Busy. Please wait.

show password
Forgot Password?

Don't have an account?  Sign up 

Username is available taken
show password


Make sure to remember your password. If you forget it there is no way for StudyStack to send you a reset link. You would need to create a new account.
We do not share your email address with others. It is only used to allow you to reset your password. For details read our Privacy Policy and Terms of Service.

Already a StudyStack user? Log In

Reset Password
Enter the associated with your account, and we'll email you a link to reset your password.

Remove ads
Don't know
remaining cards
To flip the current card, click it or press the Spacebar key.  To move the current card to one of the three colored boxes, click on the box.  You may also press the UP ARROW key to move the card to the "Know" box, the DOWN ARROW key to move the card to the "Don't know" box, or the RIGHT ARROW key to move the card to the Remaining box.  You may also click on the card displayed in any of the three boxes to bring that card back to the center.

Pass complete!

"Know" box contains:
Time elapsed:
restart all cards

Embed Code - If you would like this activity on your web page, copy the script below and paste it into your web page.

  Normal Size     Small Size show me how


CST8271 - Midterm 1

Access Layer Bottom layer. Interfaces with end devices. Port Security, PoE, VLANs, 100Mb
Distribution Layer Middle layer. Access control lists, might perform routing between VLANs. Redundancy. 1Gb-10Gb
Core Layer Top Layer. Backbone of network, connected to internet, forwards large amounts of data. Redundancy. 10Gb
Benefits of a Hierarchical Network Scalability, Redundancy, Performance, Security, Manageability, Maintainability
Converged Network Combining voice and video communications on a data network.
Fixed Configuration Switches Cannot add features or options to the switch beyond those that originally came with the switch
Modular Switches Flexibility in their configuration (line cards)
Stackable Switches Interconnected using a special backplane
CSMA/CD carrier sense multiple access/collision detect. Listen, if no signals can transmit, if collision detected send jam signal and random backoff time. LEGACY HUB JUNK!
Multicast Communication in which a frame is sent to a specific group of devices or clients. Multicast transmission clients must be members of a logical multicast group to receive the information.
Ethernet Frame Preamble, SFD, Dest, Source, Length/Type, Package(data), FCS
Length/Type Field 0x0600 or higher = protocol; less than 0x0600 = length of data in frame
Network Latency source NIC to place voltage pulses on the wire + propagation delay + network devices that are in the path between source and destination
Switch Packet Forwarding Methods Store-and-Forward Switching + Cut-through Switching
Store-and-Forward Switching receives the entire frame, computes CRC checks length. If frame is good look up destination and forward.
Cut-through Switching Forwards framer before it is entirely received, must be symmetrical network. Fast-forward and Fragment-free.
Fast-forward switching immediately forwards a packet after reading the destination address
Fragment-free switching stores the first 64 bytes of the frame before forwarding, performs small error check
Asymmetric Switching differing port bandwidths
Symmetric Switching all ports are of the same bandwidth
Port-based Memory Buffering Frames are stored in queues that are linked to specific incoming and outgoing ports.
Shared Memory Buffering common memory buffer that all the ports on the switch share
Configure SSH ip domain-name (name); crypto key generate rsa(at least 768); ip ssh version 2; line vty 0 15; transport input SSH
MAC Address Flooding Turn switch into a hub by filling up its mac address table. When it is a hub it sends frames out all ports so you can snoop.
Spoofing Rogue computer pretends to be a DHCP, DNS, etc. server to view all info transfered. DHCP snooping used to counter this.
Activate dhcp snooping? ip dhcp snooping; ip dhcp snooping trust (used on ports connected towards DHCP server)
CDP Attacks CDP contains information about the device that can be used to find exploits to attack your network. Disable CDP to counter.
Port Security set max number of MACs to associate to port, determine what happens on violation, methods of securing MAC.
Secure MAC address types Static + Dynamic (stored in MAC address table), Sticky (stored in running-config); switchport port-security mac-address [sticky]
Security Violation Modes Protect-silently drop; Restrict-Drop, Log, Count; Shutdown-Drop, Log, Count, Shutdown
Default Port Security Disabled; Max=1, Violation=Shutdown
Verify Port Security show port-security [interface]
Tedious Security enhancement? Disable Unused Ports
Benefits of a VLAN Security, Performance, Cost, Simpler project or application management
Normal Range VLANs 1 to 1005; 1 and 1002 to 1005 are automatically created and cannot be removed; saved in vlan.dat in flash
Extended Range VLANs 1006 - 4094; saved in running config
Default VLAN VLAN 1; immortal (cannot be deleted or renamed)
Native VLAN 802.1Q trunk port places untagged traffic on the native VLAN
Management VLAN you configure to access the management capabilities of a switch, or don't, it's your call...SECURITY!
Voice VLANs Used for VoIP QOS
VLAN Switch Port Modes Static, Dynamic, Voice
SVI switch virtual interface, used for layer 3 switch to route between vlans or connect to the switch.
Trunk Using one port to send multiple VLAN traffic over. Conserves ports but does create bottlenecks.
802.1Q Frame Tagging Tag added to frame when sent over a trunk (unless native vlan).
DTP Dynamic Trunking Protocol, used to dynamically negotiate trunk ports. Cisco only. Bad. Default is dynamic auto, why?
ISL Cisco LEGACY trunking protocol called inter-switch link. All frames contain ISL header or are dropped.
Dynamic auto listen don't send
Dynamic desirable listen + send
Turn off DTP! switchport nonegotiate
Config port to vlan sw mode access; sw access vlan #; no shut
Config port to trunk sw mode trunk; sw trunk native vlan #
Verify Trunk show interface trunk
Verify VLAN show vlan [brief]
Delete VLANs delete flash:vlan.dat, ports in deleted VLAN become unable to communicate
Trunk Config Problems Native mismatch, DTP/mode mismatch, VLAN/IP subnets, VLANs not allowed on trunk
Proxy ARP Router responds to an arp request for an IP in a remote network, switch will do these by default unless set with default-gateway.
Disable CDP global=no cdp run; interface=no cdp enable
Username authentication username (name) secret (password); line vty 0 15; login local
Protect switch against rogue gateway ip default-gateway (gateway ip)
DHCP config ip dhcp excluded-address (ip#); ip dhcp pool (name); network (network ip) (mask); default-router (gateway ip for pool); dns-server (dns ip);
Remote DHCP config int f#/# !connected to clients; ip helper-address (remote DHCP address);
Preserve Logging logging (syslog server IP#); logging trap (# or name of level)
Hierarchical Network Design Principles: Network Diameter # of devices that packet has to cross before it reaches its destination. Keeping low ensures low and predictable latency between devices.
Hierarchical Network Design Principles: Bandwidth Aggregation Considering the specific bandwidth requirements of each part of the hierarchy then you can aggregate links for higher throughput.
Link Aggregation Helps to reduce these bottlenecks of traffic by allowing up to eight switch ports to be bound together.
Forwarding Rates How much data switch can process. Ex: switch with 4xgigabit ports but can only process at 2 gigabit speed cannot reach full wire speed.
Which layer of hierarchical network must support QoS? For QoS to work all layer switches must support it.
Configure switch management interface: interface vlan (#); ip address (ip#) (mask); no shutdown
Configure Encrypted Passwords: service password-encryption; type 7 encryption, very weak
Configure name on a vlan: vlan (#); name (vlan name)
Created by: Datheral