Ethernet Fundamentals

Question 1

Ethernet Fundamentals Overview

Answer 1

Please refer to study guide for info/diagrams

Question 2

CSMA/CD

Answer 2

Carrier Sense Multiple Access/Collision Detect

Carrier Sense: Listen to the wire, verify it’s not busy
Multiple Access: All devices have access at any time

Collision Detect: If two devices transmit at same time, a collision occurs.
Back off, wait random time, try again

Question 3

Collision Domains

Answer 3

Comprised of all devices on a shared Ethernet segment (same cable or hub)

Devices operate at half-duplex when connected to a hub

Question 4

Collision Domains with Switches

Answer 4

Ethernet switches increase scalability of the network by creating multiple collision domains.

Each port on a switch is a collision domain (no chance of collisions), increases speed

Question 5

Hub

Answer 5

Layer 1 device “Multiport repeaters”

Passive Hub: Repeats signal (no amplification)
Active Hub: Repeats signal with amplification
Smart Hub: Active hub with enhanced features (SNMP)

Question 6

Bridges

Answer 6

Analyze source MAC address in frames entering the bridge & populate an internal MAC address table.

Make intelligent forwarding decisions based on destination MAC address in the frames.

Question 7

Switch

Answer 7

Layer 2 device (Connects multiple network segments)
Essentially a multiport bridge

Learn MAC addresses & make forwarding decisions based on them.

Analyze source MAC in frames entering the switch & populate internal MAC table based on them.

Question 8

Router

Answer 8

Layer 3 device (Connects multiple networks together)
Makes forwarding decisions based on IP addresses

More feature-rich & support broader range of interface types than multilayer switches

Each port is a separate collision/broadcast domain.

Question 9

Layer 3 Switch

Answer 9

Layer 3 device (Connects multiple network segments)

Can make layer 3 routing decisions & interconnect entire networks (like a router)

Question 10

Link Aggregation

Answer 10

802.3ad
Congestion can occur when ports all operate at same speed

Allows for combo of multiple physical connections into a single logical connection

Bandwidth available is increased & congestion minimized/prevented.

Question 11

PoE

Answer 11

Power Over Ethernet (802.3af)
Supplies electrical power over Ethernet
Requires CAT5+
Up to 15.4 watts of power to device

PoE+ (802.3at)
Up to 25.5 watts of power to device

Device Types:
PSE (Power Sourcing Equipment)
PD (Powered Device)

Question 12

Port Monitoring/Mirroring

Answer 12

Helpful to analyze packet flow over network
Network sniffers can see all traffic on a hub
Switches require port monitoring to see all traffic

Port mirroring makes a copy of all traffic destined for a port & sends it to another port

Question 13

User Authentication

Answer 13

802.1x
For security purposes, switches can require users to authenticate themselves before gaining network access

Once authenticated, a key is generated & shared between the supplicant and the switch/authenticator

Auth server checks supplicant’s credentials & creates the key
Key is used to encrypt the traffic to/from the client

Question 14

Management Access & Authentication

Answer 14

SSH: Remote admin program that allows you to connect to the switch over the network

Console Port: Allows for local admin of the switch using a separate laptop & a rollover cable (DB-9 to RJ-45)

Question 15

OOB

Answer 15

Out-of-Band Management:

Involves keeping all network config devices on a separate network

Question 16

First-Hop Redundancy

Answer 16

HSRP (Hot Standby Router Protocol) uses a virtual IP & MAC to provide an “active” & “standby” router
Cisco proprietary protocol

If active is offline, standby answers

Question 17

Other First-Hop Redundancy Protocols

Answer 17

GLBP (Gateway Load Balancing Protocol)
Cisco proprietary protocol

VRRP (Virtual Router Redundancy Protocol)
Open-source

CARP (Common Address Redundancy Protocol)
Open-source

Question 18

STP (Protocol)

Answer 18

Spanning Tree Protocol (802.1D)
Permits redundant links between switches & prevents looping of network traffic

SPB (Shortest Path Bridging) is used for larger network environments

Question 19

Broadcast Storms

Answer 19

If broadcast frame received by both switches, they can forward frame to each other

Multiple copies of frame are forwarded, replicated, & forwarded again until the network is consumed with forwarding many copies of the same initial frame

Question 20

Root Bridge

Answer 20

Switch elected to act as a reference point for a spanning tree

Switch with lowest bridge ID (BID) is elected as root bridge.

