Computer Networks and Internets

Question 1

Name the switch LEDs

Answer 1

SYST, RPS, STAT, DUPLX, SPEED and PoE

Question 2

What is the 5 step boot sequence that a cisco switch runs through?

Answer 2

POST (self test)
Boot Loader
Low level CPU initialisation
Flash file system initialisation
IOS

Question 3

What does the boot loader do?

Answer 3

Provide access to the switch if the OS cannot be used

Question 4

What do you do to prepare a switch for remote management access?

Answer 4

It needs to be configured with an IP address and a subnet mask, and default gateway

Question 5

What does full duplex communication do?

Answer 5

Increases bandwidth by allowing both ends of a connection to simultaneously receive and transmit data

Question 6

What to do if the speed and duplex settings of a device are unknown or may be changed?

Answer 6

Use autonegotiation

Question 7

What does auto-MDIX do?

Answer 7

It automatically detects the required cable type for the connection

Question 8

What ports do Telnet and SSH use?

Answer 8

Telnet - 23
SSH - 22

Question 9

What is the difference between Telnet and SSH?

Answer 9

Telnet uses plaintext transmission of data and authentication information, whereas SSH provides strong encryption for login authentication and data

Question 10

What are the steps to configure ssh?

Answer 10

Verify SSH support, configure IP domain, generate RSA keys, configure use authentication, vty lines and SSH version 2

Question 11

What is the IPv4 loopback interface?

Answer 11

It is a logical interface that is internal to a router that is useful for testing and debugging

Question 12

What are the filter show command options?

Answer 12

include, exclude, begin, section

Question 13

How many lines does command history capture?

Answer 13

10 lines

Question 14

How are frames forwarded in a switching network?

Answer 14

The switch examines the destination address of the frame, looks for a matching port in its MAC table and sends it through

Question 15

Compare a collision domain to a broadcast domain

Answer 15

Network segments that share the same bandwidth are called collision domains
A collection of interconnected switches form a broadcast domain
Switches extend broadcast domains but eliminate collision domains
Broadcast domains can be broken up by a router

Question 16

What are the characteristics to alleviate network congestion?

Answer 16

High port density, fast port speeds, large frame buffer, fast internal switching

Question 17

What are the two methods of switching?

Answer 17

Cut through switching - as soon as the frame is received. Can send error frames

Store-and-forward - after the entire frame is received, performs error checks to ensure valid frames are sent

Question 18

Why are VLANs used in a switched network?

Answer 18

To allow logical broadcast domains within a network and easier management, higher security and better performance

Question 19

What is a trunk?

Answer 19

A point to point link between switches that carries traffic for all VLANs

Question 20

What is trunk negotiation managed by?

Answer 20

DTP or Dynamic Trunking Protocol

Question 21

What are the types of VLANs?

Answer 21

Native, Management, Data, Default, Voice

Question 22

What is inter-vlan routing?

Answer 22

The process of forwarding network traffic from one VLAN to another - legacy, router-on-a-stick and layer 3 switches using SVIs

Question 23

How does router-on-a-stick VLAN routing work?

Answer 23

Subinterfaces are configured on the router interface for each VLAN, with an IP Address on a unique subnet

Question 24

What are the steps to configure a switch with VLANs and Trunking?

Answer 24

create VLANs, create SVI VLAN interfaces, configure access ports and enable IP routing

Question 25

What is a common problem of a redundant Layer 2 switched network?

Answer 25

The possibility of physical and logical layer 2 loops, resulting in MAC instability and high CPU utilization

Question 26

What is an STP

Answer 26

A loop prevention protocol that allows redundancy while keeping a loop free topology

Question 27

How does STP work?

Answer 27

STP uses STAlgorithm to find the root bridge, associated root ports and designated ports, and block alternative ports to create the shortest path in the switched network

Question 28

How is the root bridge determined with multiple candidates?

Answer 28

Lowest sender BID, port priority and port id

Question 29

What are the port states?

