CCNA 42 to 60

Question 1

NTP

Answer 1

Network Time Protocol, used to set the same time across your network, if the time isn’t the same on your devices you will have issues with your devices, i.e log files stating the wrong time. Certificates are also time stamped, they will time out/ expire if the time has drifted too far

Time is provided by NTP server (this server can be inside your network or a Stratum Zero)

Question 2

ACL

Answer 2

Access Control List-

ACL Extended=

ACL Net Interface=

ACL Global NAT=

Question 3

Dynamic NAT

Answer 3

Dynamic NAT can be defined as mapping of a private IP address to a public IP address from a group of public IP addresses called as NAT pool. Dynamic NAT establishes a one-to-one mapping between a private IP address to a public IP address.

*once to communication is completed the IP is recycled

Question 4

Static NAT/PAT

Answer 4

Manually tell the router which private address will work with which public address and port number.

The table will have the private address and the public address and port recorded in a NAT table. When return traffic comes in the source and port is looked up in the table

one to one

Question 5

Socket

Answer 5

Combination of IP address and port

Question 6

NAT Overload or Port Address Translation (PAT)

Answer 6

Uses the public IP assigned to the routers interface (or another IP address assigned for NAT overload) combined with a port number to create a unique address to communicate off the private network.

TCP Ports to know
FTP 21
SSH 22
Telnet 23
HTTP 80
SMTP 25
POP3 110
IMAP 143
HTTPS 443

UDP
DNS 53

Question 7

NAT

Answer 7

Network Address Translator, allows private IPs access to a public domain.

Inside=You own the address

Outside= someone else owns the address

Local= private address

Global= public address

Inside Local= inside the network and private

Outside Global= outside the network and public

Inside Global= Ip you own that is used off of your network (NAT)

Outside local= ip the belongs to another network that is private

Question 8

Stratum Clock

Answer 8

Atomic based clock that provides the time (Stratum 0)

Question 9

UTC

Answer 9

Coordinated Universal Time, where time starts

Question 10

stratum number

Answer 10

If you are getting your time from a stratum 3 clock, you become a stratum 4 clock

Question 11

DHCP

Answer 11

Dynamic Host Configuration Protocol, give IP addresses dynamically

Client: ability for a device to request an address. (auto gens a 169.254.x.x address if it doesn’t here back from the DHCP server)

Server: where the IPs are managed from

Relay: will forward DHCP requests to the Server if the client is unable to reach it and then relays back the response. (replays as a unicast)

Set up relay of your trunked device

Question 12

ASCII

Answer 12

is a 7-bit character set containing 128 characters. It contains the numbers from 0-9, the upper and lower case English letters from A to Z, and some special characters.

abbreviated from American Standard Code for Information Interchange, is a character encoding standard for electronic communication. ASCII codes represent text in computers, telecommunications equipment, and other devices.

Question 13

SNMP

Answer 13

Monitoring protocol ; Simple Network Management Protocol; Polls data (activity) from devices on a certain interval. A common poll interval in 60 seconds.(clear text)

v1:
v2c: can monitor, however has very limited authentication (r/o, r/w) can be used to change settings on your device if it is not locked down. (clear text)
v3: increased security; access levels- view, groups, user. Views can be assigned to groups and then users to the group.

Question 14

OID/MIB

Answer 14

Object identifiers, all of the things you can identify using SNMP (temps, run time, up down).

Management Information Base; data base of OIDs

Question 15

Syslog

Answer 15

syslog format (date, time, message)

0 Emergency—emerg = System is unusable
Ex: Drive failure

1 Alert—aler t= Should be corrected immediately
Ex: Loss of the primary ISP connection.

2 Critical—crit =Critical conditions
Ex: A failure in the system’s primary application.

3 Error—err = Error conditions
Ex: An interface has gone down

4 Warning—warning = May indicate that an error will occur if action is not taken.
Ex: A non-root file system has only 2GB remaining.

5 Notice—notice = Events that are unusual, but not error conditions.
Ex: Someone just logged in

6 Informational—info = Normal operational messages that require no action.
Ex:An application has started, paused or ended successfully.

