Switching

Question 1

What is a repeater?

Answer 1

Generates a new clean copy of the exact signal

Question 2

What is a Hub?

Answer 2

A hub is the same as a repeater with more ports; basically a multi port repeater

Question 3

What layer to hubs and repeaters operate at?

Answer 3

Physical layer

Question 4

Describe what happens when a collision occurs?

Answer 4

voltage on the wire changes, thats how the device knows a collision has occurred. The devices will then send a jam signal so other devices know not to transmit data due to a collision. Both devices then invoke a “backoff timer”, each will then start the process over again by listening to the wire and transmitting when clear. The backoff timers are totally random so it is unlikely the hosts will have the same problem again.

Question 5

True or False - Switches break up broadcast domains

Answer 5

False - Routers and VLANS break up broadcast domains, switches add collision domains.

Question 6

A switch has 12 ports with 12 devices plugged in, how many collision domains are there?

Answer 6

12

Question 7

What is Microsegmentation?

Answer 7

One host - One collision domain

Question 8

What will a Cisco switch do with an incoming frame?

Answer 8

Forward it - Flood it - Filter it

Question 9

How does a switch build a MAC address table?

Answer 9

By looking at the source MAC address

Question 10

How does a Cisco switch decide what to do with the incoming frame?

Answer 10

The switch will check to see if there is an entry in its MAC address table for the source MAC address and then the switch will use its MAC address table to check if there is an entry for the destination MAC address.

Question 11

What is the command to see the MAC address table

Answer 11

show mac-address-table

Question 12

True or False - If the switch does not have an entry for the destination MAC address, it will flood every port with the frame.

Answer 12

False - The switch will flood every port EXCEPT the port the frame came in on.

Question 13

What is an unknown Unicast Frame?

Answer 13

host to host transmission where the switch doesn’t have the destination MAC address in MAC table.

Question 14

What does a switch do when it filters the frame?

Answer 14

Drops the frame.

Question 15

True or False - Switches NEVER send a frame back out the same port it came in on.

Answer 15

True

Question 16

What is flooding?

Answer 16

Flooding is performed when the switch has no entry for the frame’s destination MAC address. When the frame is flooded it is sent out every port except the one it came in on.

Question 17

What is Forwarding?

Answer 17

When the switch does have an entry for the frames destination MAC address. The frame will be sent out only one port with Forwarding

Question 18

What is Filtering?

Answer 18

When the switch has an entry for both the source and destination MAC address and the MAC table indicates that both addresses are found off the same port

Question 19

What ports are a Broadcast frame sent out on?

Answer 19

Every port except the one that received it. Broadcast frames are intended for all hosts, and the MAC broadcast address is
FF-FF-FF-FF-FF-FF

Question 20

What is the default time a MAC address is stored?

Answer 20

300 Seconds

Question 21

Once the switch decides whether to Forward, Filter or Flood the frame…what other decision needs to be made?

Answer 21

What processing method will be used to handle this forwarding. The processing options are: Store-and-forward, Cut-through, fragment-free

Question 22

What is Store and forward?

Answer 22

Store and forward is the default for new switches. It provides more error detection than Cut-hrough or fragment-free, has no error recovery, and is slower than Cut-hrough and fragment-free

Question 23

What is Cut-through?

Answer 23

Cutthrough will forward as soon as frame comes in, Cut-through is fastest, and only Mac address is read

Question 24

What is fragment free?

Answer 24

Fragment free checks the first 64 bytes for corruption and then forwards if there is none. Fragment free offers middleground between store and forward and Cut-through

Question 25

What is the danger of a Broadcast Storm?

Answer 25

Broadcast storms can overwhelm a switch's memory and CPU capabilities, rendering the switch virtually useless.

Question 26

How do you limit Broadcasts?

Answer 26

Increase the amount of broadcast domains by creating smaller groups.

Question 27

What is the purpose of a VLAN?

Answer 27

VLANS limit and segment broadcast domains (breaks them into smaller groups)

Question 28

What is the default VLAN on a Cisco switch?

Answer 28

VLAN 1

Question 29

True or False - Traffic can be sent from one VLAN to another without the intervention of a layer 3 device

Answer 29

False - NO Traffic can be sent from one VLAN to another without the intervention of a layer 3 device

Question 30

What protocol does a ping utilize?

Answer 30

ICMP

Question 31

What do we use a ping for?

Answer 31

Basic connectivity test

Question 32

What command would you use to see all VLAN's on a switch?

Answer 32

Show VLAN or Show VLAN brief

Question 33

The Cisco switching model consists of three layers. The __________, ____________, and _____________. This model defines ____________ for switches

Answer 33

Access Distribution Core Roles

Question 34

True or False - VLAN's are also a security feature.

Answer 34

True

Question 35

What does STP stand for?

Answer 35

Spanning Tree Protocol

Question 36

What is Spanning Tree used for?

Answer 36

To Prevent switching loops - STP will determine a loop free path for frames, and ports that are not on that path will be placed into blocking mode

Question 37

True or False - Spanning Tree is enabled by default

Answer 37

True

Question 38

True or False - Unused VLANS can be used as a security feature?

Answer 38

True - Cisco switch ports are open by default, close the unused port with the "shutdown" command, and place them in an unused VLAN

Question 39

What are the three options for a port-security violation?

Answer 39

Protect - drops the violating frames and transmits a message to the log indicating an issue but does not shut the port Restrict - simply drops the violating frames Shutdown - Default mode - drops the violating frames and shuts down the port which will now be listed as err-disabled, also transmits to the log indicating the action taken

Question 40

What is the commmand to verify port security is running?

Answer 40

show port-securtity interface f0/2 (example)

Question 41

What is the command for an port security when you don't know the MAC address?

Answer 41

sw2(config-if)#switchport port-security mac-address sticky

Question 42

What does the mac-address sticky command do?

Answer 42

The first source MAC address learned on the port will be the secure address, and all others will be onon-secure unless you use the maximum option to change that. - This is commonly used when configuring port security and the MAC address is unknown.

Question 43

What command would you use to find out if a non-secure address has hit a specific port and shut it down? Also, What other indicator will there be that a port has been shut down by port security?

Answer 43

sw2#sho int fast 0/3 (example) The port LED will be dark

Question 44

What command would you use to protect the switch's console port with a password?

Answer 44

line con 0 password cisco (example)

Question 45

Why do you have to configure a password for telnet?

Answer 45

Without a password on the VTY lines, no user will be able to telnet to a Cisco router or switch.

Question 46

What is the command do set up a password for telnet?

Answer 46

line vty 0 15 password cisco (example) login

Question 47

What mode are you in when you see this sympbol " > "

Answer 47

User exec mode

Question 48

What mode are you in when you see this symbol "#" ?

Answer 48

Privlileged EXEC mode, also referred to as the enable mode

Question 49

True or False - Using an enable mode password is always optional

Answer 49

False - for telnet and SSH users to access enable mode the enable password must be configured OR the following command must be configured on the VTY lines - config# username jsmith privilege 15 password cisco (example)

Question 50

What does an amber light on the port LED mean?

Answer 50

If it doesn't go away in a few seconds, it indicates a problem.

Question 51

Typically, What level would you start your troubleshooting at?

Answer 51

Physical layer

Question 52

What does configuring the "logging synchronous" command do?

Answer 52

By configuring the logging synchronous command on the console port, your telling the router to hold such messages until it detects no input from the keyboard and no other output from the router.

Question 53

what does do ?

Answer 53

Takes the cursor all the way to the front of your current command