Answer 29

Blocking, listening, learning, forwarding, disabled

Question 30

What is RSTP?

Answer 30

An evolution of STP that provides faster convergence, with port states learning, forwarding, discarding

Question 31

What is PVST+

Answer 31

Cisco enhancement of STP that provides seperate spanning tree instances for each VLAN. Supports Portfast, root guard, bpdu guard etc

Question 32

What does PortFast do?

Answer 32

The port transitions from blocking to forwarding bypassing the listening and learning states. This is used on access ports to access the network immediately

Question 33

What is etherchannel

Answer 33

A link aggregation technology that allows redundant links that won’t be blocked by STP. Groups multiple links into one logical link

Question 34

What does EtherChannel provide?

Answer 34

Load balancing, increased bandwidth, redundancy

Question 35

What is the resulting interface called when an EtherChannel is created?

Answer 35

Port Channel

Question 36

How can Etherchannels be formed, and what are the modes of the options?

Answer 36

PAgP - auto, on, desirable
LACP - on, active, passive

Question 37

What are the rules for Etherchannel?

Answer 37

All interfaces must support EtherChannel
All interfaces must operate in the same duplex and speed
All interfaces must be assigned to the same VLAN or be a trunk
All interfaces allow the same VLANs

Question 38

What does a DHCPv4 server do?

Answer 38

Dynamically leases an IP address to a client from a pool of addresses

Question 39

Describe the DHCPv4 lease process

Answer 39

DHCPDISCOVER
DHCPOFFER
DHCPREQUEST
DHCPACK

Question 40

Describe the DHCP renewal process

Answer 40

DHCPREQUEST
DHCPACK

Question 41

Describe the ICMPv6 RA messages

Answer 41

A flag – AddressAutoconfiguration flag. Use SLAAC to create an IPv6 GUA.
* O flag – Other Configuration flag. Get Other information from a stateless DHCPv6 server.
* M flag – This is the ManagedAddress Configuration flag. Use a stateful DHCPv6 server to obtain an IPv6 GUA.

Question 42

What process is used to ensure the IPv6 GUA is unique

Answer 42

DAD or Duplicate Address Detection - sends neighbour solicitation messages

Question 43

What ports do DHCPv6 messages use?

Answer 43

Client to server - UDP 547
Server to client - UDP 546

Question 44

What does stateless DHCPv6 inform?

Answer 44

To use the RA message for addressing but the server for other information

Question 45

What does stateful DHCPv6 inform?

Answer 45

To obtain all information from the server, but the default gateway from the RA message

Question 46

How can a cisco IOS router be configured to provide DHCPv6 services?

Answer 46

server, client or relay agent

Question 47

What is the purpose of FHRP or First Hop Redundancy Protocol?

Answer 47

FHRP allows alternate default gateways in networks where two or more routers are connected to the same VLAN

Question 48

Describe a way to prevent single points of failure

Answer 48

Implement a virtual router, where multiple routers work together to function as one

Question 49

What happens in FHRP when an active router fails?

Answer 49

The standby router stops seeing hello messages, assumes the role of the forwarding router

Question 50

What is HSRP and how does it work

Answer 50

Cisco proprietary FHRP that selects active and standby devices. The router with the highest HSRP priority becomes the active router

Question 51

What attacks are endpoints vulnerable to and what do they use as security?

Answer 51

DDoS, malware, and used antivirus and firewalls. They are best protected by NAC, AMP, Email security appliance and web security appliance

Question 52

What controls access to a network?

Answer 52

AAA authentication, authorisation and accounting

Question 53

What is the IEEE 802.1X

Answer 53

Port based access control and authorisation protocol

Question 54

Name the layer 2 security solutions

Answer 54

Port security, dhcp snooping, DAI and IPSG

Question 55

What do MAC Address flooding attacks do?

Answer 55

bombard the switch with fake source MAC addresses until the switch MAC address table is full.

Question 56

What does a VLAN hopping attack do?

Answer 56

Enables traffic from one VLAN to be seen by another

Question 57

What does a VLAN double tagging attack do?

