CCNA Flashcards
1
Q
Don’t telnet and dns resolve for mistyped commands
A
no ip domain-lookup
2
Q
Make Log messages not screw up your typing
A
line console 0
logging synchronous
3
Q
Create or set encrypted password for EXEC Privileged mode
A
enable secret [password]
4
Q
Give interface a description
A
(config-if)#description [description]
5
Q
Discover Cisco devices close to you
A
show cdp neighbors
6
Q
Configure virtual terminal line to use telnet with a password
A
line vty 0 4
transport input telnet
password [password]
7
Q
Set hostname
A
hostname [hostname]
8
Q
Setup SSH
A
ip domain-name [e.g. ine.com]
crypto key generate rsa
(note: rsa bits have to be at least 1024 for SSH version 2)
!
ip ssh version 2
username [username] privilege [privilege level] password [password]
!
line vty 0 4
transport input ssh
login local (makes the remote login prompt access the local machine)
9
Q
How to telnet
A
telnet [remote ip address]
10
Q
How to SSH
A
ssh -l [username] [remote ip address]
11
Q
True/False: CDP hops through Cisco IOS devices to discover more on the other side
A
False
12
Q
Command to show CDP neighbor’s ip addresses
A
show cdp neighbors detail
13
Q
What ipv6 hex does link-local address always start with?
A
FE80
14
Q
Solicited Node IPv6 starting hex
A
FF02::1:ffxx:xxxx
15
Q
Solicited node multicast address, how is it created
A
FF02::1:ffxx:xxxx
Where xx:xxxx is last word and a half of interface ID
16
Q
Interface ID, what is it
A
Basically IPv6’s term for ip address I think
17
Q
Set up SLAAC,
A
R1(config-if)# ipv6 address autoconfig
R2(config)# ipv6 unicast-routing
18
Q
Command to set a mac address table entry, aging timer
A
mac address-table aging-time [# in seconds]
19
Q
802.1q trunking , forward all VLAN’s, set it on an interface
A
shutdown
switchport trunk encapsulation dot1q
switchport mode trunk
no shutdown
20
Q
dynamic trunking command
A
switchport mode dynamic [auto or desirable]
21
Q
Command to set native VLAN on a trunk
A
switchport trunk native vlan [vlan #]
22
Q
Disallow all VLAN’s on trunk
A
switchport trunk allowed vlan none
23
Q
Command to add VLAN’s to allow list on trunk
A
switchport trunk allowed vlan add [vlan #)
24
Q
Set which VLAN’s to be the ONLY allowed VLAN’s on a trunk
A
switchport trunk allowed vlan [vlan #]
25
SLAAC, what is it? And what does it do?
Stateless Address Auto-Configuration,
Basically turns hosts into IPv6 DHCP servers for directly connected hosts
26
VTP, what is it?
VLAN Trunk Protocol
27
Command to make a switch inherit VLANs from another switch
vtp mode client
28
Command that sets a switch so that when VLANs are entered manually, they will not affect any other switches dynamically
vtp mode transparent
29
What is the default vtp mode
server
30
Set vtp domain and password
vtp domain [domain]
vtp password [password]
31
VTP, what does it do?
Automatically syncs up VLAN tables from one switch to another
32
switchport mode access, what does it do?
it makes an interface only access one VLAN
33
command to make an interface only access one VLAN
switchport mode access
switchport access [VLAN]
34
VLAN Trunk, what does it do?
It allows multiple VLANs on one interface
35
Command to show what interfaces are assigned to which VLANs
show vlan
36
True/False: Routers can do VLAN trunking on interfaces dynamically
False
37
Command to create DHCP pool on a router
ip dhcp pool [name]
network [ip address /mask]
default-router [ip address]
38
True/False: Routers have to use sub-interfaces to send packets via VLANs
True
39
Command to set VLAN on router sub-interface with 802.1q
interface g0/0.1
encapsulation dot1q [VLAN]
ip address [address] [mask]
40
Command to make switch use rapid spanning tree
spanning-tree mode rapid-pvst
41
STP and RSTP, what are they?
Spanning tree protocol, and Rapid Spanning tree protocol
42
Command to make a switch the root for a VLAN in STP
spanning-tree [VLAN] root primary
43
Command to set a switch bridge priority value on a VLAN for STP
spanning-tree [VLAN] priority [value]
44
Command to set spanning tree cost for a VLAN on an interface
interface [interface]
spanning-tree [VLAN] cost [value]
45
Command that forces a switch port to forward all traffic on an interface from STP's perspective
interface [interface]
spanning-tree portfast [edge or trunk]
46
Command to make two or more interfaces into an etherchannel using LACP (IEEE standard protocol)?
interface range [interfaces]
channel-group [group #] mode [active or passive]
47
Command to make two or more interfaces into an etherchannel using PAGP (Cisco proprietary protocol)?
interface range [interfaces]
channel-group [group #] mode [desirable or auto]
48
LACP, what is it, and what does it do?
