Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

MODULE 11 - Network Communication Devices CERTIFICATION CYBER OPS ASSOCIATE > MODULE 11 - CERTIFICATION CYBER OPS ASSOCIATE > Flashcards

MODULE 11 - CERTIFICATION CYBER OPS ASSOCIATE Flashcards

1
Q

Network Devices End Devices The network devices that people are most familiar with are end devices.

To distinguish one end device from another, each end device on a network has an address.

When an end device initiates communication, it uses the address of the destination end device to specify where to deliver the message.

A

An end device is either the source or destination of a message transmitted over the network.

Click Play in the figure to see an animation of data flowing through a network.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Routers Routers are devices that operate at the OSI network layer (Layer 3). As shown in the figure, routers are used to interconnect remote sites.

They use the process of routing to forward data packets between networks. The routing process uses network routing tables, protocols, and algorithms to determine the most efficient path for forwarding an IP packet.

Routers gather routing information and update other routers about changes in the network. Routers increase the scalability of networks by segmenting broadcast domains.

A

Routers are devices that operate at the OSI network layer (Layer 3).

As shown in the figure, routers are used to interconnect remote sites. They use the process of routing to forward data packets between networks.

The routing process uses network routing tables, protocols, and algorithms to determine the most efficient path for forwarding an IP packet.

Routers gather routing information and update other routers about changes in the network. Routers increase the scalability of networks by segmenting broadcast domains. The Router Connection :

https://snipboard.io/Dw8ErC.jpg

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Routers have two primary functions: path determination and packet forwarding.

To perform path determination, each router builds and maintains a routing table which is a database of known networks and how to reach them.

The routing table can be built manually and contain static routes or can be built using a dynamic routing protocol.

A

Packet forwarding is accomplished by using a switching function.

Switching is the process used by a router to accept a packet on one interface and forward it out of another interface.

A primary responsibility of the switching function is to encapsulate packets in the appropriate data link frame type for the outgoing data link.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

After the router has determined the exit interface using the path determination function, the router must encapsulate the packet into the data link frame of the outgoing interface.

What does a router do with a packet received from one network and destined for another network?

The router performs the following three major steps: 1. It de-encapsulates the Layer 2 frame header and trailer to expose the Layer 3 packet. 2.

It examines the destination IP address of the IP packet to find the best path in the routing table. 3.

If the router finds a path to the destination, it encapsulates the Layer 3 packet into a new Layer 2 frame and forwards that frame out the exit interface.

A

As shown in the figure, devices have Layer 3 IPv4 addresses, while Ethernet interfaces have Layer 2 data link addresses.

The MAC addresses are shortened to simplify the illustration. For example, PC1 is configured with IPv4 address 192.168.1.10 and an example MAC address of 0A-10. As a packet travels from the source device to the final destination device, the Layer 3 IP addresses do not change.

This is because the Layer 3 PDU does not change.

However, the Layer 2 data link addresses change at every router on the path to the destination, as the packet is de-encapsulated and re-encapsulated in a new Layer 2 frame.

Encapsulating and De-Encapsulating Packets

https://snipboard.io/90QHup.jpg

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Packet Forwarding Decision Process

Now that the router has determined the best path for a packet based on the longest match, it must determine how to encapsulate the packet and forward it out the correct egress interface.

The figure explains how a router determines the best path to use to forward a packet.

https://snipboard.io/RIpyZs.jpg https://snipboard.io/H5EBDg.jpg

A

Click each button for a description of the three things a router can do with a packet after it has determined the best path. :

– Forwards the packet to a Device on a Directly Connected

– Forwards the packet to a next-Hop Router

– Drops the packet - No Match in Routing table

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Click each button for a description of the three things a router can do with a packet after it has determined the best path. :

– Forwards the packet to a Device on a Directly Connected

– Forwards the packet to a next-Hop Router

– Drops the packet - No Match in Routing table

A

Forwards the packet to a Device on a Directly Connected :

Forwards the Packet to a Device on a Directly Connected

Network If the route entry indicates that the egress interface is a directly connected network, this means that the destination IP address of the packet belongs to a device on the directly connected network.

Therefore, the packet can be forwarded directly to the destination device.

The destination device is typically an end device on an Ethernet LAN, which means the packet must be encapsulated in an Ethernet frame.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Forwards the packet to a Device on a Directly Connected :

Forwards the Packet to a Device on a Directly Connected

Network If the route entry indicates that the egress interface is a directly connected network, this means that the destination IP address of the packet belongs to a device on the directly connected network.