7 Debug—debug = Information useful to developers for debugging the application.

Question 16

QoS

Answer 16

Traffic discrimination (which traffic is most important):

Classify Traffic: What interface, or ACL the traffic is on can be used to give priority.

Marking: (layer 2 )CoS class of service marking which will give a priority level to frame.

(Layer 3) ToS- type of service marking which will give a priority level to frame. EX: DSCP

Queuing: default is “first in, first out” queue can be changed to priority which will move desired traffic to the front of the line.

Shoot: (WRED) waited random early detention, picks off excess traffic.

Policing: putting anti QoS on traffic can be used to slow traffic / limit traffic (traffic you don’t want)

Shaping: traffic you want, limit traffic after a certain bandwidth

If there is no congestion, there is no need for QoS

Question 17

NBAR

Answer 17

Network based application recognition

NBAR intelligently classifies and allows you to enforce QoS policy on today’s mission-critical applications.

Question 18

Low latency Queuing

Answer 18

PQ-CBWFQ—cisco proprietary that stops traffic starvation. in QoS priority, it allows you to put a data cap on the traffic.

PQ( priority queuing)
CB (Class based)
WF(waiting fair)

Question 19

FTP-TFTP

Answer 19

Used to copy files:

FTP- TCP communication (secure/ authentication), port 20/ 21, faster–

TFTP- UDP (unsecure/ no authentication), port 69

Question 20

CIA

Answer 20

Confidentiality of Data

Integrity of Data

Availability of Data

Question 21

What can cause vulnerability in a network?

Answer 21

Bugs, flaws in hardware or software

Bad or lacking configuration

legacy systems

Broken Processes

Unpatched systems

Question 22

ARP Spoofing

Answer 22

Lying to the network about the gateway lay 2 addresses

Question 23

CDP Flooding

Answer 23

Floods fake CDP messages

Question 24

What is and exploit ?

Answer 24

Way or method that can be used to take advantage of a vulnerability

Question 25

Mitigation

Answer 25

action of redoing to severity, or seriousness of a threat

Steps/ places to look:
Increase awareness--Applications, 
Network infrastructure-- 
Training users---
Testing--- test after training, send out fake phishing emails and ask users to report

Question 26

DAI

Answer 26

Dynamic ARP inspection, insures the validity of an ARP request

Question 27

Security Policy

Answer 27

Access Control- physical access and logical access control

Change management policy- policy that give guidance on how, when changes can be made so that they do not cause harm or vulnerability

Mobile Policy

Baseline Policy

AUP- acceptable use policy (signed annually)

Password Policies

Data Retention (emails and documents, how long to keep data and when to get rid of it)

Incident Reporting Policy- how to report an incident

Vulnerability and Risk Assessment Policies—

Question 28

Social Engineering

Answer 28

Phishing–
Spear Phishing–
Pretexting–
Tailgating–

Question 29

Physical Security

Answer 29

Man trap, guard, who has access to switches ? access hards, temperature sensors, UPS, laptop/ computer locks

Question 30

Password Policy

Answer 30

Educate users of what the policy is
Enforce the policy —

Characteristics in policy:
Length- 7 plus
Complexity- upper, lowercase, special characters
Max Age- change every 45 days
History- user can’t reuse last ten passwords
Minimum age: user can’t change password more than once in a day

This can be enforced in AD for example

Question 31

2FA/MFA

Answer 31

When you use at least two methods to authenticate users identity.

Cat A —One thing a user knows, (pin or password)

Cat B —Something that the user has, (card, key fob or app of phone, security token)

Cat C — Something that the user “is” (finger print, face rec, voice rec, eye rec

Question 32

What is the difference between the aux port and the console port?

Answer 32

Both aux and console ports can let you into the router or switch, the console port however is active while booting up. The console port function is useful for password reset and other reboot function.

In order to get beyond the user mode on the aux port, you need an enable secret set. You will need to do this from the console port.

Question 33

AAA

Answer 33

Authentication, authorization and accounting—

Authentication (Verifying who is accessing)
–Can have a server with passwords and access levels (active directory) connected to switches and routers for access.

