BN EXAM 1 CARDS

Question 1

The Gold wireless QOS level prioritizes what kind of traffic?

Answer 1

Video Traffic

Question 2

The Platnium wireless QOS level prioritizes what kind of traffic?

Answer 2

Voice VOIP. It is succeptible to network delay which can create jitter and affect the quality of the call.

Question 3

The Silver wireless QOS level prioritizes what kind of traffic?

Answer 3

Most transactional traffic is delivered at this priority.

Default setting when you configure a WLAN on a Cisco WLC. Also known as best effort

Question 4

The Bronze wireless QOS level prioritizes what kind of traffic?

Answer 4

Provides the lowest bandwidth and is typically used for guest services on a Cisco WLAN.

Question 5

Overlay

Answer 5

Creates VXLAN tunnels between SDA switches. These tunnels send and receive traffic between fabric endpoints.

Question 6

Underlay

Answer 6

A collection of devices that comprise the IP network that connects to each fabric node.

Question 7

Fabric

Answer 7

Is the entirety of the overlay network and the underlay network.

Question 8

Southbound API

Answer 8

Enables an SDN controller to communicate with devices in the data plane.

Question 9

Northbound API

Answer 9

Enables an SDN controller to communicate with applications in the application plane.

Question 10

When will a router use AD values to determine route selection?

Answer 10

When multiple routes to the same destination network are received, and each of these routes is received from a different routing protocol.

Question 11

AD for directly connected route.

Answer 11

0

Question 12

Static route AD

Answer 12

1

Question 13

EIGRP summary route AD

Answer 13

5

Question 14

eBGP AD

Answer 14

20

Question 15

Internal EIGRP AD

Answer 15

90

Question 16

IGRP AD

Answer 16

100

Question 17

IGRP AD

Answer 17

115

Question 18

OSPF AD

Answer 18

110

Question 19

ISIS AD

Answer 19

115

Question 20

RIP AD

Answer 20

120

Question 21

External EIGRP

Answer 21

170

Question 22

iBGP AD

Answer 22

200

Question 23

Unknown AD

Answer 23

225

Question 24

What cost metric does EIGRP use.

Answer 24

Bandwidth and delay

Question 25

OSPF broadcast network type is enabled by default on what interfaces?

Answer 25

FDDI and Ethernet.
Fiber Distributed Data Interface.
If the ip ospf network command has not been issued for an OSPF interface, the default network type is used.

Question 26

OSPF non-broadcast type is enabled by default on what interfaces?

Answer 26

X.25 and Frame Relay

Question 27

OSPF point to point network type is enabled by default on what interfaces?

Answer 27

P2P is enabled by default on High-Level Data Link Control (HDLC) and point to point (PPP) serial interfaces.

Question 28

What command do you use to configure OSPF point to point network?

Answer 28

ip ospf network point-to-point

Question 29

If you configure etherchannel on two switches with one having lacp and the other having pagp, what will happen?

Answer 29

No link will be formed.
The EtherChannel aggregation protocol must match on each switch, or they will be unable to dynamically establish an EC link between them.

LACP link aggregation control protocol. 802.3ad is open standard. Cisco-proprietary Port Aggregation Protocol PAgP.

Question 30

An EtherChannel can have up to how many active switch ports in the bundle that forms the logical link between switches.

Answer 30

8

Question 31

What is the command used to configure a switch port to use an aggregation protocol.

Answer 31

channel-protocol {lacp | pagp}

Question 32

PAgP modes

Answer 32

active - passive

Question 33

LACP modes

Answer 33

desirable - passive

Question 34

What 2 things are used by WPA2 to provide MIC and encryption?

Answer 34

AES - Advanced Encryption Standard -
128 bit block cipher is used to encrypt data. Security key of 128,192, or 256 can be used.
and
CCMP - Counter mode with Cipher Block Chaining Message Authentication Code Protocol. Which provides encryption.
WPA2 = 802.11i

Question 35

802.11 2-byte Frame Control (FC) Field of the frame header is used to do what?

Answer 35

The 2-byte Frame Control (FC) Field of the frame header is used to identify the type of subtype of each frame.

Question 36

802.11 Management frames are used to do what?

Answer 36

802.11 management frames are used to manage the connection between an access point and a wireless client.