Therefore, the packet can be forwarded directly to the destination device.

The destination device is typically an end device on an Ethernet LAN, which means the packet must be encapsulated in an Ethernet frame.

A

To encapsulate the packet in the Ethernet frame, the router needs to determine the destination MAC address associated with the destination IP address of the packet.

The process varies based on whether the packet is an IPv4 or IPv6 packet: :

– IPv4 packet

– IPv6 packet

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

To encapsulate the packet in the Ethernet frame, the router needs to determine the destination MAC address associated with the destination IP address of the packet.

The process varies based on whether the packet is an IPv4 or IPv6 packet: :

– IPv4 packet

– IPv6 packet

A

IPv4 packet :

The router checks its ARP table for the destination IPv4 address and an associated Ethernet MAC address.

If there is no match, the router sends an ARP Request.

The destination device will return an ARP Reply with its MAC address.

The router can now forward the IPv4 packet in an Ethernet frame with the proper destination MAC address.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

To encapsulate the packet in the Ethernet frame, the router needs to determine the destination MAC address associated with the destination IP address of the packet.

The process varies based on whether the packet is an IPv4 or IPv6 packet: :

– IPv4 packet

– IPv6 packet

A

IPv6 packet :

The router checks its neighbor cache for the destination IPv6 address and an associated Ethernet MAC address.

If there is no match, the router sends an ICMPv6 Neighbor Solicitation (NS) message.

The destination device will return an ICMPv6 Neighbor Advertisement (NA) message with its MAC address.

The router can now forward the IPv6 packet in an Ethernet frame with the proper destination MAC address.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Click each button for a description of the three things a router can do with a packet after it has determined the best path. :

– Forwards the packet to a Device on a Directly Connected

– Forwards the packet to a next-Hop Router

– Drops the packet - No Match in Routing table

A

Forwards the packet to a next-Hop Router :

Forwards the Packet to a Next-Hop Router If the route entry indicates that the destination IP address is on a remote network, this means the destination IP address of the packet belongs to a device on network that is not directly connected.

Therefore, the packet must be forwarded to another router, specifically a next-hop router. The next-hop address is indicated in the route entry. If the forwarding router and the next-hop router are on an Ethernet network, a similar process (ARP and ICMPv6 Neighbor Discovery) will occur for determining the destination MAC address of the packet as described previously.

The difference is that the router will search for the IP address of the next-hop router in its ARP table or neighbor cache, instead of the destination IP address of the packet. Note: This process will vary for other types of Layer 2 networks.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Click each button for a description of the three things a router can do with a packet after it has determined the best path. :

– Forwards the packet to a Device on a Directly Connected

– Forwards the packet to a next-Hop Router

– Drops the packet

  • No Match in Routing table
A

Drops the packet - No Match in Routing table :

Drops the Packet - No Match in Routing Table

If there is no match between the destination IP address and a prefix in the routing table, and if there is no default route, the packet will be dropped.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Routing Information The routing table of a router stores the following information:

– Directly connected routes

– Remote routes

A

Directly connected routes :

These routes come from the active router interfaces.

Routers add a directly connected route when an interface is configured with an IP address and is activated.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Routing Information

The routing table of a router stores the following information:

– Directly connected routes

– Remote routes

A

Remote routes :

These are remote networks connected to other routers.

Routes to these networks can either be statically configured or dynamically learned through dynamic routing protocols.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Specifically, a routing table is a data file in RAM that is used to store route information about directly connected and remote networks.

The routing table contains network or next hop associations. These associations tell a router that a particular destination can be optimally reached by sending the packet to a specific router that represents the next hop on the way to the final destination.

The next hop association can also be the outgoing or exit interface to the next destination.

The figure identifies the directly connected networks and remote networks of router R1. Directly Connected and Remote Network Routes

https://snipboard.io/x8EOTp.jpg

A

The destination network entries in the routing table can be added in several ways: :

– Local Route interfaces

– Directly connected interfaces

– Static routes

– Dynamic routing protocol

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

The destination network entries in the routing table can be added in several ways: :

– Local Route interfaces

– Directly connected interfaces

– Static routes

– Dynamic routing protocol

A

Local Route interfaces :

These are added when an interface is configured and active.