Authorization (What can a person do– access level)

Accounting (who does/ did what–logs)

Question 34

TACACS +

Answer 34

Cisco standard— works better with Cisco devices

Encrypted communication, used TCP

protocol used when the AAA clients communicate with the server (active directory)

Terminal Access Controller Access Control System

Question 35

RADIUS

Answer 35

Industry standard, used UDP and does not encrypt the full session. does encrypt passwords

Remote Authentication Dial-in User Service

protocol used when the AAA clients communicate with the server (active directory)

Question 36

Implicit Deny

Answer 36

When traffic is not matched on an ACL it is automatically denied

Question 37

StandardACL

Answer 37

only matches source IPs and or source IP range

Question 38

Expended ACL

Answer 38

can match source and destination IPs as well as port numbers

Question 39

Port Security

Answer 39

Cannot be a dynamic port, max Mac for port is ONE out of the box. When you hit the max, the port is error shut down.

Question 40

CAM Table overflow attack

Answer 40

An attack, also known as Mac flooding that floods the CAM table with fake MAC addresses and consumes the switches memory

Question 41

Dynamic Port

Answer 41

a port that auto negotiates connections

Question 42

swithchport host command

Answer 42

Use the switchport host interface configuration command on the switch stack or on a standalone switch to optimize a Layer 2 port for a host connection. This command does 3 things! Configures the switchport for access mode. Enables portfast. Disables Etherchannel.

Question 43

DHCP Snooping

Answer 43

tells switch not to listen to any DHCP messages unless it comes out of a names port (Enable at the access layer)

Question 44

DORA

Answer 44

Discover, offer, request and authorize (DHCP steps)

Question 45

Source Guard

Answer 45

Helps protect the network against connected host from lying about their source IP or MAC addresses

Question 46

What is the insertion of option 82?

Answer 46

When DHCP Snooping is enabled, DHCP Option 82 is inserted into DHCP packets as they pass through a switch. Option 82 contains information about the specific port a client machine is connected to.

Question 47

Dynamic ARP inspection (DAI)

Answer 47

DAI checks all ARP packets on untrusted interfaces, it will compare the information in the ARP packet with the DHCP snooping database and/or an ARP access-list. If the information in the ARP packet doesn’t match, it will be dropped..

Question 48

VPN Tunnel

Answer 48

Logical path between two networks, encrypted 
Security Association (VPN connection), 

site to site tunnel- between HQ and remote site
Remote access— VPN from individual computer to HQ

Question 49

Cryptography

Answer 49

the study of secure communications techniques that allow only the sender and intended recipient of a message to view its contents

Confidentiality with encryption

Question 50

AES

Answer 50

Advanced Encryption Standard

Encryption algorithm, more bits used, more secure.

Along with algorithm devices on each end have unknown keys to stop the algorithm from being broken

Question 51

Hashing

Answer 51

Data integrity; a one-way function where data is mapped to a fixed-length value, when the hash gets to the other side the length is verified

MD5 and SHA are different hash algorithm

Question 52

IPsec

Answer 52

IPsec is a collection of encryption standards used for VPN tunnels (other examples include PPTP, L2TP V1/V2 which can be used for Remote Access connections.) IPsec can be used for both site to site and Remote Access connections.

AES is the latest standard

Question 53

ISA KMP SA

Answer 53

is a protocol defined by RFC 2408 for establishing Security association (SA) and cryptographic keys in an Internet environment.

Router to Router communication.

Question 54

IPsec SA

Answer 54

second SA tunnel used to encrypted the user information

Question 55

Crypto Map

Answer 55

a collection of the settings and attributes you want to use for the VPN tunnel

Question 56

ESP

Answer 56

Encapsulating Security Payload, layer 4 protocol number 50—Encapsulates traffic

Question 57

SSL/ TLS/ DTLS

Answer 57

secure Socket layer, Transport layer security= TCP security protocols used for site to client VPN. TCP has more over head so sometimes , Datagram Transport layer security (DTLS) is preferred) DTLC uses UDP and has less over head. Used for Remote Access “HQ to Client”

Question 58

Split Tunneling

Answer 58

Ability to divide traffic encryption based on destination from client machine. Ex. only traffic to and from HQ is encrypted. If the user is going to YouTube , the traffic would not be encrypted.

Question 59

What are WiFi security option?

