ICND1 Section 2 - Ethernet Switching

Question 1

Command to set VTP mode

Answer 1

in global config mode:

vtp mode [server | client | transparent | off]

Question 2

What are the 4 trunking administrative modes?

Answer 2

1. Access
2. Trunk
3. dynamic desirable
4. dynamic auto

Question 3

What are the 3 primary functions of a switch?

Answer 3

1. Deciding when/where to forward a frame, based on destination MAC.
2. Learning MAC address based on source port/MAC.
3. Creating a loop free environment using STP.

Question 4

What are the 1 mandatory and 1 optional commands to configure an access port?

Answer 4

1. In interface config mode, “switchport access vlan vlanid”
2. (Optional) Set the mode to access only.

Question 5

What is the distance for 1000BASE-LX or 1000BASE-SX on MM fiber?

Answer 5

550m

Question 6

Command to apply configurations to a set of continguous interfaces

Answer 6

conf t

interface-range first int-last int

Question 7

Command to set the native vlan for a trunk port

Answer 7

in interface config mode:

switchport trunk native vlan vlanid

Question 8

Command to set a port to initiate trunking negotiation messages.

Answer 8

int gi0/1

switchport mode dynamic desirable

Question 9

Command to set the device to use SSH2

Answer 9

ip ssh version 2

Question 10

Command to have logging messages on the console connection only display at convenient times

Answer 10

line con 0

logging synchronous

Question 11

What is the normal range and extended range vlan numbers?

Answer 11

Normal = 1 - 1005
Extended = 1006 - 4094

Question 12

What is the primary impact of VTP server mode?

Answer 12

Server switches can only configure vlans in the standard range

Question 13

Command to see the status of any ip addresses obtained by DHCP

Answer 13

show dhcp lease

Question 14

Command to show the options set on trunk ports

Answer 14

show interfaces trunk

Question 15

Command to see the status of the SSH service on the device

Answer 15

show ip ssh

Question 16

Command to set a port to trunk mode

Answer 16

switchport mode trunk

Question 17

Command to enable port security on an interface

Answer 17

switchport port-security

Question 18

Command to change the default vlans allowed on a trunk.

Answer 18

switchport trunk allowed vlan {add | remove | all | except }

Question 19

Command to set the trunking encap type on a port

Answer 19

switchport trunk encapsulation [dot1q|isl|negotiate]

Question 20

What does ROM store?

Answer 20

the bootstrap code (program) used when the device boots up

Question 21

5 steps to enabling SSH

Answer 21

1. Configure VTY lines to use either local or AAA security
2. If local, add usernames
3. Configure the ip domain-name
4. Create the encryption key
5. (optional) Enable SSH2

Question 22

2 mandatory and 4 optional steps to enabling port security

Answer 22

1. Set a port to either trunk or access mode
2. enable port security

Optional

3. Change the default number of MAC addresses allowed
4. Change the default port security violation behavior
5. Define any permitted MAC addresses
6. Tell the switch to sticky-learn any dynamically learned mac addresses

Question 23

What 3 cable standards have distance limitations of 100m?

Answer 23

10BASE-T
100BASE-T
1000BASE-T

Question 24

How big is the VLAN ID field inside the .1Q header?

Answer 24

12 bits

Question 25

Command to name a vlan

Answer 25

conf t vlan *vlanid* name *name*

Question 26

What is the distance limitation for 1000BASE-LX on SM fiber?

Answer 26

5k

Question 27

Where is the .1Q tag inserted in the ethernet header?

Answer 27

Between the source address and type fields.

Question 28

Command to ensure that an access port does not negotiate to become a trunk

Answer 28

conf t interface gi1/1 switchport mode access

Question 29

Command to copy the running config to a TFTP server

Answer 29

copy running-config tftp

Question 30

Command to create the encryption key for SSH

Answer 30

crypto key generate rsa

Question 31

Command to see the security state of switch ports

Answer 31

show port-security interface ``` uer03.arvada.co.denver#show port-security interface gi1/1 Port Security : Disabled Port Status : Secure-down Violation Mode : Shutdown Aging Time : 0 mins Aging Type : Absolute SecureStatic Address Aging : Disabled Maximum MAC Addresses : 1 Total MAC Addresses : 0 Configured MAC Addresses : 0 Sticky MAC Addresses : 0 Last Source Address:Vlan : 0000.0000.0000:0 Security Violation Count : 0 ```

Question 32

What is the default trunking administrative mode?

Answer 32

Dynamic auto

Question 33

what 3 commands can be used to remove the startup config?

Answer 33

Erase nvram Erase startup-config Write erase

Question 34

What vlans cannot be deleted?

Answer 34

1, 1002-1005

Question 35

What are the 3 port security violation options, and which is default?

Answer 35

1. Shutdown (default) 2. Protect 3. Restrict

Question 36

If there is no username set globally, what 2 things need to be configured on a VTY to allow a user to log in via telnet/SSH?

Answer 36

the 'login' line | the 'password ' line

Question 37

What is the IEEE standard behavior when autonegotiation is only enabled on one side of a link?

Answer 37

1. Use your slowest speed | 2. If your speed = 10 or 100m use half-duplex, otherwise use full-duplex

Question 38

Command to create a vlan

Answer 38

vlan *vlanid*