating state. 5. Active mode places the port in a negotiating state. Explanation Link Aggregation Control Protocol (LACP) is based on the 802.3ad standard and has similar functions to PAgP. LACP is used when configuring EtherChannel between Cisco switches and non-Cisco switches that support 802.3ad. LACP operates in the following modes:
Which characteristics match Link Aggregation Control Protocol (LACP)? 1. Desirable Mode Places the port in a negotiating state: 2. Based on the 802.3ad standard. 3. Passive mode places the port into a passive negotiating state. 4. Auto mode places the port into a passive negotiating state. 5. Active mode places the port in a negotiating state.
1. Desirable Mode Places the port in a negotiating state: 4. Auto mode places the port into a passive negotiating state. Explanation Port Aggregation Protocol (PAgP)limits packet loss due to misconfigured channels, and aids in network reliability. PAgP operates in the following modes:
Which characteristics match Port Aggregation Protocol.(PAgP)? 1. Desirable Mode Places the port in a negotiating state: 2. Based on the 802.3ad standard. 3. Passive mode places the port into a passive negotiating state. 4. Auto mode places the port into a passive negotiating state. 5. Active mode places the port in a negotiating state.
3.. Is the connection point for clients to the network. Explanation NAP uses the following components: • The NAP Client generates a Statement of Health (SoH) that reports the client configuration for health requirements. • A NAP Server runs the System Health Validator (SHV) • The Enforcement Server (ES) is the connection point for clients to the network. • The remediation server contain resources accessible to non-compliant computers on the limited-access network.
Which description matches the Network Access Protection (NAP) type: Enforcement Server (ES)? 1. Generates a Statement of Health (SoH) that reports the client configuration for health requirements. 2. Runs the System Health Validator (SHV) 3.. Is the connection point for clients to the network. 4. Contain resources accessible to noncompliant computers on the limited access network.
2. Runs the System Health Validator (SHV) Explanation NAP uses the following components: • The NAP Client generates a Statement of Health (SoH) that reports the client configuration for health requirements. • A NAP Server runs the System Health Validator (SHV) • The Enforcement Server (ES) is the connection point for clients to the network. • The remediation server contain resources accessible to non-compliant computers on the limited-access network.
Which description matches the Network Access Protection (NAP) type: NAP Server? 1. Generates a Statement of Health (SoH) that reports the client configuration for health requirements. 2. Runs the System Health Validator (SHV) 3.. Is the connection point for clients to the network. 4. Contain resources accessible to noncompliant computers on the limited access network.
1. Generates a Statement of Health (SoH) that reports the client configuration for health requirements. Explanation NAP uses the following components: • The NAP Client generates a Statement of Health (SoH) that reports the client configuration for health requirements. • A NAP Server runs the System Health Validator (SHV) • The Enforcement Server (ES) is the connection point for clients to the network. • The remediation server contain resources accessible to non-compliant computers on the limited-access network.
Which description matches the Network Access Protection (NAP) type: Nap Client? 1. Generates a Statement of Health (SoH) that reports the client configuration for health requirements. 2. Runs the System Health Validator (SHV) 3.. Is the connection point for clients to the network. 4. Contain resources accessible to noncompliant computers on the limited access network.
4. Contain resources accessible to noncompliant computers on the limited access network. Explanation NAP uses the following components: • The NAP Client generates a Statement of Health (SoH) that reports the client configuration for health requirements. • A NAP Server runs the System Health Validator (SHV) • The Enforcement Server (ES) is the connection point for clients to the network. • The remediation server contain resources accessible to non-compliant computers on the limited-access network.
Which description matches the Network Access Protection (NAP) type: Remediation Server? 1. Generates a Statement of Health (SoH) that reports the client configuration for health requirements. 2. Runs the System Health Validator (SHV) 3.. Is the connection point for clients to the network. 4. Contain resources accessible to noncompliant computers on the limited access network.
1. Network Attached Storage (NAS) 2. External hard drives Explanation Backups can be saved to: • Secondary internal hard drives • External hard drives • Optical drives • USB flash drives • Network shares • .vhd files • Network Attached Storage (NAS) or Storage Area Network (SAN). Backup files cannot be saved to: • The same disk being backed up • A system disk • A Bitlocker-enabled volume • A tape drive
Which media types can backup files be saved to? (Select two.) 1. Network Attached Storage (NAS) 2. External hard drives 3. Tape drives 4. The system disk
2. Lets you provide redundancy by using more than one connection between devices, making your network more reliable. 4. Identifies the optimal path between network devices. 5. Prevents switching loops from forming. Explanation STP prevents loops in a bridged network. It allows multiple paths to exist between two devices in case of network failure. STP is the method that bridges use to configure the best path through the network. However, bridges do not maintain a map of the network. Instead, they simply identify which port should be used to forward packets. When a bridge starts up, STP is run to identify the best port. Because each bridge is configured to select the optimal port, the best path through the network is identified.
Which of the following are advantages of using the Spanning Tree Protocol (STP) in network segmented bridges? (Select three.) 1. Minimizes the convergence time required for bridges to share network information. 2. Lets you provide redundancy by using more than one connection between devices, making your network more reliable. 3. Calculates all the possible paths through the network and performs load balancing. 4. Identifies the optimal path between network devices. 5. Prevents switching loops from forming.
Which of the following are improvements to SNMP that are included within SNMP version 3? (Select two.) 2. Authentication for agents and managers 4. Encryption of SNMP messages Explanation SNMP v3 adds the following improvements for security: • Authentication for agents and managers • Encryption of SNMP information • Message integrity to ensure that data is not altered in transit
Which of the following are improvements to SNMP that are included within SNMP version 3? (Select two.) 1. Hashing of the community name 2. Authentication for agents and managers 3. Use of SFTP for transferring SNMP data 4. Encryption of SNMP messages
1. Increased number of broadcast domains 3. Increased security Explanation Create VLANs to increase the number of broadcast domains and to implement security. Each VLAN is in its own broadcast domain. Broadcast traffic within the VLAN goes only to the members of the VLAN. Members of one VLAN can only communicate with members in the same VLAN through the switch. A router or a Layer 3 switch is required to enable inter-VLAN communication. Using switches increases the number of collision domains, with each switch port being its own collision domain. Using VLANs does not offer this additional advantage. Spanning tree lets you have loop-free, redundant paths through a switched network. Broadcast traffic does not travel between routers.