This entry is only displayed in IOS 15 or newer for IPv4 routes, and all IOS releases for IPv6 routes.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

The destination network entries in the routing table can be added in several ways: :

– Local Route interfaces

– Directly connected interfaces

– Static routes

– Dynamic routing protocol

A

Directly connected interfaces :

These are added to the routing table when an interface is configured and active.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

The destination network entries in the routing table can be added in several ways: :

– Local Route interfaces

– Directly connected interfaces

– Static routes

– Dynamic routing protocol

A

Static routes :

These are added when a route is manually configured and the exit interface is active.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

The destination network entries in the routing table can be added in several ways: :

– Local Route interfaces

– Directly connected interfaces

– Static routes

– Dynamic routing protocol

A

Dynamic routing protocol :

This is added when routing protocols that dynamically learn about the network, such as EIGRP or OSPF, are implemented and networks are identified.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

Dynamic routing protocols exchange network reachability information between routers and dynamically adapt to network changes.

Each routing protocol uses routing algorithms to determine the best paths between different segments in the network, and updates routing tables with these paths.

A

Dynamic routing protocols have been used in networks since the late 1980s. One of the first routing protocols was RIP. RIPv1 was released in 1988.

As networks evolved and became more complex, new routing protocols emerged. The RIP protocol was updated to RIPv2 to accommodate growth in the network environment. However, RIPv2 still does not scale to the larger network implementations of today.

To address the needs of larger networks, two advanced routing protocols were developed: Open Shortest Path First (OSPF) and Intermediate System-to-Intermediate System (IS-IS).

Cisco developed the Interior Gateway Routing Protocol (IGRP) and Enhanced IGRP (EIGRP), which also scales well in larger network implementations.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

Additionally, there was the need to connect different internetworks and provide routing between them.

The Border Gateway Protocol (BGP) is now used between Internet Service Providers (ISPs).

BGP is also used between ISPs and their larger private clients to exchange routing information.

A

The table classifies the protocols. Routers configured with these protocols will periodically send messages to other routers.

As a cybersecurity analyst, you will see these messages in various logs and packet captures.

https://snipboard.io/bS6hXu.jpg

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

End-to-End Packet Forwarding The primary responsibility of the packet forwarding function is to encapsulate packets in the appropriate data link frame type for the outgoing interface.

For example, the data link frame format for a serial link could be Point-to-Point (PPP) protocol, High-Level Data Link Control (HDLC) protocol, or some other Layer 2 protocol.

A

Click each button and play the animations of PC1 sending a packet to PC2.

Notice how the contents and format of the data link frame change at each hop.

– PC1 Sends Packet to PC2

– R1 Forwards the Packet to PC2

– R2 Forwards the Packet to R3

– R3 Forwards the Packet to PC2

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

Click each button and play the animations of PC1 sending a packet to PC2.

Notice how the contents and format of the data link frame change at each hop.

– PC1 Sends Packet to PC2

– R1 Forwards the Packet to PC2

– R2 Forwards the Packet to R3

– R3 Forwards the Packet to PC2

A

PC1 Sends Packet to PC2 :

PC1 Sends Packet to PC2 In the first animation, PC1 sends a packet to PC2. Since PC2 is on a different network, PC1 will forward the packet to its default gateway.

PC1 will look in its ARP cache for the MAC address of the default gateway and add the indicated frame information.

Note: If an ARP entry does not exist in the ARP table for the default gateway of 192.168.1.1, PC1 sends an ARP request. Router R1 would then return an ARP reply with its MAC address.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

Click each button and play the animations of PC1 sending a packet to PC2.

Notice how the contents and format of the data link frame change at each hop.

– PC1 Sends Packet to PC2

– R1 Forwards the Packet to PC2

– R2 Forwards the Packet to R3

– R3 Forwards the Packet to PC2

A

R1 Forwards the Packet to PC2 : R1 Forwards the Packet to PC2 R1 now forwards the packet to PC2.

Because the exit interface is on an Ethernet network, R1 must resolve the next-hop IPv4 address with a destination MAC address using its ARP table.

If an ARP entry does not exist in the ARP table for the next-hop interface of 192.168.2.2, R1 sends an ARP request. R2 would then return an ARP Reply.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

Click each button and play the animations of PC1 sending a packet to PC2.

Notice how the contents and format of the data link frame change at each hop.

– PC1 Sends Packet to PC2

– R1 Forwards the Packet to PC2

– R2 Forwards the Packet to R3

– R3 Forwards the Packet to PC2

A

R2 Forwards the Packet to R3 : R2 Forwards the Packet to R3 R2 now forwards the packet to R3. Because the exit interface is not an Ethernet network, R2 does not have to resolve the next-hop IPv4 address with a destination MAC address.

