Flackbox CCNA 200-301 v1.0 Flashcards by Matthew Hockley

<div>Its seven-layered approach to data transmission divides the operations into specific related groups of actions at each layer.</div>

OSI Model

How well did you know this?

Not at all

Perfectly

25be42c1a3764350893c38ff8ee2d6c9-oa-1

OSI Layer

How well did you know this?

Not at all

Perfectly

25be42c1a3764350893c38ff8ee2d6c9-oa-2

OSI Layer

How well did you know this?

Not at all

Perfectly

25be42c1a3764350893c38ff8ee2d6c9-oa-3

OSI Layer

How well did you know this?

Not at all

Perfectly

25be42c1a3764350893c38ff8ee2d6c9-oa-4

OSI Layer

How well did you know this?

Not at all

Perfectly

25be42c1a3764350893c38ff8ee2d6c9-oa-5

OSI Layer

How well did you know this?

Not at all

Perfectly

25be42c1a3764350893c38ff8ee2d6c9-oa-6

OSI Layer

How well did you know this?

Not at all

Perfectly

25be42c1a3764350893c38ff8ee2d6c9-oa-7

OSI Layer

How well did you know this?

Not at all

Perfectly

13633472f782438c8a3fb4b127100eb3-oa-1

TCP/IP Stack

How well did you know this?

Not at all

Perfectly

13633472f782438c8a3fb4b127100eb3-oa-2

TCP/IP Stack

How well did you know this?

Not at all

Perfectly

13633472f782438c8a3fb4b127100eb3-oa-3

TCP/IP Stack

How well did you know this?

Not at all

Perfectly

13633472f782438c8a3fb4b127100eb3-oa-4

TCP/IP Stack

How well did you know this?

Not at all

Perfectly

<div>It is a protocol stack that consists of multiple protocols including TCP (Transmission Control Protocol) and IP (Internet Protocol).</div>

TCP/IP Stack

How well did you know this?

Not at all

Perfectly

<div>Which OSI layer provides network services to the applications of the user?</div>

Application Layer

How well did you know this?

Not at all

Perfectly

<div>Which OSI layer defines the specifications needed for activating, maintaining, and deactivating the physical link between end devices?</div>

Physical Layer

How well did you know this?

Not at all

Perfectly

<div>This OSI layer defines services to segment, transfer and reassemble the data for individual communications between the end devices.</div>

Transport Layer

How well did you know this?

Not at all

Perfectly

<div>This OSI layer provides connectivity and path selection between two host systems that may be located on geographically separated networks.</div>

Network Layer

How well did you know this?

Not at all

Perfectly

<div>The Cisco operating system used on the majority of Cisco enterprise grade network devices.</div>

IOS

How well did you know this?

Not at all

Perfectly

<div>Where is the IOS operating system image is stored?</div>

Flash

How well did you know this?

Not at all

Perfectly

<div>Where is the startup configuration is stored?</div>

NVRAM

How well did you know this?

Not at all

Perfectly

<div>This command drops you back to the Privileged Exec mode from any level.</div>

end

How well did you know this?

Not at all

Perfectly

<div>What cable will you use for a direct connection to the console port on the router or switch?</div>

Console Cable

How well did you know this?

Not at all

Perfectly

“What Cisco IOS command line mode is ‘Router>’ in?”

User Exec mode

How well did you know this?

Not at all

Perfectly

“What Cisco IOS command line mode is ‘Router(config-if)#’ in?”

Interface Configuration mode

How well did you know this?

Not at all

Perfectly

This command is used to go to the Privileged Exec mode from the User Exec mode.

enable

This command makes the running configuration persistent across reboot.

copy running-config startup-config or copy run start

"The 'show' command that displays the entire running configuration on the router."

show running-config or show run

The process of adjusting the flow of data from the sender to ensure that the receiving host can handle all of it.

Flow Control

The process by which a host is able to support multiple sessions simultaneously and manage the individual traffic streams over a single link.

Session Multiplexing

This OSI layer provides transparent transfer of data between hosts and is responsible for end-to-end error recovery and flow control.

Transport Layer

"Which transport layer protocol is used by TFTP?"

UDP

What does the acronym UDP stand for?

User Datagram Protocol

Which transport layer protocol sends traffic best effort? TCP or UDP?

UDP

This transport layer protocol carries out sequencing to ensure segments are processed in the correct order and none are missing.

TCP

Which transport layer protocol is connection oriented? TCP or UDP?

TCP

This transport layer protocol does not carry out sequencing to ensure segments are processed in the correct order and none are missing.

UDP

Which transport layer protocol is not reliable, meaning the receiving host does not send acknowledgments back to the sender?

UDP

Which transport layer protocol does not perform flow control? TCP or UDP?

UDP

Which transport layer protocol is reliable where lost segments are resent? TCP or UDP?

TCP

"Which transport layer protocol is used by Telnet?"

TCP

This OSI layer is responsible for routing packets to their destination and for Quality of Service.

Network Layer

What is 1100 1011 in decimal?

203

What is 255.255.192.0 in slash notation?

/18

What is /27 in dotted decimal notation?

255.255.255.224

This defines where the boundary between the IP address network portion and host portion.

Subnet Mask

Traffic with this as destination address will be sent to all hosts in the subnet.

Broadcast Address

This address class is reserved for IP multicast addresses.

Class D

This address class is ‘experimental and reserved for future use’.

