6 - Misc LAN Topics

Question 1

What is the RFC for RADIUS?

Answer 1

2865

Question 2

What is the IEEE protocol for LAN switch authentication to a RADIUS server?

Answer 2

802.1x

Question 3

What protocol and port does TACACS use?

Answer 3

TCP 49

Question 4

What protocol and port does RADIUS use?

Answer 4

UDP 1645 and 1812

Question 5

Which protocol, TACACS or RADIUS, encrypts the entire packet?

Answer 5

TACACS

Question 6

Which protocol, TACACS or RADIUS, performs Authorization and Accounting in addition to Authentication?

Answer 6

TACACS

Question 7

What are the 3 things that need to be configured to use AAA?

Answer 7

• AAA servers
• AAA group for the servers
• AAA authentication method(s)

Question 8

In 802.1x what is the supplicant?

Answer 8

The end-user PC.

Question 9

In 802.1x what role does the switch play?

Answer 9

Authenticator

Question 10

What does EAP stand for?

Answer 10

Extensible Authentication Protocol

Question 11

What does EAP do?

Answer 11

• allows the supplicant to communicate with RADIUS AAA server.
• EAP message from PC to switch in Ethernet frame using encapsulation EAP Over LAN (EAPoL),
• then switch places EAP msg in UDP packet and forwards to the AAA server.

Question 12

What is EAPoL and what does it do?

Answer 12

• EAP over LAN Encapsulation
• It encapsulates EAP msgs in Ethernet frames between supplicant and switch until the switchport is authorized.

Question 13

How does DHCP Snooping work?

Answer 13

• Trusted Ports receive and allow legitimate DHCP traffic.
• DHCP Offer and ACK messages on Untrusted ports are dropped
• Switch also creates DHCP binding table for legitimate DHCP bindings. This prevents a different PC with a different MAC from spoofing a legitimate user.

Question 14

What is MEC

Answer 14

Multichassis Etherchannel - when an access switch has two connections to two distribution switches which are aggregated. These two connections act as a single Etherchannel even though it goes to two different switches. Loc: 5430

Question 15

What is the base AAA authentication config command?

Answer 15

aaa authentication login default (method1) (method2)

Question 16

What does DORA stand for?

Answer 16

• Discover (client to server)
• Offer (server to client)
• Request (client to server)
• Acknowledge (server to client)

Question 17

What is Switch Aggregation?

Answer 17

VSS

Question 18

Which protocol, TACACS or RADIUS, encrypts the password?

Answer 18

They both do.

Question 19

Which protocol, TACACS or RADIUS, encrypts the entire packet?

Answer 19

TACACS

Question 20

What transport protocol does TACACS use?

Answer 20

TCP

Question 21

What transport protocol does RADIUS use?

Answer 21

UDP

Question 22

What kind of transmission is the first to be sent by a PC using DHCP?

Answer 22

PC sends a Broadcast

Question 23

What are the steps to follow when enabling DHCP Snooping?

Answer 23

• enable DHCP Snooping on switch globally or by VLAN
• Configure ports likely to receive legitimate DHCP Server traffic as Trusted
• Leave remaining ports as Untrusted

Question 24

What 6 things are true of a switch stack?

Answer 24

• single mgmt IP
• Engineer telnets/SSH to a single switch
• Single config file
• STP, CDP, VTP runs on a single switch
• Switchports all appear to belong to single switch
• Single MAC table

Question 25

In a Switch Stack which switch does all the work?

Answer 25

The Master switch.

Question 26

What are 4 features of Chassis Aggregation?

Answer 26

• Multichassis Etherchannel
• Active/Standby Control Plane
• Active/Active Data Plane
• Single switch management