When the interface is a point-to-point (P2P) serial connection, the router encapsulates the IPv4 packet into the proper data link frame format used by the exit interface (HDLC, PPP, etc.).

Because there are no MAC addresses on serial interfaces, R2 sets the data link destination address to an equivalent of a broadcast.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
Q

Click each button and play the animations of PC1 sending a packet to PC2.

Notice how the contents and format of the data link frame change at each hop.

– PC1 Sends Packet to PC2

– R1 Forwards the Packet to PC2

– R2 Forwards the Packet to R3

– R3 Forwards the Packet to PC2

A

R3 Forwards the Packet to PC2 : R3 Forwards the Packet to PC2 R3 now forwards the packet to PC2.

Because the destination IPv4 address is on a directly connected Ethernet network, R3 must resolve the destination IPv4 address of the packet with its associated MAC address.

If the entry is not in the ARP table, R3 sends an ARP request out of its FastEthernet 0/0 interface.

PC2 would then return an ARP reply with its MAC address.

26
Q

Hubs, Bridges, LAN Switches The topology icons for hubs, bridges, and LAN switches are shown in the figure.

https://snipboard.io/Byk4Jt.jpg

An Ethernet hub acts as a multiport repeater that receives an incoming electrical signal (data) on a port. It then immediately forwards a regenerated signal out all other ports. Hubs use physical layer processing to forward data. They do not look at the source and destination MAC address of the Ethernet frame.

A

Hubs connect the network into a star topology with the hub as the central connection point. When two or more end devices connected to a hub send data at the same time, an electrical collision takes place, corrupting the signals.

All devices connected to a hub belong to the same collision domain. Only one device can transmit traffic at any given time on a collision domain.

If a collision does occur, end devices use CSMA/CD logic to avoid transmission until the network is clear of traffic. Due to the low cost and superiority of Ethernet switching, hubs are seldom used today.

27
Q

Bridges have two interfaces and are connected between hubs to divide the network into multiple collision domains.

Each collision domain can have only one sender at a time.

Collisions are isolated by the bridge to a single segment and do not impact devices on other segments.

Just like a switch, a bridge makes forwarding decisions based on Ethernet MAC addresses.

Bridges are seldom used in modern networks.

A

LAN switches are essentially multiport bridges that connect devices into a star topology.

Like bridges, switches segment a LAN into separate collision domains, one for each switch port.

A switch makes forwarding decisions based on Ethernet MAC addresses.

The figure shows the Cisco series of 2960-X switches that are commonly used to connect end devices on a LAN.

https://snipboard.io/S61yJo.jpg

28
Q

Switching Operation Switches use MAC addresses to direct network communications through the switch, to the appropriate port, and toward the destination.

A switch is made up of integrated circuits and the accompanying software that controls the data paths through the switch.

For a switch to know which port to use to transmit a frame, it must first learn which devices exist on each port.

As the switch learns the relationship of ports to devices, it builds a table called a MAC address table, or content addressable memory (CAM) table.

CAM is a special type of memory used in high-speed searching applications.

A

LAN switches determine how to handle incoming data frames by maintaining the MAC address table.

A switch builds its MAC address table by recording the MAC address of each device that is connected to each of its ports.

The switch uses the information in the MAC address table to send frames destined for a specific device out of the port to which the device is connected.

29
Q

The following two-step process is performed on every Ethernet frame that enters a switch.

A
  1. Learn –

Examining the Source MAC Address Every frame that enters a switch is checked for new MAC address information that may need to be learned. It does this by examining the frame’s source MAC address and the port number where the frame entered the switch.

If the source MAC address is not in the table, it is added to the MAC address table along with the incoming port number, as shown in the figure.

If the source MAC address does exist in the table, the switch updates the refresh timer for that entry.

By default, most Ethernet switches keep an entry in the table for five minutes.

Learn: Examine Source MAC Address

https://snipboard.io/KfSYxc.jpg

Note: If the source MAC address does exist in the table but on a different port, the switch treats this as a new entry. The entry is replaced using the same MAC address, but with the more current port number.

30
Q
  1. Learn –

Examining the Source MAC Address Every frame that enters a switch is checked for new MAC address information that may need to be learned. It does this by examining the frame’s source MAC address and the port number where the frame entered the switch.

