Brainscape's Knowledge GenomeTM


Top Flashcards (Certified)
All Flashcards

ICND1 > cisco_certs_20160418125207 > Flashcards

cisco_certs_20160418125207 Flashcards

(422 cards)

Start Studying
1
Q

Default STP port costs for the following speeds:10M100M1G10G

A

10M = 100

100M = 19

1G = 4

10G = 2

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What are the 3 types of BPDUs?

A

Hello BPDU

CBDPU - Configuration BPDU

TCN BPDU - Topology Change Notification BPDU

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Command to configure a static etherchannel

A

conf t

interface *int*

channel-group *group number* mode on

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Command to show the status of an etherchannel

A

show etherchannel *group number*

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What are the 2 protocols that can be used to create dynamic etherchannels?

A

PAgP

LACP

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What does PAgP stand for?

A

Port Aggregation Protocol

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What does LACP stand for?

A

Link Aggregation Control Protocol

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What is the IEEE standard for PAgP and LACP?

A

PAgP is Cisco proprietary

LACP is 802.1ad

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Syntax to enable PAgP on a interface

A

conf t

int gi1/0

channel-group *group number* mode {desirable | auto}

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Syntax to enable LACP on a interface

A

conf t

int gi1/0

channel-group *group number* mode {active | passive}

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

In PAgP configurations, what does the keyword desirable tell the switch to do vs auto?

A

It tells the switch “use this protocol and begin negotiations”

versus

“use this protocol and wait for the other switch to begin negotiations.”

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

In LACP configurations, what does the keyword active tell the switch to do vs passive?

A

It tells the switch “use this protocol and begin negotiations”

versus

“use this protocol and wait for the other switch to begin negotiations.”

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What happens with an etherchannel where both sides are set to either auto or passive?

A

It won’t come up, because both sides are waiting for the other to begin negotiations.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

What is the IEEE standard for:

STP

PVST

RSTP

A

802.1D

Cisco Proprietary

802.1w

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

What does RSTP stand for?

A

Rapid Spanning Tree Protocol

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

What STP mode do Cisco switches generally default to?

A

802.1D with PVST

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

Command to set a switch to use PVST

A

spanning-tree mode pvst

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

What 3 fields make up the BID?

A
  1. Priority
  2. System ID Extension
  3. System ID
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

What is the range for priority?

A

0-65535

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

What is unusual about the priority value?

A

It’s in multiples of 4096.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

What is the value of an all 1’s priority field?

A

61140

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

What are the values of each bit in the priority field?

A

32768 16384 8192 4096

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

What is normally stored in the System ID extension field?

A

VLAN ID

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

How many bits in the System ID extension field?