Which of the following are reasons to configure VLANs on a switch as opposed to using switches without VLANs? (Select two.) 1. Increased number of broadcast domains 2. Redundant paths between two hosts 3. Increased security 4. Increased number of collision domains 5. Allowing broadcast traffic between subnets
1. The number of broadcast domains increases. 3. The number of collision domains remains the same. Explanation When you configure multiple VLANs on a single switch, the number of broadcast domains increases. Each VLAN will be placed in its own broadcast domain. The number of collision domains remains the same. Each switch port is its own collision domain regardless of the number of VLANs configured on the switch.
Which of the following are true regarding using multiple VLANs on a single switch? (Select two.) 1. The number of broadcast domains increases. 2. The number of collision domains increases. 3. The number of collision domains remains the same. 4. number of collision domains decreases. 5. number of broadcast domains decreases. 6. number of broadcast domains remains the same.
2. Devices on the same network logically grouped as if they were on separate networks Explanation A VLAN is created by identifying a subset of devices on the same network, and logically identifying them as if they were on separate networks. Think of VLANs as a subdivision of a LAN.
Which of the following best describes the concept of a VLAN? 1. Devices on different networks that can receive multicast packets 2. Devices on the same network logically grouped as if they were on separate networks 3. Devices connected through the Internet that can communicate without using a network address 4. Devices in separate networks (i.e. different network addresses) logically grouped as if they were in the same network 5. Devices connected by a transmission medium other than cable (i.e. microwave, radio transmissions)
3. Devices on the same network logically grouped as if they were on separate networks Explanation A virtual LAN is created by identifying a subset of devices on the same network, and logically identifying them as if they were on separate networks. Think of VLANs as a subdivision of a LAN.
Which of the following best describes the concept of a virtual LAN? 1. Devices connected through the Internet that can communicate without using a network address 2. Devices connected by a transmission medium other than cable (i.e. microwave, radio transmissions) 3. Devices on the same network logically grouped as if they were on separate networks 4. Devices in separate networks (i.e. different network addresses) logically grouped as if they were in the same network 5. Devices on different networks that can receive multicast packets
3. Spanning tree Explanation Spanning tree is a protocol on a switch that allows the switch to maintain multiple paths between switches within a subnet. The spanning tree protocol runs on each switch and isused to select a single path between any two switches. • Without the spanning tree protocol, switches that are connected together with multiple links would form a switching loop, where frames are passed back and forth continuously. • Spanning tree provides only a single active path between switches. Switch ports that are part of that path are placed in a forwarding state. • Switch ports that are part of redundant but unused paths are placed in a blocking (nonforwarding) state. • When an active path goes down, the spanning tree protocol automatically recovers and activates the backup ports necessary to provide continued connection between devices. Trunking identifies ports that are used to carry VLAN traffic between switches. A trunk port is a member of all VLANs defined on all switches. Mirroring sends traffic from all switch ports to a switch port you designate as the mirrored port. Power over Ethernet (PoE) supplies power to end devices through the RJ-45 Ethernet switch port.
Which of the following features dynamically places switch ports in blocking or forwarding states? 1. Trunking 2. Mirroring 3. Spanning tree 4. PoE
4. Cache Web Pages 6. Block employees from accessing certain websites Explanation A proxy, or proxy server, stands between client computers and Internet web servers. You can use a proxy server to prevent access to specific websites, or to cache (save) frequently used web pages. When a proxy receives a request from the client, it checks to verify that the client is allowed access to the website. If allowed, it then checks its cache to see if the requested page is in the cache. If the page is already cached, then the proxy server fulfills the request by displaying the requested page from the cache rather than retrieving it from the Internet. Receiving a web page from a local proxy server is much faster than downloading the page from the Internet.
Which of the following functions are performed by proxies? (Select two.) 1. Store client files 2. Filter unwanted email 3. Block unwanted packets from entering your private network 4. Cache web pages 5. Give users the ability to participate in real-time text-based Internet discussions 6. Block employees from accessing certain websites
3. Determining which ports are open on a firewall. 4. Discovering unadvertised servers. Explanation Port scanners can determine which TCP/UDP ports are open on a firewall and identify servers that may be unauthorized or running in a test environment. Many port scanners provide additional information, including the host operating system and version, of any detected servers. Hackers use port scanners to gather valuable information about a target and system administrators should use the same tools for proactive penetration testing and to insure compliance with all corporate security policies.
Which of the following functions can a port scanner provide? (Select two.) 1. Auditing IPsec encryption algorithm configuration. 2. Testing virus definition design for false positives. 3. Determining which ports are open on a firewall. 4. Discovering unadvertised servers.
4. Syslog Explanation Syslog is a protocol that defines how log messages are sent from one device to a logging server on an IP network. The sending device sends a small text message to the syslog receiver (the logging server). The Open Vulnerability and Assessment Language (OVAL) is an international standard for testing, analyzing, and reporting the security vulnerabilities of a system. LC4 (previously called LOphtcrack) is a password cracking tool. Nmap is a network mapping tool that performs ping and port scans.
Which of the following is a standard for sending log messages to a central logging server? 1. Nmap 2. LC4 3. OVAL 4. Syslog
1. Is saved as a .vhd file. Explanation A system image backup consists of an entire volume backed up to a .vhd file. It contains everything on the system, including the operating system, installed programs, drivers, and user data files.
Which of the following is true for a system image backup? 1. Is saved as a .vhd file. 2. Is the only type of backup supported by the backup and restore console. 3. Does not include user profile settings. 4. Can be saved to a Bitlocker-enabled volume.
4. Spanning tree Explanation Run the spanning tree protocol to prevent switching loops. A switching loop occurs when there are multiple active paths between switches. The spanning tree protocol runs on each switch and is used to select a single path between any two switches. Switch ports that are part of that path are placed in a forwarding state. Switch ports that are part of redundant but unused paths are placed in a blocking (non-forwarding) state. Use inter-vlan routing to enable devices in different VLANs to communicate. The auto-duplex setting allows a switch port to detect the duplex setting of connected devices (either half or full-duplex). CSMA/CD is a method for detecting and recovering from collisions.
Which of the following solutions would you implement to eliminate switching loops? 1. Inter-vlan routing 2. Auto-duplex 3. CSMA/CD 4. Spanning tree
3. Switches append a VLAN ID to the header of each frame to identify the virtual Explanation A VLAN ID is a unique identifier attached to each frame. Switches in the network understand the ID as they forward the frame. When the frame reaches its destination, the last switch removes the VLAN ID, because no other device understands it. VLAN IDs work at the Data Link layer.