If the source MAC address is not in the table, it is added to the MAC address table along with the incoming port number, as shown in the figure.

If the source MAC address does exist in the table, the switch updates the refresh timer for that entry.

By default, most Ethernet switches keep an entry in the table for five minutes.

Learn: Examine Source MAC Address

https://snipboard.io/KfSYxc.jpg

Note: If the source MAC address does exist in the table but on a different port, the switch treats this as a new entry. The entry is replaced using the same MAC address, but with the more current port number.

A
  1. Forward – Examining the Destination MAC Address If the destination MAC address is a unicast address, the switch will look for a match between the destination MAC address of the frame and an entry in its MAC address table.

If the destination MAC address is in the table, it will forward the frame out the specified port. If the destination MAC address is not in the table, the switch will forward the frame out all ports except the incoming port, as shown in the figure.

This is called an unknown unicast.

Forward: Examining the Destination MAC Address

https://snipboard.io/s6HxPd.jpg

Note: If the destination MAC address is a broadcast or a multicast, the frame is also flooded out all ports except the incoming port.

31
Q

VLANs Within a switched internetwork, VLANs provide segmentation and organizational flexibility.

VLANs provide a way to group devices within a LAN.

A group of devices within a VLAN communicate as if they were connected to the same network segment.

VLANs are based on logical connections, instead of physical connections.

https://snipboard.io/es24NC.jpg

A

VLANs allow an administrator to segment networks based on factors such as function, project team, or application, without regard for the physical location of the user or device, as shown in the figure.

Devices within a VLAN act as if they are in their own independent network, even if they share a common infrastructure with other VLANs. Any switch port can belong to a VLAN.

Unicast, broadcast, and multicast packets are forwarded and flooded only to end devices within the VLAN where the packets are sourced.

Each VLAN is considered a separate logical network. Packets destined for devices that do not belong to the VLAN must be forwarded through a device that supports routing.

32
Q

VLANs allow an administrator to segment networks based on factors such as function, project team, or application, without regard for the physical location of the user or device, as shown in the figure.

Devices within a VLAN act as if they are in their own independent network, even if they share a common infrastructure with other VLANs. Any switch port can belong to a VLAN.

Unicast, broadcast, and multicast packets are forwarded and flooded only to end devices within the VLAN where the packets are sourced.

Each VLAN is considered a separate logical network. Packets destined for devices that do not belong to the VLAN must be forwarded through a device that supports routing.

A

A VLAN creates a logical broadcast domain that can span multiple physical LAN segments.

VLANs improve network performance by separating large broadcast domains into smaller ones.

If a device in one VLAN sends a broadcast Ethernet frame, all devices in the VLAN receive the frame, but devices in other VLANs do not.

33
Q

A VLAN creates a logical broadcast domain that can span multiple physical LAN segments.

VLANs improve network performance by separating large broadcast domains into smaller ones.

If a device in one VLAN sends a broadcast Ethernet frame, all devices in the VLAN receive the frame, but devices in other VLANs do not.

A

VLANs also prevent users on different VLANs from snooping on each other’s traffic.

For example, even though HR and Sales are connected to the same switch in the figure, the switch will not forward traffic between the HR and Sales VLANs.

This allows a router or another device to use access control lists to permit or deny the traffic.

Access lists are discussed in more detail later in the chapter. For now, just remember that VLANs can help limit the amount of data visibility on your LANs.

34
Q

STP Network redundancy is a key to maintaining network reliability.

Multiple physical links between devices provide redundant paths.

The network can then continue to operate when a single link or port has failed.

Redundant links can also share the traffic load and increase capacity.

A

Multiple paths need to be managed so that Layer 2 loops are not created.

The best paths are chosen, and an alternate path is immediately available should a primary path fail.

The Spanning Tree Protocol is used to maintain one loop-free path in the Layer 2 network, at any time.

35
Q

Multiple paths need to be managed so that Layer 2 loops are not created.

The best paths are chosen, and an alternate path is immediately available should a primary path fail.

The Spanning Tree Protocol is used to maintain one loop-free path in the Layer 2 network, at any time.

A

Redundancy increases the availability of the network topology by protecting the network from a single point of failure, such as a failed network cable or switch.

When physical redundancy is introduced into a design, loops and duplicate frames occur.

Loops and duplicate frames have severe consequences for a switched network.

STP was developed to address these issues.