A

12

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
How many bits in the priority field?
4
26
How many bits in the System ID field?
6 bytes
27
Command to set the priority for a given VLAN
spanning-tree vlan \*vlan id\* priority \*priority\*
28
Command to set a port cost.
Conf t interface gi1/0 spanning-tree [vlan \*vlan id\*] cost \*cost\*
29
What is the default BID priority?
32768
30
Is portfast or bpduguard enabled by default?
No
31
What are the 3 port types in STP?
1. Root port 2. Designated port 3. Blocking port
32
What is a Designated port vs other port types?
The Designated Port is the one that advertises lowest-cost hello onto the LAN segment.
33
What 4 fields are shown in a "show mac address-table" output?
1. VLAN 2. MAC address 3. Type (dynamic or static) 4. Output port to get to that MAC
34
What does "show interfaces status" show us (7 fields)?
1. Port 2. Description 3. Status (connect / notconnect/ disabled) 4. VLAN 5. Duplex 6. Speed 7. Type (10/100/1000 TX etc)
35
If a frame came into a switch and was either an unknown destination MAC or a broadcast mac, what ports would the switch forward it out of?
All forwarding ports for that VLAN, except the one on which it was received.
36
What makes a switch a designated switch for a given ethernet segment?
It's the switch (and therefor the port) that is forwarding the root's BPDU.
37
4 important fields in a Hello BPDU
1. Root BID 2. Sender's BID 3. Sender's root cost 4. Timers on the root switch
38
What are 3 of the timers on the root switch?
1. Hello timer 2. MaxAge timer 3. Forward Delay timer
39
What is the most common type of BPDU?
Hello BPDU
40
What does STA stand for?
Spanning Tree Algorithm
41
What is the root cost in a BPDU received directly from the root bridge?
0. The root bridge has a 0 cost to reach itself.
42
If a switch receives a BPDU with a root cost of 25 on a 1 gig port with default costing, what will it rewrite the root cost to be?
2925 + 4 for the gig port
43
Which switch's BID would win? A: 32769:0200.0002.0002 B: 32769:0200.0003.0003
A, since it has the numerically lower System ID
44
If a switch is connected to a hub and hear's it's own BPDU's on multiple ports, what are the other 2 tiebreaker values?
1. Lowest interface STP priority 2. If all interfaces are the same priority, lowest interface number.
45
What 2 items will a non-root switch change before forwarding out the hello BPDU received from the root's direction?
1. Root cost 2. Sender ID
46
What is the default value of the 3 primary STP timers?
1. Hello - 2 seconds 2. MaxAge - 20 seconds 3. Forward Delay - 15 seconds
47
What is the calculation to get the MaxAge time?
MaxAge = 10\*(Hello timer)
48
What does the forward delay timer control?
How long a port will transition through Listening and Learning before going to Forwarding. Each phase will take (fwddelay value) seconds.
49
What does the MaxAge timer control?
How long a switch will wait for a Hello BPDU before declaring the neighbor down and sending out a TCN BPDU.
50
How many interfaces can be included in an Etherchannel?
Up to 8.
51
What does PortFast do?
Allows a port to go immediately into Forwarding, without the normal interim stages of Listening and Learning.
52
What kinds of ports must PortFast be restricted to?
Access ports facing stubs only, never anything that could be cabled up to form a loop.
53
What does BPDUguard do?
When a port has it configured, it will immediately become disabled if a BPDU is received on that port.
54
In RSTP, what is the blocking state called?
Discarding
55
What is STP's convergence time vs RSTP?
STP - ~50 secondsRSTP - max 10 seconds, usually much less
56
What does the command "spanning-tree vlan vlan-id root {primary | secondary}" do?
The switch on which this is configured will lower it's own priority to beat out any other switch to become the root bridge.
57
Command to enable portfast on gi1/0.
conf t int gi1/0 spanning-tree portfast
58
Command to enable BPDUguard on gi1/0
conf t int gi1/0 spanning-tree bpduguard enable
59
Command to make a switch root or secondary root.
spanning-tree vlan \*vlan-id\* root {primary | secondary}
60
Command to see the root BID.
show spanning-tree [vlan \*vlan id\*]
61
Command to list the root switches for all vlans.
show spanning-tree root
62
Command to debug STP
debug spanning-tree events
63
Command to show the BID broken out into it's component parts.
show spanning-tree vlan \*vlan id\* bridge
64
When using the root primary command, what is the value that the switch's priority will be set to if the current root is at 32768?
24576
65
When using the root primary command, what is the value that the switch's priority will be set to if the current root is less than 24576?
The highest multiple of 4096 that is still less than the priority of the current root.
66
What are the 3 port states of 802.1w?
1. Learning 2. Forwarding 3. Discarding
67
2 commands to see if a switch is in PVST or RPVST mode
show spanning-tree show spanning-tree summary
68
Command to set either PVST or RPVST
conf t spanning-tree mode [pvst | rapid-pvst]
69
If a switch has a root port, is it the root switch?
No. The root switch only has designated ports.
70
How many root ports will a switch have?
1 per vlan
71
What are the stable states in STP?
1. Forwarding 2. Blocking
72
What are the states in STP that only occur during convergence?
1. Listening 2. Learning
73
What is used to create the BID?
2 byte priority field + 6 byte system ID (BIA)
74
What kind of packets are used during the Loading phase?
LSU
75
What does an LSU contain?
One or several LSA's
76
What information is in a Network LSA?
The DR on a broadcast segment lists which routers are joined together by the segment. The LSID of the type 2 LSA is the IP interface address of the DR.
77
What information is in a Summary LSA?