Which of the following statements accurately describes a VLAN ID? 1. VLAN IDs identify the VLAN where the frame originated, so the receiving host can reply. 2. VLAN IDs identify both the source and destination VLAN. They are like network addresses, except they exist at the Data Link layer. 3. Switches append a VLAN ID to the header of each frame to identify the virtual network to which it belongs. 4. VLAN IDs are defined at the Network layer, and help route the frame through the switch fabric.
1. Devices on the same VLAN have the same subnet address. 2. Broadcast traffic is transmitted only within a VLAN. Explanation VLANs allow computers to be grouped into a common broadcast domain regardless of their physical location on the network. Broadcast traffic is seen only by computers belonging to the same VLAN. Devices sharing a VLAN ID must also share the same subnet address so that traffic can be routed between VLANs. Broadcast traffic is only transmitted to devices belonging to the same VLAN as the device that sent the broadcast. Broadcast traffic is not forwarded to the other VLANs.
Which of the following statements describe how VLANs affect broadcast traffic within an internetwork? (Select two.) 1. Devices on the same VLAN have the same subnet address. 2. Broadcast traffic is transmitted only within a VLAN. 3. Broadcast traffic is only transmitted on VLAN1. 4. Devices on separate VLANs share the same subnet address. 5. Broadcast traffic is transmitted to all devices on all VLANs.
2. Cisco Express Forwarding Explanation Cisco Express Forwarding (CEF) is an advanced routing mechanism designed to optimize packet processing in very large networks. One of the ways it does this is to organize routing data in the Forwarding Information Base (FIB). The FIB maintains a mirror image of the forwarding information contained in the IP routing table, specifying the next-hop address for a particular IP route. Process switching was the earliest Cisco route processing implementation. Process switching required the router to individually process each frame received. Fast switching caches frequently-used routing information instead of processing each packet individually. Cut through processing is a Data Link layer process used in Cisco switches that optimizes frame processing by forwarding a frame as soon as its header has been received, but before the rest of the frame has arrived.
Which routing logic organizes routing data in the Forwarding Information Base (FIB)? 1. Cut Through 2. Cisco Express Forwarding 3. Process Switching 4. Fast Switching
3. In the learning state, the MAC address table can be populated, but frames are not forwarded. 5. Ports in a blocked state still receive BPDUs. Explanation For both bridges and switches: • In the learning state, ports do not forward frames, but still populate the MAC address table based on frames received. • In the blocking state, ports receive BPDUs but do not forward frames. • In the listening state, all ports are blocked.
Which statements accurately describe the port states of both bridges and switches? (Select two.) 1. In the learning state, all ports are in a forwarding state. 2. Ports in a blocked state cannot receive BPDUs. 3. In the learning state, the MAC address table can be populated, but frames are not forwarded. 4. In the learning state, the MAC address table cannot be populated, because the port is blocked. 5. Ports in a blocked state still receive BPDUs.
Which switch characteristics match a managed Switch? 1. Commonly sold at retail stores. 2. Provide port security features. 3. Support VLANs. 4. Provide very few configuration options. 5. Can be configured over a network connection. 6. Can be configured over a dedicated communication channel. Explanation Low-end switches available from many retail stores cannot be configured. These are called unmanaged switches. To implement an unmanaged switch, you simply plug it in to a power outlet and connect your network devices with UTP cables. While unmanaged switches are convenient and easy to implement, they lack many of the advanced management and security features available on managed switches. For example, managed switches provide port security and also support VLANs.
Which switch characteristics match a managed Switch? 1. Commonly sold at retail stores. 2. Provide port security features. 3. Support VLANs. 4. Provide very few configuration options. 5. Can be configured over a network connection. 6. Can be configured over a dedicated communication channel.
1. Commonly sold at retail stores. 4. Provide very few configuration options. Explanation Low-end switches available from many retail stores cannot be configured. These are called unmanaged switches. To implement an unmanaged switch, you simply plug it in to a power outlet and connect your network devices with UTP cables. While unmanaged switches are convenient and easy to implement, they lack many of the advanced management and security features available on managed switches. For example, managed switches provide port security and also support VLANs.
Which switch characteristics match an Unmanaged Switch? 1. Commonly sold at retail stores. 2. Provide port security features. 3. Support VLANs. 4. Provide very few configuration options. 5. Can be configured over a network connection. 6. Can be configured over a dedicated communication channel.
1. Competes with normal network traffic for bandwidth. 3. Must be encrypted to protect communications from sniffing. 5. Affected by network outages. Explanation Switch management tasks can be performed using the management utilities through a network connection. Such management is called in-band management because it uses a normal network connection with the switch for performing these tasks. For example, tools such as Telnet or SSH provide in-band management. Using the same network connection for both data and management has several drawbacks: • You must compete with normal network traffic for bandwidth. • The network traffic created by the management utilities must be protected from sniffing to ensure that hackers cannot capture sensitive configuration information. • If the network connection is unavailable, or if the switch is unresponsive to network communications, management tasks cannot be performed. Out-of-band management, on the other hand, overcomes these problems using dedicated communication channels that separate server management traffic from normal network traffic. With network switches (and routers) you can use console redirection to redirect console output to a built-in serial or USB console port.
Which switch management characteristics match In-band Management? 1. Competes with normal network traffic for bandwidth. 2. Uses a dedicated communication channel. 3. Must be encrypted to protect communications from sniffing. 4. Does not compete with normal network traffic for bandwidth. 5. Affected by network outages.
2. Uses a dedicated communication channel. 4. Does not compete with normal network traffic for bandwidth. Explanation Switch management tasks can be performed using the management utilities through a network connection. Such management is called in-band management because it uses a normal network connection with the switch for performing these tasks. For example, tools such as Telnet or SSH provide in-band management. Using the same network connection for both data and management has several drawbacks: • You must compete with normal network traffic for bandwidth. • The network traffic created by the management utilities must be protected from sniffing to ensure that hackers cannot capture sensitive configuration information. • If the network connection is unavailable, or if the switch is unresponsive to network communications, management tasks cannot be performed. Out-of-band management, on the other hand, overcomes these problems using dedicated communication channels that separate server management traffic from normal network traffic. With network switches (and routers) you can use console redirection to redirect console output to a built-in serial or USB console port.
Which switch management characteristics match Out-of-band Management? 1. Competes with normal network traffic for bandwidth. 2. Uses a dedicated communication channel. 3. Must be encrypted to protect communications from sniffing. 4. Does not compete with normal network traffic for bandwidth. 5. Affected by network outages.