36
Q

Redundancy increases the availability of the network topology by protecting the network from a single point of failure, such as a failed network cable or switch.

When physical redundancy is introduced into a design, loops and duplicate frames occur.

Loops and duplicate frames have severe consequences for a switched network.

STP was developed to address these issues.

A

STP ensures that there is only one logical path between all destinations on the network by intentionally blocking redundant paths that could cause a loop.

A port is considered blocked when user data is prevented from entering or leaving that port. This does not include bridge protocol data unit (BPDU) frames that are used by STP to prevent loops.

Blocking the redundant paths is critical to preventing loops on the network. The physical paths still exist to provide redundancy, but these paths are disabled to prevent the loops from occurring.

If the path is ever needed to compensate for a network cable or switch failure, STP recalculates the paths and unblocks the necessary ports to allow the redundant path to become active.

37
Q

Multilayer Switching Multilayer switches (also known as Layer 3 switches) not only perform Layer 2 switching, but also forward frames based on Layer 3 and 4 information.

All Cisco Catalyst multilayer switches support the following types of Layer 3 interfaces:

– Routed port

– Switch virtual interface (SVI)

A

Routed port :

A pure Layer 3 interface similar to a physical interface on a Cisco IOS router.

38
Q

Multilayer Switching Multilayer switches (also known as Layer 3 switches) not only perform Layer 2 switching, but also forward frames based on Layer 3 and 4 information.

All Cisco Catalyst multilayer switches support the following types of Layer 3 interfaces:

– Routed port

– Switch virtual interface (SVI)

A

Switch virtual interface (SVI) :

A virtual VLAN interface for inter-VLAN routing. In other words, SVIs are the virtual-routed VLAN interfaces.

39
Q

Routed Ports A routed port is a physical port that acts similarly to an interface on a router, as shown in the figure.

Unlike an access port, a routed port is not associated with a particular VLAN. A routed port behaves like a regular router interface.

Also, because Layer 2 functionality has been removed, Layer 2 protocols, such as STP, do not function on a routed interface.

However, some protocols, such as LACP and EtherChannel, do function at Layer 3. Unlike Cisco IOS routers, routed ports on a Cisco IOS switch do not support subinterfaces.

Routed Ports

https://snipboard.io/lTYIfm.jpg

A

Switch Virtual Interfaces An SVI is a virtual interface that is configured within a multilayer switch, as shown in the figure. Unlike the basic Layer 2 switches discussed above, a multilayer switch can have multiple SVIs.

An SVI can be created for any VLAN that exists on the switch. An SVI is considered to be virtual because there is no physical port dedicated to the interface.

It can perform the same functions for the VLAN as a router interface would, and can be configured in much the same way as a router interface (i.e., IP address, inbound/outbound ACLs, etc.).

The SVI for the VLAN provides Layer 3 processing for packets to or from all switch ports associated with that VLAN.

Switch Virtual Interface

https://snipboard.io/y6WdUe.jpg

40
Q

Wireless versus Wired LANs WLANs use Radio Frequencies (RF) instead of cables at the physical layer and MAC sublayer of the data link layer. WLANs share a similar origin with Ethernet LANs.

The IEEE has adopted the 802 LAN/MAN portfolio of computer network architecture standards.

The two dominant 802 working groups are 802.3 Ethernet, which defined Ethernet for wired LANs, and 802.11 which defined Ethernet for WLANs.

There are important differences between the two.

A

WLANs also differ from wired LANs as follows: WLANs connect clients to the network through a wireless access point (AP) or wireless router, instead of an Ethernet switch.

WLANs connect mobile devices that are often battery powered, as opposed to plugged-in LAN devices.

Wireless NICs tend to reduce the battery life of a mobile device. WLANs support hosts that contend for access on the RF media (frequency bands). 802.11 prescribes collision-avoidance (CSMA/CA) instead of collision-detection (CSMA/CD) for media access to proactively avoid collisions within the media.

WLANs use a different frame format than wired Ethernet LANs. WLANs require additional information in the Layer 2 header of the frame.

WLANs raise more privacy issues because radio frequencies can reach outside the facility.

41
Q

802.11 Frame Structure Recall that all Layer 2 frames consist of a header, payload, and Frame Check Sequence (FCS) section.