Question 37

List 4 802.11 control frames.

Answer 37

RTS - Ready to Send
CTS - Clear to send
ACK - Acknowledgment
PS - Power Save

Question 38

Square brackets indicate what? [ ]

Answer 38

The beginning or end of an array.

Question 39

T/F WLC dynamic interfaces are defined by the manufacturer.

Answer 39

False.

Dynamic interfaces are user-defined.

Question 40

T/F - Dynamic interfaces are used for management information.

Answer 40

False.
Dynamic interfaces are typically used for client data.

WLC can contain up to 512 dynamic interfaces. They function similar to VLAN’s.

Question 41

This WLC interface is used for all layer 2 lightweight access points (LWAPP) communications between the controller and the Lightweight access points (AP’s)

Answer 41

Management Interface.

It is also used to communicate with other WLC’s.

Question 42

IPv6 link local addys are used for what?

Answer 42

IPv6 link local addys are used for communication over a single link.
It is automatically configured after you issue the ipv6 enable command.

The traffic stays on the local link. Often used for neighbor discovery.

Usually begins with FE8

Question 43

What command enables (SLAAC) on an interface.

Answer 43

ipv6 address autoconfig
command configures an interface to automatically assign itself a global unicast IPv6 address by using SLAAC - Stateless Address Automatic Configuration.

Question 44

Which of the following VLAN’s is used by DTP to negotiate a trunk link when 802.1q encapsulation is configured on the interface. Select the best answer.

a. 4094
b. 0
c. the native Vlan
d. 1

Answer 44

C.
Dynamic Trunking Protocol uses the native virtual local area network (VLAN) to negotiate a trunk link when 802.1q encapsulation is configured on the interface.

DTP frames are always transmitted on the native VLAN.

Question 45

What command allows you to change the native vlan?

Answer 45

switchport trunk native vlan {vlan id}

Question 46

T/F.

DTP set to automatically negotiate on a cisco switch by default.

Answer 46

True

Question 47

What does moving an unused port to an unused vlan accomplish?

Answer 47

Moving an unused port to an unused Vlan creates a logical barrier that prevents rouge devices from communicating on the network should such a device connect to the port.

Question 48

What command will allow you to move an unused port to an unused vlan?

Answer 48

switchport access vlan {unused vlan number}
then.
shutdown command

Question 49

What IEEE standard natively includes PortFast, UplinkFast and BackboneFast?

Answer 49

802.1w

Rapid Spanning Tree Protocol (RSTP) standard natively includes PortFast, UplinkFast and BackboneFast.

Question 50

What does Portfast do?

Answer 50

Portfast enables a port to immediately access the network by transitioning the port into the STP forwarding state without passing through the listening and learning states.

Question 51

What does UplinkFast do?

Answer 51

UplinkFast increases the convergence speed for an access layer switch that detects a failure on the root port with backup root port selection by immediately replacing the root port with an alternative root port.

Question 52

What does BackboneFast do?

Answer 52

BackboneFast increases convergence speed for switches that detect a failure on links that are not directly connected to the switch.

Question 53

EIII standard for traditional STP?

Answer 53

802.1D

Question 54

802.1s is the EIII standard for what protocol?

Answer 54

802.1s represents Multiple Spanning Tree (MST).
MST standard is used to create multiple spanning tree instances on a network.
Implementing MST on a switch also implements RSTP.

It doesn’t include PortFast, UplinkFast and BackboneFast.

Question 55

What command would you use to configure DAI - Dynamic ARP Inspection on vlans 11, 12 and 14?

Answer 55

S1 (config)# ip arp inspection valn 11-12, 14

Question 56

T/F - DAI can only be configured on a single VLAN.

Answer 56

False.

Dynamic ARP Inspection can be enabled on a single or multiple VLANs

Question 57

What does configuring DAI on each VLAN ensure?

Answer 57

Configuring DAI on each VLAN ensures that traffic sent from each host is inspected. Each port is by default an untrusted port.

Question 58

When DAI is configured for an entire VLAN, what command would you use to override the default config for a given port?

Answer 58

ip arp inspection trust

Question 59

Which of the following best describes what occurs when a packet must be re-sent because of an interruption that occurs before the 64th byte has been transmitted?

a. A runt frame is transmitted
b. a collision occurs
c. A baby giant frame is transmitted.
d. A jumbo frame is transmitted.
e. A late collision occurs.