Class E

This address class is assigned to networks with a very large number of hosts.

Class A

What is the default subnet mask of Class A addresses?

What does IANA stand for?

Internet Assigned Numbers Authority

This address class is assigned to medium-sized to large-sized networks.

Class B

What is the valid network address range of Class B?

128.0.0.0 to 191.255.0.0 /16

This address class is used for small networks.

Class C

These addresses are valid to be assigned to hosts but they are not routable on the public internet.

Private Addresses

What is the Class A private IP address range?

10.0.0.0 to 10.255.255.255

What is the Class B private IP address range?

172.16.0.0 to 172.31.255.255

What is the Class C private IP address range?

192.168.0.0 to 192.168.255.255

What is the Class E IP address range?

240.0.0.0 to 255.255.255.255

What does CIDR stand for?

Classless Inter-Domain Routing

This allows us to size subnets differently according to how many hosts they have.

Variable Length Subnet Masking (VLSM)

e7310797b17246ad9c64abaed64ef965-ao-1

Subnetting

e7310797b17246ad9c64abaed64ef965-ao-2

Subnetting

What network does 192.123.45.67 255.255.255.192 belongs to?

192.123.45.64 /26

How many usable IP addresses are in a /27 network?

30 hosts

"You are asked to subnet 10.150.100.0/24 using VLSM, which office would you allocate the first subnet to?
"

Management Office

How many subnets are available in 172.205.7.0 /25?

512

What is the usable IP address range of 172.80.250.148 255.255.224.0?

172.80.224.1 - 172.80.255.254

What is the broadcast address of 10.64.250.14 255.192.0.0?

10.127.255.255

What is the valid IP address range of 126.12.16.0 255.255.254.0?

126.12.16.1 - 126.12.17.254

68292c91321b4dc4b3f22fe411c7852b-ao-1

VLSM Subnetting

68292c91321b4dc4b3f22fe411c7852b-ao-2

VLSM Subnetting

68292c91321b4dc4b3f22fe411c7852b-ao-3

VLSM Subnetting

68292c91321b4dc4b3f22fe411c7852b-ao-4

VLSM Subnetting

68292c91321b4dc4b3f22fe411c7852b-ao-5

VLSM Subnetting

68292c91321b4dc4b3f22fe411c7852b-ao-6

VLSM Subnetting

How many subnet bits do 100.1.1.0 255.255.240.0 have?

How many host bits does 172.17.7.2 255.255.255.128 have?

Error detection and correction for the Physical Layer can be provided in this OSI layer.

Data Link Layer

How many bits does a MAC address have?

48 bits

What does MAC stand for?

Media Access Control

The term for the message in the Data Link Layer.

Frame

What part of Ethernet header is at the start?

Preamble

Which Ethernet header part helps the sender and the receiver to synchronize?

Preamble

What does the acronym FCS stand for?

Frame Check Sequence

The MAC address is how many bytes long?

6 bytes

In the MAC address BC:54:2F:70:E2:43, what is the OUI portion?

BC:54:2F

In the MAC address 08:97:98:AC:2E:95, what is the vendor assigned portion?

AC:2E:95

This OSI layer puts the actual bits onto the wire.

Physical Layer

This OSI layer provides the hardware means of sending and receiving data, including defining cables, interface cards and physical aspects.

Physical Layer

What does UTP stand for?

Unshielded Twisted Pair

These type of cables are used to connect an end device such as a PC or router to a switch.

Straight-through cables

These cables are most often used to connect two devices of the same type directly, like two switches to each other.

Crossover cables

This fiber cable type is more expensive and supports higher bandwidth and longer distances.

Single Mode

What does PoE stand for?

Power over Ethernet

It delivers power to the devices over the standard network cable. It that saves you having to use a separate power supply for all connected devices.

Power over Ethernet (PoE)

"What's the maximum length of UTP cables?"

100 meters

Hubs operate in this duplex mode.

Half-duplex

"In this duplex mode, the attached hosts can either send or receive data. They can't do both at the same time."

Half-duplex

What does the acronym CSMA/CD stand for?

Carrier-Sense Multiple Access with Collision Detection

When operating in this duplex mode, the attached host can both send and receive data at the same time using their receive and transmit wires.

Full-duplex

With this duplex mode, all hosts have their own dedicated collision domain.

Full-duplex

"With Auto MDI-X disabled, what UTP cable is used to connect the device below?
"

Crossover cable

"With Auto MDI-X disabled, what UTP cable is used to connect the devices below?
"

Straight-through

What connector type is on the end of standard UTP cable?

RJ-45

This fiber cable type supports a few hundred meters maximum distance.

Multi Mode

These are advanced switches that are Layer 3 aware and can route traffic between different IP subnets.

Layer 3 switches

"The switch MAC address table is empty. PC2 sends traffic to PC3. What MAC address will the switch enter in the MAC address table?
"

0002.2222.000B

"The switch MAC address table is empty. PC2 sends traffic to PC3. What Port will the switch enter in the MAC address table?
"

F0/2

"PC1 receives a frame with a destination MAC address of 0003.3333.000C. What will PC1 do with the frame?
"

Discard/Drop the frame

"The switch MAC address table has a single existing entry of 0001.1111.000A mapped to Port F0/1. PC4 sends traffic to PC1. What MAC address will the switch enter in the MAC address table?
"

0004.4444.000D

"The switch MAC address table has an existing entry of 0003.3333.000C mapped to Port F0/3. PC1 sends traffic to PC3. Which port/s will the switch forward the traffic to?
"

F0/3

The switch is just plugged into the network. It receives a frame with a source MAC address of 1001.00A5.30A9 and a destination MAC address of 505C.1000.F008. What MAC address will the switch enter on its MAC address table?