The 802.11 frame format is similar to the Ethernet frame format, except that it contains more fields, as shown in the figure.

https://snipboard.io/QGceXV.jpg

A

All 802.11 wireless frames contain the following fields:

– Frame Control

– Duration

– Address1

– Address2

– Address3

– Sequence Control

– Address4

– Payload

– FCS

42
Q

All 802.11 wireless frames contain the following fields:

– Frame Control

– Duration

– Address1

– Address2

– Address3

– Sequence Control

– Address4

– Payload

– FCS

A

Frame Control :

This identifies the type of wireless frame and contains subfields for protocol version, frame type, address type, power management, and security settings.

43
Q

All 802.11 wireless frames contain the following fields:

– Frame Control

– Duration

– Address1

– Address2

– Address3

– Sequence Control

– Address4

– Payload

– FCS

A

Duration :

This is typically used to indicate the remaining duration needed to receive the next frame transmission.

44
Q

All 802.11 wireless frames contain the following fields:

– Frame Control

– Duration

– Address1

– Address2

– Address3

– Sequence Control

– Address4

– Payload

– FCS

A

Address1 :

This usually contains the MAC address of the receiving wireless device or AP.

45
Q

All 802.11 wireless frames contain the following fields:

– Frame Control

– Duration

– Address1

– Address2

– Address3

– Sequence Control

– Address4

– Payload

– FCS

A

Address2 :

This usually contains the MAC address of the transmitting wireless device or AP.

46
Q

All 802.11 wireless frames contain the following fields:

– Frame Control

– Duration

– Address1

– Address2

– Address3

– Sequence Control

– Address4

– Payload

– FCS

A

Address3 :

This sometimes contains the MAC address of the destination, such as the router interface (default gateway) to which the AP is attached.

47
Q

All 802.11 wireless frames contain the following fields: – Frame Control – Duration – Address1 – Address2 – Address3 – Sequence Control -

All 802.11 wireless frames contain the following fields:

– Frame Control

– Duration

– Address1

– Address2

– Address3

– Sequence Control

– Address4

– Payload

– FCS

  • Address4 – Payload – FCS
A

Address4 :

This usually missing because it is used only in ad hoc mode.

48
Q

All 802.11 wireless frames contain the following fields:

– Frame Control

– Duration

– Address1

– Address2

– Address3

– Sequence Control

– Address4

– Payload

– FCS

A

Payload :

This contains the data for transmission.

49
Q

All 802.11 wireless frames contain the following fields:

– Frame Control

– Duration

– Address1

– Address2

– Address3

– Sequence Control

– Address4

– Payload

– FCS

A

FCS :

This is used for Layer 2 error control.

50
Q

All 802.11 wireless frames contain the following fields:

– Frame Control

– Duration

– Address1

– Address2

– Address3

– Sequence Control

– Address4

– Payload

– FCS

A

Sequence Control :

This contains information to control sequencing and fragmented frames.

51
Q

CSMA/CA WLANs are half-duplex, shared media configurations.

Half-duplex means that only one client can transmit or receive at any given moment.

Shared media means that wireless clients can all transmit and receive on the same radio channel.

This creates a problem because a wireless client cannot hear while it is sending, which makes it impossible to detect a collision.

A

To resolve this problem, WLANs use carrier sense multiple access with collision avoidance (CSMA/CA) as the method to determine how and when to send data on the network.

A wireless client does the following: Listens to the channel to see if it is idle, which means that is senses no other traffic is currently on the channel. The channel is also called the carrier. Sends a ready to send (RTS) message to the AP to request dedicated access to the network.

Receives a clear to send (CTS) message from the AP granting access to send. If the wireless client does not receive a CTS message, it waits a random amount of time before restarting the process.

After it receives the CTS, it transmits the data. All transmissions are acknowledged. If a wireless client does not receive an acknowledgment, it assumes a collision occurred and restarts the process.

52
Q

Wireless Client and AP Association For wireless devices to communicate over a network, they must first associate with an AP or wireless router.

An important part of the 802.11 process is discovering a WLAN and subsequently connecting to it.

Wireless devices complete the following three stage process, as shown in the figure:

Discover a wireless AP Authenticate with AP Associate with

AP https://snipboard.io/6xUgTJ.jpg

A

In order to have a successful association, a wireless client and an AP must agree on specific parameters.

Parameters must then be configured on the AP and subsequently on the client to enable the negotiation of a successful association. :

– SSID

– Password

– Network mode

– Security mode

– Channel settings

53
Q

In order to have a successful association, a wireless client and an AP must agree on specific parameters.