Link Aggregation Control Protocol
IEEE standard protocol for making an etherchannel
49
PAGP, what is it, and what does it do?
Port Aggregation Protocol
Cisco proprietary protocol for making an etherchannel
50
Command to turn on port-security for an interface
interface [interface]
switchport port-security
51
True/False: Port-security default settings will allow any mac address to use an interface, but will only allow one mac at a time
True
52
Command to make port-security dynamically "grab" the first mac address on the interface
switchport port-security mac-address sticky
53
Command to set a custom mac address for an interface
interface [interface]
mac [mac address]
54
Command to show port-security settings on an interface
show port-security interface [interface]
55
Command to set a maximum number of mac addresses that can connect on one interface
switchport port-security maximum [value]
56
Command to set a static mac address in port-security
switchport port-security mac [mac address]
57
Command to make port-security violation restrict only the offending mac addresses
switchport port-security violation restrict
58
Command to set an ip address on a switched virtual interface
interface [VLAN]
ip address [address] [mask]
59
True/False: A layer-3 switch can be configured to act as a DHCP server
True
60
Command to enable DHCP snooping on specific VLAN's and set a trusted interface
ip dhcp snooping
no ip dhcp snooping information option (this command turns off option 82)
ip dhcp snooping [VLAN]
interface [interface]
ip dhcp snooping trust
61
Command to show what DHCP bindings have been learned by a switch that is using DHCP snooping
show ip dhcp snooping binding
62
Command to enable IP routing on a layer-3 cisco switch
ip routing
63
Command to create a static route on a router
ip route [destination prefix] [destination prefix mask] [forwarding router's address]
64
Command to set a static route that forwards all unknown traffic to one location
ip route 0.0.0.0 0.0.0.0 [forwarding router's address]
65
Command to show routes on a router
show ip route
66
Command to make Routers and switches actually route ipv6 packets
ipv6 unicast-routing
67
Convert 10000000 to Decimal
128
68
Convert 11000000 to Decimal
192
69
Convert 11100000 to Decimal
224
70
Convert 11110000 to Decimal
240
71
Convert 11111000 to Decimal
248
72
Convert 11111100 to Decimal
252
73
Convert 11111110 to Decimal
254
74
Convert 11111111 to Decimal
255
75
Convert 00000000 to Decimal
0
76
Convert 0 to Binary
00000000
77
Convert 128 to Binary
10000000
78
Convert 192 to Binary
11000000
79
Convert 224 to Binary
11100000
80
Convert 240 to Binary
11110000
81
Convert 248 to Binary
11111000
82
Convert 252 to Binary
11111100
83
Convert 254 to Binary
11111110
84
Convert 255 to Binary
11111111
85
STP path cost for 4 megabits per second
250
86
STP path cost for 10 megabits per second
100
87
STP path cost for 16 megabits per second
62
88
STP path cost for 100 megabits per second
19
89
STP path cost for 1 gigabits per second
4
90
STP path cost for 10 gigabits per second
2
91
True/False: Etherchannel group numbers have to match across BOTH sending and receiving switches/routers
False. But the practice test said the opposite
92
Abbreviation for port-channel/ether-channel/channel-group
Po, or Po1 where "1" is the channel-group number
93
Command to turn an interface on a switch into a L3 port
interface [interface]
no switchport
94
When issuing "show cdp neighbors", which devices do "Local Intrfce" and "Port ID" refer to.
"Local Intrfce" shows the interface on the device issueing the command, and "Port ID" shows the interface on the neighbor device
95
True/False: lldp is enabled by default on cisco routers and switches
False
96
Command to enable lldp
lldp run
97
True/False: lldp works on all VLAN's by default
True
98
what is the default route? Also known as the gateway of last resort?
0.0.0.0 0.0.0.0 [address of destination router]
99
What does Cisco DNA stand for?
Cisco Digital Network Architecture
100
What does IBN stand for?
Intent-based Networking
101
What does SDN stand for?
Software Defined Network
102
What does ITSM stand for?
IT Service Management
103
What does IPAM stand for?
IP Address Management
104
What is an Ansible playbook?
A set of actions to be run on managed nodes
105
What is JSON?
JavaScript Object Notation, it's a data representation format that is used by Ansible
106
What is YAML?
YAML ain't Markup Language, it's a programming language used in Ansible playbooks
107
What does BPDU stand for?