Answer 59

b. A collision occurs.

Question 60

When does a late collision occur?

Answer 60

A late collision occurs when a packet must be re-sent because of an interruption that occurs after the 64th byte or the 512th bit

Question 61

What is a runt frame?

Answer 61

A runt frame is one that is fewer than 64 bytes and has a bad FCS. Frames under 64 bytes are discarded.

Runts can sometimes be caused by excessive collisions and/or malfunctioning hardware.

Question 62

How many bytes is a baby jumbo frame?

Answer 62

A baby jumbo frame is 1600 bytes in length.

Question 63

How many bytes is a jumbo frame?

Answer 63

A jumbo frame is a frame that is up to 9,216 bytes in length.

Question 64

What kind of hash does enable secret use?

Answer 64

Secure Hash Algorithm (SHA) 256-bit hash.

Question 65

What is MAC spoofing?

Answer 65

MAC spoofing is a layer 2 attack that uses the MAC address of another known host on the network in order to bypass port security measures.

Question 66

What is ARP poisoning?

Answer 66

Address Resolution Protocol poisoning (ARP poisoning) is a form of attack in which an attacker changes the Media Access Control (MAC) address and attacks an Ethernet LAN by changing the target computer’s ARP cache with a forged ARP request and reply packets. This modifies the layer -Ethernet MAC address into the hacker’s known MAC address to monitor it. Because the ARP replies are forged, the target computer unintentionally sends the frames to the hacker’s computer first instead of sending it to the original destination. As a result, both the user’s data and privacy are compromised. An effective ARP poisoning attempt is undetectable to the user.

Question 67

How can you prevent a VLAN hopping attack from taking place?

Answer 67

You can prevent a VLAN hopping attack by disabling Dynamic Trunking protocol on trunk ports, by changing the native VLAN, and by configuring user-facing ports as access ports.

Question 68

What does the spanning-tree-guard root command do?

Answer 68

the spanning -tree guard root command is used to prevent newly introduced switches from being elected as a new root switch. Allows admin to control which switch is the root.

Question 69

What is PortFast used for?

Answer 69

PortFast is a feature that provides immediate accessibility to the network for edge ports, such as access ports that are connected to end-user workstations.

Question 70

What are the 9 fields fo the 802.11 MAC - Media Access Control frame?

Answer 70

FC 2 bytes - frame control
DUR 2 bytes - Duration
Address 1,2,3 - 6 bytes each
SEQ 2 bytes - Sequence
Address 4 - 6 bytes
DATA - varies in size
FCS - 4 bytes - Frame Check Sequence

Question 71

How would you configure a normal WLAN via WLC GUI with the SSID of MyCompanyLAN?

Answer 71

1. click create new on WLANs page.
2. select the type of WLAN you are creating from the type drop-down list box. (by default it is config. to WLAN)
3. enter a 32 char. or less profile name in the profile name field.
4. enter 32 char. or less SSID-service set identifier in the SSID field.
5. choose a WLAN ID from the ID drop-down list box.

Question 72

What does the ntp broadcast client command do?

Answer 72

The ntp broadcast client command from int config mode tells the client to listen on the configured interface for NTP broadcasts from an NTP server. The NTP client uses this to adjust it’s time.

Broadcast client can receive its time from any NTP server where a static client receives it’s time from the NTP server specified in the ntp server command.

Question 73

What command would you use to cause the switch to instruct the IP phone to trust the class of service (CoS) priority of incoming data packets.

Answer 73

switchport priority extend trust.

QoS - 802.1p

Question 74

What does WRED stand for

Answer 74

Weighted random early detection.

Question 75

When is the use of WRED beneficial.

Answer 75

WRED is useful for networks where the majority of traffic uses Transmission Control Protocol (TCP) packets that are dropped must be retransmitted.

TCP sources reduce traffic flow when congestion occurs, thereby slowing down the network.

Question 76

Which REST API encoding format uses HTML-like tags to define blocks of data?

Answer 76

XML

Question 77

How would you configure DAI - Dynamic ARP Inspection on a switch to inspect traffic from hosts on VLAN 1, 3 and 4.

