Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
236 Cards in this Set
- Front
- Back
|
? protocol -encap routed protocols -err correction |
PPP analog |
|
|
cmd to check -cable type -full cfg |
show controller |
|
|
msg "line protocol is up" = ? |
keep alive msg is recieved |
|
|
to form an EtherChannel 1side =auto 1side=? |
desirable |
|
|
3 statemens about port-security |
-must be enabled -if maximum = 1 -> just 1 MAC can use this port -stick = dynamically learn new MAC, add to running cfg |
|
|
common ?VC type |
Pvc (not Svc) |
|
|
2 native VLANs can just need ? link to communicate? |
access |
|
|
2 NOT native VLAN must need ? link to talk? |
trunk |
|
|
router A --------------CHAP-------------router B if on router A pass = X then on router B pass = ? |
X |
|
|
SW A (full duplex) ------------------- SW B if get CRC error what to check? |
SW B duplex mode |
|
|
output of cmd show frame-relay map |
-DLCI -PVc status |
|
|
?cmd to show F-r encap |
show frame-relay map |
|
|
3 steps to cofig 2nd F-r VC |
1. - physical IP 2. + virtual interface 3. each interface = 1 IP |
|
|
if traffic > QOS then traffice will be ? |
all traffic will be discard eligible |
|
|
2 attribute of CHAP authen ? |
- 3 ways - periodically |
|
|
DLCI = ? of a PVC |
L2 add |
|
|
? protocol to get DLCI |
RARP (from IP) |
|
|
PPP sub protocol ? |
NCP:establish connection LCP: authen, cfg params |
|
|
Frame-relay p2p (2) |
-emulate leased line -unique subnet |
|
|
where to store pass by cmd #service password-encryption |
plaintext cfg file |
|
|
ip subnet zero cmd format? |
x.x.x.0 |
|
|
? msg link-state to -build -maintain topo |
-hello -LSA |
|
|
ACL std based attributes(1)? |
src IP |
|
|
ACL ext based attributes(4)? |
IP |src |dst port protocol |
|
|
?type ACL authenticate user with usr/pass |
dynamic |
|
|
static NAT benefits(2) |
-used to connect from outside -always on NAT table |
|
|
? no of ACL/per protocol? /per direction |
1 |
|
|
2 ways to secure vty |
-use pass, login process -use acess-class ACL |
|
|
2 cmd to check if a port = security port |
1 show running-config 2 show port-security interface |
|
|
DTP use VLAN ? to send data |
1 |
|
|
monitoring port traffic by replicating it -> another port by protocol? |
SPAN |
|
|
VLAN collision issues (2) ? |
-duplex mismatch -overload shared segment |
|
|
? security protocol use AAA to separate authentication, authorization |
TA CACS+ |
|
|
ver? of SNMP user based access |
v3 |
|
|
.1? used by PVST+ |
.1Q |
|
|
policy when traffic > congestion |
drop |
|
|
? protocol SDN server = centralized managerment |
CISCO ACI |
|
|
? refered by "Load" by cmd #show interface port-chanel chanel 1 etherchanel |
no of src-dst pair with link |
|
|
? STP feature fast change port->forwarding state |
Port Fast |
|
|
? mode to disable DTP on swport |
trunk |
|
|
? interface to get IP for PPPoE client |
dialer |
|
|
.1? authenticate accessing LAN |
.1X |
|
|
? can cause slow VLAN |
duplex mismatch |
|
|
? action to MAC when rapid PVST+ topo change |
imidiately delete MAC in same STP instance |
|
|
? protocol of DM VPN |
hub-n-spoke |
|
|
?action access port if recieved .1Q tagged frame |
Drop |
|
|
sw stacking statements (2) |
-port density -resource use |
|
|
.1W RSTP 3 states? |
learning dicarding forwarding |
|
|
? layers MPLS works? |
