Session 5

Question 1

what mode are you in when you see > ?

Answer 1

user exec mode

Question 2

what commands do you need to add to enable a password for line console 0?

Answer 2

config t
line console 0
password #####
login

Question 3

what command do you add to change the timeout session for line console 0?

Answer 3

exec-timeout ## $$

# = is in minutes
$ = is seconds

0 = do not time out

Question 4

How do you enable password the moment from user exec to privilege mode?

Answer 4

configt t

password ###

Question 5

Are we hashing or encrypting when adding a enable secret password?

Answer 5

hashing

Question 6

how many default vty lines do you have?

Answer 6

5 (0-4)

Question 7

when you remove the login from line console 0 or vty what does that mean?

Answer 7

you can still connect to the device but you will not be asked to be prompted for a password.

Question 8

what command do you add an ACL to a VTY?

Answer 8

you use IP acess-class #

Question 9

How do you set up a ssh connection

Answer 9

1. You need a hostname
2. You need a domain name (ip-domain-name)

config t
crypto key generate rsa modulus 1024 (higher # is better)

Question 10

what command you you change in the line vty to change it to use the local account

Answer 10

loginlocal

Question 11

What is transport input command ?

Answer 11

controls what is allowed to be utilize to connect.

ex: telnet / ssh

by default it is usually all but it can very by device platform.

Question 12

Login banner what is it?

Answer 12

is a security feature.

ex: is a security sticker we put

Question 13

what is a AAA server

Answer 13

Radius or tacacs+ used for authentication.

Question 14

Login banner is used when?

Answer 14

when you need to provide username and password. you can put this up as a way to prevent unauthorized logins.

Question 15

what is a MOTD

Answer 15

message of the day - just a message when you about something happening. nothing fancy.

Question 16

what is one way to enable port security?

Answer 16

shutdown the port

switchport port-security mac-address sticky

Question 17

what is mac address flooding?

Answer 17

malicious user and they broadcast a but of frames a different mac address.

mac off (program)

Question 18

what are the options for switchport port-security?

Answer 18

protect - continue to allow traffic for the approved MAC address but those not allowed never show up in syslogs

restrict (continue to allow traffic only for frames that have an approved MAC address only)

shutdown (enable by default) puts port in err-disable

Question 19

what command can you input to verify power security?

Answer 19

show port-security interface ####

Question 20

Where is the clock set? and what time do you put

Answer 20

user exec mode? Universal time coordinated UTC

Question 21

how to do you configure timezone and adjust it in a switch?

Answer 21

config t
clock timezone (est,ast,pst)

Question 22

how do you set up daylight savings time?

Answer 22

config t
clock summer-time (###) recurring $$$$ @@@@

\$\$$ - date when it starts (winter time)
 @@@ - date in summer when it stops
# - timezone

Question 23

what is NTP?

What is the format?

What port does it use?

Answer 23

is a protocol that network devices uses to synchronize their time

NTP uses a client/server model

Port 123

Question 24

What is stratum level for NTP?

Answer 24

basically a pyramid scheme. The closer you are to the time device, the lower stratum # you will have.

Limit of 15 devices can be daisy chain

Question 25

how to do you configure

Answer 25

config t

ntp server #.#.#.#

Question 26

what does stratum 16 mean?

Answer 26

NTP server is not reachable.

Question 27

NTP master command means?

Answer 27

you are the master of time. YOU DONT WANT TO USE THIS COMMAND.

Only use this as a demo.

Question 28

what is syslog

Answer 28

automatic logging mechanism that is enable by default.

It facilitates monitoring and auditing.

Question 29

what command do you use to see sys logs while connected via a VTY port?

and how do you turn it off?

Answer 29

terminal monitor

terminal no monitor

Question 30

how to you configure a syslog server?

Answer 30

config t
logging host #.#.#.#

logging trap (will allow you to change the severity level)

Question 31

what are the logging severity 1 - 7

Answer 31

0 = emergencies
1 = alert
2 = critical
3 = errors
4 = warnings
5 = notifications
6 = informational
7 = debugging

Question 32

Benefits of a DHCP server?

Answer 32

Centralize IP address allocation
supports consistency across organization

IP address that automatically assigned with user vlans settings

1 stop shop.

Question 33

what is the 4 way handshake of DHCP

Answer 33

Discovered (broadcast message)
Offer (unicast)
Request (broadcast)
Aacknowledge (unicast)

Question 34

how do you configure a router as a DHCP server?

Answer 34

config t
ip dhcp pool (name it)

network (sets range )
network #.#.#.# $.$.$.$
# = ip address
$ = subnet mask

dns-server #.#.#.#

Default-router - #.#.#.#

Question 35

how do find what ips have been leased out?

Answer 35

show ip dhcp binding

Question 36

how do you configure dhcp lease time?

Answer 36

ip dhcp pool (name) lease (days) (hours) (minutes)

Question 37

what does DHCP relay agent allow us to do?

Answer 37

forwards the DHCP discover message to the DHCP agent.

Also know as ip helper-address

Question 38

how bits are in ipv4 and ipv6?

Answer 38

32 bits ivp4 and 128 bits ipv6

Question 39

what can yo drop in a IPV6?

Answer 39

leading zero

Question 40

what is a quartet in ipv6?

how man quartets in ipv6?

Answer 40

is 4 hexadecimal characters

8 total quartets = 32 hexadecimal.

Question 41

in hex what does A = to?

Answer 41

10

Question 42

in hex what does B = to?

Answer 42

11

Question 43

in hex what does C= to?

Answer 43

12

Question 44

in hex what does D = to?

Answer 44

13

Question 45

in hex what does E = to?

Answer 45

14

Question 46

in hex what does F = to?

Answer 46

15

Question 47

how many times can you have a double colon?

Answer 47

just 1 time.

Question 48

in a ipv6 header what does traffic class stand for?

Answer 48

quality of service.

Question 49

in a ipv6 header what does hop limit?

Answer 49

same as hop count = is the time to live for that frame

Question 50

source device take care of MTU

Answer 50

maximum transmission unit.

Question 51

what is anycast addressing?

Answer 51

allows you to have the same address on mulitple addresses. Example top level domains servers have the same IP address.

Routers will decide where to send the packet to the nearest device.

Question 52

in ipv6 how what protocol has replaced arp?

Answer 52

neighbor discovery

Question 53

in ipv6 how does DHCP work

Answer 53

use ipv6 dhcp which uses specific multicast addresses associated with them.

Question 54

in ipv6 what are the types of addresses you can have?

Answer 54

Unicast / Multicast and Anycast / Unique local (FC)

Question 55

what is a global unicast?

Answer 55

its your public ip address

range 2000 thru ffff

Question 56

what is the loopback address in ipv6?

Answer 56

::1 which means 31 0s and 1

Question 57

what is unspecified address in ipv6?

example 0.0.0.0

Answer 57

::

(this is not default route)

default route is ::/0

Question 58

what is the multicast address in ipv6?

Answer 58

anything that begins with FF

Question 59

what is the link local in ipv6?

Answer 59

anything that starts with FE80

low level protocols use these for basic communications

Question 60

the first 4 quartets of a /64 in ipv6 is what?

Answer 60

your network

Question 61

the last 4 quartets of a /64 subnet in ipv64 is what?

Answer 61

your host