Information about subnets in other areas Subnet ID, mask,RID of ABR that advertises the LSA
78
In what OSPF phase do neighbors pass each other their LSA's?
Loading
79
What are the 2 primary timers in OSPF?
Hello Dead Interval
80
For DROthers, what is the maximum state that they reach with each other?
2way
81
List the first 3 OSPF LSAs
Router NetworkSummary
82
Command to passive an OSPFv3 interface
conf t ipv6 router ospf \*PID\* passive-interface \*interface\*
83
What is the all-OSPF IPv6 address?
FF02::5
84
What is the all-DR IPv6 address?
FF02::6
85
In OSPFv3, how does one include an interface in routing?
by enabling routing directly on the interface, not via the network command
86
Generic syntax to add an interface into OSPFv3
conf t interface \*interface\* ipv6 ospf \*PID\* area \*Area ID\*
87
Syntax to enable OSPFv3 on int gi1/0, in area 0ipv6 router ospf 12 router-id 1.2.3.4
conf t int gi1/0 ipv6 ospf 12 area 0
88
Command to tell a router to not form OSPF adjacencies on a given interface
conf t router ospf \*PID\* passive-interface \*interface name\*
89
What 5 attributes must match for OSPF neighbors to become adjacent?
1. Same subnet 2. Hold/dead timers 3. Authentication 4. Same area 5. Same interface MTU
90
Command to configure a router-id for an OSPFv3 router
conf t ipv6 router ospf \*PID\* router-id \*IPv4 RID\*
91
When does EIGRP send full and partial updates?
Full on neighbor adjacency Partial as needed when network topology changes
92
What are the 2 primary timers for EIGRP?
Hello Hold
93
What are the default values for the Hello and Hold timers in EIGRP?
Hello = 5 seconds Hold = 3xHello, or 15 seconds by default
94
What are EIGRP's 2 primary metrics?
Bandwidth and Delay
95
What is the multicast address for EIGRP?
224.0.0.10
96
Does EIGRP ever flood updates periodically?
No, only during adjacency setup or topology changes
97
What are the 3 required and 1 optional attributes that must pass before an EIGRP adjacency will be established?
**Required:** 1. Same AS number 2. Same IP subnet 3. Matching K values **Optional:** 1. Authentication, if configured, must match.
98
What is the Feasible Distance in EIGRP?
The metric of an EIGRP route on the local router.
99
What is the Reported Distance in EIGRP?
The next-hop router’s best metric for a FD subnet
100
What algorithm is used by EIGRP
DUAL
101
What does DUAL stand for?
Diffusing Update ALgorithm
102
Does the EIGRP ASN need to match between neighbors?
Yes
103
Syntax to include interfaces into EIGRP
conf t router eigrp \*ASN\* network \*network\* [\*wildcard mask\*]
104
What 3 attributes must match for EIGRP neighbors to become adjacent?
1. Same subnet 2. Same ASN 3. Matching K-values
105
What is the all-EIGRP routers IPv6 address?
FF02::10
106
What are the EIGRP k values, in order?
K1 = Bandwidth modifier K2 = Load modifier K3 = Delay modifier K4 = Reliability modifier K5 = Additional Reliability modifier
107
2 steps to have EIGRP use a key chain in authentication
1. Under a given interface, set up authentication for the routing protocol. 2. Staying under that same interface, bind the key-chain that will be used to the auth line.
108
Syntax to bind a key chain to EIGRP authentication
conf t int gi1/0 ip authentication key-chain eigrp \*asn\* \*key-chain name\*
109
Syntax to add automatic summarization to EIGRP
auto-summary
110
Change the bandwidth or delay on an interface for EIGRP
conf t int gi1/0 bandwidth \*value\*delay \*value\*
111
Syntax to set the hello and hold timers for EIGRP
conf t int gi1/0 ip eigrp hello-interval \*seconds\* ip eigrp hold-time \*seconds\*
112
Configuration to allow for unequal cost load balancing in EIGRP
variance \*multiplier\*
113
When you show the routing table, what letter signifies that route was learned via EIGRP?
D
114
Syntax to set up authentication for eigrp under an interface.
conf t int gi1/0 ip authentication mode eigrp \*asn\* md5
115
What is the successor?
The successor is the path that has the best metric.
116
What is the Feasible Distance?
The metric of a given route from the current router's point of view.
117
What is the Reported Distance?
The metric of a given route from the neighbor's point of view.
118
If a path meets the feasibility condition, but does not fall within variance parameters, what happens to it?
It is held in reserve as a feasible successor, one which may take over if the current successor fails.
119
What is the feasibility condition?
The reported distance of a path must be less than the FD of the path on the current router.
120
What happens to a path who's FD falls within variance parameters but does not meet the feasibility condition?
It's not installed in the routing table, nor will it be a Feasible Successor
121
How does a router determine if a path can be a Feasible Successor?
If the path's RD is less that the FD, it will be a Feasible Successor.
122
What does EUI stand for?
Extended Unique Identifier
123
What is the / range for IPv6 unique local address space?
FC00::/7
124
What do IPv6 link-local addresses start with?
FE80
125
What is the prefix range for link-local addresses?
FE80::/10 FE80 FE90 FEA0 FEB0
126
What method is used to create the link-local address for an interface?
FE80::/64 + EUI-64 interface ID
127
What do IPv6 multicast addressess start with?
FF
128
What is the IPv6 multicast range?
FF00::/8
129
What IPv6 multicast range is reserved for link local only?
FF02::/16
130
When a host wants to use DHCPv6 to get an IP, what source/destination addresses does it use?
Source = it's link-local address Destination = FF02::1:2
131
Command to set an IPv6 dhcp relay on an interface
conf t int gi0/0 ipv6 dhcp relay destination \*DHCP server addr\*
132
What does SLAAC stand for?
StateLess Address AutoConfiguration
133
What are 2 uses for link-local addresses?
