1. Introduction To Internetworking

Question 1

definition of internetwork

Answer 1

You create an internetwork when you connect two or more networks via a router and configure a logical network addressing scheme with protocols like IP or IPv6

Question 2

SOHO

Answer 2

Small Office Home Office

Question 3

Collision domain

Question 4

Broadcast domain

Question 5

List some of the things that commonly cause LAN traffic congestion

Answer 5

• Too many hosts in a collision or broadcast domain
• Broadcast storms.
• Too much multicast traffic
• Low bandwidth
• Adding hubs for connectivity to the network
• A bunch of ARP broadcasts

Question 6

What is a hub?

Question 7

What is a switch?

Question 8

What is a router?

Question 9

What serial connection on a router could be used to access a WAN?

Answer 9

V.35 physical interface

Question 10

What are two advantages of using routers in your network?

Answer 10

1. They don’t forward broadcasts by default.
2. They can filter the network based on layer three (network layer) information such as an IP address

Question 11

Definition of latency?

Answer 11

Latency is the time measured from when a frame enters a port to when it exits a port

Question 12

What does a filter table do in a switch?

Answer 12

When a layer 2 switch receives a frame, it will store the source hardware address and receiving port in a filter table to track specific sending devices

Question 13

True or false, each port on a switch has its own collision domain?

Answer 13

True

Question 14

What’s the difference between layer two and layer three devices?

Answer 14

Layer 3 machines like routers need to locate specific networks.
Layer 2 machines like switches and bridges need to eventually locate specific devices.
Networks are to routers as individual devices are to switches and bridges. Rooting tables that map the network are for routers as filter tables that map individual devices are for switches and bridges.

Question 15

What is transparent bridging?

Question 16

What will a switch do if it receives a frame with a destination hardware address that isn’t found in its filter table?

Answer 16

It will forward the frame to all connected segments. If the unknown device that was sent the frame replies, the switch updates its filter table regarding that devices location.
(In the event that the destination address of the transmitting frame is a broadcast address the switch will forward all broadcast to every connected segment by default)

Question 17

How can you stop a broadcast at storm from propagating through an internetwork?

Answer 17

Use a layer 3 device (router) All devices that a broadcast is forwarded to are considered to be in the same broadcast domain, this can be a problem because layer 2 devices propagate layer 2 broadcast storms which can seriously choke performance. The only way to stop a broadcast storm from propagating through an internetwork is with a layer three device (a router)

Question 18

What is Cisco‘s NGFW called?
Who did they acquire it from?

Answer 18

Firepower
Acquired from Sourcefire in 2013

Question 19

IPS

Answer 19

Intrusion Prevention System

Question 20

NGFW

Answer 20

Next Generation Firewall

NGFW is considered third generation firewall technology that provides a full packet reassembly and deep packet inspection up to and through layer 7.

NGFW’s are popular because they permit AVC as well as offer IPS policies, which help us look for attacks on unknown client vulnerabilities

Question 21

AVC

Answer 21

Application Visibility and Control

Question 22

Why are NGFW’s so expensive?

Answer 22

To provide features like SSL decryption at close to wire speed, you’ve got to have hardware encryption acceleration capabilities which are not cheap

Question 23

What features would you expect in a NGFW?

Answer 23

• Be router and switch compatible (L2/L3)
• Include packet filtering with IPS and malware inspection capability
• Provide network address translation (NAT)
• Permit stateful inspection
• Permit virtual private networks (VPNs)
• Provide URL and application filtering
• Implement QoS
• Support third-party integration
• Support REST API

Question 24

FTD

Answer 24

Firepower Threat Defence

Cisco’s new line of NGFW devices

Question 25

OSI Model Layers

Answer 25

7. Application 6. Presentation 5. Session 4. Transport 3. Network 2. Data Link 1. Physical

Question 26

OSI mode summary

Answer 26

7. Application layer: Includes protocols designed for end-users, such as web browsers and email clients 6. Presentation layer: Prepares data for the application layer by translating it to the formats expected by an application 5. Session layer: Manages sessions between nodes and creates communication channels between devices 4. Transport layer: Manages the transmission of data between nodes, including error correction 3. Network layer: Manages routing, forwarding, and addressing across a network 2. Data link layer: Connects two machines across a network 1. Physical layer: The physical medium used to transmit data, such as fiber-optic cables or copper cabling

Question 27

What layers are in the Cisco hierarchical model?

Answer 27

Core Distribution Access

Question 28

What are the goals of the core layer?

Answer 28

• High reliability (considered datalink technologies that facilitate both speed and redundancy) • Design with speed in mind (the core should have very little latency). • Select routing protocols with lower convergence times (fast and redundant data link connectivity is no help if your routing tables perform poorly)

Question 29

What things should we not do in the core layer?

Answer 29

• Never do anything to slow down traffic (don’t use access lists, perform routing between VLANs or implement packet filtering). • Don’t support workgroup access at this layer. • Avoid expanding the core (e.g. adding routers, if performance becomes an issue go with upgrades over expansion)

Question 30

What are key characteristics of the core layer?

