Ch. 8 Configuring Ethernet Switching

Question 0

Cisco switches can protect user mode with a simple ______ with no username for Console and telnet users

Answer 0

Password

Question 1

The first step to securing a switch to secure access to the _____

Answer 1

CLI (command line interface)

Question 2

The _____ command tells iOS to use simple password security

Answer 2

Login

Question 3

The _____ _____ ______ command defines the password

Answer 3

Password password – value

Question 4

AAA server

Answer 4

Authentication authorization and accounting server

Question 5

Cisco switches and routers support an alternative way to keep track of usernames and passwords by using an external _____ server

Answer 5

AAA (authentication authorization and accounting)

Question 6

Switches and AAA servers typically use either _____ or _____ protocol both of which encrypt the passwords as they traverse the network

Answer 6

RADIUS or TACAS+

Question 7

You can set up passwords using the____ _____ command

Answer 7

Enable secret

Question 8

MD5

Answer 8

Message digest 5

Question 9

The _____ stores the results of the formula in the enable secret command in the configuration

Answer 9

MD5

Question 10

A ____ is simply some text that appears on the screen for the

Answer 10

Banner

Question 11

MOTD

Answer 11

Message of the day

Question 12

_____ _____ List the commands currently held in history buffer

Answer 12

Show history

Question 13

From the console or vty line configuration mode since the default number of command saved in the history buffer for the user of the console

Answer 13

History size x

Question 14

From the EXEC this command allows a single-user to set just for this one session the size of his or her history buffer

Answer 14

Terminal history size x

Question 15

SVI aka VLAN

Answer 15

Switched virtual interface

Question 16

The _____ acts like the switch’s own NIC connecting into a LAN to send IP packets

Answer 16

SVI

Question 17

A typical layer two Cisco LAN switch can only use one _____ interface at a time

Answer 17

VLAN

Question 18

iOS uses the term _____ to refer to physical ports used for data to and from other devices

Answer 18

Interface

Question 19

The engineer can use _____ _____ to restrict the interface on a switch so that only expected devices can use it

Answer 19

Port security

Question 20

_____ Defines a maximum number of source Mac address is allowed for all frames coming in the interface

Answer 20

Port security

Question 21

_____ _____ watches all incoming frames and keeps a list of all source Mac addresses plus the counter of the number of different source Mac addresses

Answer 21

Port security

Question 22

_____ ______ when adding a new source Mac address to its list checks if the number of Mac addresses pushes past the configured maximum, if this occurs a port security violations occurred the switch then shuts down the interface

Answer 22

Port security

Question 23

Port security provides an easy way to discover the Mac addresses used each port using a feature called _____ _____ MAC addresses

Answer 23

Sticky secure

Question 24

The first step in securing a switch to secure access to the ____

Answer 24

CLI (command line interface)

Question 25

Cisco switches protect enable mode for an user with the _____ ____

Answer 25

Enable password

Question 26

The user and user mode types the _____ _____ command as prompted for this enable password. If the user types the correct password iOS moves the user to enable them

Answer 26

Enable EXEC

Question 27

The console and vty password configuration uses the same two subcommand and Console and vty line configuration modes, respectively. The _____ command tells the iOS to you simple password security and the ______ password_value command defines the password

Answer 27

Login

Password

Question 28

I was protects enablement the enable secret password, configured using the global command ______ _______ password value

Answer 28

Enable secret

Question 29

The migration from using password only login method to using locally configured usernames and passwords requires only some small configuration changes. The switch needs one or more ______ name, _____ password will configuration commands to define the usernames and passwords

Answer 29

Username

Password

Question 30

Cisco switches and router support an alternative way to keep track of all usernames and passwords by using an external_____ server

Answer 30

AAA(authentication authorization and accounting)

Question 31

To support____, Cisco switches require the base configuration used to support telnet login with username plus additional configuration

Answer 31

SSH

Question 32

Using ____ the switch needs a cryptography key to encrypt the data

Answer 32

SSH

Question 33

You can encrypt some password using the____ ____-_____ global configuration command

Answer 33

Service password – encryption

Question 34

The ______ global configuration command can be used to configure all three types of messages