4. Packet sniffer Explanation A packet sniffer is special software that captures (records) frames that are transmitted on the network. Use a packet sniffer to: • View packet contents. • Identify the types of traffic on a network. • View the exchange of packets between communicating devices. For example, you can capture frames related to DNS and view the exact exchange of packets for a specific name resolution request. • Analyze packets sent to and from a specific device. A load tester simulates a load on a server or service. A throughput tester measures the amount of data that can be transferred through a network or processed by a device (such as the amount of data that can be retrieved from disk in a specific period of time). System and event logs record what has happened on a device, but do not record individual frames or packets.
You are concerned about attacks directed against the firewall on your network. You would like to examine the content of individual frames sent to the firewall. Which tool should you use? 1. Load tester 2. Throughput tester 3. Event log 4. Packet sniffer 5. System log
1. 4600 baud 5. Flow control = RTS/CTS Explanation A terminal emulation program (such as PuTTY) can be used to connect to a device's CLI. In the terminal emulation program, use the following settings: • 9600 Baud • Data bits= 8 (default) • Parity = None (default) • Stop bits = 1 (default) • Flow control = None
You are configuring PuTTY to be used to access the CLI of a Cisco switch. Which of the following configuration values would prevent PuTTY from connecting? (Select two.) 1. 4600 baud 2. Data bits = 8 3. Parity = None 4. Stop bits = 1 5. Flow control = RTS/CTS
3. No, the no shutdown command needs to be entered Explanation By default, the Vlan1 interface is set to administratively down, preventing remote access. Use the following commands to configure the switch IP address and allow management: switch#config terminal switch(config)#interface vlan 1 switch(config-if)#ip address 192.168.1.10 255.255.255.0 switch(config-if)#no shutdown Because the witch is being accessed from the same network segment, the ip defaultgateway command doesn't need to be used. The ip address dhcp command merely allows the switch to obtain an IP address via DHCP.
You are configuring a switch so that you can manage it via PuTTY from the same network segment as the switch. On the switch, you enter the following commands: switch#config terminal switch(config)#interface vlan 1 switch(config-if)#ip address 192.168.1.10 255.255.255.0 Will this configuration work? 1. Yes, the switch can now be access via PuTTY by using the IP address 192.168.1.10. 2. No, the ip default-gateway command needs to be set. 3. No, the no shutdown command needs to be entered 4. No, the switch needs to obtain an IP address from the DHCP server using the ip address dhcp command.
2. Signal strength Explanation WiFi triangulation works by configuring wireless devices to sniff for wireless networks in range, and then measuring each network's signal strength. The results are compared with a signal strength database, and basic geometry is used to identify the device's location. The wireless device doesn't actually have to connect to any of these networks; it simply scans them to determine their signal strength. For this to work, the administrators of all WiFi networks used for triangulation must perform periodic site surveys to populate and maintain the signal strength database. WAP placement is a consideration in WiFi triangulation, but the signal strength database is the key to determining a device's location. Only a small amount of physical displacement between access points is necessary to triangulate. The wireless standard or encryption in use has little effect on WiFi triangulation.
You are considering using WiFi triangulation to track the location of wireless devices within your organization. However, you have read on the Internet that this type of tracking can produce inaccurate results. What is the most important consideration for getting reliable results when implementing this type of system? 1. WAP placement 2. Signal strength 3. Wireless encryption in use 4. Wireless standard in use
3. Fast Switching 4. Cisco Express Forwarding Explanation Both Cisco Express Forwarding and Fast Switching cache frequently-used Data Link headers, allowing them to be copied instead of reconstructed from scratch every time a packet is forwarded. Process switching was the earliest Cisco route processing implementation. Process switching required the router to individually process each frame received, including constructing each data link header for outgoing frames from scratch. Store and forward processing is a Data Link layer process used in Cisco switches that requires the switch to fully buffers frames before forwarding them. Fragment free processing is also a Data Link layer process used in Cisco switches that optimizes frame processing by waiting until the first 64 bytes of the frame have been received before forwarding the frame to the destination device.
You are designing a routing solution for your organization. You want to improve routing efficiency by ensuring that routers save frequently used data link headers used to encapsulate packets. Which types of routing logic could you implement? (Choose two. Each response is a separate solution.) 1. Store and Forward 2. Process Switching 3. Fast Switching 4. Cisco Express Forwarding 5. Fragment Free
4. Use syslog to implement centralized logging. Explanation In this scenario, a cost-effective option would be to implement centralized logging using syslog. By default, routers and switches send all log messages for all severity levels directly to the console. If a network contains a small number of devices, this default configuration is usually manageable. However, on a growing network, it quickly becomes impractical to visit each device to view log messages. Instead, you can configure your network devices to redirect logging to a syslog server somewhere in the network. By doing this, all log messages from all devices can be consolidated and viewed from a single location. Reducing the number of switches on a growing network is generally not advisable. Using a remote access utility can help alleviate the issue to an extent. However, you still have to manually connect to and monitor each individual system. If the network continues to grow, this option will quickly become unviable. It's not necessary to hire additional administrators in this scenario.
You are the network administrator for a growing business. When you were initially hired, the organization was small and only a single switch and router were required to support your users. During this time, you monitored log messages from your router and switch directly from each device's console. However, the organization has grown considerably in recent months. You now must manage 8 individual switches and three routers. It's becoming more and more difficult to monitor these devices and stay on top of issues in a timely manner. What should you do? 1. Use a remote access utility such as SSH to access router and switch consoles remotely. 2. Hire additional resources to help monitor and manage your network infrastructure. 3. Consolidate network resources down to one or two switches. 4. Use syslog to implement centralized logging.
2. Mirroring Explanation When using a switch, the switch will only forward packets to the switch port that holds a destination device. This means that when your packet sniffer is connected to a switch port, it will not see traffic sent to other switch ports. To configure the switch to send all frames to the packet sniffing device, configure port mirroring on the switch. With port mirroring, all frames sent to all other switch ports will be forwarded on the mirrored port. Bonding allows multiple switch ports to be used at the same time to reach a specific destination. Trunking identifies ports that are used to carry VLAN traffic between switches. A trunk port is a member of all VLANs defined on all switches. Spanning tree is a protocol on a switch that allows the switch to maintain multiple paths between switches within a subnet. The spanning tree protocol runs on each switch and is used to select a single path between any two switches.
You connect a packet sniffer to a switch to monitor frames on your local area network. However, the packet sniffer is only able to see broadcast frames and frames addressed specifically to the host device. Which feature should you enable on the switch so you can see frames from all devices connected to the switch? 1. Trunking 2. Mirroring 3. Spanning tree 4. Bonding
1. Mirroring Explanation When using a switch, the switch will only forward packets to the switch port that holds a destination device. This means that when your packet sniffer is connected to a switch port, it will not see traffic sent to other switch ports. To configure the switch to send all frames to the packet sniffing device, configure port mirroring on the switch. With port mirroring, all frames sent to all other switch ports will be forwarded on the mirrored port. Promiscuous mode configures a network adapter to process every frame it sees, not just the frames addressed to that network adapter. In this scenario, you know that the packet sniffer is running in promiscuous mode because it can already see frames sent to other devices. Bonding logically groups two or more network adapters to be used at the same time for a single logical network connection. Spanning tree runs on a switch and ensures that there is only one active path between switches, allowing for backup redundant paths.
You decide to use a packet sniffer to identify the type of traffic sent to a router. You run the packet sniffing software on a device which is connected to a hub with three other computers. The hub is connected to the same switch that is connected to the router. When you run the software, you only see frames addressed to the four workstations but not to the router. Which feature should you configure? 1. Mirroring 2. Spanning tree 3. Bonding 4. Promiscuous mode
4. Promiscuous mode Explanation By default, a NIC will only accept frames addressed to that NIC. To enable the packet sniffer to capture frames sent to other devices, configure the NIC in promiscuous mode (sometimes called p-mode). In p-mode, the NIC will process every frame it sees. When devices are connected to a switch, the switch will only forward frames to the destination port. To see frames addressed to any device on any port, use port mirroring. In this scenario, the workstation and the router are connected with a hub, so the hub already sends all packets for all devices to all ports. Bonding logically groups two or more network adapters to be used at the same time for a single logical network connection. Spanning tree runs on a switch and ensures that there is only one active path between switches, allowing for backup redundant paths.
You decide to use a packet sniffer to identify the type of traffic sent to a router. You run the packet sniffing software on a device which is connected to the same hub that is connected to the router. When you run the software, you only see frames addressed to the workstation and not other devices. Which feature should you configure? 1. Spanning tree 2. Mirroring 3. Bonding 4. Promiscuous mode
2. Ethernet bonding Explanation With Ethernet bonding (also called NIC teaming), two or more physical connections to the same network are logically grouped (or bonded). Data is divided and sent on multiple interfaces, effectively increasing the speed at which the device can send and receive on the network. • A device must have multiple network interface cards connected to different switch ports. • The host operating system must be configured to bond the network adapters into a single entity. • The switch ports must be bonded together to recognize both ports as a valid destination for the same device. Port mirroring duplicates all frames received by a switch and forwards those frames to a specific port. Port mirroring is used to monitor network traffic through the switch. Spanning tree is a protocol that runs on a switch and which allows multiple links to the same destination to exist. With spanning tree, only a single link is active at a time. Full-duplex refers to the condition when you have a dedicated send and receive channel between devices. Devices do not have to worry about collisions when using full-duplex.
You have a network server with two network interface cards. You want both network adapters to be used at the same time to connect to the same network to double the amount of data the server can send. Which feature would you use? 1. Spanning tree 2. Ethernet bonding 3. Full-duplex 4. Mirroring
2. Run the packet sniffer application on Host B. Explanation You need to run the packet sniffing software on either Host A or Host B. When using a switch, network traffic is sent through the switch to only the destination device. In this scenario, Host C will only receive broadcast traffic and traffic addressed to its own MAC address. Alternatively, you could put Host C on the same switch port as either Host A or Host B using a hub. When connected with a hub, all devices connected to the hub will be able to see the traffic sent to all other devices connected to the hub. Changing the MAC address on Host C would cause a conflict with duplicate addresses being used. Setting the default gateway would not affect the path of packets on the LAN. The default gateway is only used for traffic that goes outside of the current subnet.
You have a small network of devices connected together using a switch. You want to capture the traffic that is sent from Host A to Host B. On Host C, you install a packet sniffer that captures network traffic. After running the packet sniffer, you cannot find any captured packets between Host A and Host B. What should you do? 1. Configure the default gateway address on hosts A and B with the IP address of Host C. 2. Run the packet sniffer application on Host B. 3. Manually set the MAC address of Host C to the MAC address of Host A. 4. Connect hosts A and B together on the same switch port through a hub.
4. Ethernet bonding Explanation With Ethernet bonding (also called NIC teaming), two or more physical connections to the same network are logically grouped (or bonded). If one NIC fails, the second NIC with a connection to the same network can still be used. Spanning tree is a protocol on a switch that allows the switch to maintain multiple paths between switches within a subnet. A traffic shaper (also called a bandwidth shaper) is a device that is capable of modifying the flow of data through a network in response to network traffic conditions. Quality of Service (QoS) refers to a set of mechanisms that try to guarantee timely delivery or minimal delay of important or time-sensitive communications. QoS is particularly important when implementing Voice over IP (VoIP), Video over IP, or online gaming where delay or data loss make the overall experience unacceptable.
You have a web server on your network that hosts the public website for your company. You want to make sure that a failure of the NIC in the server does not prevent the website from being accessible on the Internet. Which solution should you implement? 1. Spanning tree 2. Traffic shaping 3. QoS 4. Ethernet bonding
2. Load tester Explanation A load tester simulates a load on a server or service. For example, the load tester might simulate a large number of client connections to a website, test file downloads for an FTP site, or simulate large volumes of email. Use a load tester to make sure that a system has sufficient capacity for expected loads, and even to estimate a failure point where the load is more than the system can handle. A throughput tester measures the amount of data that can be transferred through a network or processed by a device (such as the amount of data that can be retrieved from disk in a specific period of time). A packet sniffer is special software that captures (records) frames that are transmitted on the network. A baseline is a snapshot of past performance statistics of the network or devices. A system log identifies events or actions performed on a device.
You have a website that customers use to view product information and place orders. You would like to identify the maximum number of simultaneous sessions that this server can maintain before performance is negatively impacted. Which tool should you use? 1. Throughput tester 2. Load tester 3. System log 4. Baseline 5. Packet sniffer
3. Implement version 3 of SNMP. Explanation Simple Network Management Protocol (SNMP) is a protocol designed for managing complex networks. SNMP lets network hosts exchange configuration and status information. The original version of SNMP has several vulnerabilities. For added security, implement version 3 of SNMP. SSH allows for secure interactive control of remote systems, but does not provide the same features as SNMP. RADIUS is used to control remote access authentication, authorization, and accounting from a centralized server.