1001.00A5.30A9

What does FQDN stand for?

Fully Qualified Domain Name

What resolves an FQDN to an IP address?

Domain Name System (DNS)

This is used to map the IP address to MAC address.

Address Resolution Protocol (ARP)

What does ARP stand for?

"Address Resolution Protocol"

What commands are entered on a router for it to be able to resolve hostnames?

ip domain-lookup

"You are tasked to create a primary domain named 'flackbox.com'. What command will you enter?"

ip domain-name flackbox.com

What command is entered on a router for it to act as a DNS server?

ip dns server

"What command is entered on the DNS-Client to allow it to look up or send DNS queries to DNS-Server?
"

ip name-server 172.16.1.1

"PC1 sends an ARP Request to PC2. PC1 don't know PC2's MAC address yet. What will be the Destination MAC of the ARP Request?
"

FFFF.FFFF.FFFF

"PC1 wants to send a packet to PC2. The ARP Request will be sent to what IP address?
"

192.168.1.1

453b9e33735040b39cbdbce3531723f1-ao-1

ARP Reply

453b9e33735040b39cbdbce3531723f1-ao-2

ARP Reply

"PC1 sends an IP packet to PC2. What is the Source IP Address?
"

192.168.1.10

"PC1 sends an IP packet to PC2. What is the Destination IP Address?
"

192.168.1.20

Ping uses what protocol?

ICMP (Internet Control Message Protocol)

This command does a ping, hop by hop, from the source to the destination, and it will often indicate which router along the path has got the problem.

Traceroute

The Cisco troubleshooting methodology that starts off at the Application Layer then moving down through the layers.

Top Down Approach

The Cisco troubleshooting methodology that starts at the Physical Layer then moving up through the layers.

Bottom Up Approach

"Router1 has the following Ping results. Which router is the most likely to have a problem?
"

Router3

What does SVI stand for?

Switched Virtual Interface

This command configures a descriptive hostname that makes it easier to identify the device.

hostname

This Cisco proprietary Layer 2 protocol is used to share information with other directly connected Cisco equipment, such as the operating system version and IP address.

Cisco Discovery Protocol (CDP)

This is an open standard protocol which provides similar information to CDP.

LLDP (Link Layer Discovery Protocol)

What command will you enter to configure the IP address 10.128.254.255 /30 on an interface?

ip address 10.128.254.255 255.255.255.252

This command is used to configure the default gateway.

ip default-gateway

What command will set the interface to full duplex?

duplex full

What command is entered on the interface level to configure a speed of 100 Mbps?

speed 100

This command enables auto duplex configuration.

duplex auto

This command shows the entire running configuration on the device.

show running-config

This command shows you the version of IOS that is running on the device. It will also show additional information like how much memory is installed in the device.

show version

CDP stands for?

Cisco Discovery Protocol

To disable CDP at the interface level, this command is used.

no cdp enable

This show interface brief command output indicates a Layer 2 issue or speed mismatch.

up/down

IPv6 standards state that addresses assigned to individual hosts should use this mask.

/64

Global Unicast Addresses are assigned from this range.

2000::/3

This command enables IPv6 routing.

ipv6 unicast-routing

These Neighbor Discovery message types are sent to the Solicited-Node multicast address which reaches all hosts on the subnet.

Neighbor Solicitation messages

It is the IPv6 version of ARP.

Neighbor Discovery

These IPv6 addresses are similar to IPv4 RFC 1918 private addresses. They are not publicly reachable.

Unique Local Addresses

These IPv6 addresses are valid for communications on that link only.

Link local addresses

What is the host portion of this IPv6 address 2001:100B:00D8:35A3:C004:7B01:09F0:1C01 /64?

C004:7B01:09F0:1C01

What is the network potion of this IPv6 address 2001:26CC:0F1D:C001:D330:5AF7:11A2:8000 /64?

2001:26CC:0F1D:C001

What is the long format of 2001:F:12::34:0:A3?

2001:000F:0012:0000:0000:0034:0000:00A3

These IPv6 addresses are mandatory on IPv6 enabled interfaces.

Link local addresses

This is means Unspecified address or Unknown address. It is also used as the source when an interface is trying to acquire an address.

This provides a virtual tunnel between private networks across a shared public network such as the Internet.

Virtual Private Network (VPN)

This Site-to-Site VPN configuration option is open standard and it does not support multicast.

IPsec Tunnel

This is a Cisco proprietary Site-to-Site VPN configuration option, which provides scalable simple hub and spoke style configuration enables direct full mesh connectivity between all offices.

DMVPN (Dynamic Multipoint VPN)

This Site-to-Site IPsec VPN configuration option is Cisco proprietary. It enables scalable centralised policy for VPN over non-public infrastructure.

GETVPN (Group Encrypted Transport VPN)

This WAN connectivity option uses a shared core infrastructure at the service provider. It can be used for connectivity to the Internet and/or connectivity between offices over VPN.

MPLS

What does the acronym MPLS stand for?

Multi Protocol Label Switching

"It combines or ‘multiplexes' multiple optical signals into one optical signal transmitted over a single fiber strand."