2,5 (layer 2 and 3) |
|
|
what if many "0" show in cmd #show frame-relay lmi |
-DLCI = 0 -Frame-relay does not responding LMI |
|
|
?layer and detailed problems ? of msg "protocol = down" |
-layer 2 -not recived clock signal (keep alive) msg |
|
|
? layer problem when ping result = "network error" |
layer 3 error |
|
|
F-r status = INACTIVE means connection = ? |
wait for traffic |
|
|
? cmd to config CHAP = main PAP = fallback |
#ppp authentication chap pap |
|
|
? protocol - open std - VPN secure |
IPsec |
|
|
2 WANs protocols? |
-PPP -DSL |
|
|
?WAN protocol if cisco router <--------------------> non cisco router |
PPP |
|
|
late collision = ? (2) |
-duplex mismatch ->512 byte transmission |
|
|
? if config VLAN without no shutdown |
inactive virtual interface |
|
|
?cmd to view VLAN ports |
#show vlan id |
|
|
?reason duplex mismatch hard to diagnose(2) |
-up/up status -symtom is intermittent |
|
|
?cmd to set user timeout = 10seconds |
(config-line)#exe-timeout 10 |
|
|
? protocol on top STP |
M stp |
|
|
3 benefits Cisco VPN > p2p VPN? |
cost scability security |
|
|
3 steps to config 1 router -> VLAN truking |
-1 subinterface = 1 IP -1 subinterface = 1 VLAN - subinterface encap id = VLAN tags |
|
|
max equal-cost-path in Cisco OSPF router =? |
4 |
|
|
? cmd config to make vty connection works? |
(config-line)#login (config-line)#password xxx |
|
|
? subnet used by PPP |
/30 (255)3.252 |
|
|
what referers -local interface -neighbor interface in cmd ouput: #show cdp neighbor |
-local = "interface" -neighbor = "port outgoing" |
|
|
.1? prevent loop LAN |
.1D |
|
|
? encap truking in VLAN (2) |
1.Q ISL |
|
|
?name of domain full duplex Sw port? |
collision |
|
|
Ethernet = ? media use ? protocol |
- shared media - CSMA/CD |
|
|
VLAN use separate ? (2) |
-address -briding table |
|
|
? action of SWitch with MAC |
do not edit |
|
|
full duplex = ? CSMA/CD |
no |
|
|
microsgmentation = ? (3) |
-1 PC ---- 1 sw port -incrase no of collisiondomain -reduce no of collision |
|
|
?type of cable SW --------------------Com port PC |
rollover |
|
|
? cmd did by cmd #switchport access vlan |
add this port to vlan.dat event vlan not exist |
|
|
intelligent DNS for cloud computing |
user request ------redirect------> fewer network resource |
|
|
BGP neighbor if match ? (2) |
-AS no -IP address |
|
|
FHRP cisco native support? |
HSRP |
|
|
FHRP cisco alternative support? |
VRRP |
|
|
IPv6 adv msg (2) |
ICMPv6 type 124 fixed length 64bits |
|
|
IPv6 private address |
FC00::7 (fan club min : : cuu?) |
|
|
?cmd to see status of loopback 0 |
#show ip interface loopback 0 |
|
|
1st step to config NAT (2) |
interface|inside |outside |
|
|
?2cmd to verify Netflow |
#show ip netflow statistics #show ip cache flow |
|
|
3 statements about satelite internet |
-rural user -up/down = 1/10 -10x faster analog |
|
|
?cmd will encrypt pass |
#enable secret |
|
|
?cmd secure access ...CLI |
#privileged EXEC mode |
|
|
? if config telnet with no login |
do not need a pass to connect telnet |
|
|
? routing protocol need a router ID under routing process |
EIGRP for IPv6 |
|
|
? if ACL without last "permit any" line |
block all traffic |
|
|
3 statements about VTP (member's role, mode of road to exchange data) |
-client can not udate its db -transparent mode just forward -via TRUNK |
