Ethernet Fundamentals

Question 1

csma/cd

Answer 1

carrier sense multiple access / collision detect
carrier sense: listen to the wire, check if its busy
multiple access: all devices have access to wire at any time
collision detection: if collision occurs, back off, wait random time and try again

Question 2

collision domain

Answer 2

comprised of all devices on a shared ethernet segment
same cable or hub
switches create new collision domains, each port is their own domain

Question 3

1000base-sx

Answer 3

mmf
1Gbps
220m

Question 4

1000base-lx

Answer 4

mmf / smf
1Gbps / 1Gbps
550m / 5km

Question 5

1000base-zx

Answer 5

smf
1Gbps
70km

Question 6

hub

Answer 6

layer 1
multiport repeater
passive hub - repeats with no amplification
active hub - repeats with amplification
smart hub - active hub with enhanced features like snmp
1 collision and broadcast domain

Question 7

bridge

Answer 7

makes intelligent forwarding decisions based on dest mac (1 port switch)
1 collision domain/port
1 broadcast domain/bridge

Question 8

switch

Answer 8

layer 2
multiport bridge
1 collision domain/port
1 broadcast domain/switch
all ports make up 1 broadcast domain
*breaks up collision domains

Question 9

router

Answer 9

layer 3
make forwarding decisions based in ip
1 collision domain/port
1 broadcast domain/port
*breaks up collision and broadcast domains

Question 10

layer 3 switch

Answer 10

layer 3
switch and router combo
1 collision domain/port
1 broadcast domain/port
*breaks up collision and broadcast domains

Question 11

802.3ad

Answer 11

link aggregation
combine multiple physical connections into a single logical connection
increase bandwidth and minimize congestion

Question 12

802.3af

Answer 12

power over ethernet
requires cat5+
provides up to 15.4 watts

Question 13

802.3at

Answer 13

power over ethernet +

provides up to 25.5 watts

Question 14

port monitoring or mirroring

Answer 14

analyze packet flow over a network
network sniffer for hub
port monitoring for switch
mirroring: makes a copy of all traffic and sends it to an analyst machine

Question 15

802.1x

Answer 15

user authentication
switches can require users to authenticate before entering network
key is generated and used to encrypt all traffic

Question 16

management access and authentication

Answer 16

to configure and manage switches

1. ssh
2. console port - plug in with laptop and rollover cable

Question 17

oob

Answer 17

out of band

keep all network devices on a separate network

Question 18

first hop redundancy protocols

Answer 18

virtual ip and mac addr to provide an active and standby router for default gateway
vrrp (virtual router redundancy protocol) - open source

Question 19

mac filering

Answer 19

permits or denies traffic based on mac addr

not that great but exam says you should do it

Question 20

traffic filtering

Answer 20

multilayer switches can permit or deny traffic based on ip or ports

Question 21

qos

Answer 21

quality of service

forward traffic based on priority markings

Question 22

802.1d

Answer 22

stp - spanning tree protocol: permits redundant links between switches and prevents traffic loops and mac table corruption
spb - shortest path bridging is used for larger network environments

Question 23

broadcast storms

Answer 23

if the broadcast frame is received by both switches, they forward to each other and copy and forward again …
until available bandwidth is consumed

Question 24

port state cycle

Answer 24

link in topology goes down
non designated port detects and determines if it needs to go to forwarding state
forwarding state
1. blocking
2. listening - populate mac addr table
3. learning - process bpdu and determine role in stp
4. forwarding

Question 25

link cost

Answer 25

speed of link

lower speed = higher cost

Question 26

vlan

Answer 26

different logical networks with same physical hardware
more security and efficiency
assign switch ports to different broadcast domains

Question 27

802.1q

Answer 27

vlan trunking
multiple vlans transmitting over the same physical cable

vlans are tagged with 4-byte identifier: tag protocol identifier and tag control identifier
one vlan is left untagged - native vlan

Question 28

vpn

Answer 28

virtual private network

creates a secure virtual tunnel over an untrusted network

Question 29

vpn headend

Answer 29

type of vnp concentrator used to terminate ipsec vpn tunnels

Question 30

stateful firewall

Answer 30

allows traffic that originates from inside to go out to internet
blocks traffic from internet from getting into the network

Question 31

ngfw

Answer 31

next gen firewall
conduct deep packet inspection at layer 7
detect and prevent attack
updates on latest info on threats

Question 32

ids/ips

Answer 32

intrusion detection or prevention system
ids recognizes attacks through signatures and anomalies
ips recognizes and responds

Question 33

proxy server

Answer 33

specialized device that makes request to an external network on behalf of client

Question 34

content engine/ caching engine

Answer 34

performs caching functions of proxy server

Question 35

content switch/ load balancer

Answer 35

distributes incoming requests across various servers in a farm

Question 36

voip phone

Answer 36

a hardware device that connects to your ip network to make a connection to a call manager

Question 37

ics

Answer 37

industrial control system

describes the different types of control systems and associated instrumentation

Question 38

scada

Answer 38

supervisory control and data acquisition

acquires and transmits data from different systems to a central panel for monitoring and control

Question 39

virtual network devices

Answer 39

major shift in the way data centers are designed, fielded and operated
vSwitches, vNICs