How does a Cisco switch boot?
- POST
- Boot loader
- CPU initialization
- Load flash
- Load iOS
- Hands control to iOS.
What are the modes of the System LED?
- Off: System is off
- Green: System is operating normally
- Amber: System is receiving power, but not functioning properly
What are the modes of the Redundant Power System (RPS) LED?
- Off: RPS is off or not properly connected
- Green: Connected and ready
- Green blinking: Connected, but providing power to another device.
- Amber: Standby mode or in a fault condition
- Amber blinking: Internal power supply has failed. RPS is providing power.
What are the modes of the Port Status LED?
- Off: No link
- Green: Default mode. Link present
- Green blinking: Activity. Port is sending or receiving data
- Green/amber: Link fault
- Amber: blocked to prevent loops.
What are the modes of the Port Duplex LED?
- Off: Half duplex
- Green: Full duplex
What are the modes of the Port Speed LED?
- Off: 10 Mbit/s
- Green: 100 Mbit/s
- Blinking green: 1000 Mbit/s
What are the modes of the Power over Ethernet LED (PoE)?
- Off: Ports are denied power or placed in fault condition
- Blinking amber: At least one port has been denied power or in fault condition
- Green: PoE is selected. The ports will blink in different colors
- Off: PoE is off
- Green: PoE is on
- Green/amber: Denied, because it will exceed
switch power capacity
- Blinking amber: Off, due to fault
- Amber: PoE is disabled on the port
What is the difference between half- and full duplex?
- Half duplex: Only one direction for data flow
- Full duplex: Data flows in both directions (100% efficiency)
What is auto-MDIX?
A feature, in which the router or switch is able to detect the connection type (crossover or straight-through).
What are the different modes, when checking for interface status?
Interface and Line protocol status:
- Up/Up: Operational
- Down/Down: Interface problem
- Up/Down: Could be encapsulation mismatch or a hardware problem. The interface could also be error disabled.
What is a Runt frame?
A frame that is shorter than the minimum 64 byte requirement.
What is a Giant frame?
A frame longer than the maximum 1548 byte limit.
What are some common causes for a CRC error?
It is usually a media or cable error. Most common errors are:
- Electrical interference
- Damaged connection
- Incorrect cable type
- Length (not as common)
What are some of the characteristics for collisions?
- Expect collisions in half duplex (completely normal)
- There should be no collision errors in full duplex mode
What is a late collision?
A late collision can occur after the first 512 bytes of the frame has been transmitted.
- Most common cause is cable length
- Can also occur because of duplex miss-configuration
How do you verify SSH support?
S1# show ip ssh
How do you configure SSH on a switch?
Switch (config)# hostname S1 S1 (config)# enable secret 0 cisco S1 (config)# ip domain name cisco.com S1 (config)# crypto key generate rsa (1024 bits is recommended as a minimum) S1 (config)# username admin secret cisco S1 (config)# line vty 0 15 S1 (config-line)# transport input ssh S1 (config-line)# login local S1 (config-line)# exit
What is MAC address flooding?
An attack where the attacker overwhelms the switch, by sending frames with fake MAC addresses. The switch forwards the frame to every port, if the MAC address is unknown.
How does a DHCP starvation attack work?
An attacker floods the DHCP server with requests, thereby using up all available IP addresses.
What is DHCP spoofing?
An attack where the attacker sets up their own DHCP server, issuing IP addresses to clients. The main focus for this attack is to make the clients use a false DNS or WINS server, making the the attacker’s server act as default gateway. DHCP snooping can be used to prevent this.
What is Cisco Discovery Protocol (CDP)?
A proprietary protocol that all Cisco devices can use to identify neighbor devices. Most routers and switches have this enabled by default.
Contains information about:
- IP addresses
- iOS software version
- Platform
- Capabilities
- Native VLAN
Can be disabled by running:
S1 (config)# no cdp run
