Ch. 8 Configuring Ethernet Switching Flashcards

0
Q

Cisco switches can protect user mode with a simple ______ with no username for Console and telnet users

A

Password

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
1
Q

The first step to securing a switch to secure access to the _____

A

CLI (command line interface)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

The _____ command tells iOS to use simple password security

A

Login

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

The _____ _____ ______ command defines the password

A

Password password – value

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

AAA server

A

Authentication authorization and accounting server

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Cisco switches and routers support an alternative way to keep track of usernames and passwords by using an external _____ server

A

AAA (authentication authorization and accounting)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Switches and AAA servers typically use either _____ or _____ protocol both of which encrypt the passwords as they traverse the network

A

RADIUS or TACAS+

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

You can set up passwords using the____ _____ command

A

Enable secret

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

MD5

A

Message digest 5

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

The _____ stores the results of the formula in the enable secret command in the configuration

A

MD5

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

A ____ is simply some text that appears on the screen for the

A

Banner

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

MOTD

A

Message of the day

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

_____ _____ List the commands currently held in history buffer

A

Show history

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

From the console or vty line configuration mode since the default number of command saved in the history buffer for the user of the console

A

History size x

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

From the EXEC this command allows a single-user to set just for this one session the size of his or her history buffer

A

Terminal history size x

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

SVI aka VLAN

A

Switched virtual interface

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

The _____ acts like the switch’s own NIC connecting into a LAN to send IP packets

A

SVI

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

A typical layer two Cisco LAN switch can only use one _____ interface at a time

A

VLAN

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

iOS uses the term _____ to refer to physical ports used for data to and from other devices

A

Interface

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

The engineer can use _____ _____ to restrict the interface on a switch so that only expected devices can use it

A

Port security

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

_____ Defines a maximum number of source Mac address is allowed for all frames coming in the interface

A

Port security

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

_____ _____ watches all incoming frames and keeps a list of all source Mac addresses plus the counter of the number of different source Mac addresses

A

Port security

22
Q

_____ ______ when adding a new source Mac address to its list checks if the number of Mac addresses pushes past the configured maximum, if this occurs a port security violations occurred the switch then shuts down the interface

A

Port security

23
Q

Port security provides an easy way to discover the Mac addresses used each port using a feature called _____ _____ MAC addresses

A

Sticky secure

24
The first step in securing a switch to secure access to the ____
CLI (command line interface)
25
Cisco switches protect enable mode for an user with the _____ ____
Enable password
26
The user and user mode types the _____ _____ command as prompted for this enable password. If the user types the correct password iOS moves the user to enable them
Enable EXEC
27
The console and vty password configuration uses the same two subcommand and Console and vty line configuration modes, respectively. The _____ command tells the iOS to you simple password security and the ______ password_value command defines the password
Login | Password
28
I was protects enablement the enable secret password, configured using the global command ______ _______ password value
Enable secret
29
The migration from using password only login method to using locally configured usernames and passwords requires only some small configuration changes. The switch needs one or more ______ name, _____ password will configuration commands to define the usernames and passwords
Username | Password
30
Cisco switches and router support an alternative way to keep track of all usernames and passwords by using an external_____ server
AAA(authentication authorization and accounting)
31
To support____, Cisco switches require the base configuration used to support telnet login with username plus additional configuration
SSH
32
Using ____ the switch needs a cryptography key to encrypt the data
SSH
33
You can encrypt some password using the____ ____-_____ global configuration command
Service password – encryption
34
The ______ global configuration command can be used to configure all three types of messages
Banners
35
______ Shown before the login prompt for temporary messages
MOTD (message of the day)
36
The _____ banner is shown before the login prompt but after the message of the day banner for permanent messages such as "unauthorized access prohibited"
Login
37
The ____ banner shown after the login prompt and used to supply information that should be hidden from unauthorized users
Exec
38
To configure IPv4 in a switch step 1 is enter VLAN 1 configuration mode using the _____ _____ 1 global configuration command
Interface vlan
39
To configure IPv4 in a switch step 2 is: sign the IP address and mask using the ___ ____ IP – address mask interface subcommand
IP addresses
40
To configure IPv4 in a switch step 3 is enable the VLAN 1 interface using the ___ ____ interface subcommand
No shutdown
41
To configure IPv4 in a switch step 4 is add the __ ____-______ IP – address global command to configure the default gateway
IP default – Gateway
42
To configure IPv4 in a switch step 5 (optional) add the ___ ___-____ IP – address1 IP – address2.... Global command to configure the switch to use DNS to resolve names into their matching IP address
IP name –server
43
To administratively enable an interface on the switch use the ___ ____ interface subcommand
No shutdown
44
To disable an interface use the _____ interface subcommand
Shutdown
45
If the network engineer knows what devices should be cabled and connected to particular interfaces on the switch the engineer can use _____ ______ to restrict that interface so that only the expected devices can use it
Port security
46
Imagine that you have configured the enable secret command followed by the enable password command from the console. You log out of the switch and log back in at the console. which command defines the password you had to enter to access Privileged mode
Enable secret
47
An engineer had formerly configured a Cisco switch to allow telnet access so that the switch expected a password of mypassword from the telnet user. The engineer then change the configuration to support secure shell. Which of the phone commands could have been part of the new configuration. (Choose two) A username name password password pty mode subcommand A username name password password global configuration command A login local vty mode subcommand A transport input SSH global configuration command
A Username name password password global configuration command A login local vty mode subcommand
48
The following command was copied and pasted into configuration mode when are user was Telnetted into a Cisco switch Banner login this is the login banner Which of the following is true about what occurs the next time a user logs in from the console? No banner text is displayed The banner text "his is" is displayed The banner text "this is the login banner" is displayed The Banner text"login banner configured no text defined"is displayed
The banner text "his is " is displayed
49
When configuring port security with sticky learning the _____ ____-_____ interface subcommand is required
Switchport port-security
50
And engineers desktop PC connection switch at the main site. A router at the main site connects each branch office through a serial link one small router and switch at each branch. Which of the following commands must be configured on the branch office switches in the listed configuration mode to allow the engineer to telnet to the branch office switches (choose three answer) IP address command in VLAN configuration mode The IP address command in global mode IP default- Gateway command in VLAN configuration mode The IP default- Gateway command in global configuration mode The password command in console line configuration mode Password command vty line configuration mode
The IP address command in VLAN configuration mode IP default – Gateway command in global configuration mode The password command in vty configuration mode
51
Which of the following describes a way to disable IEEE standard autonegotiation on 10/100 on a Cisco switch Configure the negotiate disable interface subcommand Configure the no negotiate interface subcommand Configure the speed 100 interface subcommand Configure the duplex half interface subcommand Configure the duplex full interface subcommand Configure the speed 100 and duplex full interface subcommands
Configure the speed 100 and duplex full interface subcommands
52
``` In which of the following modes of the CDI could you configure the duplex settings for interfaced fast ethernet 0/5? User mode Enable mode Global configuration mode VLAN mode Interface configuration mode ```
Interface configuration mode