BID is made up of a priority value & MAC (lowest value considered the root)

Question 21

Nonroot Bridge

Answer 21

All other switches in an STP topology

Question 22

Root Port

Answer 22

Every non-root bridge has a single root port
Port closest to the root bridge in terms of cost
If costs are equal, lowest port number is chosen

Question 23

Designated Port

Answer 23

Every network segment has a designated port
Port closest to the root bridge in terms of cost
All ports on root bridge are designated ports

Question 24

Non-Designated Port

Answer 24

Ports that block traffic to create loop-free topology

Question 25

Root & Nonroot Bridges

Answer 25

Single root port on non-root bridge All other ports on non-root bridge are non-designated All ports on root bridge are designated

Question 26

Port States

Answer 26

Non-designated ports do not forward traffic during normal operation (but receive BPDUs) If a link in the topology goes down, the non-designated port detects the failure & determines whether it needs to transition to a forwarding state To get to the forwarding state, it has to transition through four states

Question 27

The 4 Port States

Answer 27

Blocking: BPDUs are received but not forwarded Used at beginning and on redundant links Listening: Populates MAC table Does not forward frames Learning: Processes BPDUs Switch determines its role in the spanning tree Forwarding: Forwards frames for operations Root & Non-designated ports are blocking Designated ports are forwarding

Question 28

Link Costs

Answer 28

``` Associated with the speed of a link 10Mbps = 100 100Mbps = 19 1Gbps = 4 10Gbps = 2 ``` Long STP is being adopted due to higher link speeds Values range from 2,000,000 for 10Mbps to as little as 2 for 10Tbps

Question 29

VLAN

Answer 29

Virtual Local Area Network Switch ports are in a single broadcast domain Allows you to break out certain ports to be in different broadcast domains Allows different logical networks to share the same physical hardware Provides added security & efficiency

Question 30

VLAN Trunking | Also Identifier

Answer 30

(802.1q) Multiple VLANs transmitted over the same physical cable VLANs are tagged with 4-byte identifier: TPI (Tag Protocol Identifier) TCI (Tag Control Identifier) One VLAN is left untagged (Native VLAN/VLAN0)

Question 31

VPN Concentrator

Answer 31

VPNs create a secure, virtual tunnel network over an untrusted network (like the internet) Concentrators can terminate VPN tunnels (firewalls can do this too)

Question 32

NGFW

Answer 32

Next-Generation Firewall: Conducts deep packet inspection at layer 7 Detects & prevents attacks Much more powerful than basic stateless/stateful firewalls Continually connects to cloud resources for latest info on threats

Question 33

IDS/IPS

Answer 33

Intrusion Detection System (IDS): Recognizes attacks via signatures & anomalies Intrusion Prevention System (IPS): Recognizes & responds Host or network-based devices

Question 34

DNS

Answer 34

Domain Name System: Converts domain names to IP addresses Similar to a phone contact list

Question 35

FQDN

Answer 35

Fully-Qualified Domain Name: | Domain name under a Top-Level Domain & represents a web, mail, or file server (.com, .net, .mil, .edu)

Question 36

URL

Answer 36

Uniform Resource Locator: Contains the FQDN with method of accessing info Example: https://www.diontraining.com

Question 37

Proxy Server

Answer 37

Device that makes a request to external network on behalf of a client. Used for security to perform content filtering/logging Workstation clients are configured to forward their packets to a proxy server

Question 38

Content Engine

Answer 38

AKA: "Caching Engines" Dedicated appliances that perform the caching functions of a proxy server More efficient than a proxy server

Question 39

Content Switches

Answer 39

AKA: "Load Balancers" Distributes incoming requests across the various servers in the server farm Useful for large companies like Amazon

Question 40

Deterministic Network

Answer 40

Organized & orderly Need an electronic token to transmit Ex: Token ring networks

Question 41

Contention-Based

Answer 41

Very chaotic Transmit (almost) whenever you want Ex: Ethernet networks

Question 42

Distance Limitations - Copper | Media, Bandwidth, Distance

Answer 42

``` 10BASE-T (Cat3) = 100m 100BASE-TX (Cat5) = 100m 1000BASE-T (Cat5e) = 100m 1000BASE-T/10GBASE-T (Cat6) = 1/10Gbps = 100m/55m 10GBASE-T (Cat6a) = 100m 10GBASE-T (Cat7) = 100m 40GBASE-T (Cat8) = 30m ```

Question 43

Distance Limitations - Fiber | Media, Bandwidth, Distance

Answer 43

``` 100BASE-FX (MMF) = 2km 100BASE-SX (MMF) = 300m 1000BASE-SX (MMF) = 220-550m 1000BASE-LX (SMF/MMF) = 5km/550m 10GBASE-SR (MMF) = 400m 10GBASE-LR (SMF) = 10km ``` S is NOT single!

Question 44

VPN Headend

Answer 44

A specific type of VPN concentrator used to terminate IPsec VPN tunnels within a router or other device.

Question 45

Unified Communications (or Call) Manager

Answer 45

Used to perform the call processing for hardware & software-based IP phones.

Question 46

ICS

Answer 46

Industrial Control System: | Describes the different types of control systems & associated instrumentation.

Question 47

SCADA

Answer 47

Supervisory Control & Data Acquisition: | Acquires & transmits data from different systems to a central panel for monitoring & control.