Bridge Protocol Data Unit
108
True/False: in STP, the switch with the Lowest BPDU priority becomes the root bridge
True
109
What is the RJ-45 T568A Coloring order?
Green-white
Green
Orange-white
Blue
Blue-white
Orange
Brown-white
Brown
110
What is the RJ-45 T568B Coloring order?
Orange-white
Orange
Green-white
Blue
Blue-white
Green
Brown-white
Brown
111
What private IP address ranges cannot be used to access the internet directly without the use of NAT?
10.0.0.0/8
172.16.0.0/12
192.168.0.0/16
112
JSON formatting example
{
"Name": "Mike",
"Position": "Manager",
"Age": "30"
}
113
What does DDoS stand for?
Distributed denial of service
114
What does IPS stand for?
Intrusion Prevention System
115
What does MitM stand for?
Man-in-the-Middle
116
What do attackers use "sniffers" for?
Capturing network traffic for malicious reasons
117
What does ARP stand for?
Address Resolution Protocol
118
What does SSID stand for?
Service Set Identifier
119
True/False: SSID's are case sensitive
True
120
How many Alphanumeric characters can an SSID have?
32
121
What does SOHO stand for?
Small Office Home Office
122
What does OM stand for?
Optical Multi-mode
123
What is the difference between OM3 and OM4?
Both support speeds up to 100Gbps, but OM4 supports farther distances and is more expensive
124
What is Mobility Express?
A wireless deployment solution for up to 100 access points. It's a controllerless solution because any AP can act as a virtual controller without the need for a dedicated wireless LAN controller (WLC)
125
What does WLC stand for?
Wireless Lan Controller
126
How many AP's does Cisco Meraki support?
3000
127
What centralized WLC supports up to 6000 AP's?
Unified
128
Command to show ospf neighbor information on a router
show ip ospf neighbor
129
True/False: An ospf process ID is a locally significant value
True
130
What is the name of a router that sits between two ospf areas and exchanges packets between the two?
Area border router (ABR)
131
What does LSA stand for, and what does it do?
Link State Advertisement (LSA), it's a type of packet that is exchanged between ospf routers to advertise ospf routing data
132
True/False: There can be multiple backbone areas in ospf
False
133
How does a wildcard mask work?
bit "0" means check the corresponding value. bit "1" means ignore the corresponding value.
134
How to quickly calculate subnet mask to wildcard?
Subtract 255.255.255.255 by subnet mask. e.g. 255.255.255.255 - 255.255.255.64 is 0.0.0.191
135
Quickest way to setup OSPF on a router
router ospf [process ID]
network 0.0.0.0 0.0.0.0 area [area #]
136
Command to set a router ID for OSPF
router ospf [process ID]
router-id [ID in IP address format]
Note: IF OSPF process is already running, OSPF process will need to be restarted with command "R1: clear ip ospf process"
137
Command to create a loopback interface on a router and set an IP address
interface loopback [loopback #]
ip address [address] [mask]
138
Command to show ospf neighbors
show ip ospf neighbor
139
What does AAA stand for? And what does it do?
Authentication, Authorization, and Accounting. It's a security framework for controlling and tracking user access within a computer network. Radius is one of many AAA protocols.
140
Command to enable aaa commands
aaa new-model
141
Command to set a radius server on a router
aaa new-model
radius server [name]
address ipv4 [server address] auth-port [port #] acct-port [port #]
key [key]
142
Command to make a router that is trying to connect to a radius server, timeout and retransmit twice
aaa new-model
radius server [name]
timeout 2
retransmit 2
143
Command that makes all attempts to authenticate on a router check a pre-configured radius server, and fallback to local credentials if the radius server cannot be reached?
aaa new-model
aaa authentication login default group radius local
144
Command that makes all attempts to use the enable command on a router check a pre-configured radius server, and fallback to local credentials if the radius server cannot be reached?
aaa new-model
aaa authentication enable default group radius enable
145
Command to set logging console parameters
logging console [0 - 7
146
Command to store debug messages in a buffer
logging buffer 7
147
Command to turn on debugging for a command
R1# debug [command]
148
Command to show what debugs are turned on
show debug
149
Command to clear logging buffer before displaying logs
clear logging
150
Command to turn off all debugs
undebug all
151
Command to make a standard access list entry that denies a host
ip access-list standard [1-99 or name]
deny host [ip address or hostname]
152
Command to make a standard access list entry that permits any hosts
ip access-list standard [1-99 or name]
permit any
153
Command to apply access list to incoming telnet and ssh connections
line vty 0 4
access-class [1-99 or name] in
154
command to apply access list to outgoing interface connections
ip access-group [1-99 or name] out
155
Command to deny packets in an extended access list
ip access-list extended [100-199 or name]
deny [port # or protocol] [source address] [wildcard bits] [destination address] [wildcard bits]
156
True/False: Extended access lists should be placed as close to the source as possible
True
157
What does HSRP stand for?