Answer 57

Allows traffic to have multiple tags directing it to different VLANs, unidirectional.

Question 58

How can VLAN tagging and hopping be prevented?

Answer 58

Disable trunking on all access ports
Disable auto trunking on trunk links
Only use native vlan for trunk links
Disable DTP negotiations, unused ports

Question 59

What are the two DHCP attacks and how are they prevented?

Answer 59

DHCP starvation and spoofing - can be prevented with DHCP snooping

Question 60

What is ARP attack and how is it mitigated?

Answer 60

A fake MAC is sent to the switch, which accordingly updates its MAC table, then unsolicited ARP replies are sent to hosts on the network.
It is mitigated by implementing DAI

Question 61

What is an Address spoofing attack and how is it mitigated?

Answer 61

A hacker hijacks an IP or MAC address. Can be mitigated by implementing IPSG

Question 62

What is an STP attack and how is it mitigated?

Answer 62

Threat actor acts as a fake root bridge and intercepts all traffic. This is mitigated with BPDU Guard

Question 63

What does DHCP Snooping do?

Answer 63

It determines if DHCP messages are from a legitimate source

Question 64

What does DAI do?

Answer 64

Dynamic ARP Inspection requires DHCP snooping and verifies ARP traffic

Question 65

What are the four types of Wireless Lan?

Answer 65

WPAN, WLAN, WMAN and WWAN

Question 66

What bands do WLAN networks operate in?

Answer 66

2.4 and 5 GHz

Question 67

What is CAPWAP?

Answer 67

IEEE standard protocol that enables a WLC to control multiple APs and WLANs

Question 68

Which standards operate in the 2.4 to 2.5 GHz spectrum?

Answer 68

b/g/n

Question 69

What are the two security features available on routers and APs?

Answer 69

SSID cloaking and MAC address filtering

Question 70

What are the four key authentication techniques

Answer 70

WPA, WEP, WPA2, WPA 3

Question 71

How does a router convert private IPv4 addresses to internet routable addresses?

Answer 71

Network Address Translation

Question 72

What does network QoS do?

Answer 72

Prioritises voice and video traffic types

Question 73

How do routers learn about a network?

Answer 73

Static routes and Dynamic routing protocols

Question 74

What are the ways a router can deal with a packet?

Answer 74

It can forward it on a directly connected network, to a next hop router, or it can drop it

Question 75

What are the three packet forwarding mechanisms?

Answer 75

process switching, fast switching, and CEF

Question 76

What is the difference between static and dynamic routing

Answer 76

Static routes are manually configured and define an explicit path between two networking devices.

Dynamic routing protocols can discover a network, maintain routing tables, select a best path, and automatically discover a new best path if the topology changes.

Question 77

What does the default route do?

Answer 77

It specifies the next hop router to use when the routing table does not have a specific route

Question 78

What does Cisco use to determine the route in an IP routing table?

Answer 78

AD or Administrative Distance. The lower the AD, the more trustworthy the route

Question 79

What is an IGP

Answer 79

Routing protocol that exchanges information within a routing domain administered by a single organisation

Question 80

What is an EGP

Answer 80

EGP or BGP is a routing protocol that exchanges information between different organisations, and can route packages over the internet

Question 81

How is the best path selected by a routing protocol?

Answer 81

By the lowest metric of the route

Question 82

What are the types of static routes?

Answer 82

standard, default, floating, summary

Question 83

How can the next hop be identified with a static route?

Answer 83

By the IP address, exit interface or both - types: next hop, directly connected and fully specified

Question 84

What is a default route

Answer 84

A static route that matches all packages

Question 85

What are floating static routes?

Answer 85

Static routes designed to provide a backup for default or static routes, set to a higher administrative distance of 1

Question 86

How does a router process packets when a static route is configured?

Answer 86

When a packet arrives on a router interface, it is decapsulated. If the destination IP matches a static route entry, the next hop is identified and forwarded to. If not, the router uses the default static route or drops the packet.