Communication with directly connected neighbors Routers use their neighbors link-local addresses as next hops in routing tables
134
3 steps for a host to get an IPv6 address using SLAAC
1. Discover the v6 prefix on the link using NDP RS/RA messages. 2. Create an interface ID and append it to the prefix. 3. Test that it's not a duplicate using DAD.
135
What address is an RS message sent to?
All-routers FF02::2
136
When using SLAAC, how does a host come up with it's interface ID?
Either using EUI-64 or coming up with a random value.
137
What is the all-host IPv6 address?
FF02::1
138
What 5 IPv6 functions use NDP?
SLAAC DAD Router Discovery Neighbor MAC Discovery Prefix/length Discovery
139
What is the all-DHCP-agents multicast address?
FF02::1:2
140
What is the all-router IPv6 address?
FF02::2
141
Where would a host using SLAAC get the DNS server address?
From stateless DHCPv6
142
4 major types of IPv6 addresses
Global Unicast Unique local Multicast Link-local
143
How does DAD work?
Host sends a NS message for it's IPv6 address. If someone answers, must be a duplicate.
144
Who primarily sends an RS message?
Hosts
145
When are RA messages sent?
In response to a RS message Or Unsolicited, on a timer
146
What does NDP replace?
IPv4 ARP
147
If you really want to configure the link-local address, what is the syntax?
ipv6 address \*local IPv6 addr\* link-local
148
Command to statically configure an IPv6 address on an interface
conf t interface \*int\* ipv6 address \*address/mask\*
149
Command to have an interface use an EUI-64 address
ipv6 address \*prefix\*/64 eui-64
150
Command to have a router use SLAAC to dynamically get an IPv6 address
ipv6 address autoconfig
151
Command to have a router use DHCPv6 on an interface
ipv6 address dhcp
152
Command to enable a router to forward IPv6 packets
ipv6 unicast-routing
153
What is the scope of the solicited-node multicast address?
Link-local
154
In IPv6, what replaces ARP?
Neighbor Discovery Protocol
155
What does NDP stand for?
Neighbor Discovery Protocol
156
What types of messages are used to find a neighbor's MAC address in IPv6? Using what protocol?
NS and NA NDP
157
What are global unicast IPv6 addresses the equivalent of?
Public IPv4 addresses
158
What are the versions of the IGPs that support IPv6?
RIPng OSPFv3 EIGRPv6
159
What are unique local IPv6 addresses the equivalent of?
Roughly, RFC1918 addresses
160
What do RS and RA stand for?
Router Solicitation Router Advertisement
161
Who primarily sends RA messages?
Routers
162
2 commands to see IPv6 interface information
show ipv6 interface brief show ipv6 interace \*interface\*
163
DHCPv4 uses Discover/Offer/Request/Acknowledgement messages. What does DHCPv6 use?
Solicit - Host Advertise - Server Request - Host Reply - Server
164
When a host uses SLAAC, what crucial data is it missing?
The DNS server's address
165
When a router receives a link-local packet, what are the steps it takes to forward it out another interface?
Link local packets are not forwarded out other interfaces; they are scoped to a single link.
166
4 steps to creating an EUI-64 address
1. Take the MAC address of the interface, and split it in half. 2. Insert FF:FE into the middle of the MAC. 3. Invert the 7th bit of the the result from step 2. 4. Append this to the IPv6 prefix.
167
What are the 2 rules for shortening IPv6 addresses?
1. In each quartet, remove any leading 0's. 2. For any single sequence of quartet's whos value is 0, collapse that sequence into ::
168
If an organization is allocated a /54, how many bits are available for subnets?
10
169
How many bits in an IPv6 address? How many bytes?
128 bits 16 bytes
170
What's the size of the required section of the IPv6 header?
40 bytes
171
How many : delimited sections are there in an IPv6 address?
8 2340:1111:AAAA:0001:1234:5678:9ABC:1234
172
What is the 7th bit in the EUI-64 interface ID?
The universal/local bit.
173
Syntax to configure an IPv6 address on interface s0/0/0
conf t int s0/0/0 ipv6 address \*ipv6 addr/mask\*
174
Command to set an IPv6 static default route going out gi1/0
conf t ipv6 route ::/0 gi1/0
175
Command to set an IPv6 static route
conf t ipv6 route \*network/mask\* {\*next hop IPv6\* | \*exit interface\*}
176
Command to enable ipv6 globally
conf t ipv6 unicast-routing
177
What does DAD stand for?
Duplicate Address Detection
178
When is a link local IPv6 address instantiated on a router's interface?
When another IPv6 address is configured or aqcuired on the same interface.
179
How are link-local addresses configured in the router?
They are automatically and self-generated.
180
What is the range of globally routable IPv6 addresses, in / notation.
2000::/3
181
What do the 2 options for the U/L bit signify?
0 = BIA MAC is being used 1 = Locally administered address, ie BIA has been overwritten
182
What is one difference between DHCPv4 and v6 in terms of types of information supplied to the requesting host by the DHCP server.
DHCPv6 does not supply default router info. That is discovered by the host, using RS messages.
183
Name 2 ways for a router to get an IPv6 address dynamically
1. Stateful DHCP 2. SLAAC
184
What's the most common IPv6 subnet mask for hosts or interfaces?
/64
185
What is the ethertype for IPv6
0x86DD
186
3 major FHRP protocols
1. HSRP 2. VRRP 3. GLBP
187
What does GLBP stand for?
Gateway Load Balancing Protocol
188
What does FHRP stand for?
First Hop Redundancy Protocol
189
What does VRRP stand for?
Virtual Router Redundancy Protocol
190
What does HSRP stand for?
Hot Standby Router Protocol
191
How does HSRP implement loadbalancing?
By allowing different routers be the active router for different subnets.
192
What's the biggest difference between GLBP and HSRP/VRRP?
GLBP uses an active/active model, so traffic can be distributed between multiple routers even if the hosts are in the same subnets.
193
What function does the AVG perform?