DWDM (Dense Wavelength Division Multiplexing)

These routers do not run MPLS but they peer at Layer 3 with the provider PE routers.

Customer Edge (CE) routers

What does the acronym DSL stand for?

Digital Subscriber Line

These attacks are directed against a particular individual or organisation. Skilled attackers will typically start off with low impact reconnaissance.

Targeted Attacks

It is a derogatory term for low skilled attackers who download and use off-the-shelf hacking software to launch exploits.

Script Kiddies

This type of malware encrypts data with the attacker’s key and asks the victim to pay a ransom to obtain the key.

Ransomware

It is a Social Engineering attack where the victim is often directed to enter their personal details into the attacker’s website which looks like the reputable company’s legitimate website.

Phishing

It sits alongside the traffic flow and informs security administrators of any potential concerns.

Intrusion Detection System (IDS)

It sits inline with the traffic flow and can also block attacks.

Itrusion Prevention System (IPS)

It transforms readable messages into an unintelligible form and then later reverses the process

Cryptography

This type of encryption uses private and public key pairs where in the data encrypted with the public key can only be decrypted with the private key, and vice versa.

Asymmetric encryption

What does HMAC stand for?

Hash-Based Message Authentication Codes

This solves the secure key distribution problem and it uses Certificate Authority for the two parties who need secure communication.

Public Key Infrastructure (PKI)

This is the successor to SSL.

Transport Layer Security (TLS)

This type of VPN uses symmetric encryption algorithms such to send encrypted traffic between locations over an untrusted network such as the Internet.

Site-to-Site VPN

It defines the procedures for authenticating and communicating peer creation and management of Security Associations. It typically uses IKE for key exchange.

Internet Security Association and Key Management Protocol (ISAKMP)

What does ESP stand for?

Encapsulating Security Payload

This IPsec mode protects the internal routing information by encrypting the IP header of the original packet.

Tunnel mode

This IPsec mode encypts only the payload and the ESP trailer, so the IP header of the original packet is not encrypted.

Transport mode

It buffers any excess traffic so the overall traffic stays within the desired rate limit.

Traffic Shaping

It drops or re-marks excess traffic to enforce the specified rate limit.

Traffic Policing

Voice and traditional standard definition video packets should have this Latency value to have an acceptable quality call.

≤ 150 ms

This can be experienced whenever packets come in quicker than they can be sent out.

Congestion

This can reduce latency, jitter and loss for particular traffic by giving each type of traffic the service it requires.

QoS Queuing

What is the default value of CoS?

What is the maximum recommended Jitter value?

30 ms

This classification and marking method can recognize traffic based on its own Layer 3 to Layer 7 characteristics.

NBAR (Network Based Application Recognition)

This gives bandwidth guarantees to specified traffic types.

CBWFQ (Class Based Weighted Fair Queuing)

This MQC section defines the traffic to take an action on.

Class Maps

This MQC section takes the action on the defined the traffic.

Policy Maps

This MQC section applies the policy map to an interface.

Service Policies

This type of hypervisor run directly on the system hardware.

Type 1 (Bare Metal) Hypervisor

This type of hypervisor run on top of a host operating system.

Type 2 Hypervisor

It is a model for enabling ubiquitous, convenient On-Demand Network access to a shared pool of configurable computing resources.

Cloud Computing

"This is a server where the operating system is running directly on the hardware. It's not running a hypervisor."

Bare Metal server

The cloud deployment model where the cloud infrastructure is provisioned for open use by the general public.

Public Cloud

The cloud deployment model where the cloud infrastructure is provisioned for exclusive use by a single organization comprising multiple consumers.

Private Cloud

The cloud deployment model where the cloud infrastructure is provisioned for exclusive use by a specific community of consumers from organizations that have shared concerns.

Community Cloud

The cloud deployment model where the cloud infrastructure is composed of two or more distinct cloud infrastructures that remain unique entities, bound together by standardized technology.

Hybrid Cloud

"What type of hypervisor is used below?
"

Type 1 Hypervisor

"What type of hypervisor is used below?
"

Type 2 Hypervisor

The system will load the first IOS image found in here by default.

Flash

What command is used to copy the running configuration to the TFTP server?

copy running-config tftp

This Configuration Register value ignores contents of NVRAM (startup-config).

0x2142

What configuration register value will allow you to boot into ROMMON?

0x2120

"This command is used to copy the IOS image to the device's Flash using TFTP."

copy tftp flash

You can set where the system will find the IOS image to load using this command.

boot system

This memory is used as the normal working memory of the device.

RAM

What does POST stand for?

Power On Self Test

This message is generated when something happens on the device, such as an interface going down or an OSPF neighbour adjacency coming up.

Syslog Message

What Syslog severity level value is Informational?

What is the name for severity level 0?

Emergency

This is where events are saved in RAM memory on the device.

Logging Buffer

This command disables logging to the console line.

no logging console

This command causes a new line to be printed where you were in the command line.

logging synchronous

What command will you enter to enable debug output to the VTY lines?
R1#

terminal monitor

What does NMS stand for?

Network Management System

This is the first SNMP version. It uses plain text authentication between the Manager and Agent using matching Community strings.

SNMPv1

This SNMP version uses plain text Community strings and it supports bulk retrieval.

SNMPv2c

This SNMP version supports strong authentication and encryption with the use of usernames and passwords.

