Ethernet Fundamentals

Question 1

Ethernet Fundamentals Overview

Answer 1

Please refer to study guide for info/diagrams

Question 2

CSMA/CD

Answer 2

Carrier Sense Multiple Access/Collision Detect

Carrier Sense: Listen to the wire, verify it’s not busy
Multiple Access: All devices have access at any time

Collision Detect: If two devices transmit at same time, a collision occurs.
Back off, wait random time, try again

Question 3

Collision Domains

Answer 3

Comprised of all devices on a shared Ethernet segment (same cable or hub)

Devices operate at half-duplex when connected to a hub

Question 4

Collision Domains with Switches

Answer 4

Ethernet switches increase scalability of the network by creating multiple collision domains.

Each port on a switch is a collision domain (no chance of collisions), increases speed

Question 5

Hub

Answer 5

Layer 1 device “Multiport repeaters”

Passive Hub: Repeats signal (no amplification)
Active Hub: Repeats signal with amplification
Smart Hub: Active hub with enhanced features (SNMP)

Question 6

Bridges

Answer 6

Analyze source MAC address in frames entering the bridge & populate an internal MAC address table.

Make intelligent forwarding decisions based on destination MAC address in the frames.

Question 7

Switch

Answer 7

Layer 2 device (Connects multiple network segments)
Essentially a multiport bridge

Learn MAC addresses & make forwarding decisions based on them.

Analyze source MAC in frames entering the switch & populate internal MAC table based on them.

Question 8

Router

Answer 8

Layer 3 device (Connects multiple networks together)
Makes forwarding decisions based on IP addresses

More feature-rich & support broader range of interface types than multilayer switches

Each port is a separate collision/broadcast domain.

Question 9

Layer 3 Switch

Answer 9

Layer 3 device (Connects multiple network segments)

Can make layer 3 routing decisions & interconnect entire networks (like a router)

Question 10

Link Aggregation

Answer 10

802.3ad
Congestion can occur when ports all operate at same speed

Allows for combo of multiple physical connections into a single logical connection

Bandwidth available is increased & congestion minimized/prevented.

Question 11

PoE

Answer 11

Power Over Ethernet (802.3af)
Supplies electrical power over Ethernet
Requires CAT5+
Up to 15.4 watts of power to device

PoE+ (802.3at)
Up to 25.5 watts of power to device

Device Types:
PSE (Power Sourcing Equipment)
PD (Powered Device)

Question 12

Port Monitoring/Mirroring

Answer 12

Helpful to analyze packet flow over network
Network sniffers can see all traffic on a hub
Switches require port monitoring to see all traffic

Port mirroring makes a copy of all traffic destined for a port & sends it to another port

Question 13

User Authentication

Answer 13

802.1x
For security purposes, switches can require users to authenticate themselves before gaining network access

Once authenticated, a key is generated & shared between the supplicant and the switch/authenticator

Auth server checks supplicant’s credentials & creates the key
Key is used to encrypt the traffic to/from the client

Question 14

Management Access & Authentication

Answer 14

SSH: Remote admin program that allows you to connect to the switch over the network

Console Port: Allows for local admin of the switch using a separate laptop & a rollover cable (DB-9 to RJ-45)

Question 15

OOB

Answer 15

Out-of-Band Management:

Involves keeping all network config devices on a separate network

Question 16

First-Hop Redundancy

Answer 16

HSRP (Hot Standby Router Protocol) uses a virtual IP & MAC to provide an “active” & “standby” router
Cisco proprietary protocol

If active is offline, standby answers

Question 17

Other First-Hop Redundancy Protocols

Answer 17

GLBP (Gateway Load Balancing Protocol)
Cisco proprietary protocol

VRRP (Virtual Router Redundancy Protocol)
Open-source

CARP (Common Address Redundancy Protocol)
Open-source

Question 18

STP (Protocol)

Answer 18

Spanning Tree Protocol (802.1D)
Permits redundant links between switches & prevents looping of network traffic

SPB (Shortest Path Bridging) is used for larger network environments

Question 19

Broadcast Storms

Answer 19

If broadcast frame received by both switches, they can forward frame to each other

Multiple copies of frame are forwarded, replicated, & forwarded again until the network is consumed with forwarding many copies of the same initial frame

Question 20

Root Bridge

Answer 20

Switch elected to act as a reference point for a spanning tree

Switch with lowest bridge ID (BID) is elected as root bridge.

