Chapter 6
Which of the following line subcommands tells a switch to wait until a show command's output has completed before displaying log messages on the screen? a. logging synchronous b. no ip domain-lookup c. exec-timeout 0 0 d. history size 15
a. logging synchronous
Domain Name System. An application layer protocol used throughout the Internet for translating hostnames into their associated IP addresses.
DNS
A configuration concept inside Cisco switches, used as an interface between IOS running on the switch and a VLAN supported inside the switch, so that the switch can assign an IP address and send IP packets into that VLAN.
VLAN interface
Global command that disables or enables the display of log messages to the console
[no] logging console
An engineer wants to set up simple password protection with no usernames for some switches in a lab, for the purpose of keeping curious coworkers from logging in to the lab switches from their desktop PCs. Which of the following commands would be a useful part of that configuration? a. A login vty mode subcommand b. A password password console subcommand c. A login local vty subcommand d. A transport input ssh vty subcommand
a. A login vty mode subcommand
An engineer had formerly configured a Cisco 2960 switch to allow Telnet access so that the switch expected a password of mypassword from the Telnet user. The engineer then changed the configuration to support Secure Shell. Which of the following commands could have been part of the new configuration? (Choose two answers.) a. A username name secret password vty mode subcommand b. A username name secret password global configuration command c. A login local vty mode subcommand d. A transport input ssh global configuration command
b. A username name secret password global configuration command c. A login local vty mode subcommand
A Layer 2 switch configuration places all its physical ports into VLAN 2. The IP addressing plan shows that address 172.16.2.250 (with mask 255.255.255.0) is reserved for use by this new LAN switch and that 172.16.2.254 is already configured on the router connected to that same VLAN. The switch needs to support SSH connections into the switch from any subnet in the network. Which of the following commands are part of the required configuration in this case? (Choose two answers.) a. The ip address 172.16.2.250 255.255.255.0 command in interface vlan 1 configuration mode. b. The ip address 172.16.2.250 255.255.255.0 command in interface vlan 2 configuration mode. c. The ip default-gateway 172.16.2.254 command in global configuration mode. d. The switch cannot support SSH because all its ports connect to VLAN 2, and the IP address must be configured on interface VLAN 1
b. The ip address 172.16.2.250 255.255.255.0 command in interface vlan 2 configuration mode. c. The ip default-gateway 172.16.2.254 command in global configuration mode.
Imagine that you have configured the enable secret command, followed by the enable password command, from the console. You log out of the switch and log back in at the console. Which command defines the password that you had to enter to access privileged mode? a. enable password b. enable secret c. Neither d. The password command, if it is configured
b. enable secret
An engineer's desktop PC connects to a switch at the main site. A router at the main site connects to each branch office through a serial link, with one small router and switch at each branch. Which of the following commands must be configured on the branch office switches, in the listed configuration mode, to allow the engineer to telnet to the branch office switches and supply only a password to login? (Choose three answers.) a. The ip address command in interface configuration mode b. The ip address command in global configuration mode c. The ip default-gateway command in VLAN configuration mode d. The ip default-gateway command in global configuration mode e. The password command in console line configuration mode f. The password command in vty line configuration mode
c. The ip default-gateway command in VLAN configuration mode
Global command. Creates and stores (in a hidden location in flash memory) the keys required by SSH.
crypto key generate rsa [modulus 360..2048
On an IP host, the IP address of some router to which the host sends packets when the packet's destination address is on a subnet other than the local subnet.
default gateway
A part of the Cisco IOS CLI in which the user can use the most powerful and potentially disruptive commands on a router or switch, including the ability to then reach configuration mode and reconfigure the router.
enable mode
Global command. Sets this switch's password that is required for any user to reach enable mode.
enable secret pass-value
Console or vty mode. Sets the inactivity timeout, so that after the defined period of no action, IOS closes the current user login session
exec-timeout minutes [seconds]
In a Cisco router or switch, the function by which IOS keeps a list of commands that the user has used in this login session, both in EXEC mode and configuration mode. The user can then recall these commands for easier repeating or making small edits and issuing similar commands
history buffer
Line config mode. Defines the number of commands held in the history buffer, for later recall, for users of those lines
history size length
Global command. Sets this switch's hostname, which is also used as the first part of the switch's command prompt.
hostname name
Changes the context to vty configuration mode for the range of vty lines listed in the command
ine vty 1st-vty last-vty
Changes the context to VLAN interface mode. For VLAN 1, allows the configuration of the switch's IP address.
interface vlan numbe
VLAN interface mode. Configures the switch as a DHCP client to discover its IPv4 address, mask, and default gateway.
ip address dhcp
VLAN interface mode. Statically configures the switch's IP address and mask
ip address ip-address subnet-mask
Global command. Configures the switch's default gateway IPv4 address. Not required if the switch uses DHCP.
ip default-gateway address
Global command. Configures the IPv4 addresses of DNS servers, so any commands when logged in to the switch will use the DNS for name resolution.
ip name-server server-ip-1 server-ip-2 ...
Changes the context to console configuration mode.
line console 0
Identifies the person who logged in
log message
Console or vty mode. Tells IOS to send log messages to the user at natural break points between commands rather than in the middle of a line of output
logging synchronous
Console and vty configuration mode. Tells IOS to prompt for a password.
login
Console and vty configuration mode. Tells IOS to prompt for a username and password, to be checked against locally configured username global configuration commands on this switch or router.
login local
The process by which an IP host discovers the IP address associated with a hostname, often involving sending a DNS request to a DNS server, with the server supplying the IP address used by a host with the listed hostname
name resolution
Console and vty configuration mode. Lists the password required if the login command (with no other parameters) is configured.
password pass-value
vty line configuration mode. Defines whether Telnet/SSH access is allowed into this switch. Both values can be configured on one command to allow both Telnet and SSH access (the default).
transport input {telnet | ssh | all | none
Global command. Defines one of possibly multiple usernames and associated passwords, used for user authentication. Used when the login local line configuration command has been used.
username name secret pass-value