Parameters must then be configured on the AP and subsequently on the client to enable the negotiation of a successful association. :

– SSID

– Password

– Network mode

– Security mode

– Channel settings

A

SSID :

The SSID name appears in the list of available wireless networks on a client.

In larger organizations that use multiple VLANs to segment traffic, each SSID is mapped to one VLAN.

Depending on the network configuration, several APs on a network can share a common SSID.

54
Q

In order to have a successful association, a wireless client and an AP must agree on specific parameters.

Parameters must then be configured on the AP and subsequently on the client to enable the negotiation of a successful association. :

– SSID

– Password

– Network mode

– Security mode

– Channel settings

A

Password :

This is required from the wireless client to authenticate to the AP.

55
Q

In order to have a successful association, a wireless client and an AP must agree on specific parameters.

Parameters must then be configured on the AP and subsequently on the client to enable the negotiation of a successful association. :

– SSID

– Password

– Network mode

– Security mode

– Channel settings

A

Network mode :

This refers to the 802.11a/b/g/n/ac/ad WLAN standards.

APs and wireless routers can operate in a Mixed mode meaning that they can simultaneously support clients connecting via multiple standards.

56
Q

In order to have a successful association, a wireless client and an AP must agree on specific parameters.

Parameters must then be configured on the AP and subsequently on the client to enable the negotiation of a successful association. :

– SSID

– Password

– Network mode

– Security mode

– Channel settings

A

Security mode :

This refers to the security parameter settings, such as WEP, WPA, or WPA2.

Always enable the highest security level supported.

57
Q

In order to have a successful association, a wireless client and an AP must agree on specific parameters.

Parameters must then be configured on the AP and subsequently on the client to enable the negotiation of a successful association. :

– SSID

– Password

– Network mode

– Security mode

– Channel settings

A

Channel settings :

This refers to the frequency bands used to transmit wireless data.

Wireless routers and APs can scan the radio frequency channels and automatically select an appropriate channel setting.

The channel can also be set manually if there is interference with another AP or wireless device.

58
Q

Passive and Active Discover Mode Wireless devices must discover and connect to an AP or wireless router.

Wireless clients connect to the AP using a scanning (probing) process.

This process can be passive or active.

– Passive Mode

– Active Mode

A

Passive Mode :

In passive mode, the AP openly advertises its service by periodically sending broadcast beacon frames containing the SSID, supported standards, and security settings.

The primary purpose of the beacon is to allow wireless clients to learn which networks and APs are available in a given area.

This allows the wireless clients to choose which network and AP to use.

https://snipboard.io/IXscEW.jpg

59
Q

Passive and Active Discover Mode Wireless devices must discover and connect to an AP or wireless router.

Wireless clients connect to the AP using a scanning (probing) process.

This process can be passive or active.

– Passive Mode

– Active Mode

A

Active Mode : In active mode, wireless clients must know the name of the SSID. The wireless client initiates the process by broadcasting a probe request frame on multiple channels.

The probe request includes the SSID name and standards supported. APs configured with the SSID will send a probe response that includes the SSID, supported standards, and security settings.

Active mode may be required if an AP or wireless router is configured to not broadcast beacon frames. A wireless client could also send a probe request without a SSID name to discover nearby WLAN networks.

APs configured to broadcast beacon frames would respond to the wireless client with a probe response and provide the SSID name. APs with the broadcast SSID feature disabled do not respond.

https://snipboard.io/4hfQxn.jpg

60
Q

Wireless Devices -AP, LWAP, and WLC A common wireless data implementation is enabling devices to connect wirelessly via a LAN.

In general, a wireless LAN requires wireless access points and clients that have wireless NICs. Home and small business wireless routers integrate the functions of a router, switch, and access point into one device, as shown in the figure.

Note that in small networks, the wireless router may be the only AP because only a small area requires wireless coverage. In larger networks, there can be many APs.

https://snipboard.io/FxpCu8.jpg

A

All of the control and management functions of the APs on a network can be centralized into a Wireless LAN Controller (WLC).

When using a WLC, the APs no longer act autonomously, but instead act as lightweight APs (LWAPs). LWAPs only forward data between the wireless LAN and the WLC.

All management functions, such as defining SSIDs and authentication are conducted on the centralized WLC rather than on each individual AP.

A major benefit of centralizing the AP management functions in the WLC is simplified configuration and monitoring of numerous access points, among many other benefits.

MODULE 11 - Network Communication Devices CERTIFICATION CYBER OPS ASSOCIATE (1 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions