16 - IP Services I - Device Management and NAT Flashcards

Question 1

Q

Where do log messages display to by default without needing any further configuration?

Question 2

Q

How do you tell IOS to send log messages to all logged users (Telnet, SSH)? What extra command must you use?

Answer

A

logging monitor

EXEC: terminal monitor

Question 3

Q

What does the terminal monitor command do?

Answer

A

Tells IOS that this terminal session would like to receive log messages

Question 4

Q

What does the logging monitor command do?

Answer

A

Tells IOS to enable sending of log messages to all logged messages

Question 5

Q

What two primary options does IOS provide to keep a copy of log messages?

Answer

A

In RAM

- Syslog server

Question 6

Q

How do you tell IOS to store copies of log messages in RAM?

Answer

A

logging buffered

Question 7

Q

How do you configure a router / switch to send log messages to a syslog server?

Answer

A

logging host {address | hostname}

Question 8

Q

How would you disable timestamps and enable sequence numbers for logging?

Answer

A

no service timestamps

service sequence-numbers

Question 9

Q

What are the Cisco logging levels from 0 - 7?

Answer

A

Emergency
Alert
Critical
Error
Warning
Notification
Informational
Debug

Question 10

Q

How would you set logging to levels 0 - 4 for console?

Answer

A

logging console 4

Question 11

Q

How do configure logging message levels for Syslog?

Answer

A

logging trap 4

Question 12

Q

How do you show logging configuration settings, basic stats and buffered logs?

Answer

A

show logging

Question 13

Q

How would you debug something such as OSPF messages?

Answer

A

debug ip ospf hello

Question 14

Q

Why should you be careful when enabling debug commands on production devices?

Answer

A

It uses the router CPU so can have performance impacts

Question 15

Q

How can you monitor CPU use?

Answer

A

show process cpu

Question 16

Q

What command enables the NTP client functionality on a device?

Answer

A

ntp server

Question 17

Q

What should you do before enabling NTP?

Answer

A

Set the time, and correct date / timezone.

Also tell the device to adjust for daylight savings time

Question 18

Q

How would you set the date, time and time zones?

Answer

A

clock timezone EST -5
clock summer-time EDT recurring
clock set 20:00:00 1 January 2020

Question 19

Q

How do you show the date and time?

Answer

A

show clock

Question 20

Q

What two ntp configuration commands does IOS supply?

Answer

A

ntp master

ntp server

Question 21

Q

What command is used to configure a device to only run as an NTP server?

Answer

A

ntp master {stratum level}

Question 22

Q

What command is used to configure a device to run as an NTP client and server?

Answer

A

ntp server {address | host}

Question 23

Q

How do you check NTP status?

Answer

A

show ntp status

Question 24

Q

How do you list all NTP servers a device can attempt to use and status information between them?

Answer

A

show ntp associations

Question 25

Q

What is the NTP stratum level?

Answer

A

Stratum level represents accuracy of a reference clock, based on number of hops away from an original given clock source. Lower stratum level is better

Question 26

Q

What default stratum level do routers and switches using for their internal reference clock?

Question 27

Q

What is the possible range of stratum values?

Question 28

Q

What are NTP primary and secondary servers?

Answer

A

Primary servers only act as a server, with a reference clock external to the device. They have a stratum level of 1.

Secondary servers use the client/server mode, relying on synchronization with some other NTP server

Question 29

Q

How would you configure an NTP server to use external servers but fallback to internal clocking if they fail?

Answer

A

ntp server time-a.com
ntp server time-b.com
ntp master 7 (worse stratum)

Question 30

Q

How can you use loopback interfaces in NTP for better availability?

Answer

A

You can use a virtual loopback interface and assign it an IP, which routing protocols can advertise about the subnet

Question 31

Q

How would you configure an NTP server to use a loopback interface?

Answer

A

interface loopback 0
ip address 172.16.10.0 255.255.255.0

ntp master 4
ntp source loopback 0

Question 32

Q

What is CDP and LLDP?

Answer

A

Cisco Discovery Protocol

Link Layer Discovery Protocol

Question 33

Q

What does CDP do?

Answer

A

Discover basic information about neighboring routers and switches without needing to know the passwords for them

Question 34

Q

What are some useful details CDP discovers?

Answer

A

Device ID (usually host name)
Address list (network and data-link)
Port identifier
Capabilities list
Platform

Question 35

Q

What is the Port identifier in CDP?

Answer

A

The interface on the remote router or switch on the other end of the link that sent the CDP advertisement

Question 36

Q

What are two general roles CDP plays?

Answer

A

Provide information to devices to support some function

- Provide information to network engineers that manage the devices

Question 37

Q

What do Cisco IP phones use CDP for?

Answer

A

To learn the data and voice VLAN IDs configured on the access switch

Question 38

Q

How do you list out one line summary information about each neighbor (all) or just a specific neighbor?

Answer

A

show cdp neighbors {interface}

Question 39

Q

How do you list out detailed information about neighbors?

Answer

A

show cdp neighbors detail

Question 40

Q

How do you list out detailed information about only one named neighbor?

Answer

A

show cdp entry {name}

Question 41

Q

True/False: Cisco routers and switches support the same CDP commands with same parameters and types of output

Question 42

Q

What Ethernet Multicast destination address does CDP use to make sure all devices receive a CDP message?

Answer

A

0100.0CCC.CCCC

Question 43

Q

How do you disable CDP on a given interface?

Answer

A

no cdp enable

Question 44

Q

How do you enable / disable CDP globally?

Answer

A

cdp run

no cdp run

Question 45

Q

How do you check if cdp is enabled on all interfaces or a given interface?

Answer

A

show cdp interface {interface}

Question 46

Q

How do you view statistics for CDP advertisements sent/received?

Answer

A

show cdp traffic

Question 47

Q

What layer protocol is CDP?

Question 48

Q

What is a difference between LLDP and CDP with respects to how device capabilities are represented in command output?

Answer

A

LLDP only displays enabled capabilities, whereas CDP shows all supported capabilities

LLDP uses capability code B (bridge) to represent switching capability

Question 49

Q

True/False: Both LLDP and CDP identify IGMP as a capability

Answer

A

False. Only CDP does, using capability code I

Question 50

Q

What type of code does CDP list that LLDP does not?

Answer

A

Platform code

Question 51

Q

What multicast address does LLDP use?

Answer

A

0180.C200.000E

Question 52

Q

Is LLDP enabled by default on Cisco devices?

Question 53

Q

What does LLDP do differently with respect to sending / receiving messages?

Answer

A

Separates the sending and receiving of LLDP messages as separate functions

Question 54

Q

How do you globally enable / disable LLDP?

Answer

A

lldp run

no lldp run

Question 55

Q

How do you control transmission / receiving of LLDP on interfaces?

Answer

A

lldp transmit
no lldp transmit

lldp receive
no lldp receive

Question 56

Q

What is the range of Private Class A addresses and how many networks is there?

Answer

A

10.0.0.0 - 10.255.255.255

1 Network (10.0.0.0)

Question 57

Q

What is the range of Private Class B addresses and how many networks is there?

Answer

A

172.16.0.0 - 172.31.255.255

16 Networks (172.16.0.0 - 172.31.0.0)

Question 58

Q

What is the range of Private Class C addresses and how many networks is there?

Answer

A

192.168.0.0 - 192.168.255.255

256 Networks (192.168.0.0 - 192.168.255.0)

Question 59

Q

How many TCP/UDP sessions approximately does NAT allow to be supported by a single public IPv4 address?

Question 60

Q

What are the two main benefits of CIDR?

Answer

A

Allow route aggregation / summarization

- Allow subsets of classful networks to be distributed to customers

Question 61

Q

What is Source NAT?

Answer

A

NAT type that allows enterprises to use private addresses and still communicate with hosts in the internet. Source address are translated to a public IP when leaving the router

Question 62

Q

What is an Inside Local address?

Answer

A

Private IP on the inner side of the network

Question 63

Q

What is an Inside Global address?

Answer

A

The public IP used to represent the private IP on the outside

Question 64

Q

What is an Outside Global (Destination NAT)?

Answer

A

Address that represents a host that resides outside the enterprise which NAT does not change

Answer 58

A

NAT where addresses are statically mapped to each other in 1 to 1 mapping

Answer 59

A

Similar to Static NAT.

1 to 1 mapping but dynamically assigned from a pool

Answer 60

A

clear ip nat translation *

Answer 61

A

NAT Overload / PAT (Port Address Translation)

Answer 62

A

Allows NAT to support many client with only a few public IP addresses by also translating the port number when necessary to distinguish between multiple private IP addresses mapped to a single public IP

Answer 63

A

A unique entry for every unique combination of inside local IP and port with translation to the inside global address and unique port number to be associated with that entry

Answer 64

A

int G0/1 (random inside port)
ip address 10.1.1.1 255.255.255.0
ip nat inside

int G1/0 (port to WAN)
ip address 200.1.1.1 255.255.255.0
ip nat outside

ip nat inside source static 10.1.1.2 200.1.1.2

Answer 65

A

ip nat inside source static {inside-local} {inside-global}

Answer 66

A

show ip nat translations

Answer 67

A

show ip nat statistics

Answer 68

A

Identify and mark inside NAT interfaces
Identify and mark outside NAT interfaces
Create ACL to match packets inbound to interface for which NAT should be performed
Create NAT pool for inside global mapping outlining address range
Tell NAT to use the pool and specify the ACL list

Answer 69

A

ip nat pool TestPool 200.1.1.1 200.1.1.2 netmask 255.255.255.252

Answer 70

A

ip nat inside source list 1 pool TestPool

Answer 71

A

The number of times a new packet arrives and needs a NAT entry and doesn’t find one, at which point Dynamic NAT builds an entry

Answer 72

A

The number of misses in the pool. This occurs when dynamic NAT tries to allocate a new NAT table entry and finds no available addresses and the packet cannot be translated

Answer 73

A

debug ip nat

Answer 74

A

One that uses a pool of inside global addresses

- One that uses just one inside global IP

Answer 75

A

The same as Dynamic NAT but adding the overload keyword to the end of the ip nat inside source list command

ip nat pool TestPool 178.90.0.1 178.90.0.2 netmask 255.255.255.252
ip nat inside source list 1 pool TestPool overload

Answer 76

A

Mark interfaces as inside or outside then:

ip nat inside source list 1 interface G1/0 overload

Answer 77

A

Inside Local then the Inside Global

Answer 78

A

Check ACLs
Check Pool has enough addresses
Inside and Outside interfaces

Brainscape's Knowledge GenomeTM

16 - IP Services I - Device Management and NAT Flashcards

Brainscape's Knowledge Genome^TM