In GLBP, the AVG replies to all ARP requests for the virtual IP address. It will LB the responses so that the hosts end up balanced between all the routers in the group.
194
What does AVG stand for?
Active Virtual Gateway
195
How does the AVG direct hosts to utilize different routers as their gateways?
By providing the MAC addresses of different routers in the LB group for the virtual IP address.
196
HSRP syntax to set up the VIP for a LB group
conf tinterface gi1/0standby \*group #\* ip \*VIP\*
197
5 basic HSRP attributes that can be configured under an interface
1. VIP 2. Group name 3. Priority 4. Version 5. Preempt
198
HSRP syntax to set priority for a LB group
conf t interface gi1/0 standby \*group #\* priority \*priority value\*
199
For HSRP, what is the default priority?
100
200
For HSRP, what is the priority range?
1 - 255
201
For HSRP, is a higher or lower priority better?
Higher
202
HSRP syntax to return an interface to active state after it comes back up
conf t interface gi1/0 standby \*group #\* preempt
203
2 commands to show detailed HSRP status
show standby show standby brief
204
GLBP syntax to configure the virtual IP
glbp \*group #\* ip \*vip\*
205
GLBP syntax to configure the name of the LB group
glbp \*group #\* name \*name\*
206
How does GLBP's priority system differ from that of HSRP?
It doesn't. Same defaults and priority range, along with the fact that higher priority is better.
207
How does a router become a GLBP AVG?
It has the higher priority and either comes online first, or has preemption enabled.
208
2 commands to show the status of GLBP
show glbp show glbp brief
209
What is the GLBP term for a router that is active in a LB group?
A forwarder
210
Command to set VTP mode to transparent
in global config mode:vtp mode transparent
211
What are the 4 trunking administrative modes?
1. Access 2. Trunk 3. dynamic desirable 4. dynamic auto
212
Command to show the options set on trunk ports
show interfaces trunk
213
Command to set interface g2/1 to access, associated with vlan 22
conf t int gi2/1 switchport access vlan 22
214
Command to set the native vlan for a trunk port on a switch
in interface config mode: switchport trunk native vlan \*vlanid\*
215
Command to set a port to initiate trunking negotiation messages.
int gi0/1 switchport mode dynamic desirable
216
What is the normal range and extended range vlan numbers?
Normal = 1 - 1005 Extended = 1006 - 4094
217
What is the limitation on vlans for a switch in VTP server mode?
Server switches can only configure vlans in the standard range
218
Command to set a port to trunk mode
switchport mode trunk
219
Command to change the default vlans allowed on a trunk.
switchport trunk allowed vlan {add | remove | all | except }
220
Command to set the trunking encapsulation on a port to dot1q
switchport trunk encapsulation dot1q
221
How big is the VLAN ID field inside the .1Q header?
12 bits
222
Command to name a vlan
conf t vlan \*vlanid\* name \*name\*
223
Where is the .1Q tag inserted in the ethernet header?
Between the source address and type fields.
224
Command to ensure that an access port does not negotiate to become a trunk
conf t interface gi1/1 switchport mode access
225
What is the default trunking administrative mode?
Dynamic auto
226
What vlans cannot be deleted?
1, 1002-1005
227
Command to create a vlan on a switch
vlan \*vlanid\*
228
Does the command "show interfaces trunk" work on routers, switches, or both?
Switches only
229
Does the command "show interfaces switchport" work on routers, switches, or both?
Switches only
230
How does a router implement vlans?
Through subinterfaces on an ethernet interface
231
Command to set a trunk port to negotiate encapsulation
switchport trunk encapsulation negotiate
232
Can vlan 1 have it's name changed?
No
233
4 options for VTP mode
1. Client 2. Server 3. Transparent 4. Off
234
Command to set the vtp domain name
conf t vtp domain \*name\*
235
Command to show the vtp domain name
show vtp status
236
Command to create a L3 vlan
conf t interface vlan \*vlanid\* ip address \*ip addr\* \*subnet mask\*
237
Command to create a static NAT mapping
ip nat inside source static \*inside local\* \*inside global\*
238
Command to see static NAT mappings
show ip nat translations
239
5 steps to configuring dynamic NAT
1. Set an interface to inside 2. Set an interface to outside 3. Create ACL for the inside interface which identifies packets for which NAT should be performed 4. Create a pool of global IP's for use in NAT 5. Bind the ACL and the pool together, enabling dynamic NAT
240
Command to create an IP address pool for use with NAT
ip nat pool \*name\* \*first IP\* \*last IP\* netmask \*subnet mask\*
241
Command to bind pool and ACL together to enable dynamic NAT
ip nat inside source list \*ACL #\* pool \*pool name\*
242
Command to clear the NAT translation table
clear ip nat translation \*
243
2 variations to enable PAT
ip nat inside source list \*ACL #\* interface \*interface\* overload ip nat inside source list \*ACL #\* pool \*pool name\* overload
244
What does "inside local" refer to?
Private IP's used in NAT
245
What does "inside global" refer to?
Public IP's used in NAT
246
3 steps to configure a router to do static NAT
1. Set up an interface as inside local 2. Set up an interface as inside global 3. Create a mapping between inside and outside IP's
247
Command to make an inside NAT interface
conf t int gi0/0 ip nat inside
248
Command to make an outside NAT interface
conf t int gi0/1 ip nat outside
249
Command to set a static translation
ip nat inside source static \*inside local IP\* \*inside global IP\*
250
Command to set an inside local interface
conf t interface \*interface\* ip nat inside
251
Command to set an inside global interface
conf t interface \*interface\* ip nat outside
252
What are the ranges for standard ACLs?
