Chapter 8 Network+
Which assignment technique requires a RADIUS server? Dynamic VLAN assignment Dynamic IP address assignment Static IP address assignment Static VLAN assignment
Dynamic VLAN assignment A dynamic VLAN assignment can be made after successful authentication with a RADIUS server. A static VLAN assignment is made based on the switch port the device is connected to. A dynamic IP address is assigned by a DHCP server. A static IP address is assigned by a network admin.
An attacker configures a VLAN frame with two tags instead of just one. The first tag directs the frame to the authorized VLAN. After the frame enters the first VLAN, the switch appropriately removes the tag, then discovers the next tag, and sends the frame along to a protected VLAN, which the attacker is not authorized to access. What kind of attack is this?
Either VLAN hopping or double tagging is an acceptable answer
What area of a network can provide less stringent security so a web server is more accessible from the open Internet?
Either screened subnet or DMZ (demilitarized zone) is an acceptable answer.
On which networking device do you configure VLANs?
Either switch or managed switch is an acceptable answer.
Which VLAN type would be the best fit for a company's web servers that need to be accessible from the Internet but should not be able to communicate with each other?
Isolated VLAN
What do well-chosen subnets accomplish? IP address spaces overlap for easier management. Network documentation is easier to manage. Routing efficiency is decreased by ensuring IP address spaces are not mathematically related. Problems affect the entire network, making them more difficult to pin down.
Network documentation is easier to manage. Well-chosen subnets make network documentation easier to manage. You don't want IP address spaces to overlap in a network, and routing is more efficient when IP address spaces are mathematically related at a binary level. Well-designed subnets also make problems easier to locate and resolve.
Which hexadecimal block in an IPv6 address is used for the Subnet ID? The first one The third one The fourth one The eighth one
The fourth one The first four blocks normally identify the network and serve as the network prefix. The fourth hexadecimal block in the site prefix can be altered to create subnets within a site. The last four blocks identify the host interface.
Which of the following is not a good reason to segment a network? To limit access to broadcast domains To reduce the demand on bandwidth To increase the number of networking devices on a network To narrow down the location of problems on a network
To increase the number of networking devices on a network Segmenting a network enhances security by limiting access to broadcast domains, improves performance by reducing the demand on network bandwidth, and simplifies troubleshooting by helping network admins to narrow down the possible location of problems on a network. However, increasing the number of networking devices on a network is not a goal of subnetting.
Which port mode on a switch enables that port to manage traffic for multiple VLANs? Private Community Access Trunk
Trunk The trunk port connects a switch to a networking device such as a router or another switch and can manage traffic from multiple VLANs. An access port connects the switch to a host and typically carries traffic for only one VLAN. A private VLAN partitions a VLAN broadcast domain into subdomains. Hosts within the same community VLAN can communicate with each other but not with hosts in other secondary VLANs.
Which IP addressing technique subnets a subnet to create subnets of various sizes?
VLSM (variable length subnet mask)
Which formulas can be used to calculate the magic number? Choose two. a. 256 - the interesting octet b. 2^h - 2 c. 2^n d. 2^h
a. 256 - the interesting octet d. 2^h The magic number can be calculated by subtracting the interesting octet value from 256 or by raising 2 to the power of the number of bits in the host portion of the subnet mask's interesting octet (2h).
Subnetting operates at the blank ______ while VLANs function at the blank ______.
network datalink
Which VLAN on a switch manages untagged frames?
The native VLAN
Which Cisco command lists configured VLANs on a switch?
show vlan
Suppose your company has leased one class C license, 120.10.10.0, and wants to sublease the first half of these IP addresses to another company. What is the CIDR notation for the subnet to be subleased? What is the subnet mask for this network?
120.10.10.0/25 255.255.255.128 A class C network uses 24 bits for network information. Borrowing one host bit divides the network into two subnets, each with a /25 subnet mask, which is written 255.255.255.128 in dotted decimal notation.
What is the network ID with CIDR notation for the IP address 172.16.32.108 whose subnet mask is 255.255.255.0?
172.16.32.108/24 A subnet mask of 255.255.255.0 indicates the use of 24 bits to identify network information, which is written in CIDR notation as /24.
How many bits of a class A IP address are used for host information? 8 bits 16 bits 24 bits 32 bits
24 bits In classful addressing, class A networks use 24 bits of a 32-bit IPv4 address to identify the host, and only the first eight bits are used to identify the network.
What is the formula for determining the number of possible hosts on a network?
2^h - 2 = Z Raising 2 to the power of the number of host bits yields the number of possible IP addresses in a subnet. However, each subnet needs its own network ID and broadcast address, so you must subtract 2 from this number to determine the number of available host addresses. This gives the formula 2^h - 2 = Z. The formula 2^n - Y can be used to determine the number of network bits borrowed from host bits or the number of subnets that will result from borrowing a given number of bits.
What is the greatest number of bits you could borrow from the host portion of a class B subnet mask and still have at least 130 hosts per subnet? 0 bits 8 bits 9 bits 10 bits
8 bits
Which IEEE standard determines how VLANs work on a network? 802.1X 802.11 802.3af 802.1Q
802.1Q Port tagging is specified in the IEEE 802.1Q standard, which defines how VLAN information appears in frames and how switches interpret that information. EAP (Extensible Authentication Protocol) was adapted to work on both wired and wireless LANs in the 802.1X standard, dubbed EAPoL (EAP over LAN). IEEE's 802.11 standards are collectively known as Wi-Fi. IEEE's 802.3af standard specifies a method for supplying electrical power over twisted-pair Ethernet connections, also known as PoE (Power over Ethernet).