|
|
DHCP process order |
Client Server discover-----------> <-----------offer request -----------> <-----------ack |
|
|
IPv6 multicase RIP update? |
max ve nhi` :: cuu FF02::/9 |
|
|
OSFP hello msg for? (2) |
-discover -maintain neighbor |
|
|
TFTP use ? (TCP or UDP) |
UDP |
|
|
SNMP alert msg |
TRAP |
|
|
SNMP v2 authentication ? |
comunity string |
|
|
3 Netflow features |
-app cause congestion -diagnose network -bw of each class-of-service |
|
|
IOS features Pinpoint app cause slow network |
Netflow |
|
|
3 packet attributes not change |
INgress interface IP |src |dst |
|
|
3 to consider befor install Netflow |
-CPU -no of devices -where for storing data |
|
|
OSPF router ID 3 statements |
-=loopback IP -stability -id src of type 1 LSA |
|
|
? protocol different within Etherchanel |
DTP negotiation |
|
|
? benefit single area OSFP (2) |
-reduce LSA type -unneed Virtual link |
|
|
OSPF v3 > v2 |
support IPv6 subnets on 1 link route |
|
|
OSFP exchange state ? |
start->exchange->load->full |
|
|
3 statements OSPF process ID ? |
-locally -ID of 1 instance database -multiple on 1 router |
|
|
cmd to config OSPF |
#router ospf #network area |
|
|
OSPF config all networks to area 0 |
#network (0)4 (255)4 area 0 |
|
|
3 place to store syslog msg |
terminal | console | other server |
|
|
EIGRP neighbor |
AS no K value same subnet authen method key string network cmd |missing |wrong |
|
|
?2cmd to see traffic from A -> B |
-id of int #show ip interface brief -the path #show ip route |
|
|
? cmd get IP of EIGRP neighbor |
#show ip eigrp neighbor |
|
|
GLBP benefits (3) ? |
-support 1024 VR -pass |clear |md5 -share traffic with 4 router |
|
|
HSRP 3 statements ? |
-support 255 groups/interface -timer |hello = 3 |dead = 10 -virtual |IP |MA +K44C |
|
|
syslog 3 statements (store,msg,=?,df level) (4)? |
-not store on router -msg > SNMP trap msg -= alerts + logs -df level = 7 |
|
|
?cmd config SHH for incomming connection |
#transport input ssh |
|
|
?cmd config syslog in milisecond |
#service timestamps DEBUG datetime msec |
|
|
2 params to chose a route(in priority order)? |
protocol > cost (adminstrative distance) > cost |
|
|
? to prevent sending hello of interface |
passive interface |
|
|
device work with |single | radio signal |double| |
Acess Point |
|
|
2 steps ? for trouble shooting WAN connection (GRE, PPP) |
-check L1,L2 status #show ip interface -#show running-config -> GRE: check route -> PPP: check | user | pass |
|
|
inter VLAN routing truoble shooting (2) |
-ping PC1(VLAN1) -> PC2(VLAN2) -check if routing is enabled #show ip int brief |
|
|
QoS df behavior |
untagged packet at the edge of a domain |
|
|
ACL range? |
-st: 1-100 1300-2000 -ext 100-200 2000-2700 |
|
|
?cmd to view IPv6 link-local address of EIGRP neighbor |
#show ipv6 eigrp neighbor |
|
|
IP LSA ICMP echo? |
frequency of ICMP packet |
|
|
OSPF adjacency can cause MTU? |
Yes |
|
|
1st to config SNMPv3 user |
server-group |
|
|
?ACL support both |std |ACL |ext | |
Named ACL |
|
|
? cisco plat form can verify ACL |
Wireless LAN controller |
|
|
HSRP states order? |
(like human) -init -listen -speak -standby -active |
|
|
?if output of #show ipv6 route have a route |
OSPF distributing IPv6 route to BGP |
|
|
?cmd to config ntp clock source |
#ntp server |
|
|
RIP v2 > v1? (2) |