SNMPv3

This SNMPv3 security level uses password authentication. Communications between the agent and the server are also encrypted.

AuthPriv

This SNMPv3 security level uses password authentication, but no encryption is used for communications between the devices.

AuthNoPriv

This SNMPv3 view is used to send notifications to members of the group.

Notify view

In this SNMPv3 security level, no authentication password is exchanged and the communications between the agent and the server are not encrypted.

noAuthnoPriv

This specifies what a particular user is allowed to do, such as whether they are allowed to run a particular command or not.

Authorization

This keeps track of the options that a user has carried out. This can be used as an audit trail to check what commands an administrator entered.

Accounting

This verifies somebody is who they say they are and it is most commonly achieved with a username and password.

Authentication

These lines are used for both Telnet and SSH connections.

VTY lines

This is the command to generate a digital certificate.

crypto key generate rsa

How many privilege levels of admin access are available on a Cisco router or switch?

This privilege level access allows only five commands—logout, enable, disable, help, and exit.

Zero (level 0)

This privilege level provides complete control over the router. When you enter Privileged Exec Mode with the ‘enable’ command, you’re at this level by default.

Privileged (level 15)

This privilege level provides very limited read-only access to the router. When you enter User Exec Mode you’re at this level by default.

User (level 1)

This command configures a password that can be viewed in plain text in the running configuration by default.

enable password

This command encrypts all passwords in the running configuration

service password-encryption

You entered the following command:
R1(config-line)#exec-timeout 15 30
How long can the administrator stay inactive before getting logged out?

15 minutes 30 seconds

"You are tasked to enter an encrypted password of 'FlackboxPass0!' for the Privileged Exec mode access. What command will you enter?
R1(config)#"

enable secret FlackboxPass0!

What command is used to configure a login banner?

banner login

What does NTP stand for?

Network Time Protocol

This command configures a router to become an NTP server.

ntp master

This wireless network type have devices that are within 10 meters of each other and bluetooth is often used.

Wireless Personal Area Network (WPAN)

It allows devices to be connected to an Access Point and also be part of a peer-to-peer wireless network.

WiFi Direct

This wireless network type provides access to a campus network, without the need for a cable. The devices are within 100m of a Wireless Access Point.

Wireless Local Area Network (WLAN)

Using this WLAN network, two or more wireless stations communicate directly with each other.

Ad Hoc Network

This device provides connectivity between wireless stations and between the wireless and wired networks.

Wireless Access Point

This is a wireless coverage area of an Access Point. It is also known as a wireless cell.

Basic Service Area (BSA)

This is a unique identifier that names a wireless network (WLAN).

Service Set Identifier (SSID)

With this, Lighweight Access Points can discover the Wireless LAN Controller and then download their configurations from there.

Zero Touch Provisioning (ZTP)

This protocol is a standardized protocol that enables a Wireless LAN Controller to manage a collection of Wireless Access Points.

Control And Provisioning of Wireless Access Points (CAPWAP)

What does CAPWAP stand for?

Control And Provisioning of Wireless Access Points

This wireless security standard came out in 2018. It supports AES encryption, CCMP, and protection against KRACK attack.

WPA3

It is a version control system for tracking changes in source code and files.

Git

It is a set of operating principles and practices that enable application development teams to deliver code changes more frequently and reliably.

CI/CD

It is the process of converting structured data to a standardized format that allows sharing or storage of the data in a form that allows recovery of its original structure.

Data Serialization

This JSON data type is an unordered collection of key/value pairs which are surrounded by curly braces {}.

Object

This JSON data type is an ordered list of values which are surrounded by square brackets [].

Array

This markup language was standardized in 1998 and it was designed to describe and transfer data.

eXtensible Markup Language (XML)

It is a standard communication protocol system that permits processes using different operating systems like Linux and Windows to communicate.

Simple Object Access Protocol (SOAP)

It is an architecture that gives guidelines for the structure and organization of an API. It also supports any transport and data format.

Representational State Transfer

"This REST response code means 'Internal Server Error'."

500

What does SOAP stand for?

Simple Object Access Protocol

"The 'C' in CRUD stands for what operation?"

Create

It is the router/switch plane that makes decisions about how to forward traffic. Its packets are destined to or locally originated on the device itself.

Control Plane

The device is configured and monitored in this router/switch plane. For example at the CLI through Telnet or SSH, via a GUI using HTTPS, or via SNMP or an API.

Management Plane

What does APIC stand for?

Application Policy Infrastructure Controller

It is the main component of the Cisco ACI solution and it is designed to manage data center environments with Nexus switches.

APIC (Application Policy Infrastructure Controller)

It is a Cisco SDN controller which is designed to manage enterprise environments – campus, branch and WAN.

DNA Center

This transforms a traditional manual network into a controller led network that translates the business needs into policies that can be automated and applied consistently across the network.

Intent Based Networking (IBN)

This SD-Access network is the underlying physical network. It provides the underlying physical connections which the overlay network is built on top of.

Underlay network

This SD-Access network is a logical topology used to virtually connect devices. It is built over the physical underlay network.

Overlay network

This was implemented as a temporary workaround to mitigate the lack of IPv4 addresses until organisations had time to migrate to IPv6.

NAT (Network Address Translation)

This NAT type offers permanent one-to-one mapping usually between a public and private IP address. It is used for servers which must accept incoming connections.

Static NAT

This NAT type uses a pool of public addresses which are given out on an as needed first come first served basis.