Answer 30

Speed and fault tolerance. (The core affects every single user)

Question 31

What is the distribution layer sometimes referred to as?

Answer 31

Workgroup layer

Question 32

What should the distribution layer not handle?

Answer 32

The distribution layer should avoid anything limited to functions exclusively belong into one of the other layers

Question 33

What is the role of the distribution layer?

Answer 33

The primary functions of the distribution layer provide routing, filtering and WAN access and determine how packets can access the core if needed. The distribution layer must determine the fastest way that network service requests are handled

Question 34

What functions should the distribution layer handle?

Answer 34

• Routing • Implementing tools (like access lists), packet filtering and queueing • Implementing security and network policies (including address translation and firewalls) • Redistributing between routing protocols, including static routing • Routing between VLANs and other workgroup support functions • Defining broadcast and multicast domains

Question 35

What is the Access layer sometimes referred to as?

Answer 35

Desktop layer

Question 36

What is the role of the Access layer?

Answer 36

To control user and work group access to network resources (The distribution layer would handle any traffic for remote services)

Question 37

What tasks should the Access layer handle?

Answer 37

• Continued (from distribution layer) use of access control and policies. • Creation of separate collision domains (microsegmentation/switches) • Workgroup connectivity into the distribution layer • Device connectivity • Resilience and security services • Advanced technology capabilities (voice/video, etc)

Question 38

What is collapsed core?

Answer 38

Collapsed core is a hierarchical model that only has two layers, it is less expensive and geared for small companies, the design is meant to maximise performance and user availability to the network while still allowing for design scalability over time. The core layer and distribution layer are both running on the same large enterprise switch, the access layer switches connect into the enterprise switch only in the defined aggregation ports.

Question 39

What is the distribution layer sometimes called in collapsed core?

Answer 39

Aggregation

Question 40

ToR

Answer 40

Top of rack

Question 41

What is leaf and spine topology?

Answer 41

The switches in a ToR design act as leafs, connecting individual nodes, e.g. a server in the rack, a firewall, a load balancing application, a router leaving the data center and the spine switch. Each leaf switch connects to each spine switch, this means that each leaf switch is only one hop away from all other leaf switches

Question 42

What is a major distinction between WAN and LAN?

Answer 42

Generally, you own a LAN infrastructure and usually lease a WAN infrastructure from a service provider

Question 43

What do we use WANs for?

Answer 43

• People in a regional or branch office of an organisation need to be able to communicate and share data. • Organisations often want to share information with other organisations across large distances. • Employees who travel on company business frequently need to access information that resides on their corporate networks

Question 44

Name three major characteristics of WANs?

Answer 44

• WANs generally connect devices that are separated by a broader geographical area than a LAN can serve. • WANs use the services of carriers like telcos, cable companies, satellite systems and network providers • WANs use serial connections of various types to provide access to bandwidth over large geographical areas

Question 45

What is CPE in a WAN?

Answer 45

Customer premises equipment This is equipment that typically owned by the subscriber and located on the subscribers premises

Question 46

What is the CSU/DSU in a WAN?

Answer 46

Channel Service Unit/Data Service Unit This is a device that used to connect data termination equipment (DTE) to a digital circuit like a T1/T3 line A device is considered DTE if it’s either a source or destination for digital data, for example, PCs, servers and routers Important to remember that the CSU/DSU provides clock in of the line

Question 47

What is the demarc/demarcation point in a WAN?

Answer 47

The demarcation point is the precise spot to where the service providers responsibility ends and the CPE begins. It’s generally a device in a telecommunications closet owned and installed by the telecommunications company (telco). It’s your responsibility to cable from this box to the CPE, which is usually a connection to a CSU/DSU.

Question 48

What is the local loop in a WAN?

Answer 48

The local loop connects the demarcation point to the closest switching office, referred to as the central office

Question 49

What is the central office in a WAN?

Answer 49

This point connects the customers network to the providers switching network. A central office (CO) is sometimes also referred to as a point of presence (POP)

Question 50

What is a tool network in a WAN?

Answer 50

The toll network is a trunk line inside a WAN providers network. This network is a collection of switches and facilities owned by the Internet service provider (ISP).

Question 51

What are optical fibre converters?

Answer 51

An optical fibre converter is used where a fibre-optic link terminates, it converts optical signals into electrical signals and vice versa. You can also implement the converter as a router or switch module

Question 52

Speed DS0 T1 E1 T3 OC-3 OC-12 OC-48

Answer 52

DS0 64Kbs 1 DS0 (E0, J0) T1 (DS1) 1.544 Mbps 24 DS0 E1 2.048 Mbps 30 DS0 T3 (DS3) 44.736 Mbps 28 DS1 (672 DS0) OC-3 155.52 Mbps 3 DS3 (2,016 DS0) OC-12 622.08 Mbps 4 OC-3 (8,064 DS0) OC-48 2,488.32 Mbps 4 OC-12 (32,256 DS0) OC = Optical Carrier