BID is made up of a priority value & MAC (lowest value considered the root)

Question 21

Nonroot Bridge

Answer 21

All other switches in an STP topology

Question 22

Root Port

Answer 22

Every non-root bridge has a single root port
Port closest to the root bridge in terms of cost
If costs are equal, lowest port number is chosen

Question 23

Designated Port

Answer 23

Every network segment has a designated port
Port closest to the root bridge in terms of cost
All ports on root bridge are designated ports

Question 24

Non-Designated Port

Answer 24

Ports that block traffic to create loop-free topology

Question 25

Root & Nonroot Bridges

Answer 25

Single root port on non-root bridge
All other ports on non-root bridge are non-designated
All ports on root bridge are designated

Question 26

Port States

Answer 26

Non-designated ports do not forward traffic during normal operation (but receive BPDUs)

If a link in the topology goes down, the non-designated port detects the failure & determines whether it needs to transition to a forwarding state

To get to the forwarding state, it has to transition through four states

Question 27

The 4 Port States

Answer 27

Blocking:
BPDUs are received but not forwarded
Used at beginning and on redundant links

Listening:
Populates MAC table
Does not forward frames

Learning:
Processes BPDUs
Switch determines its role in the spanning tree

Forwarding:
Forwards frames for operations

Root & Non-designated ports are blocking
Designated ports are forwarding

Question 28

Link Costs

Answer 28

Associated with the speed of a link
10Mbps = 100
100Mbps = 19
1Gbps = 4
10Gbps = 2

Long STP is being adopted due to higher link speeds
Values range from 2,000,000 for 10Mbps to as little as 2 for 10Tbps

Question 29

VLAN

Answer 29

Virtual Local Area Network
Switch ports are in a single broadcast domain
Allows you to break out certain ports to be in different broadcast domains

Allows different logical networks to share the same physical hardware
Provides added security & efficiency

Question 30

VLAN Trunking

Also Identifier

Answer 30

(802.1q)
Multiple VLANs transmitted over the same physical cable

VLANs are tagged with 4-byte identifier:
TPI (Tag Protocol Identifier)
TCI (Tag Control Identifier)

One VLAN is left untagged (Native VLAN/VLAN0)

Question 31

VPN Concentrator

Answer 31

VPNs create a secure, virtual tunnel network over an untrusted network (like the internet)

Concentrators can terminate VPN tunnels (firewalls can do this too)

Question 32

NGFW

Answer 32

Next-Generation Firewall:
Conducts deep packet inspection at layer 7
Detects & prevents attacks
Much more powerful than basic stateless/stateful firewalls
Continually connects to cloud resources for latest info on threats

Question 33

IDS/IPS

Answer 33

Intrusion Detection System (IDS):
Recognizes attacks via signatures & anomalies

Intrusion Prevention System (IPS):
Recognizes & responds

Host or network-based devices

Question 34

DNS

Answer 34

Domain Name System:
Converts domain names to IP addresses
Similar to a phone contact list

Question 35

FQDN

Answer 35

Fully-Qualified Domain Name:

Domain name under a Top-Level Domain & represents a web, mail, or file server (.com, .net, .mil, .edu)

Question 36

URL

Answer 36

Uniform Resource Locator:
Contains the FQDN with method of accessing info

Example: https://www.diontraining.com

Question 37

Proxy Server

Answer 37

Device that makes a request to external network on behalf of a client.
Used for security to perform content filtering/logging

Workstation clients are configured to forward their packets to a proxy server

Question 38

Content Engine

Answer 38

AKA: “Caching Engines”
Dedicated appliances that perform the caching functions of a proxy server

More efficient than a proxy server

Question 39

Content Switches

Answer 39

AKA: “Load Balancers”
Distributes incoming requests across the various servers in the server farm

Useful for large companies like Amazon

Question 40

Deterministic Network

Answer 40

Organized & orderly
Need an electronic token to transmit
Ex: Token ring networks

Question 41

Contention-Based

Answer 41

Very chaotic
Transmit (almost) whenever you want
Ex: Ethernet networks

Question 42

Distance Limitations - Copper

Media, Bandwidth, Distance

Answer 42

10BASE-T (Cat3) = 100m
100BASE-TX (Cat5) = 100m
1000BASE-T (Cat5e) = 100m
1000BASE-T/10GBASE-T (Cat6) = 1/10Gbps = 100m/55m
10GBASE-T (Cat6a) = 100m
10GBASE-T (Cat7) = 100m
40GBASE-T (Cat8) = 30m

Question 43

Distance Limitations - Fiber

Media, Bandwidth, Distance

Answer 43

100BASE-FX (MMF) = 2km
100BASE-SX (MMF) = 300m
1000BASE-SX (MMF) = 220-550m
1000BASE-LX (SMF/MMF) = 5km/550m
10GBASE-SR (MMF) = 400m
10GBASE-LR (SMF) = 10km

S is NOT single!

Question 44

VPN Headend

Answer 44

A specific type of VPN concentrator used to terminate IPsec VPN tunnels within a router or other device.

Question 45

Unified Communications (or Call) Manager

Answer 45

Used to perform the call processing for hardware & software-based IP phones.

Question 46

ICS

Answer 46

Industrial Control System:

Describes the different types of control systems & associated instrumentation.

Question 47

SCADA

Answer 47

Supervisory Control & Data Acquisition:

Acquires & transmits data from different systems to a central panel for monitoring & control.