-classless -authentication |
|
|
TTL ipv4 = ? ipv6 |
Hop Limit |
|
|
ipv6 tunel mode? |
------------------- |ipv6 packet)| ------------------- ipv4 encapsulation |
|
|
? = NAT over load |
PAT |
|
|
? protocol advertise virtual IP protocol |
FHRP |
|
|
2 state RSTP for faster convergency |
blocking listening |
|
|
inter Vlan routing Layer 3 device? |
switch |
|
|
IPv6 header > v4 (3) |
extension fixed length remove checksum |
|
|
FIB and adjacency table to expedite packet forwarding? |
Cisco Express |
|
|
danger of permit any in |NAT |ACL |
overload router resource |
|
|
? ver of OSPF support IPv6 |
v3 |
|
|
Ipv6 use ? address to form adjacency |
link-local |
|
|
Ipv6 address asigned by 2 protocol? |
DHCP stateless configuration |
|
|
?cmd set router boot img |
#boot system |flash | |tftp | |room | |
|
|
public IP of NAT device? |
inside global |
|
|
? cmd show NAT counter |
#show ip NAT statistic |
|
|
alert msg by SNMP(2) |
TRAP INFORM |
|
|
SNMPv3 > v2 (3) |
msg integiryti authentication encryption |
|
|
? respond ARP request of GLBP |
antivirus? ---> AVG |
|
|
OSPF Tshoot?(2) |
1.area mismatch? router ID not unique? ->#show running-config 2.hello| interval mismatch dead| one df | one edited| ->#show ip ospf interface |
|
|
HSRP MAC form? v1,v2 |
v1: ...ACxx v2: ...Fxxx |
|
|
VRRP object tracking? |
best VRRP router = master VR |
|
|
3 features of flow control |
bufferring windowing congestion avoidance |
|
|
RIP invalid router treat? |
flushed after in output of cmd ... |
|
|
? routing protocol use less |processing | bw |
static |
|
|
WPA > WPE ? |
key same until client config change |
|
|
3 cmd to set df gateway? |
#ip default-network #ip default-network #ip route (0)4 (0)4 |
|
|
3 statements about link-state routing |
-common view of entire network topo -even-triggered -shortest path |
|
|
route summarization 2 steps? |
-find new increment -shift left ? subnetmask bits |
|
|
cmds to show telnet connection -to this router -to other device |
(like draytek) #show user #show session |
|
|
? if DHCP conflicted |
-IP conflicted removed from pool -resolve by admin |
|
|
OSPF max equal-path |
tam |
|
|
classful auto summarization issues |
discontinous subnet |
|
|
telnet = ? connection |
vty |
|
|
ssh port? layer? |
22 transport |
|
|
ACL ext cmd ? |
#acl
[eq port|name] |
|
|
ACL in or out? |
interface1 | |interface2 ---in--> ---out--> |
|
|
Nonbroadcast multicast --->protocol? |
frame-relay |
|
|
subnet mask in routing table = ? |
network mask |
|
|
indicator "-" in ARP table =? |
local interface |
|
|
TTL ----router-----> ? |
TTL-1 |
|
|
each router interface must be in ? |
different network |
|
|
IPv6 benefits (3) |
auto config PnP no broadcast |
|
|
IPv6 enable routing cmd? |
#ipv6 unicast-routing |
|
|
ivp6 -no of loopback? -1 int -> ? address |
>= 1 loopback n addresses |
|
|
ipv6 anycast? |
1-> n device with same address closest |
|
|
ipv6 manual ip set |
#ipv6 adress |
|
|
teredo = ? |
ipv6 --------------teredo tunel-----------> ipv4 |
|
|
?cmd config df metric of a route |
#ip route
[metric] |
|
|
2 statements about telnet |
-clear text -dst need configed |
|
|
2 app for network security |
I |prevention| S IPS |detection | IDS |
|
|
3 netflow benefits |
-monitor:user,app,network -accounting/billing -analysis security |
|
|
? can cause CPU hog |