Answer 77

SwitchA# configure terminal
SwitchA(config)# ip apr inspection vlan 2-4
SwitchA(config)# exit

Question 78

Describe ARP poisoning attacks.

Answer 78

ARP poisoning attacks are also know as ARP spoofing attacks. an attacker intercepts an ARP request packet and replies with the attacker’s own MAC - Media Access Control addy rather than the addy of the intended recipient.

Subsequently the attacker is able to intercept any traffic intended for the original recipient.

Question 79

How does DAI work?

Answer 79

DAI - Dynamic ARP Inspection functions by inspecting traffic on ingress ports from host computers.

Question 80

What does VTP stand for?

Answer 80

Virtual Trunking Protocol.

Question 81

T/F - By default Cisco switches are configured for VTP server mode.

Answer 81

True

Question 82

What are the the three states of VTP that a switch can be set to?

Answer 82

Server, Client and Transparent

Question 83

What are three processes of the VTP transparent mode?

Answer 83

1. creates/modifies/deletes VLANs.
2. forward VTP advertisements.
3. stores VLAN information in NVRAM.

Question 84

What are three processes of the VTP client mode?

Answer 84

1. synchronizes VTP information.
2. originates VTP advertisements.
3. forwards VTP advertisements.

Question 85

What are three processes of the VTP server mode?

Answer 85

1. creates/modifies/deletes VLANs
2. synchronizes VTP information.
3. originates VTP advertisements.
4. forwards VTP advertisements.
5. stores VLAN information in NVRAM

Question 86

What are some functions of an AP in a split-MAC deployment?

Answer 86

• Prioritizing packets
• Responding to beacon and probe requests.
• Handling the real time processing of data..
• Encryption

Question 87

How would you configure your Cisco router to provide IP address to the computers on your network? IP addys should be assigned from the 192.168.1.0/26 address range

Answer 87

R1(config)#ip dhcp pool 1

R1(config)#network 192.168.1.0 255.255.255.192

Question 88

What percentage of wireless coverage overlap is considered appropriate to ensure that wireless clients do not lose connectivity when roaming from one AP to another?

Answer 88

10 to 15 percent of overlapping coverage is considered appropriate to ensure that wireless clients do not lose connectivity when roaming from one access point to another.

Question 89

T/F. The transport input ssh command will automatically enable SSH - Secure Shell on a router?

Answer 89

False.

Question 90

What command will automatically enable SSH on a router

Answer 90

crypto key generate rsa

Question 91

enable secret command is used to help prevent unauthorized access to what mode?

Answer 91

The enable secret command helps to prevent unauthorized access to the privileged EXEC mode.

Question 92

What ports will use port fast when it is enabled?

Answer 92

Access ports because hosts will connect to an access-layer switch port. With portfast is enabled the switch port will not transition throught the STP listening and learning states before it enters the forwarding state.

Question 93

What is another name for hypervisor?

Answer 93

VMM - Virtual Machine Monitor.

Question 94

What does hypervisor software do?

Answer 94

Hypervisor software is capable of virtualizing the physical components of computer hardware.

Question 95

Which Cisco lightweight AP mode provides BSSs?

Answer 95

Local mode provides Basic Service Sets (BSSs). Local mode is the default mode.

Question 96

What is a BSS?

Answer 96

A BSS is a closed group of wireless devices that are dependent on a fixed device. Before a wireless device can join the group, it must advertise its capabilities and obtain permission from the fixed device.

Question 97

Finish this, Bridge mode enables….?

Answer 97

Bridge mode enables a lightweight AP to act as a dedicated connection between two networks. Lightweight APs operating in bridge mode can connect to other networks in either a ptp or a point to multipoint fashion.

Question 98

What does this command display?

show ap config global

Answer 98

Displays Syslog server settings for every AP joined to the WLC

Question 99

What does this command display?

show ap config core-dump MyLAP

Answer 99

displays the memory dump for a specific lightweight AP

Question 100

What does this command display?

show ap crash-file

Answer 100

displays a list of dump files generated by lightweight APs

Question 101

What does this command display?

sh ap config general MyLAP

Answer 101

displays IP addressing and other information about the specified AP.

Question 102

What is the MAC - Media Access Control Ethernet multicast range that has been allocated for IP multicast use

Answer 102

01-00-5E-00-00-00 through 01-00-5E-7F-FF-FF