Chapter 02 Reading Organizer
Chapter 02 Reading Organizer
Chapter 02 Reading Organizer
Reading Organizer
After completion of this chapter, you should be able to:
2.0 Introduction
1. In a properly designed network, LAN switches are responsible for directing and controlling the data
the flow at the access layer.
2. Cisco switches run a Cisco IOS, and can be manually configured to better meet the needs of the
network. This includes:
a. adjusting port speed
b. bandwidth
c. security requirements
3. To remotely manage a switch what does it needs to have configured?
a. an IP address
b. default gateway configured
Next, the switch loads the boot loader software. The boot loader is a small program stored in
ROM and is run immediately after POST successfully completes.
Step 3
The boot loader performs low-level CPU initialization. It initializes the CPU registers, which
control where physical memory is mapped, the quantity of memory, and its speed.
Step 4
The boot loader initializes the flash file system on the system board.
Step 5
Finally, the boot loader locates and loads a default IOS operating system software image into
memory and hands control of the switch over to the IOS.
5. When does the boot loader provide access into the switch?
If the operating system cannot be used because of missing or damaged system files.
6. The boot loader can be accessed through a console connection following specific steps. Explain
these steps.
Step 1
Connect a PC by console cable to the switch console port. Configure terminal emulation
software to connect to the switch.
Step 2
Unplug the switch power cord.
Step 3
Reconnect the power cord to the switch and, within 15 seconds, press and hold down the Mode
button while the System LED is still flashing green.
Step 4
Continue pressing the Mode button until the System LED turns briefly amber and then solid
green; then release the Mode button.
Step 5
The boot loader switch: prompt appears in the terminal emulation software on the PC.
7. What commands can be executed through the boot loader command line interface?
a. format the flash file system
b. reinstall the operating system software
c. recover from a lost or forgotten password
d. the dir command can be used to view a list of files within a specified directory.
8. Using the list below describe in detail the purpose of the LED indicators, and the meaning of their
colors.
a. System LED
Shows whether the system is receiving power and is functioning properly. If the LED is off, it
means the system is not powered on. If the LED is green, the system is operating normally. If the
LED is amber, the system is receiving power but is not functioning properly.
b. Redundant Power System (RPS) LED
Shows the RPS status. If the LED is off, the RPS is off or not properly connected. If the LED is
green, the RPS is connected and ready to provide back-up power. If the LED is blinking green,
the RPS is connected but is unavailable because it is providing power to another device. If the
LED is amber, the RPS is in standby mode or in a fault condition. If the LED is blinking amber, the
internal power supply in the switch has failed, and the RPS is providing power.
c. Port Status LED
Indicates that the port status mode is selected when the LED is green. This is the default mode.
When selected, the port LEDs will display colors with different meanings. If the LED is off, there
is no link, or the port was administratively shut down. If the LED is green, a link is present. If the
LED is blinking green, there is activity and the port is sending or receiving data. If the LED is
alternating green-amber, there is a link fault. If the LED is amber, the port is blocked to ensure a
loop does not exist in the forwarding domain and is not forwarding data (typically, ports will
remain in this state for the first 30 seconds after being activated). If the LED is blinking amber,
the port is blocked to prevent a possible loop in the forwarding domain.
d. Port Duplex LED
Indicates the port duplex mode is selected when the LED is green. When selected, port LEDs
that are off are in half-duplex mode. If the port LED is green, the port is in full-duplex mode.
e. Port Speed LED
Indicates the port speed mode is selected. When selected, the port LEDs will display colors with
different meanings. If the LED is off, the port is operating at 10 Mb/s. If the LED is green, the
port is operating at 100 Mb/s. If the LED is blinking green, the port is operating at 1000 Mb/s.
f. Power over Ethernet (PoE) Mode LED
If PoE is supported; a PoE mode LED will be present. If the LED is off, it indicates the PoE mode is
not selected and that none of the ports have been denied power or placed in a fault condition.
If the LED is blinking amber, the PoE mode is not selected but at least one of the ports has been
denied power, or has a PoE fault. If the LED is green, it indicates the PoE mode is selected and
the port LEDs will display colors with different meanings. If the port LED is off, the PoE is off. If
the port LED is green, the PoE is on. If the port LED is alternating green-amber, PoE is denied
because providing power to the powered device will exceed the switch power capacity. If the
LED is blinking amber, PoE is off due to a fault. If the LED is amber, PoE for the port has been
disabled.