You have been using SNMP on your network for monitoring and management. You are concerned about the security of this configuration. What should you do? 1. Combine SNMP with SSL. 2. Implement a RADIUS solution. 3. Implement version 3 of SNMP. 4. Use SSH instead of SNMP.
2. Firewall Explanation A firewall log identifies traffic that has been allowed or denied through a firewall. You can identify traffic types used by computers on your network by looking at the outgoing ports. For example, you can identify servers that are running a specific service, or you can see computers that are communicating using ports that might indicate malicious software. A system log records operating system, system, and hardware events. A security log records information related to logons, such as incorrect passwords being used, and the use of user rights. An application log records actions performed by an application. For each of these logs, the Trojan horse program will likely be written in a way that little or no logging will be recorded by the program, so examining these logs will not give you much information about the program on a system.
You have heard about a Trojan horse program where the compromised system sends personal information to a remote attacker on a specific TCP port. You want to be able to easily tell whether any of your systems are sending data to the attacker. Which log would you monitor? 1. Security 2. Firewall 3. System 4. Application
2. Application log Explanation Logs contain a record of events that have happened on a system. Logging capabilities are built into operating systems, services, and applications. Log entries are generated in response to configuration changes, changes in system state, or in response to network conditions. A packet sniffer is special software that captures (records) frames that are transmitted on the network. A load tester simulates a load on a server or service. A throughput tester measures the amount of data that can be transferred through a network or processed by a device (such as the amount of data that can be retrieved from disk in a specific period of time).
You have installed a new application on a network device. During testing, it appears as if the software is causing other services running on the device to stop responding. Which tool should you consult to identify the problem? 1. Load tester 2. Application log 3. Packet sniffer 4. Throughput tester
1. Event log Explanation Use the event logs to see a record of past events. Logging capabilities are built into operating systems, services, and applications. Log entries are generated in response to configuration changes or actions taken by the system. Depending on the device, there might be multiple logs with different names, so the exact log you would consult might vary depending on the device. A packet sniffer is special software that captures (records) frames that are transmitted on the network. A packet sniffer would tell you the frames and packets sent to the device, but would not identify the actions the firewall took in response to those packets. A load tester simulates a load on a server or service. A throughput tester measures the amount of data that can be transferred through a network or processed by a device (such as the amount of data that can be retrieved from disk in a specific period of time).
You manage a firewall that connects your private network to the Internet. You would like to see a record of every packet that has been rejected by the firewall in the past month. Which tool should you use? 1. Event log 2. Packet sniffer 3. Load tester 4. Throughput tester
1. VLANs Explanation Use VLANs to segregate hosts based on switch ports. You could define two VLANs: one for employees connected throughout the building, and another for the ports in the lobby. The ports in the lobby would have only Internet access, while devices connected to ports in the rest of the building could communicate with other devices within the same VLAN. Use port authentication to control access to the network based on things such as username and password. Port authentication would allow or deny access, but would not restrict access once authenticated, or provide any type of access if not authenticated. Spanning tree is a protocol on a switch that allows the switch to maintain multiple paths between switches within a subnet. The spanning tree protocol runs on each switch and is used to select a single path between any two switches. Power over Ethernet (PoE) supplies power to end devices through the RJ-45 Ethernet switch port.
You manage a network that uses a single switch. All ports within your building connect through the single switch. In the lobby of your building are three RJ-45 ports connected to the switch. You want to allow visitors to plug into these ports to gain Internet access, but they should not have access to any other devices on your private network. Employees connected throughout the rest of your building should have both private and Internet access. Which feature should you implement? 1. VLANs 2. PoE 3. Spanning tree 4. Port authentication
3. VLANs Explanation Use VLANs to segregate hosts based on switch ports. You could define two VLANs: one for employees connected throughout the building, and another for the ports in the lobby. The ports in the lobby would have only Internet access, while devices connected to ports in the rest of the building could communicate with other devices within the same VLAN. Use port authentication to control access to the network based on things such as username and password. Port authentication would allow or deny access, but would not restrict access once authenticated, or provide any type of access if not authenticated. A demilitarized zone (DMZ) is a buffer network (or subnet) that sits between the private network and an untrusted network (such as the Internet). Network Address Translation (NAT) modifies the IP addresses in packets as they travel from one network (such as a private network) to another (such as the Internet). NAT allows you to connect a private network to the Internet without obtaining registered addresses for every host. Hosts on the private network share the registered IP addresses.
You manage a network that uses a single switch. All ports within your building connect through the single switch. In the lobby of your building are three RJ-45 ports connected to the switch. You want to allow visitors to plug into these ports to gain Internet access, but they should not have access to any other devices on your private network. Employees connected throughout the rest of your building should have both private and Internet access. Which feature should you implement? 1. NAT 2. DMZ 3. VLANs 4. Port authentication
2. Spanning tree Explanation Spanning tree is a protocol on a switch that allows the switch to maintain multiple paths between switches within a subnet. The spanning tree protocol runs on each switch and is used to select a single path between any two switches. • Without the spanning tree protocol, switches that are connected together with multiple links would form a switching loop, where frames are passed back and forth continuously. • Spanning tree provides only a single active path between switches. Switch ports that are part of that path are placed in a forwarding state. • Switch ports that are part of redundant but unused paths are placed in a blocking (nonforwarding) state. When an active path goes down, the spanning tree protocol automatically recovers and activates the backup ports necessary to provide continued connection between devices. •Trunking identifies ports that are used to carry VLAN traffic between switches. A trunk port is a member of all VLANs defined on all switches. Mirroring sends traffic from all switch ports to a switch port you designate as the mirrored port. Power over Ethernet (PoE) supplies power to end devices through the RJ-45 Ethernet switch port. OSPF is a routing protocol used by routers to learn about and select routes to destination networks.
You manage a network that uses multiple switches. You want to provide multiple paths between switches so that if one link goes down, an alternate path is available. Which feature should your switch support? Mirroring 1. PoE 2. Spanning tree 3. OSPF 4. Trunking
3. Spanning tree Explanation Spanning tree is a protocol on a switch that allows the switch to maintain multiple paths between switches within a subnet. The spanning tree protocol runs on each switch and is used to select a single path between any two switches. • Without the spanning tree protocol, switches that are connected together with multiple links would form a switching loop, where frames are passed back and forth continuously. • Spanning tree provides only a single active path between switches. Switch ports that are part of that path are placed in a forwarding state. • Switch ports that are part of redundant but unused paths are placed in a blocking (nonforwarding) state. • When an active path goes down, the spanning tree protocol automatically recovers and activates the backup ports necessary to provide continued connection between devices. Trunking identifies ports that are used to carry VLAN traffic between switches. A trunk port is a member of all VLANs defined on all switches. Mirroring sends traffic from all switch ports to a switch port you designate as the mirrored port. Power over Ethernet (PoE) supplies power to end devices through the RJ-45 Ethernet switch port. OSPF is a routing protocol used by routers to learn about and select routes to destination networks.