Answer 34

Banners

Question 35

______ Shown before the login prompt for temporary messages

Answer 35

MOTD (message of the day)

Question 36

The _____ banner is shown before the login prompt but after the message of the day banner for permanent messages such as “unauthorized access prohibited”

Answer 36

Login

Question 37

The ____ banner shown after the login prompt and used to supply information that should be hidden from unauthorized users

Answer 37

Exec

Question 38

To configure IPv4 in a switch step 1 is enter VLAN 1 configuration mode using the _____ _____ 1 global configuration command

Answer 38

Interface vlan

Question 39

To configure IPv4 in a switch step 2 is: sign the IP address and mask using the ___ ____ IP – address mask interface subcommand

Answer 39

IP addresses

Question 40

To configure IPv4 in a switch step 3 is enable the VLAN 1 interface using the ___ ____ interface subcommand

Answer 40

No shutdown

Question 41

To configure IPv4 in a switch step 4 is add the __ ____-______ IP – address global command to configure the default gateway

Answer 41

IP default – Gateway

Question 42

To configure IPv4 in a switch step 5 (optional) add the ___ ___-____ IP – address1 IP – address2…. Global command to configure the switch to use DNS to resolve names into their matching IP address

Answer 42

IP name –server

Question 43

To administratively enable an interface on the switch use the ___ ____ interface subcommand

Answer 43

No shutdown

Question 44

To disable an interface use the _____ interface subcommand

Answer 44

Shutdown

Question 45

If the network engineer knows what devices should be cabled and connected to particular interfaces on the switch the engineer can use _____ ______ to restrict that interface so that only the expected devices can use it

Answer 45

Port security

Question 46

Imagine that you have configured the enable secret command followed by the enable password command from the console. You log out of the switch and log back in at the console. which command defines the password you had to enter to access Privileged mode

Answer 46

Enable secret

Question 47

An engineer had formerly configured a Cisco switch to allow telnet access so that the switch expected a password of mypassword from the telnet user. The engineer then change the configuration to support secure shell. Which of the phone commands could have been part of the new configuration. (Choose two)
A username name password password pty mode subcommand
A username name password password global configuration command
A login local vty mode subcommand
A transport input SSH global configuration command

Answer 47

A Username name password password global configuration command

A login local vty mode subcommand

Question 48

The following command was copied and pasted into configuration mode when are user was Telnetted into a Cisco switch
Banner login this is the login banner
Which of the following is true about what occurs the next time a user logs in from the console?
No banner text is displayed
The banner text “his is” is displayed
The banner text “this is the login banner” is displayed
The Banner text”login banner configured no text defined”is displayed

Answer 48

The banner text “his is “ is displayed

Question 49

When configuring port security with sticky learning the _____ ____-_____ interface subcommand is required

Answer 49

Switchport port-security

Question 50

And engineers desktop PC connection switch at the main site. A router at the main site connects each branch office through a serial link one small router and switch at each branch. Which of the following commands must be configured on the branch office switches in the listed configuration mode to allow the engineer to telnet to the branch office switches (choose three answer)
IP address command in VLAN configuration mode
The IP address command in global mode
IP default- Gateway command in VLAN configuration mode
The IP default- Gateway command in global configuration mode
The password command in console line configuration mode
Password command vty line configuration mode

Answer 50

The IP address command in VLAN configuration mode
IP default – Gateway command in global configuration mode
The password command in vty configuration mode

Question 51

Which of the following describes a way to disable IEEE standard autonegotiation on 10/100 on a Cisco switch
Configure the negotiate disable interface subcommand
Configure the no negotiate interface subcommand
Configure the speed 100 interface subcommand
Configure the duplex half interface subcommand
Configure the duplex full interface subcommand
Configure the speed 100 and duplex full interface subcommands

Answer 51

Configure the speed 100 and duplex full interface subcommands

Question 52

In which of the following modes of the CDI could you configure the duplex settings for interfaced fast ethernet 0/5?
User mode
Enable mode
Global configuration mode
VLAN mode
Interface configuration mode

Answer 52

Interface configuration mode