9. What three things are necessary for a switch to be to managed from a remote network?
a. an IP address
b. a subnet mask
c. a default gateway
10. By default, the switch is configured to have the management of the switch controlled through
which VLAN?
VLAN 1
11. By default, which switch ports are assigned to VLAN 1?
All of them
12. Why it is considered a best practice to use a VLAN other than VLAN 1 for the management VLAN?
For security purposes
13. Based on the switch prompts below list the commands you would use to configure a switch with a
new VLAN called 50. (Hint: Pull up a 2960 Switch in Packet Tracer to verify your commands.)
Switch>enable
Switch#config t
Switch(config)#vlan 50
Switch(config)#name 50
Switch(config)#end
Show the commands you would use to apply the following IP address and subnet mask to VLAN
50: 10.250.1.100 255.255.255.0.
Switch#config t
Switch(config)#interface vlan 50
Switch(config-if)#ip address 10.250.1.100 255.255.255.0
Switch(config-if)#no shut
Switch(config-if)#end
Now show the commands you would use to associate VLAN 50 with port 10.
Switch#config t
Switch(config)#interface Fastethernet0/10
Switch(config-if)#switchport access vlan 50
Switch(config-if)#end
Add the default gateway 10.250.1.1.
Switch#config t
Switch(config)#ip default-gateway 10.250.1.1
Switch(config-if)#end
What command is used to save the running configuration?
Switch#copy running-config startup-config
What command can you use to determine the status of both the physical and virtual interfaces?
Switch#show ip interface brief
14. How does full-duplex communication increase effective bandwidth on a network?
By allowing both ends of a connection to transmit and receive data simultaneously.
15. Why does half-duplex communication create performance issues? What happens?
Because data can flow in only one direction at a time, often resulting in collisions.
16. Can Gigabit Ethernet and 10Gb NICs work at half duplex?
No
17. Standard, shared hub-based Ethernet configuration efficiency is typically rated at 50 to 60 percent
of the stated bandwidth. Full-duplex offers 100 percent efficiency in both directions (transmitting and
receiving). This results in a 200 percent potential use of the stated bandwidth
18. Switch port speeds come in 10/100/1000. Which can be set to half-duplex?
10/100
19. What are two issues that can cause connectivity issues between ports?
a. Mismatched settings for the duplex mode and speed of switch ports.
show startup-config
show running-config
show flash
show version
show history
show ip
show mac-address-table
24. The output from the show interface command can be used to detect common media issues. One of
the most important parts of this output is the display of the line and data link protocol status. Explain
each in detail.
Interface status
The first parameter (FastEthernet0/1 is up) refers to the hardware layer and, essentially, reflects
whether the interface is receiving the carrier detect signal from the other end.
Line protocol status
The second parameter (line protocol is up) refers to the data link layer and reflects whether the
data link layer protocol keepalives are being received.
25. Based on the output of the show interface command, Explain how the following possible problems
can be fixed.
If the interface is up and the line protocol is down, a problem exists.
a. There could be an encapsulation type mismatch.
b. The interface on the other end could be error-disabled.
c. There could be a hardware problem.
If the line protocol and the interface are both down.
a. A cable is not attached
b. Some other interface problem exists
If the interface is administratively down.
a. It has been manually disabled (the shutdown command has been issued) in the active
configuration.
26. Explain in detail the following reported input errors from the show interface command.
a. Runt Frames
Ethernet frames that are shorter than the 64-byte minimum allowed length are called runts.
Malfunctioning NICs are the usual cause of excessive runt frames, but they can be caused by the
same issues as excessive collisions.
b. Giants
Ethernet frames that are longer than the maximum allowed length are called giants. Giants are
caused by the same issues as those that cause runts.
c. CRC errors
On Ethernet and serial interfaces, CRC errors usually indicate a media or cable error. Common
causes include electrical interference, loose or damaged connections, or using the incorrect
cabling type. If you see many CRC errors, there is too much noise on the link and you should
inspect the cable for damage and length. You should also search for and eliminate noise
sources, if possible.
d. Output errors
Is the sum of all errors that prevented the final transmission of datagrams out of the interface
that is being examined. The reported output errors from the show interface command include
the following:
e. Collisions
Collisions in half-duplex operations are completely normal and you should not worry about
them, as long as you are pleased with half-duplex operations. However, you should never see
collisions in a properly designed and configured network that uses full-duplex communication. It
is highly recommended that you use full-duplex unless you have older or legacy equipment that
requires half-duplex.
f. Late collisions
A late collision refers to a collision that occurs after 512 bits of the frame (the preamble) have
been transmitted. Excessive cable lengths are the most common cause of late collisions.