1-99 1300-1999
253
Syntax for an extended numbered ACL
access-list access-list-number {deny | permit} \*protocol\* \*source IP\* \*wildcard mask\* \*destination IP\* \*wildcard mask\* [log]
254
3 primary differences that named ACLs have vs numbered
1. Names instead of numbers 2. Uses ACL subcommands vs global commands to define the ACL 3. ACL editing allows users to edit delete and add individual lines
255
Command to delete a line from a numbered ACL with sequence numbers.
conf t ip access-list {standard | extended} \*number\*no \*seq number\*
256
Syntax to assign an ACL to a vty
access-class \*number\* {in | out}
257
TCP version of an extended ACL
access-list access-list-number {deny | permit}tcp \*source\* \*source-wildcard\* [operator [port]] \*destination\* \*destination-wildcard\* [operator [port]] [log]
258
If an ACL omits the wildcard mask, what is the implied mask?
0.0.0.0
259
What are the ranges for extended ACLs?
100 - 199 2000 - 2699
260
Syntax for a standard numbered ACL
access-list {1-99 | 1300-1999} {permit | deny} [\*subnet\* \*wildcard mask\* | any]
261
Operational command to see: - IPv4 ACLs - All ACLs
show ip access-lists show access-list
262
Command to see access list application status on an interface
show ip interface \*interface\*
263
Keyword to add to an ACL to help keep track of it's activity
log
264
What are the 3 types of ACLs?
Standard Extended Named
265
Are named ACLs standard or extended?
Either, depends on how they are configured
266
What is the difference between standard and extended ACLs?
Standard ACLs filter on source address Extended ACLs filter on: Source and Dest IP Dest Port Other criteria
267
What do extended ACLs filter on?
Source & Dest. IP Source & Dest. Port
268
Command to implement an ACL on an interface
ip access-group \*number|name\* {in | out}
269
ACL keyword that means "0.0.0.0" wildcard
host
270
ACL keyword that means 0.0.0.0 255.255.255.255
any
271
ACL keywords for greater than less than equal to
gt lt eq
272
Command to instantiate a named ACL
ip access-list {standard | extended} \*name\*
273
If a numbered ACL doesn't use sequence numbers, how would a user remove one of it's lines?
They can't. The ACL must be deleted and re-added entirely.
274
What effect does the log keyword have on an ACL?
It sends messages to the log file about the activity pertinent to that line in the ACL
275
What advantage does SNMPv3 have over older versions?
Security
276
What 3 features in SNMPv3 support higher levels of security?
1. Message integrity (tamper detection) 2. Authentication 3. Encryption
277
What are the 3 security modes for SNMPv3?
noAuthNoPriv authNoPriv authPriv
278
Configuration keyword for the noAuthNoPriv level of SNMPv3 security
noauth
279
Configuration keyword for the authNoPriv level of SNMPv3 security
auth
280
Configuration keyword for the authPriv level of SNMPv3 security
priv
281
Command to see the status of the SSH service on the device
show ip ssh
282
5 steps to enabling SSH
1. Configure VTY lines to use either local or AAA security 2. If local, add usernames 3. Configure the ip domain-name 4. Create the encryption key 5. Enable version 1 or version 2
283
Command to enable port security on an interface
switchport port-security
284
2 mandatory and 4 optional steps to enabling port security
1. Set a port to either trunk or access mode 2. enable port security Optional 3. Change the default number of MAC addresses allowed 4. Change the default port security violation behavior 5. Define any permitted MAC addresses 6. Tell the switch to sticky-learn any dynamically learned mac addresses
285
Command to see the security state of switch ports
show port-security [interface \*interface\*]
286
What are the 3 port security violation options, and which is default?
1. Shutdown (default) 2. Protect 3. Restrict
287
3 steps to create a key for use in routing authentication
1. Create the key chain 2. Create the key 3. Set the key string
288
Syntax to create a key chain
conf t key chain \*name\*
289
Syntax to create a key under a key chain
key \*#\*
290
Syntax to set a text string for a key
key-string \*text-string\*
291
Command to create the encryption key for SSH
crypto key generate rsa
292
Command to set the device to use SSH2
ip ssh version 2
293
What does DCE stand for?
Data Communication Equipment
294
What does HDLC stand for?
High-level Data Link Control
295
What is a DCE cable used to connect?
With a DTE cable, used to connect two router serial ports back to back
296
In Frame Relay, what does LMI stand for?
Local Management Interface
297
What does DLCI stand for?
Data Link Connection Identifier
298
What encapsulation is set on a serial interface that will connect to a frame relay network?
frame-relay
299
Syntax to set a serial interface to frame relay encapsulation
conf t int s1/0 encapsulation frame-relay
300
2 options for encapsulation frame-relay
1. cisco 2. ietf
301
When leaving off the specific encapsulation type for the command "encapsulation frame-relay", what is the default?
cisco
302
Syntax of the frame-relay map command
frame-relay map ip \*ip address\* \*dlci\* [broadcast]
303
Syntax to bind a dlci to an interface
frame-relay interface-dlci \*dlci\*
304
Command to show InArp data
show frame-relay map
305
What does PPP stand for?
Point to Point Protocol
306
What are 2 PPP control protocols?
LCP NCP
307
What do NCP and LCP stand for?
Network Control Protocols Link Control Protocol
308
What's a glaring difference between NCP and LCP?
LCP is a single protocol, whereas NCP is a suite of protocols that are each specific to a Layer 3 protocol.
309
4 features of PPP LCP
1. Loop detection 2. Error detection 3. Multilink support 4. Authentication
310
What 2 types of authentication are supported by PPP?
PAP CHAP
311
What do PAP and CHAP stand for?
