Upgrade to remove ads
Only $2.99/month

Block 5

Terms in this set (109)

Hub
One device talks at a time, collisions, and everyone hears broadcasts, are drawbacks for what legacy device?
Bridge
This legacy device reduces collisions and improves bandwidth
Switch
This device segments a LAN, has large amounts of interfaces, and separates collision domains per interface.
Forward vs Filter
Switching logic defined as routing to only where and who it needs to go to.
Flooding Frames
Process of forwarding each frame to all connected ports except the source
Domino Effect
Data Flow Layer vulnerability that impacts all of the layers above the initial compromise.
Cam Overflow
Data Flow Layer vulnerability that is also know as MAC Flooding and compromises a switch by sending large amounts of frames with fake MAC addresses.
Port Security
Offers the ability to configure a switchport so that traffic can be limited to only a specific configured MAC address or list of MAC addresses.
Loop Prevention
Third function of a switch, implemented by the Spanning Tree Protocol (STP), and helps avoid Layer 2 loops, all contribute to what?
Learn MAC addresses
The second function of a switch, listens to frames, and MAC w/interface added, all contribute to what?
Fragment Free
The type of forwarding that is conducted after the reading of the first 64 bytes before it gets sent on.
Cut-through Mode
Type of forwarding when the switch checks the destination address as soon as the header is received and immediately begins forwarding the frame.
Store and forward
Type of forwarding where the switch must receive the complete frame before sending it on.
Collision Domain
Set of NICs where a frame sent by one NIC could result in a collision with a frame sent by other NICs.
Broadcast Domain
Set of NICs where a frame sent by one NIC is received by all other NICs in the same domain.
Cisco Hierarchical Model
Made up of a core layer, distribution layer, and access layer.
Access layer
The point at which end users are allowed into the network. Its key function is to provide access to end devices and additional functions are shared bandwidth and switched bandwidth.
Distribution layer
The point between the access and core layers. Key function is policy/rule enforcement, path determination, and decision-making. Provides policy-based connectivity.
Core layer
3 characteristics of this Cisco hierarchical layer is network backbone, fault isolation, and reliability & speed.
Cisco Command-Line Interface(CLI)
Three popular methods for accessing the ____________, is by console, telnet, and secure shell (SSH).
Flat
What type of network where every device sees every broadcast packet?
VLAN
Another name for a Broadcast domain or Logical domain.
Port driven
VLAN membership type that has static membership, is labor intensive and has poor security.
MAC-address driven
VLAN membership type that has dynamic membership, is initially labor intensive, and offers better security.
Trunk
Enables VLANs to cross a backbone
Encapsulation
ISL (Cisco proprietary) and 802.1Q are 2 methods of what?
26 bytes
ISL encapsulation puts a header of how many bytes on a frame?
Tag
802.1Q Frame Tagging puts what between the source area and Len/Etype area on a frame?
Dynamic Trunk Protocol (DTP)
What protocol handles the negotiation of trunk links?
Dynamic Desirable
The interface becomes a trunk if the neighboring interface is set to trunk, desirable, or auto mode.
Dynamic Auto
The interface becomes a trunk interface if the neighboring interface is set to on or desirable mode.
Access
Mode that means permanent non-trunking
No Negotiate
The trunk is put into permanent trunking mode, but prevents the interface from generating DTP frames.
permanent
Trunk mode of operation means this type of trunking
VTP Protocol
Used to synchronize VLAN info to all network devices.
VTP modes
Server mode, Client mode, and Transparent are all different modes for what?
Server mode
VTP mode that creates, deletes, modifies global VLANs.
Client mode
VTP mode that can not change any VLANs.
Transparent
VTP mode that creates, deletes, modifies local VLANs, and ignores VTP updates.
VTP Operations
VTP advertisements are sent as multicast frames. VTP servers and clients are synchronized to the latest revision number. VTP advertisements are sent every 5 minutes or when there is a change. These 3 things describe what?
vlan.dat
What is the name of the file that is stored in flash memory for VLAN configurations?
Clean config
What does the following command "flash:vlan.dat" accomplish?
Function
The following 3 requirements: links to operate as ISL or 802.1Q, VTP domain name matches, and VTP password matches, allow VTP Operations to what?
Spanning Tree protocol
Provides path redundancy while preventing loops in the network
Loop avoidance
A switch and interfaces recognize a loop in the topology and block one or more redundant interfaces.
Root bridge
Who is in charge of a VLAN
Hello
The most common type of bridge protocol data unit (BPDU)
Bridge Protocol Data Unit
The Spanning-Tree algorithm exchanges configuration messages to other switches at regular intervals using this type of multicast frame?
Root ID
When a switch is first booted, 2 bytes (Priority) plus 6 bytes (MAC) equals what?
802.1d
IEEE MAC Bridge standard
Lowest
The root bridge is the bridge with the ________ bridge ID.
Lowest MAC Address
If there is a tie with switch priority numbers, what is the tie breaker?