Another common cause is duplex misconfiguration. For example, you could have one end of a
connection configured for full-duplex and the other for half-duplex. You would see late collisions
on the interface that is configured for half-duplex. In that case, you must configure the same
duplex setting on both ends. A properly designed and configured network should never have
late collisions.
27. To troubleshoot issues when you have no connection or a bad connection between a switch and
another device, you can use the show interface command to check the interface status. Explain
in detail what to do if
the interface is down:
a. Check to make sure that the proper cables are being used. Additionally, check the cable and
connectors for damage. If a bad or incorrect cable is suspected, replace the cable.
b. If the interface is still down, the problem may be due to a mismatch in speed setting. The
speed of an interface is typically auto-negotiated; therefore, even if it is manually configured on
one interface, the connecting interface should auto-negotiate accordingly. If a speed mismatch
does occur through misconfiguration or a hardware or software issue, then that may result in
the interface going down. Manually set the same speed on both connection ends if a problem is
suspected.
If the interface is up, but issues with connectivity are still present:
a. Using the show interface command, check for indications of excessive noise.
Indications may include an increase in the counters for runts, giants, and CRC errors. If there is
excessive noise, first find and remove the source of the noise, if possible. Also, verify that the
cable does not exceed the maximum cable length and check the type of cable that is used. For
copper cable, it is recommended that you use at least Category 5.
b. If noise is not an issue, check for excessive collisions. If there are collisions or late collisions,
verify the duplex settings on both ends of the connection. Much like the speed setting, the
duplex setting is usually auto-negotiated. If there does appear to be a duplex mismatch,
manually set the duplex on both connection ends. It is recommended to use full-duplex if both
sides support it.
Penetration testing is a simulated attack against the network to determine how vulnerable it
would be in a real attack.
41. Penetration tests can have adverse effects on a network. Explain what needs to be done to
minimize these factors.
They must be carried out under very controlled conditions, following documented procedures
detailed in a comprehensive network security policy.
42. What is a simple method that many administrators use to help secure the network from
unauthorized access?
Disable all unused ports on a switch
43. What does DHCP snooping do?
It is a Cisco Catalyst feature that determines which switch ports can respond to DHCP requests.
44. Explain how port security works.
It limits the number of valid MAC addresses allowed on a port. The MAC addresses of legitimate
devices are allowed access, while other MAC addresses are denied.
45. An interface can be configured for one of three violation modes, specifying the action to be taken if
a violation occurs. List and explain each of these violation modes.
a. Protect
When the number of secure MAC addresses reaches the limit allowed on the port, packets with
unknown source addresses are dropped until a sufficient number of secure MAC addresses are
removed, or the number of maximum allowable addresses is increased. There is no notification
that a security violation has occurred.
b. Restrict
When the number of secure MAC addresses reaches the limit allowed on the port, packets with
unknown source addresses are dropped until a sufficient number of secure MAC addresses are
removed, or the number of maximum allowable addresses is increased. In this mode, there is a
notification that a security violation has occurred.
c. Shutdown
In this (default) violation mode, a port security violation causes the interface to immediately
become error-disabled and turns off the port LED. It increments the violation counter. When a
secure port is in the error-disabled state, it can be brought out of this state by entering the
shutdown and no shutdown interface configuration mode commands.
46. What command can you use to display port security settings for the switch or for the specified
interface?
show port-security
47. What should an administrator do before re-enabling a port that has been shut down with port
security?
They need to determine what caused the security violation before re-enabling the port .
48. What is Network Time Protocol (NTP)?
It is a protocol that is used to synchronize the clocks of computer systems over packet-switched,
variable-latency data networks.
49. What is a secure method of providing clocking for a network?
Network administrators can implement their own private network master clocks, synchronized
to UTC, using satellite or radio.
50. NTP can get the correct time from an internal or external time source including the following:
a. Local master clock
b. Master clock on the Internet
c. GPS or atomic clock