Answer 59

Disabled, None, Open
WEP --security is easily cracked
WPA-- has been cracked as well
WPA2-- currently secure
WPA3-- newest, backwards compatibility if device does not support WPA3

Question 60

Personal V Enterprise WiFi

Answer 60

Personal– password– pre shared key

Enterprise– AAA server used to authenticate, this also provide an encryption key

Question 61

PSK

Answer 61

Pre shared Key

Question 62

Network Automation

Answer 62

the process of automation the configuration, managing, testing, deployment and operation of physical and virtual devices within a network (Pyton)

Question 63

BGP

Answer 63

Border Gateway Protocol (BGP) is a standardized exterior gateway protocol designed to exchange routing and reachability information among autonomous systems (AS) on the Internet.

Question 64

Zero touch provisioning

Answer 64

Allows your router and switch to boot up and get basic configuration

Question 65

Cisco DNA Center

Answer 65

Used for network automation; digital network architecture

Features:

• Network Mapping (provision and deploying fabric)
• Network Discovery
• dynamically configure devices
• Network automation
• Design from ground up and then order
• Policy – access
• Assurance– system logs

Question 66

API

Answer 66

Application Program Interface— allows you to interact with devices instead of having to work in the CLI

Can monitor and configure device with API

API also uses a token for security

Computercomputer

ProgramProgram

Question 67

SNMP

Answer 67

Used by monitoring programs like SolarWinds—

Simple Network Management Protocol (SNMP) is an Internet Standard protocol for collecting and organizing information about managed devices on IP networks and for modifying that information to change device behavior.

Question 68

Mibs

Answer 68

—-Management information base– used to monitor device statistics and make changes on devices

Question 69

REST API

Answer 69

A REST/RESTful API

Representational State Transfer— Let us know how we can change and modify simple information.

Contraints—
1. Client- server relationship (Router, controller, website… is server, you are the client)

2. State-less (when a request is made is has to contain everything needed for the request– Full context)
3. Cacheable (won’t change very often) has to be able to determine if something should be cached or not

– ^learn for exam^

4. Uniform Interface (Keep it simple and consistent)
5. Layered
6. Code on demand

Question 70

What are REST API Verbs/ Actions?

Answer 70

CRUD (Create, Read, Update and delete)

Think of as the protocol in the REST API— ex HTTP=80

GET= Request, reply interaction- retrieve a resource (READ)

Post= create a resource object (CREATE)

Patch= create or update a resource object (UPDATE)

Put= create or replace a resource (UPDATE)

Delete= Delete a resource (DELETE)

Question 71

API Errors

Answer 71

**200s = successful

**400s= Client error (error with something you entered, you have to fix)

**500s server error

Question 72

Python Dictionary

Answer 72

A collection which is ordered, changeable and indexed. No duplicate members.

key= word 
value= definition

Question 73

Simple Variable (Python)

Answer 73

used to store information to be referenced and manipulated in a computer program

Question 74

Python List

Answer 74

a collection which is ordered and changeable

Question 75

Json, YAML, XML

Answer 75

Data serialization languages— the process of converting structures dada to a format that allows sharing or storage of data in a form that allows recovery of its original structure

XML= mainly used for websites (extensible markup language)

JSON= used for APIs, human and machine readable
(javascript object language)

YAML = not markup language, used with sensible, python and perl–human readable

Question 76

JSON Object

Answer 76

JSON dictionary, between two “}”

Ex {“hostname”: “router1”}

Objects within objects = nesting

Question 77

JSON Array

Answer 77

a list between two “]”

Ex.[“school”, “work”, “travel”]

Question 78

Controller Based Networking

SND) (ACI

Answer 78

ACI (Cisco proprietary SDN)

Software defined networking— SDN takes over all control plane functions on routers and switches, turning them into zombies— centralized control plane

Question 79

Southbound Interface

Answer 79

SBI, used by SDN to control devices

— called a southbound interface, because it usually sits at the top of the rack above the devices it is controlling.

—interfaces refers to what you are using to interact with the networking devices

—-Openflow– open source inductry standard

—-OpFlex– used with cisco ACI (data center automation)

—-CLI/SNMP– SSH access for older devices (DNA Center)

—-NETCONF–also used by DNA center— standardized by IETF

Question 80

Northbound Interface

Answer 80

NBI is where users access devices. Example (DNA Center, or REST API)

Question 81

IBN

Answer 81

Intent Based Networking– allows you to make changes on devices without having to worry about the rules. DNA center is an example of IBM– DNA center will put in the commands for you
— automates configuration for us

Question 82

Underlay

Answer 82

creating a physical network that provides connectivity for the overlay, create as much redundant lay 3 connections as you can.