SNMP |
|
|
netflow use ? atributes to consider traffic |
IP |src |dst port layer 3 protocol |
|
|
routing protocols administrative distance? |
directly 0 static 1 RIP 120 EIGRP 90 OSPF 110 |
|
|
OSPF herachical design benefits(3) |
reduce overhead incrase convegence stable |
|
|
?cmd show eighrp neighbor |
#show ip eigrp neighbor |
|
|
?cmd show database OSPF |
#show ip ospf database |
|
|
to run IPv6 |
must config an ipv6 address |
|
|
MTU size cause baby giant? |
1600 |
|
|
entity asign IPv6 adress? |
rikvip? RIR |
|
|
default violation swport |
shutdown |
|
|
nexthop in routing table = ? |
IP address of an existing interface |
|
|
welknow port ssh telnet ftp |
22 23 20,21 |
|
|
?cmd to verify interface's status |
#show interface |
|
|
?cmd activate PSTP |
#spanning-tree mode rapid-pvst |
|
|
switch port ? broadcast frame |
do not learn |
|
|
VLAN range can edit |
2-1001 |
|
|
msg "serial is down" =? |
layer 1 problems: -cable -power |
|
|
CDP info to do ? (2) |
-verify layer 2 connectivity -get IP of connected devices |
|
|
to separate (phone+PC) signal chose a device and a protocol? |
switch VLAN |
|
|
VTP database statements (2) |
VLAN database -consistency -propagated automatically |
|
|
switch benefit > hub(2) |
filtering frame by MAC simutaneous frame tranmission |
|
|
mode ? PC -------?-------- Switch router,switch -------?-------- Switch |
-access -trunk |
|
|
? elect root on nonroot bridge |
1st: path cost 2nd: closet to root bridge |
|
|
bond switchport-MAC 3 statements? |
-NOT portsecurity -NOT learn this MAC -this swport still learn other MAC |
|
|
3 benefits VLAN |
LAN segmentation security performance |
|
|
2 statements PVST+ |
-layer 2 load balancing -root switch location is optimizied |
|
|
trunk mode switch port (3) |
auto on desirable |
|
|
.1Q support ? (2) |
IOM Ethernet p to n point |
|
|
shared media opposite ? (2) |
leased line p2p |
|
|
native VLAN mismatch check by? |
CDP |
|
|
CRC error -> ? cause |
duplex mismatch |
|
|
24 first bits MAC = ? |
O U I ognization Unique Identifie |
|
|
EUI-64 = ? |
insetMidle(FFFE, 48 bit MAC) |
|
|
EIGRP code = ? |
D |
|
|
3 advantage of VLAN |
-more broadcast domain -based on logical location -easily for changing hosts |
|
|
DHCP lease time df |
24 hours |
|
|
cmd to check SSh connection was secured |
ssh -l admin IP |
|
|
the question that need to config: x subnets/2 hosts on each with CIDR = /30 = ? |
no network bits =? for x subnets p2p |
|
|
-If Subnet Mask is 255.255.254.0 the 2 specified hosts are: 1.in same subnet -> ? 2.in diffirent subnet -> ? |
1.do not need IPs for interfaces, or L3 device 2. need IPs for interfaces, + L3 device |
|
|
DTP use .1? |
.1Q |
|
|
two states are the port states when RSTP has converged |
discarding forwarding |
|
|
2 cmd check trunk link configuration status |
show interface |trunk |switchport |
|
|
3 statements RSTP |
-reduce reconveging time -2 more port roles: alternate + backup -faster transition to forwarding state on p2p link than STP |
|
|
2 statements .1Q |
-modifi 802.3 header->recaculate FCS -can carrying untagged frame |
|
|
cmd to 1.check when update IOS 2.show last method to power cycle router |
#show version |
|
|
3 statements about OSPF? |
-VLSM -confine instability to one area network -extensive control of routing update |