Dynamic NAT

The NAT type that allows the same IP address to be reused.

PAT (Port Address Translation)

This command is used to remove all dynamic translations from the translation table.

clear ip nat translation *

It is the IP address actually configured on the inside host’s Operating System.

Inside Local Address

The NAT’d address of the inside host as it will be reached by the outside network.

Inside Global Address

The IP address of the outside host as it appears to the inside network.

Outside Local Address

It is the IP address assigned to the host on the outside network by the host’s owner.

Outside Global Address

"You are tasked to create a NAT pool named 'FlackboxNAT' with global address range of 100.1.2.3 to 100.1.2.10 and a subnet mask of /27. What commands will you enter?
R1(config)# ?"

ip nat pool FlackboxNAT 100.1.2.3 100.1.2.10 netmask 255.255.255.224

This keyword will allow multiple hosts to reuse the top address in the pool.

overload

"In the topology below, which Router interface will be configured with 'ip nat inside'?
"

interface G0/2

"In the topology below, which Router interface will be configured with 'ip nat outside'?
"

interface G0/1

This show command shows the Inside Global, Inside Local, Outside Local, and Outside Global address translations.

show ip nat translation

This show command will output how many addresses have been translated by NAT.

show ip nat statistics

This RIP version does not send subnet mask information with routing updates, so VLSM is not supported.

RIPv1

Which RIP version supports VLSM?

RIPv2

What does EIGRP stand for?

Enhanced Interior Gateway Routing Protocol

This routing protocol can be configured to perform unequal cost load balancing.

EIGRP

What does '20' signify in the command below?
Router(config)#router eigrp 20

Autonomous System (AS)

What is the wildcard mask of /21?

0.0.7.255

What command will you enter to manually configure a router's EIGRP Router ID of 10.10.10.1?
R1(config-router)# ?

eigrp router-id 10.10.10.1

RIPv2 updates are sent using what multicast address?

224.0.0.9

What command is used to disable automatic summarization?

no auto-summary

If the Loopback address and the Router ID are not configured on the router, EIGRP will use this as the Router ID instead.

Highest other IP address

This show command is used to check EIGRP neighbor adjacency.

show ip eigrp neighbors

This RIP version supports authentication.

RIPv2

Which version of RIP does not support authentication?

RIPv1

What is 255.192.0.0 in wildcard mask?

0.63.255.255

What is the default Administrative Distance of RIP?

120

OSPF routers use these advertisements to pass on routing updates.

Link State Advertisements (LSA)

Adjacent OSPF routers will tell each other the networks they know about using this packet.

DataBase Description (DBD)

What OSPF packet type is sent to the neighbor if a router is missing information about any of the networks in the received DBD?

Link State Request (LSR)

What OSPF packet contains a list of LSA’s which should be updated?

Link State Update (LSU)

What does 10 signify in the command below?

Router(config)#router ospf 10

Process ID

Serial interfaces transmit at what rate by default?

1.544 Mbps

What command will you enter to manually specify a OSPF cost value of 15?
R1(config-if)# ?

ip ospf cost 15

It is how long a router waits to hear from a neighbor before declaring it out of service. The default is 4x the Hello Interval.

Dead Interval

This is how often a router sends Hello packets. The default is 10 secs.

Hello Interval

Routers which have all their OSPF interfaces in this area are Backbone Routers.

Area 0

These are routers which have interfaces in multiple areas.

Area Border Routers (ABRs)

What is the OSPF router type that redistribute into OSPF?

Autonomous System Boundary Router (ASBR)

The Designated Router multicasts the update to this address (‘all OSPF routers’).

224.0.0.5

It consists of directly connected networks and routes configured statically by the administrator or dynamically learned through a routing protocol.

Routing Table

"What type of route is shown below?

Router1#show ip route

C 10.10.10.0/24 is directly connected, GigabitEthernet0/0/0

Connected Route

"What type of route is shown below?

Router1#show ip route

L 10.10.20.1/32 is directly connected, GigabitEthernet0/0/1

Local Route

Which of the following has the longest prefix match?
192.168.10.0/24
192.168.10.0/28
192.168.0.0/16

192.168.20.0/28

"This is a route going out to everywhere else that we haven't specifically had a route for elsewhere."

Default Route

This route is a catch-all for any traffic that does not match one of our more specific routes.

Default Route

What is the show command used to view the routing table on a router?

show ip route

"What is the IP address of Router1's interface that is connected to Router2?

"

10.10.20.1

You are asked to configure a static route going to 172.16.0.0/16 with the next hop address of 172.17.1.1. What command will you enter?

Router(config)# ?

ip route 172.16.0.0 255.255.0.0 172.17.1.1

What is the metric of RIP?

Hop Count

This is a measure of how trusted the routing protocol is.

Administrative Distance

Which route is most preferred?
192.168.1.0/24 OSPF route
192.168.1.0/28 RIP route
192.168.0.0/16 Static route

192.168.1.0/28 RIP route

Which of the following routes is the most preferred?
10.10.1.0/24 RIP route
10.10.1.0/24 EIGRP route
10.10.1.0/24 OSPF route

10.10.1.0/24 EIGRP route

These interfaces allow you to include an IP subnet in the routing protocol without sending updates out of the interface.

