VLAN Flashcards

1
Q

What is a collection of computers on a LAN(s) that are grouped together in a single broadcast domain independent of their physical location?

A

VLAN

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Meaning of VLAN

A

Virtual local area network

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

With VLAN, can you group devices according to function or traffic patterns?

A

Yes

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Enumerate 3 benefits of using VLAN

A
  1. Increased performance by restricting broadcasts
  2. Improved manageability and simplified network tuning
  3. Increased security options
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What is an Ethernet interface on a VLAN-capable device that connects the device to another VLAN-capable device?

A

VLAN Trunk Interface

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What is a number from 1 to 4094 associated with the VLAN?

A

VLAN ID (VID)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What’s the range for VLAN ID?

A

1 to 4094

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What is the information that is added to the header of an
Ethernet frame

A

Tag (noun)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What standard defined the format of the Tag?

A

IEEE 802.1Q standard

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What do you call the verb to add a VLAN tag to a data frame’s Ethernet header?

A

Tag (verb)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What kind of device adds a tag?

A

802.1Q-compliant (i.e. router, switch, Firebox)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What kind of packets does 2 802.1Q devices normally carry?

A

Tagged data packets

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What is the term for the physical segment between two 802.1Q devices that typically carries only tagged data packets?

A

Tagged data segment

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

What is the term for removing a VLAN tag from a frame’s Ethernet header?

A

Untag

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Where is a VLAN tag removed from?

A

Frame’s Ethernet header

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

When should the data frames be configured as untagged?

A

When an 802.1Q device sends data to a network
device that cannot understand 802.1Q VLAN tags

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

What is the term for the physical segment between a VLAN device and a device that cannot understand VLAN tags
normally carries only untagged data packets?

A

Untagged data segment

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

Are clients are untagged by default?

A

Yes

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

How many untagged VLANs are recommended?

A

1

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

What is the recommended 1 untagged VLAN for?

A

Direct management access

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

What kind of data frames can the interface accept when it’s configured for VLAN?

A

both tagged and untagged data frames

22
Q

Can VLAN 10, for example, be a member of eth1 & eth2?

A

Yes

23
Q

Can an interface be simultaneously belong to both an external and internal VLAN?

A

Yes

24
Q

Can a VLAN interface can send and receive untagged traffic for an external VLAN?

A

Yes

25
Q

Tag/Untag: If the interface connects to a device that can receive and understand 802.1Q VLAN tags

A

Tag

26
Q

Tag/Untag: Devices you connect to this interface are usually VLAN switches (managed switches) or routers.

A

Tag

27
Q

Tag/Untag: If the interface connects to a device that cannot receive and understand 802.1Q VLAN tags

A

Untag

28
Q

Tag/Untag: Devices you connect to this interface are usually
computers or printers

A

Untag

29
Q

Device interfaces that can use VLAN tags as defined in IEEE 802.1Q

A

Managed switch or an 802.1Q switch

30
Q

Can you use VLANs if your Firebox is configured in Drop-In Mode?

A

No

31
Q

Can you configure VLANs if your Firebox is configured in Bridge Mode?

A

No

32
Q

In bridge mode, what does the Firebox do with VLAN tagged traffic?

A

Pass between 802.1Q bridges or switches

33
Q

In bridge mode, can a Firebox be managed from a VLAN that has a specified VLAN tag?

A

Yes

34
Q

Are Multi-WAN configuration settings are applied to VLAN traffic

A

Yes

35
Q

What determines the number of VLANs you can create?

A

Firebox device model and license

36
Q

How to see the number of VLANs you can add to your Firebox?

A

Policy Manager > Setup > Feature Keys > Total Number
of VLAN Interfaces row

37
Q

How many VLANs are recommended to be configured to operate on external interfaces?

A

Not more than 10

38
Q

Can too many VLANs on external interfaces affect performance

A

Yes

39
Q

What should all network segments you want to add to a VLAN must have?

A

IP addresses on the VLAN network

40
Q

How do I allow traffic to a VLAN from a device outside the VLAN?

A
  1. Add a policy for it
  2. Include the VLAN’s alias name or subnet in the To section
41
Q

By default, does the Firebox allow traffic to a device in any VLAN?

A

No

42
Q

How do I allow traffic that starts in a VLAN and leaves the VLAN?

A

Configure the VLAN as a Trusted or Optional zone

43
Q

Is traffic is not allowed to leave a network protected by the Firebox unless there is a policy to allow it?

A

Yes

44
Q

What does the default configuration the Quick Setup Wizard creates for the Firebox include?

A

Outgoing policy

45
Q

What does the outgoing policy do?

A

Allows traffic from Any-Trusted/Any-Optional to Any-External

46
Q

What happens if the VLAN uses the Trusted or Optional security zone?

A

Any device in the VLAN can use the Outgoing policy
to send traffic to Any-External

47
Q

How to allow traffic that starts in one VLAN and goes to another VLAN?

A

Apply separate security policies to VLANs

48
Q

By default, can devices in one VLAN see the traffic from another VLAN?

A

No

49
Q

What does the Apply firewall policies to intra-VLAN traffic check box do?

A

Applies firewall policies to traffic between clients on two networks that are part of the same VLAN

50
Q

What is needed to ensure if policies are applied to intra-VLAN traffic?

A

No alternate path exists between the source
and destination

51
Q
A