Switching

Question 1

What is the ID used to elect the Root Bridge

Answer 1

Bridge ID, priority value + MAC

Question 2

What is the ID used to elect the Root Bridge

Answer 2

Bridge ID, priority value + MAC

Question 3

What are the three types of BPDU

Answer 3

Configuration
TCN (Notification)
TCA (Ack)

Question 4

What is the role of a VTEP

Answer 4

The VTEP encaps/decaps traffic on VXLAN tunnel

Question 5

What is required for L3 operations not to be interrupted when using SSO?

Answer 5

NSF is required. With NSF+SSO CEF entries are not purged so the L3 flap occuring when a sup reloads is covered and operations can continue.

Question 6

What are the 2 tables used by CEF for its decisions

Answer 6

The FIB and the Adjacency Table

Question 7

What QoS component can have an impact on how a packet is handled on a network?

Answer 7

Marking

Question 8

What is the FIB populated with?

Answer 8

A copy of the forwarding information in the IP routing table.
When routing or topology changes occur in the network, the route processor updates the RIB and CEF updates the FIB. There is a one-to-one correlation between FIB & RIB.

Question 9

What is the adjacency table populated with?

Answer 9

The adjacency table is populated each time an adjacency entry is created (ex: ARP), a link-layer header for that adjacent node is stored in the adjacency table. Once a route is determined, the link-layer header points to a next hop and corresponding adjacency entry.

Question 10

What’s a Bridge ID?

Answer 10

The criteria for root bridge election.
Prio+Mac
Lowest wins.

Question 11

What are two methods of SGT tags propagation

Answer 11

Inline Tagging
SXP Propagation

Question 12

What are the three phases of Trustsec

Answer 12

Classification (ingress)
Propagation
Enforcement (egress)

Question 13

What is included in NGFW

Answer 13

Standard FW functions including stateful inspection
IPS
Application level inspection
External Intelligence to mitigate new threats

Question 14

Name 2 new capacities of Cisco NGFW

Answer 14

Advanced malware detection
Application-layer attack detection

Question 15

What happens with this configuration:

Line vty 0 4
Login
Password cisco
Transport input telnet

Answer 15

If no local account is defined the password will always be ignored

Question 16

What happens with the configuration

line vty 0 4
password cisco
transport input all

Answer 16

On telnet, no promps and straight up enable access.

Question 17

What happens with:

line vty 0 4
password cisco
login local
transport input all

Answer 17

Password is ignored.
Local user enforced

Question 18

What will happen here?

line vty 0 4
login
transport input all

Answer 18

No password is defined and the login command asks for a password, so access is never granted