Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
41 Cards in this Set
- Front
- Back
When would a "username (name) password (password)" global configuration command, assuming login is enabled, prompt a user for their credentials?
|
When using SSH to connect to the device
|
|
If you entered the configuration mode command "banner login this is the login banner", what text would be displayed upon login?
|
"his is"
|
|
What command enables port security features?
|
"switchport port-security"
|
|
What would be disabled if you issued the commands 'speed 100' and 'duplex full' in interface configuration?
|
IEEE autonegotiation
|
|
In what mode of the CLI would you configure the duplex setting for interface Fa0/5?
|
Interface configuration mode
|
|
What three modes of access can require passwords in IOS?
|
Console connections, Telnet connections, and enable mode
|
|
After configuring a switch for log in, what two commands are used to enable SSH encryption?
|
ip domain-name (name) and crypto key generate rsa to generate an encryption key
|
|
What command retrieves the encryption key generated for secure SSH?
|
'show ip ssh'
|
|
What command is used to disable Telnet and/or SSH?
|
transport input (all | none | telnet | ssh)
|
|
What command is used to encrypt the clear text passwords in the running-config?
|
service password-encryption
|
|
If you disable password encryption on a switch, what happens to the existing passwords?
|
They remain encrypted until changed
|
|
What does the command show running-config | begin line (param) do?
|
Outputs the running configuration starting at the first instance of "(param)"
|
|
What command only outputs a particular section of the running config?
|
running-config | section (param)
|
|
Why is the 'enable secret' command preferrable to the 'enable password' or even the 'service password-encryption' command
|
It provides better security by using a more complex encryption method for the enable EXEC password
|
|
What would the command "running-config | include enable secret" do?
|
Output only lines of the running-config that include exactly "enable secret"
|
|
What command can be used to add an encrypted password to a line connection?
|
username (param) secret (param)
|
|
What is used to define the beginning and end of an entered banner message?
|
A beginning and ending delimiter character
|
|
What three types of banner command are they and what are they used for?
|
'banner', 'Message of the Day', displayed before the line login prompt
'banner login', displayed after the MotD 'banner exec', displayed after successful login |
|
What command displays a selection of previous CLI commands enters, and how can you modify how many previous commands are saved?
|
'show history', 'history size x'
|
|
What determines the size of the history buffer for a single login session?
|
'terminal history size x'
|
|
What global configuration command stops a switch's log messages from being displayed at all?
|
'no logging console'
|
|
What command forces log messages to be displayed at the end of 'show' commands, instead of in real time?
|
'logging synchronous'
|
|
Why does a switch need a Switched Virtual Interface (SVI) or VLAN Interface?
|
To act as a virtual NIC
|
|
What is the key difference between Layer 2 and Layer 3 switches when it comes to VLAN interfaces?
|
A Layer 3 switch can have IP addresses on multiple VLANs at once instead of just one
|
|
What command enables a port in interface configuration mode?
|
"no shutdown"
|
|
What command is used to configure DNS on a switch's interface?
|
"ip name-server (IP address)"
|
|
What command assigns an interface to use DHCP in interface configuration mode?
|
"ip address dhcp"
|
|
Why would a given interface be listed in a "show interfaces" message as "administratively down"?
|
If the "shutdown" command was used in its interface configuration to turn it off
|
|
Why would a switch's IP address not appear in the "show interfaces vlan (x)" command message and how would you view it?
|
If DHCP was enabled; "show dhcp lease"
|
|
What command is used in interface configuration to add notes?
|
"description (text)"
|
|
What does an "a-" in front of an interface's duplex or speed value indicate on the "show interfaces status" message?
|
That autonegotiation is enabled and was completed
|
|
What does a switch use to determine what clients can connect when port security is enabled?
|
Their MAC Address
|
|
What is the default action if a frame is forwarded to an interface that causes it to exceed its maximum number of source MAC addresses if port security is enabled?
|
It discards all future traffic on that interface
|
|
What feature does port security use to learn source MAC addresses for later identification and what command enables it?
|
Sticky Secure MAC Addresses;
"switchport port-security mac-address sticky" |
|
What are the only two types of ports port security can be enabled on and what interface configuration commands set those types?
|
Access or Trunk;
"switchport mode access" and "switchport mode trunk" |
|
Why would an interface be in "secure-shutdown" status?
|
If a port security violation caused the port to be disabled
|
|
Which "switchport port-security violation (param)" parameter simply discards the offending frame and takes no actions?
|
Protect
|
|
Which "switchport port-security violation (param)" parameter discards the offending frame and sends log and SNMP messages to a network manager?
|
Restrict
|
|
What would cause an interface to enter "Error disabled" or "err-disabled" state?
|
If a port security violation occurred if the violation paramter Shutdown was enabled
|
|
In what two methods can you ensure unused ports on a switch are in an unused VLAN?
|
By assigning a port to use an unused VLAN, or to make the native VLAN an unused VLAN via "switchport trunk native vlan"
|
|
Why should unused ports be assigned to Access mode?
|
To prevent VLAN trunking
|