You manage a network that uses multiple switches. You want to provide multiple paths between switches so that if one link goes down, an alternate path is available. Which feature should your switch support? 1. Trunking 2. OSPF 3. Spanning tree 4.Mirroring 5. PoE
4. Trunking Explanation A trunk port is used to connect two switches together. • Typically, Gigabit Ethernet ports are used for trunk ports, although any port can be a trunking port. • A trunk port is a member of all VLANs, and carries traffic between the switches. • When trunking is used, frames that are sent over a trunk port are tagged by the first switch with the VLAN ID so that the receiving switch knows to which VLAN the frame belongs. • The trunking protocol describes the format that switches use for tagging frames with the VLAN ID. • Because end devices do not understand the VLAN tags, the tag is removed from the frame by the switch before the frame is forwarded to the destination device. • VLAN tagging is only used for frames that travel between switches on the trunk ports. Use a Layer 3 switch or a router to enable devices in different VLANs to communicate with each other. Spanning tree is a protocol on a switch that allows the switch to maintain multiple paths between switches within a subnet. The spanning tree protocol runs on each switch and is used to select a single path between any two switches. Bonding allows multiple switch ports to be used at the same time to reach a specific destination.
You manage a network with two switches. The switches are connected together through their Gigabit Ethernet uplink ports. You define VLAN 1 and VLAN 2 on each switch. A device on the first switch in VLAN 1 needs to communicate with a device on the second switch also in VLAN 1. What should you configure to allow communication between these two devices through the switches? 1. Layer 3 switching 2. Spanning tree 3. Bonding 4. Trunking
1. Routing Explanation In a typical configuration with multiple VLANs and a single or multiple switches, workstations in one VLAN will not be able to communicate with workstations in other VLANs. To enable inter-VLAN communication, you will need to use a router (or a Layer 3 switch). Trunking is used to configure switch ports to carry VLAN traffic between switches, or between a router and a switch. If you configured a single router to connect to the switch with a single physical interface, you would have to configure trunking on that interface in addition to configuring routing, however trunking by itself would not enable the two devices to communicate. Spanning tree is a protocol on a switch that allows the switch to maintain multiple paths between switches within a subnet. The spanning tree protocol runs on each switch and is used to select a single path between any two switches. Mirroring sends traffic from all switch ports to a switch port you designate as the mirrored port. Power over Ethernet (PoE) supplies power to end devices through the RJ-45 Ethernet switch port.
You manage a network with two switches. The switches are connected together through their Gigabit Ethernet uplink ports. You define VLAN 1 and VLAN 2 on each switch. A device on the first switch in VLAN 1 needs to communicate with a device on the same switch which is in VLAN 2. What should you configure so that the two devices can communicate? 1. Routing 2. PoE 3. Trunking 4. Mirroring 5. Spanning tree
2. Trunking Explanation A trunk port is used to connect two switches together. A trunk port is a member of all VLANs, and carries traffic between the switches. When trunking is used, frames that are sent over a trunk port are tagged by the first switch with the VLAN ID so that the receiving switch knows to which VLAN the frame belongs. The trunking protocol describes the format that switches use for tagging frames with the VLAN ID. Because end devices do not understand the VLAN tags, the tag is removed from the frame by the switch before the frame is forwarded to the destination device. 802.1x is an authentication protocol used with port security (or port authentication). Spanning tree is a protocol on a switch that allows the switch to maintain multiple paths between switches within a subnet. The spanning tree protocol runs on each switch and is used to select a single path between any two switches. Power over Ethernet (PoE) supplies power to end devices through the RJ-45 Ethernet switch port. Bonding groups multiple switch ports into a single logical port, allowing both ports to be used to communicate with a single device.
You manage a single subnet with three switches. The switches are connected to provide redundant paths between the switches. Which feature allows the switches to pass VLAN traffic between the switches? 1. Bonding 2. Trunking 3. 802.1x 4. PoE
2. Spanning tree Explanation Spanning tree is a protocol on a switch that allows the switch to maintain multiple paths between switches within a subnet. The spanning tree protocol runs on each switch and is used to select a single path between any two switches. • Without the spanning tree protocol, switches that are connected together with multiple links would form a switching loop, where frames are passed back and forth continuously. • Spanning tree provides only a single active path between switches. Switch ports that are • When an active path goes down, the spanning tree protocol automatically recovers and activates the backup ports necessary to provide continued connection between devices. Bonding does the opposite of spanning tree--it allows multiple switch ports to be used at the same time to reach a specific destination. 802.1x is an authentication protocol used with port security (or port authentication). Power over Ethernet (PoE) supplies power to end devices through the RJ-45 Ethernet switch port. Trunking identifies ports that are used to carry VLAN traffic between switches. A trunk port is a member of all VLANs defined on all switches.
You manage a single subnet with three switches. The switches are connected to provide redundant paths between the switches. Which feature prevents switching loops and ensures there is only a single active path between any two switches? 1. Bonding 2. Spanning tree 3. 802.1x 4. PoE 5. Trunking
3. Spanning tree Explanation Spanning tree is a protocol on a switch that allows the switch to maintain multiple paths between switches within a subnet. The spanning tree protocol runs on each switch and is used to select a single path between any two switches. • Without the spanning tree protocol, switches that are connected together with multiple links would form a switching loop, where frames are passed back and forth continuously. • Spanning tree provides only a single active path between switches. Switch ports that are part of that path are placed in a forwarding state. • Switch ports that are part of redundant but unused paths are placed in a blocking (nonforwarding) state. • When an active path goes down, the spanning tree protocol automatically recovers and activates the backup ports necessary to provide continued connection between devices. Bonding does the opposite of spanning tree--it allows multiple switch ports to be used at the same time to reach a specific destination. 802.1x is an authentication protocol used with port security (or port authentication). Power over Ethernet (PoE) supplies power to end devices through the RJ-45 Ethernet switch port. Trunking identifies ports that are used to carry VLAN traffic between switches. A trunk port is a member of all VLANs defined on all switches.