Password Authentication Protocol Challenge Handshake Authentication Protocol
312
Which PPP auth protocol sends a password in clear text?
PAP
313
What are the 3 steps of a successful CHAP authenticatoin?
1. Authenticator sends challenge packet. 2. Caller hashes password etc and sends back hashed value. 3. Authenticator compares submitted value to their own hashed value, and if they match it allows the caller in.
314
Command to set PPP on a serial interface
conf t int s1/0 encapsulation ppp
315
2 general steps to have a PPP link use PAP or CHAP
1. Configure the username/password for the calling router. 2. Set the serial link to use PPP PAP
316
What will the state of a serial link be if PPP authentication fails?
Up/down
317
Syntax to set a username/pass for use in PPP authentication
username \*caller hostname\* password \*password\*
318
Syntax to have a serial interface use CHAP
conf t int s1/0 ppp authentication chap
319
2 useful debug commands for PPP
debug ppp authentication debug ppp negotiation
320
What are the 2 primary attributes of a leased line?
Symmetrical speeds Always on
321
What kind of cable goes between a router and a CSU?
DTE
322
What are the 5 fields in the HDLC header?
1. Flag 2. Address 3. Control 4. Type 5. FCS
323
What field did Cisco add to their implementation of HDLC?
Type
324
What does the Cisco HDLC Type field help with?
It identifies which L3 protocol is contained in the packet.
325
What is the default encapsulation on a Cisco router's serial interface?
Cisco HDLC
326
Command to set a serial interface to use HDLC
conf t int s1/0 encapsulation hdlc
327
Command to verify if a serial interface is set up as a DTE or DCE
show controllers serial \*int number\*
328
Command to check encapsulation type on a serial interface
show interface serial \*int number\*
329
What types of WAN connections support asynchronous connections?
Serial line with PPP
330
How do the fields in a PPP header differ from that of HDLC?
They don't.
331
What would lead to an up/down state on a serial interface?
1. Encapsulation mismatch 2. One side having keepalives disabled 3. Authentication failure/mismatch
332
Command to have logging messages on the console connection only display at convenient times
line con 0 logging synchronous
333
Command to see the status of any ip addresses obtained by DHCP
show dhcp lease
334
Cisco's SNMP manager
Cisco Prime
335
Syntax to initialize SNMP on a router
conf t snmp-server community RO|RW [something missing here?]
336
Syntax to set snmp syslocation
snmp-server location
337
Syntax to set snmp contact
snmp-server contact
338
4 locations where syslog messages can be sent
1. Logging buffer 2. Console line 3. Terminal lines 4. Syslog server
339
What's the lowest severity level of log messages?
debugging - level 7
340
List the 7 attributes that Netflow uses to associate packets
1. Source IP 2. Dest IP 3. Source Port 4. Dest Port 5. L3 Protocol type 6. TOS marking 7. Input interface
341
Command to define a DHCP pool
conf t ip dhcp pool \*pool name\*
342
What is the syntax to prevent certain IP's from being used in a DHCP pool?
ip dhcp excluded-address \*first\* \*last\*
343
Command to point a router at a DNS server
ip name-server \*DNS server\*
344
Command to exclude IP's from a DHCP pool
conf t ip dhcp excluded-address \*first\* \*last\*
345
What is the port numbers and protocol for DHCP?
67, 68 UDP
346
What is the port number for SNMP?
161
347
Command to set a router to use an NTP server
conf t ntp server \*server\* {version \*version\*}
348
2 commands to see how NTP is working on a router
show ntp status show ntp associations
349
Syntax to instantiate a DHCP pool
ip dhcp pool \*pool-name\*
350
Syntax to set the lease time for a DHCP pool
lease \*days\* \*hours\* \*min\*
351
Syntax to set the default gateway for a DHCP pool
default-router \*IP address\*
352
Syntax to set the DNS server for a DHCP pool
dns-server \*DNS IP\*
353
2 versions of the syntax to set the subnet for a DHCP pool
network \*subnet\* \*subnet mask\*network \*subnet\* /\*subnet length\*
354
Syntax to set the domain name for a DHCP pool
domain-name \*name\*
355
What are the first 4 syslog level names, starting with level 0?
0 - Emergency 1 - Alert 2 - Critical 3 - Error
356
What are the last 4 syslog level names?
4 - Warning 5 - Notification 6 - Informational 7 - Debugging
357
What severity levels will be sent to the syslog server if "logging trap 4" is configured?
Levels 0 - 4 Emergency Alert Critical Error Warning
358
If "logging trap informational" is set, what numerical levels will be set to syslog?
0 - 6
359
What application may be used to manage licensing in a larger environment?
Cisco License Manager (CLM)
360
What does UDI stand for?
Unique Device Identifier
361
What 2 components make up a UDI?
1. The Product ID 2. The Serial Number
362
Command to see the UDI
show license udi
363
What does PAK stand for?
Product Authorization Key
364
What website is used to buy new licenses?
Cisco Product License Registration Portal
365
Command to install a license file
license install \*url\*
366
Command to show what licensing is enabled on a router
show license
367
What is a right to use license?
Basically a demo license, on the honor system
368
Command to enable a right to use license
license boot module c2900 technology-package \*pkg name\*
369
What organization hands out IP's globally?
IANA
370
What is the distance for 1000BASE-LX or 1000BASE-SX on MM fiber?
550m
371
If there is no username set globally, what 2 things need to be configured on a VTY to allow a user to log in via telnet/SSH?
the 'login' line the 'password ' line
372
What is the administrative distance of ISIS and RIP?
ISIS = 115 RIP = 120
373
Command to start a suspended telnet session
resume
374
What are the first 3 exchanges in setting up a TCP connection?
Syn Syn Ack Ack
375