Topology Change Notification (TCN)
What is generated, by a switch, when it detects a topology change?
10
Max Age is defaulted at how many hellos?
Forwarded Delay
Time it takes for a port to transit from blocking to forwarding, the default is set at 50 seconds.
Blocking, listening, learning, forwarding, disabled
The five port states of the Spanning-Tree
Forwarding, Blocking
The two normal switch operations
Convergence
Time required to complete STP after a topology change. Reduces network downtime if its fast.
7
Spanning-tree will not work beyond how many layers?
Etherchannel
Another name for multiplexing, increases bandwidth, reduces convergence occurrences
Portfast
Minimizes server or workstation downtime and is used for switched-user dedicated ports
Per VLAN Spanning Tree (PVST)
Balances traffic on a VLAN
Root Guard
Protects against rogue switch taking over the root switch
802.1w
IEEE standard for Rapid STP (RSTP)
Rapid STP (RSTP)
This improvement decreased the Max Age to 6 seconds, eliminated Forward Delay and reduced Convergence times to below 10 seconds.
Static
This port type is configured by an administrator, stored in a running config, and the MAC address is known and don't change often.
Dynamic
This port type is learned from traffic, not stored in a running-config, and limits the number of hosts per port.
Sticky
This port type is both dynamic or static, stored in a running-config, and allows multiple hosts to be learned at once.
Protected
Switchport security violation category that known MAC addresses are allowed to continue sending traffic.
Restricted
Switchport security violation category that known MAC addresses are allowed to continue sending traffic, but a notification is sent.
Shutdown
Switchport security violation category that is the default.
Shutdown VLAN
Switchport security violation category that is the same as the default but is limited to a specific VLAN.
Switch Virtual Interface
A virtual port that is the layer 3 presence of a VLAN
Hot Standby Routing Protocol
Used for failovers and a single router is responsible for forwarding packets
Highest
The router with the ________ HSRP priority becomes the active router.
Hello PDUs
What are used ot let the network know the active router is still online?
Preempt
This enables a router to resume the forwarding router role
Routed Port
A physical port that is used for Point-to-Point connectivity
Access Control List
Used to manage IP traffic as a network grows and filters packets as they pass through a router
Standard
This type of ACL permits or denies entire protocol suits and only checks the source IP address
Extended
This type of ACL checks both source and destination IP address and permits or denies specific protocols
1
This wildcard bit ignores the value of an address bit
0
This wildcard bit checks the value of an address bit
Host
Another term for the wildcard 0.0.0.0
Implicit deny
The last statement on an access list
Top
The most restrictive statement get put at the ______ of the access list.
Secure Shell (SSH)
Encrypted version of Telnet, uses up to 2048 bit ciphers
DHCP Relay
Agent that allows clients to acquire an ip address when the DCHP server is not on the same subnet
Static Routing
Manually configured, unidirectional, simple as long as the network is small, and unable to adapt to topology changes.
Dynamic Routing
Administrator has little control, and adapts quickly to topology changes.
Interior Gateway Protocols (IGPs)
RIP, OSPF, and EIGRP
Exterior Routing Protocols
BGP and EGP3
Routing Information Protocol (RIP)
Uses Hop Count, updates are sent periodically, classful, and is often called "routing by rumor"
Open Shortest Path First (OSPF)
Uses the fastest bandwidth aka shortest path based on cumulative cost, updates are sent only when changes are made, monitors its own statuses, and is classless
Enhanced IGRP (EIGRP)
Metric determined by bandwidth, delay, hop count, updates are sent only when changes occur and sent only to neighbors, rapid convergence, Cisco proprietary, and is classless
Routing Loop
Packet stuck between routers until its time-to-live expires.
Split Horizon
Routers do not advertise information on ports it learned the information on
Route Poisoning
Routers tell other routers a network is down by taking the hop count to 16 aka "count to infinity"
Poison Reverse
Router acknowledging a distant IP is no longer available
Holddown Timers
Delays routing table updates long enough for network to converge
Triggered Update
Router sends updates when a change in its routing table occurs
Static NAT
Manually entered by the network administrator and maps a private address to a public address.
Dynamic NAT
Maps a private address from a pool of public addresses, may not be the same each time (similar to DHCP & IP addressing).
NAT Overloading
Mapping multiple private addresses to a single public address using different ports; often called Port Address Translation (PAT).
Virtual Private Network (VPN)
Using the internet or any unsecure public network to transport the network resources privately.
VPN Fundamentals
Privacy, Authentication, Data Integrity, and Anti-replay, make up what?
IPSEC
Confidentiality, integrity, authentication, and anti-replay are security services of what?
Transport
IPSEC mode where the payload is encrypted.
Tunnel
IPSEC mode where the entire original packet is encrypted.
THIS SET IS OFTEN IN FOLDERS WITH...