You manage a single subnet with three switches. The switches are connected to provide redundant paths between the switches. Which feature prevents switching loops and ensures there is only a single active path between any two switches? 1. 802.1x 2. Trunking 3. Spanning tree 4. Bonding 5. PoE
2. Rapid Spanning Tree Protocol (RSTP) Explanation Rapid Spanning Tree Protocol (RSTP) is the IEEE 802.1w standard. RSTP improves convergence by actively confirming that a switch is ready to transition to a forwarding state, eliminating the listening and learning stages. RSTP defines several new types of links and uses fewer spanning tree states. PortFast allows a port connected to a host to go into a forwarding state almost immediately. PortFast ports must be used only for connections to end user devices, such as workstations or server systems. PortFast should not be used when the port is connected to a bridge, a switch, or another STP speaking device. EtherChannel combines multiple parallel physical links into a single logical channel. The switch treats the logical channel as a single interface that provides redundancy, as well as load sharing among the links in the channel. BPDU guard is frequently used with PortFast to ensure the stability of the STP topology. BPDU guard disables a port configured by PortFast if that port receives BPDUs.
You need to configure spanning tree on a Cisco switch. You'd like to use a protocol that conforms to the 802.1w standards. Which protocol should you use? 1. PortFast 2. Rapid Spanning Tree Protocol (RSTP) 3. BPDU guard 4. EtherChannel
conf t int fa0/1 speed auto duplex auto Explanation To complete the requirements of this scenario, you need to use the following commands: • Enter global configuration mode: conf t • Enter interface configuration mode: int fa0/1 • Configure the interface to automatically detect the line speed: speed auto • Configure the interface to automatically detect duplex settings: duplex auto
You need to configure the FastEthernet 0/1 interface on a switch to automatically detect the appropriate link speed and duplex setting by negotiating with the device connected to the other end of the link. What is the following commands to accomplish this task? Global configuration mode: Interface configuration mode: Set the speed of the interface: Set the duplex setting for the interface:
Conf t int fa0/0 shutdown show ip interface brief Explanation To complete the requirements of this scenario, you need to use the following commands: • Enter global configuration mode: conf t • Enter interface configuration mode: int fa0/0 • Disable the interface: shutdown • Verify the interface status: show ip interface brief
You need to disable the FastEthernet 0/0 interface on a switch. What is the following commands to accomplish this task? Enter global configuration mode: Enter interface configuration mode: Disable the interface: Verify the interface is disabled.
2. VLAN Explanation Define virtual LANs (VLANs) on the switch. With a VLAN, a port on the switch is associated with a VLAN. Only devices connected to ports that are members of the same VLAN can communicate with each other. Routers are used to allow communication between VLANs if necessary. Use virtual private network (VPN) to connect two hosts securely through an unsecured network (such as the Internet). VPN tunneling protocols protect data as it travels through the unsecured network. Spanning tree is a switch feature that allows for redundant paths between switches. Port security is a method of requiring authentication before a network connection is allowed.
You run a small network for your business that has a single router connected to the Internet and a single switch. You keep sensitive documents on a computer that you would like to keep isolated from other computers on the network. Other hosts on the network should not be able to communicate with this computer through the switch, but you still need to access the network through the computer. What should you use for this situation? 1. Spanning tree 2. VLAN 3. VPN 4. Port security
1. Performance Explanation A performance log records information about the use of system resources. For example, the performance log records processor, memory, disk, and network utilization. In addition, the performance log can record information related to the performance of a specific service, such as the number of connections to a Web server. You might also find this information in an application log for the service. A security log records information related to logons, such as incorrect passwords being used, and the use of user rights. A system log records operating system, system, and hardware events. A firewall log identifies traffic that has been allowed or denied through a firewall.
You suspect that your Web server has been the target of a denial of service attack. You would like to view information about the number of connections to the server over the past three days. Which log would you most likely examine? 1. Performance 2. Firewall 3. Security 4. System
1. Protocol analyzer Explanation Use a protocol analyzer (also called a packet sniffer) to examine network traffic. You can capture or filter packets from a specific device or that use a specific protocol. Use a Time Domain Reflector (TDR) to measure the length of a cable or to identify the location of a fault in the cable. A toner probe is two devices used together to trace the end of a wire from a known endpoint into the termination point in the wiring closet. A cable certifier is a multi-function tool that verifies or validates that a cable or an installation meets the requirements for a specific architecture implementation. A multimeter is a device for testing various electrical properties such as voltage, amps, and ohms.
You want to be able to identify traffic that is being generated and sent through the network by a specific application running on a device. Which tool should you use? 1. Protocol analyzer 2. Multimeter 3. TDR 4. Toner probe 5. Certifier
4. Packet sniffer Explanation A packet sniffer is special software that captures (records) frames that are transmitted on the network. Use a packet sniffer to: • Identify the types of traffic on a network. • View the exchange of packets between communicating devices. For example, you can capture frames related to DNS and view the exact exchange of packets for a specific name resolution request. • Analyze packets sent to and from a specific device. • View packet contents. Use a port scanner to identify protocol ports that are opened in a firewall or active on a device. A port scanner checks individual systems, while a packet sniffer watches traffic on the network. A throughput tester measures the amount of data that can be transferred through a network or processed by a device (such as the amount of data that can be retrieved from disk in a specific period of time). An intrusion detection system (IDS) is a special network device that can detect attacks and suspicious activity. A passive IDS monitors, logs, and detects security breaches but takes no action to stop or prevent the attack. An active IDS (also called an intrusion protection system or IPS) performs the functions of an IDS, but can also react when security breaches occur.
You want to know what protocols are being used on your network. You'd like to monitor network traffic and sort traffic based on protocol. Which tool should you use? 1. IPS 2. Port scanner 3. Throughput tester 4. Packet sniffer 5. IDS
1. VLAN Explanation Define virtual LANs (VLANs) on the switch. With a VLAN, a port on the switch is associated with a VLAN. Only devices connected to ports that are members of the same VLAN can communicate with each other. Routers are used to allow communication between VLANs if necessary. Use virtual private network (VPN) to connect two hosts securely through an unsecured network (such as the Internet). VPN tunneling protocols protect data as it travels through the unsecured network. Spanning tree is a switch feature that allows for redundant paths between switches. Port security is a method of requiring authentication before a network connection is allowed.
Your company is a small start-up company that has leased office space in a building shared by other businesses. All businesses share a common network infrastructure. A single switch connects all devices in the building to the router that provides Internet access. You would like to make sure that your computers are isolated from computers used by other companies. Which feature should you request to have implemented? 1. VLAN 2. Port security 3. Spanning tree 4. VPN