What pins are flipped on a crossover cable?
1 and 2 to 3 and 6
376
In the 4 layer TCP/IP model, what are the names of the layers?
Application Transport Internet Link
377
In the 5 layer TCP/IP model, what are the names of the layers?
Application Transport Network Data Link Physical
378
What does the Application layer in the TCP model map to in the OSI model?
Application Presentation Session
379
What does the Transport layer in the TCP model map to in the OSI model?
Transport
380
What does the Internet or Network layer in the TCP model map to in the OSI model?
Network
381
What does the Link layer in the TCP model map to in the OSI model?
Data Link Physical
382
In a frame relay environment, what equipment is considered the DCE?
The frame relay switch
383
A name for the keepalive messages between the frame switch and the router.
LMI
384
What does LMI stand for?
Local Management Interface
385
In FR, what is the access link?
The leased line between FR switch and router.
386
What 2 organizations are the primary sources for FR standards?
ITU ANSI
387
What does ITU stand for?
International Telecommunications Union
388
What does ANSI stand for?
American National Standards Institute
389
What's the most common type of LMI packet?
Status inquiry
390
What are 2 functions of the LMI Status Inquiry packet?
1. Keepalive between DCE and DTE. 2. Signal up/down status of VCs.
391
List the 3 LMI types
1. Cisco 2. Ansi 3. ITU
392
If you don't set the LMI type on a frame interface, what does it default to?
It will auto-sense the LMI type that the switch is using.
393
What are the standards for the ANSI and ITU LMI types?
ANSI - T1.617 Annex D ITU - Q.933 Annex A
394
Syntax for configuring Cisco, ANSI, or ITU LMI types.
frame-relay lmi-type {cisco | ansi | 933a}
395
Syntax to change interface s1/0 to from HDLC to frame relay.
conf t interface s1/0 encapsulation frame-relay
396
What options are available for the "encapsulation frame-relay" command?
cisco ietf
397
Command to associate an interface or subinterface with a given DLCI.
frame-relay interface-dlci \*dlci\* [ietf]
398
What is default mechanism used by a frame-relay router to map a DLCI to an IP address?
Inverse ARP
399
If not using InARP, what is the syntax to map a DLCI to an IP address?
frame-relay map ip \*IP\* \*DLCI\* broadcast
400
Is a DLCI globally significant or locally significant?
Locally significant. The DLCI for a PVC connecting 2 sites is likely to be different at each end.
401
What are the 6 steps of configuring a frame-relay interface, in non-syntax form and including optionals?
1. Configure the interface with frame-relay encapsulation. 2. Configure interface or subinterface with an IP address. 3. Set the LMI type. 4. Change encapsulation from cisco to ietf. 5. Set the DLCI to IP address map(s). 6. Bind the subinterface to either a single DLCI or (in a multipoint environment), to multiple DLCIs.
402
What are the 2 items absolutely needed for a frame relay interface to pass traffic?
1. The encapsulation must be set to frame-relay. 2. An IP address must be configured.
403
Why do DLCIs not need to be explicitly defined in simple frame relay implementations?
Because the DLCIs should be learned from LMI messages.
404
How does a configuration differ if all VC's require ietf encapsulation vs just 1 single VC requiring it?
When all VC's need ietf encapsulation, it can be configured at the interface level. When individual VCs need ietf encapsulation, it can be set via the frame-relay interface-dlci or frame-relay map commands.
405
At what level of configuration is the lmi-type always configured?
At the physical interface level.
406
How does one disable auto-sensing of the LMI type?
By statically configuring the LMI type.
407
What command is used to see frame relay errors?
show frame-relay pvc
408
What frame relay command is used to see if a dlci is dynamic or static, and what the value of the DLCI is?
show frame-relay map
409
What 2 commands can be used to see the LMI type?
show interface \*interface\*show frame-relay lmi
410
What is the interface status if there is an LMI mismatch?
The interface will be up/down.
411
What will the output of the "show frame-relay pvc" command be if there is an lmi mismatch?
It will be blank. The interface will be up/down, and there will be no signalling to create any dynamic pvc's.
412
Command to create subinterface 15 on s1/1 connecting to 1 router.
conf t int s1/1.15 point-to-point
413
Do routers negotiate trunking?
No, all trunking must be configured manually
414
If a router has multiple tagged subinterfaces on a physical interface connected to a switch, should the switch port be configured as trunk or access?
The switch port should be configured as a trunk
415
Configure a router interface (gi1/0) to use a subinterface in vlan 11 with the most common encapsulation, with an IP address of 10.22.33.1/24
conf t interface gi1/0.11 encapsulation dot1q 11 ip address 10.22.33.1 255.255.255.0
416
Assuming a router has gi2/2.15 configured, change it so that vlan 15 is the native vlan
conf t int gi2/2.15 encapsulation dot1q 15 native
417
In the below output, which line defines that vlan tagging that will be used?conf tinterface gi1/0.11encapsulation dot1q 11ip address 10.22.33.1 255.255.255.0
encapsulation dot1q 11
418
What alternative encapsulation can be used if dot1q is not an option?
isl
419
What are the 2 methods on a router for specifying untagged traffic?
1. Put an IP address on the main interface. 2. Put an IP address on a subinterface, and add the keyword "native" when specifying the encapsulation/vlanid.
420
Command on a router to show the native vlan.
show vlans [\*vlanid\*]
421
Command on a router to show all trunks and their encapsulation
show vlans
422

ICND1 (2 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2025 Bold Learning Solutions. Terms and Conditions