Passive interfaces

"RIP is enabled in the routers in the network. Which is the preferred path from R1 to reach R5? R1>R6>R7>R5 or R1>R2>R3>R4>R5?
"

R1>R6>R7>R5

"OSPF is enabled in the routers in the network. Which is the preferred path from R1 to reach R5? R1>R6>R7>R5 or R1>R2>R3>R4>R5?
"

R1>R2>R3>R4>R5

This groups multiple physical interfaces into a single logical interface.

Etherchannel

This combines multiple physical network cards into a single logical interface.

NIC Teaming

What does VSS stand for?

Virtual Switching System

What does vPC stand for?

Virtual Port Channel

What is the recommended oversubscription is for the distribution to core layer links?

4:1

What does PAgP stand for?

Port Aggregation Protocol

This EtherChannel protocol is Cisco proprietary.

Port Aggregation Protocol (PAgP)

This EtherChannel protocol is open standard.

Link Aggregation Control Protocol (LACP)

With this EtherChannel configuration, the switches do not negotiate creation and maintenance. The settings must still match on both sides.

Static EtherChannel

What command will you enter if you are asked to create an LACP port channel 10 in Active mode?
Switch(config-if-range)# ?

channel-group 10 mode active

What command will you enter if you are asked to create a PAgP port channel 5 in Desirable mode?
Switch(config-if-range)# ?

channel-group 5 mode desirable

ACLs are applied at the interface level with this command.

access-group

This is the default wildcard mask for a Standard ACL. It means individual host address.

0.0.0.0

What commands will you enter to confugure a standard ACL with an access-list number of 10 and to allow traffic from 192.168.10.0/24?
Router(config)# ?

access-list 10 permit 192.168.10.0 0.0.0.255

What commands are entered to configure a Standard ACL with access list number of 1 and will allow all traffic?
Router(config)# ?

access-list 1 permit any

"What command will you enter to configure an extended ACL for 'FlackboxACL'?

Router(config)# ?

ip access-list extended FlackboxACL

What keyword is used in the ACL command to match packets on a given port number?

What keyword is used in the ACL command to match packets in the specified range of port numbers?

range

This ACL keyword is used to log to the console or an external monitoring server.

log

What command will you enter to enable DHCP snooping on VLAN 20?
Switch(config)# ?

ip dhcp snooping vlan 20

With DHCP snooping, what command will you enter to make an interface a trusted port?
Switch(config-if)# ?

ip dhcp snooping trust

This access layer switch security mechanism can prevent attacks from rogue DHCP servers by dropping DHCP server traffic that comes in a port that is not trusted.

DHCP snooping

What does DAI stand for?

Dynamic ARP Inspection

It is an ARP update which is not in response to an actual request.

Gratuitous ARP

What command will you enter to enable DAI on VLAN 100?
Switch(config)# ?

ip arp inspection vlan 100

"It is used to authenticate users on the network. They don't get access to the network at all until they put in a valid username and password which is checked by the authentication server."

802.1x

This enables an administrator to specify which MAC address or addresses can send traffic in to an individual switch port.

Port Security

This show command is used to verify the port security addresses.

show port-security address

This port security violation action places the interfaces into error-disabled state, blocking all traffic.

Shutdown

With this port security violation action, the traffic from unauthorised address is dropped, logged and the violation counter is incremented.

Restrict

What command will you enter to set the maximum number of MAC address allowed to send traffic into the interface to 5?
Switch(config-if)# ?

switchport port-security maximum 5

What does FHRP stand for?

First Hop Redundancy Protocol

This FHRP protocol is Cisco proprietary. It is deployed in active/standby pair.

Hot Standby Router Protocol (HSRP)

This FHRP protocol is open standard. It is deployed in active/standby pair.

Virtual Router Redundancy Protocol (VRRP)

What does GLBP stand for?

Gateway Load Balancing Protocol

This show command will show what the virtual IP address is, the state, and the virtual MAC address.

show standby

With FHRP, the hosts will use this as their default gateway address.

Virtual IP address

What command will you enter to configure a VIP of 172.16.1.1 with HSRP group number 1.
Router(config-if)# ?

standby 1 ip 172.16.1.1

What is the default HSRP priority value?

100

What command is entered to configure a priority of 50 on HSRP group 10?
Router(config-if)# ?

standby 10 priority 50

What command is entered to enable pre-emption on HSRP group 10?
Router(config-if)# ?

standby 10 preempt

It is a client/server protocol that automatically provides a host with its IP address and other related configuration information such as the subnet mask and default gateway.

Dynamic Host Configuration Protocol (DHCP)

This is used to forward initial DHCP messages and it eliminates the need for a DHCP server on every subnet.

DHCP relay agent

What show command is used to get information about the DHCP lease?

show dhcp lease

What command is entered to make a Cisco router a DHCP client?
Router(config-if)# ?

ip address dhcp

What command is entered so that the router interface will be able to forward DHCP requests to the external DHCP server at 172.100.10.1?
Router(config-if)# ?

ip helper-address 172.100.10.1

DHCP requests are what type of messages?

Broadcast messages

"You are tasked to create a DCHP pool named 'Flackbox', what commands will you enter?
Router(config)# ?"

ip dhcp pool Flackbox

To see the addresses that were given out by the DHCP server and who they were given out to, this show command is used.

show ip dhcp binding

The DHCP server has an IP address of 172.16.1.1. What command will you enter to tell the DHCP clients where their default gateway is?
Router(dhcp-config)# ?

default-router 100.10.1.1

The DNS server is at 172.16.2.1, what command is entered to tell the DCHP clients where the DNS server is?

