1_Switch Management Flashcards
What is the primary function of a Layer 2 switch?
It forwards data based on MAC addresses at the Data Link Layer of the OSI model.
What are the main steps in a switch’s boot sequence?
1) POST.
2) Boot loader initialization.
3) Flash file system setup.
4) Load IOS image.
5) Initialize interfaces using startup configuration
What is the difference between a MAC address and an IP address?
- MAC: Physical, unchanging, factory-assigned.
- IP: Logical, location-based, assigned by the network administrator
What is a CAM table?
A table in a switch that stores MAC addresses and their associated ports to speed up data forwarding.
Why is SSH preferred over Telnet?
SSH provides encrypted communication, making it secure, while Telnet transmits data in plain text.
What are the three port security violation modes?
1) Protect: Drops unauthorized packets silently.
2) Restrict: Drops unauthorized packets and logs the violation.
3) Shutdown: Disables the port upon a violation.
What is DHCP spoofing?
It’s an attack where a fake DHCP server assigns incorrect IP addresses to devices on the network.
Which command enables port security on a switch interface?
switchport port-security.
What happens during a MAC address flooding attack?
The CAM table is overwhelmed with bogus MAC addresses, causing the switch to act like a hub and broadcast all traffic.
How do you secure unused switch ports?
Disable them using the shutdown command on the unused interfaces.
Which TCP ports are used by Telnet and SSH?
Telnet: Port 23.
SSH: Port 22.
What does the command copy run start do?
Saves the running configuration to the startup configuration
Name three best practices for securing a switch.
1) Use strong passwords and update them frequently.
2) Disable unused ports.
3) Replace Telnet with SSH for remote access.
What is MDIX, and why is it important?
- MDIX (Medium Dependent Interface Crossover) automatically configures the connection type, eliminating the need for specific cable types (straight-through or crossover).
- Requires speed and duplex to be set to auto for functionality.
What is ARP, and how does it work?
ARP maps an IP address to a MAC address.
Process:
1) Host broadcasts an ARP request for a specific IP.
2) Only the host with the matching IP responds with its MAC address.
3) The MAC address is then used to send frames.
What are potential threats to switches, and how do they work?
MAC Address Flooding:Overloads the CAM table with bogus MAC addresses.Forces the switch to act as a hub, broadcasting all frames.Exploited to intercept traffic.
DHCP Spoofing:Attacker introduces a fake DHCP server.Assigns incorrect IP addresses, redirecting traffic to the attacker.
Telnet Vulnerabilities:Exploits unencrypted Telnet sessions to brute force passwords or launch denial-of-service attacks.
Why is NTP important in switch management?
It synchronizes time across devices for accurate logging and monitoring.