Question 83

Overlay

Answer 83

The fabric/ the virtual networks TUNNELED over your underlay devices— logical/ virtual

Creates a point to point connections is VXLAN

Question 84

VXLAN

Answer 84

(layer 2 over layer 3)

VXLAN is a tunneling protocol that encapsulates Layer 2 Ethernet frames in Layer 3 UDP packets, enabling you to create virtualized Layer 2 subnets, or segments, that span physical Layer 3 networks. Each Layer 2 subnet is uniquely identified by a VXLAN network identifier (VNI) that segments traffic

Question 85

Fabric

Answer 85

everything is your software defined network, overlay and underlay

Question 86

APIC

Answer 86

Application policy infrastructure controller—

the main architectural component of the Cisco ACI solution (SDN). It is the unified point of automation and management for the Cisco ACI (SDN) fabric, policy enforcement, and health monitoring.

Question 87

LISP

Answer 87

Location Identity Separation protocol – identifies each host with an EID (Endpoint device ID) and matches it to a RLOC (routing locator) and maps it.

Similar to DNS, replaces some routing protocols

Question 88

Fabric Edge Nodes

Answer 88

switches on the edge of the underlay, keeps track of who is connected to it and sends it back to the fabric controller

— Allows for smaller networking tables an device mobility

Question 89

Easy QoS

Answer 89

how you can prioritize traffic on DNA center

Question 90

East Bound

Answer 90

Events and notifications

Question 91

West Bound

Answer 91

Integration APIs, ITSM, Assurance

Ex. can find issues in the network , open a ticket and resolve the ticket.

Question 92

Puppet

Answer 92

network automation tool that uses an agent. Can be used on limited devices that allow agent install. (can be installed on netux devices)

Ruby based

Take model–>

You need to set up a puppet master (server) and install the agent on your clients (switch or router)

Structure

1. ->Modules (organizes manifest)
2. –> manifests
3. ——> Classes (organizes manifest files)
4. ———–> Resources (list what’s going to happen on the device)

(has an agent less version that supports cisco devices)

Question 93

Chief

Answer 93

network automation tool that uses an agent.

Ruby based–>
Needs an agent to run.
Pull method–>

Recipe= a collection of resources that determine the configuration policy of a node.

Central Server= server the run Chief

Resource= one particular action or configuration or a

Node=Server you want to control

Cookbook= where recipes are stored

The node upload his cookbooks to the Central Chief server that has a collection of cookbooks with a tool called knife

Currently has no cisco integration.

Question 94

Ansibal

Answer 94

agent-less
used to automate network devices–python based, uses YAML– Linux and MAC
Open-Source and free

Push model–>

Playbook–> Tasks

Can be used to generate templates

Question 95

Git

Answer 95

versioning tracking software (ex Github)

used for versioning revision/ control

Question 96

DiffServ

Answer 96

DiffServ is a set of end-to-end quality of service (QoS) capabilities. End-to-end QoS is the ability of the network to deliver service required by specific network traffic from one end of the network to another.

Question 97

CSMA/CD

Answer 97

Carrier Sense Multiple Access / Collision Detection, a set of rules determining how network devices respond when two devices attempt to use a data channel simultaneously (called a collision). Standard Ethernet networks use CSMA/CD to physically monitor the traffic on the line at participating stations.

Question 98

NETCONF

Answer 98

is a protocol defined by the IETF to “install, manipulate, and delete the configuration of network devices”. NETCONF operations are realized on top of a Remote Procedure Call (RPC) layer using an XML encoding and provides a basic set of operations to edit and query configuration on a network device.

Question 99

How do you parse a JSON string in Python?

Answer 99

json.loads(input)

Question 100

What is the IP address of an OSPF Hello Packet ?

Answer 100

224.0.0.5 (multicast)

Question 101

What is 802.1q

Answer 101

VLAN protocol /adds vlan to header