Router(dhcp-config)# ?

dns-server 172.16.2.1

The DHCP server is to allocate IP addresses from the 172.16.1.0/24 network. What command should be entered?
Router(dhcp-config)# ?

network 172.16.1.0 255.255.255.0

This VTP mode does not participate in the VTP domain. It does not advertise or learn VLAN information but will pass it on.

VTP Transparent

This VTP mode will synchronise its VLAN database from the Server with the highest revision number. It can't add, edit or delete VLANs.

VTP Client

What protocol allows you to add, edit or delete VLANs on switches configured as VTP Servers?

VLAN Trunking Protocol (VTP)

What command is entered when configuring a switch as a VTP server?
Switch(config)# ?

vtp mode server

"What command is entered to configure a VTP domain with a name 'Flackbox'?
Switch(config)# ?"

vtp domain Flackbox

What does DTP stand for?

Dynamic Trunking Protocol

What is the configuration to disable DTP?

Switch(config-if)#

switchport nonegotiate

This command will form a trunk if the neighbour switch port is set to trunk or desirable.
Switch(config-if)# ?

switchport mode dynamic auto

Using this command will form a trunk if the neighbour switch port is set to trunk, desirable or auto.
Switch(config-if)# ?

switchport mode dynamic desirable

What is the default Native VLAN?

VLAN 1

All ports are in this VLAN by default.

VLAN 1

The Distribution and Core layer functions are performed on the same hardware device.

Collapsed Distribution and Core

"This is the preferred design when there's a lot more traffic going in East and West bound direction, meaning, between the actual servers themselves in the data center."

Spine-Leaf Data Center Design

This design is more suitable for North-South bound traffic.

Traditional Campus Design

These ports carry traffic for multiple VLANs.

Trunk ports

What command will you enter to allow VLANs 50 and 120 only on the trunk port?
Switch(config-if)# ?

switchport trunk allowed vlan 50,120

What command is used to configure an interface as an access port?
Switch(config-if)# ?

switchport mode access

What is the default Bridge Priority value?

32768

What is the port on the neighbour switch opposite the Root Port?

Designated Port

These are the ports which have not been selected as a Root Port or Designated Port pair and would potentially form a loop.

Blocking Ports

It prevents Layer 2 loops by detecting potential loops and blocking ports to prevent them

Spanning Tree Protocol

This STP version is the original Spanning Tree implementation. It uses one Spanning Tree for all VLANs in the LAN.

802.1D Spanning Tree Protocol (STP)

What is the STP version that enables grouping and mapping VLANs into different spanning tree instances for load balancing?

802.1s Multiple Spanning Tree Protocol (MSTP)

It is Cisco's enhancement to 802.1D. This is the default on Cisco switches.

Per VLAN Spanning Tree Plus (PVST+)

This is Cisco's enhancement to 802.1w RSTP. It significantly improved convergence time over PVST+.

Rapid Per VLAN Spanning Tree Plus (RPVST+)

This prevents an unintended switch from becoming the root bridge.

Root Guard

What command will set all ports to Portfast by default?

Switch(config)# ?

spanning-tree portfast default

What command will enable BPDU Guard on an interface?
Switch(config-if)# ?

spanning-tree bpduguard enable

To configure Root Guard on an interface, what command is used?
Switch(config-if)# ?

spanning-tree guard root

What command will you enter on a switch for it to become the Root Bridge for VLAN 10?

Switch(config)# ?

spanning-tree vlan 10 root primary

"The Bridge Priority is not configured. What switch will be elected as the Root Bridge?
"

Switch 1

"What port state is Switch5 F0/1 interface?
"

Root Port

With this Inter-VLAN connectivity option, the traffic being routed has to go up and down the same physical Ethernet cable to the router.

Router on a Stick

With this Inter-VLAN connectivity option, the traffic being routed within the campus is routed across the switch backplane.

Layer 3 Switch Inter-VLAN Routing

What command will allow you to create a sub-interface with a number of 15 on Fast Ethernet 0/5?
Router(config)# ?

interface FastEthernet 0/5.15

What is the number '3' in the command 'interface GigEthernet 0/0/1.3'?

sub-interface number

This command enables IP routing on a Layer 3 switch.
Switch(config)# ?

ip routing

This command allows a Layer 3 switch physical interface to act like a router port.
Switch(config-if)# ?

no switchport

"Router2 pings PC2. What will be the source IP address of the ICMP echo request?"

10.10.3.1

"What does 'U' in ping results mean?"

Unreachable

The ping will have this result if the router discards the packet.

U (Unreachable)

It will go through a wizard that will ask you the options you want to set for the ping.

Extended Ping

What does MTU stand for?

Maximum Transmission Unit

What is the default ping timeout?

2 seconds

"This command is similar with ping and it traces the path the traffic is taking when it's going across the network."

Traceroute

What protocol is used by traceroute?

ICMP

This is used as a route loop prevention mechanism. Every time that a router passes a packet on from one interface to another, it decrements by one.

TTL (Time to Live)

What is the shortened IPv6 version of 1000:00B8:0000:000F:0050:0000:0000:B001?

1000:B8:0:F:50::B001

This is the IPv6 equivalent of 0.0.0.0 0.0.0.0 (default route) in IPv4.

::/0

Link local addresses are assigned from this range.

FE80::/10 – FEB0::/10