Hot Standby Router Protocol
158
Command to show dhcp network, mask, and default router information on a router
show run | begin ip dhcp
159
What does HSRP do?
It makes two routers work together such that one is an active router and the other is a standby (backup/failover) router
160
Command to set up HSRP on a router
standby [group #] ip [virtual ip address] (has to be the same on both routers in the group, and it needs to be set as the default gateway on hosts)
161
Command to make a loopback interface on a router advertise its subnet as a network instead of only advertising as one host
interface loopback [loopback #]
ip ospf network point-to-point
162
Command to create a NAT pool
ip nat pool [pool name] [starting address] [ending address] prefix-length [1-32]
163
Command to show translations for NAT on a router
show ip nat translations
164
Command to show details of translations for NAT on a router
show ip nat translations verbose
165
Command to make NAT source an access list and NAT pool for translating
ip nat inside source list [access list # or name] pool [pool name]
166
Command to set an interface to use NAT
interface [interface]
ip nat [inside or outside]
167
Command to show ip address of cdp neighbors
show cdp neighbors detail
168
True/False: For ospf, hello intervals and dead intervals have to match between neighbors to form adjacencies
True
169
Hotkey to abort Cisco IOS command
Ctrl+6
170
IPv4 Packet header field names
Version, Header Length (IHL), Type of Service, Total Length, Identification, Flags, Fragment Offset, Time to Live, Protocol, Header Checksum, Source IP, Destination IP, IP Options (if any), Payload
171
IP address range used for multicast, Class D
224.x.x.x - 239.x.x.x
172
What ports and protocol does DHCP use?
UDP port 67 and 68
173
DHCP 4-step propagation
Discover, Offer, Request, Acknowledgement (DORA)
174
What Layer of the OSI model does the Ethernet protocol reside at
Layer 2
175
What port and Protocol does DNS use
UDP port 53
176
UDP Header Sections
Source port number, Destination Port Number, Length (UDP Header + Data), Checksum, Payload
177
TCP header sections
Source Port Number, Destination port number, Sequence Number, Acknowledgment number, header length, reserved, Control flags, Window size, Checksum, Urgent Pointer, TCP Options (if any), Payload.
178
Command to set a password on the console line
line console 0
password [password]
179
Command to copy your running-config to your startup-config
write
180
What does CAM stand for? And what is it used for?
Content Addressable Memory, used for storing information such as MAC addresses on physical ports with their associated VLAN Parameters
181
What does CoS stand for? And what is it?
Class of Service, It's used to set what class of service data traffic should be set to.
182
Characteristics of RESTCONF
Stateless, Transports over HTTPs, Supports both XML and JSON
183
Characteristics of NETCONF
Stateful, Transports over SSH, Only supports XML formats
184
Which cloud deployment model provides limited services with immediate accessibility
Public
185
Which cloud deployment model provides the flexibility to expand the client's self-owned capacity immediately during peak times
Hybrid
186
Which cloud deployment model provides enhanced security with reduced cost
Community
187
Which cloud deployment model can be self-managed or managed by a service provider
Private
188
What does CRUD stand for?
Create Read Update Delete
189
What does PUT do in the CRUD method?
Update
190
What does POST do in the CRUD method?
Create
191
What does GET do in the CRUD method?
Read
192
What does DELETE do in the CRUD method?
Delete
193
What is DAI?
Dynamic ARP inspection
194
Command to make a route external on a router
ospf default-information originate
195
What does AMP stand for?
Advanced Malware Protection
196
What does NGFW stand for
Next-generation firewall
197
Command to encrypt all current and future passwords in the configuration file
service password-encryption
198
A cisco proprietary protocol that is used to monitor traffic
NetFlow
199
IPv6 "broadcast" address
FF02::1
200
IPv6 Link local
FE80::/10
201
IPv6 local or private
FC00 or FD00
202
IPv6 Multicast range
FF00
203
IPv6 Multicast used as a broadcast for routers. Used for IPv6 SLAAC
FF02::2
204
Hello and Hold timers for OSPF neighbors
Hello = 10 seconds
Hold = 40 seconds
205
CAPWAP tunnel UDP port # used to control and manage LAP's
5246
206
CAPWAP tunnel UDP port # used to transmit client data
5247
207
What does DSCP stand for
differentiated services code point
208
What does DIA stand for?
Dynamic ARP inspection
