Data Comm Tech

Configuring SSH
Objectives
View the default internetwork configuration.
Enable SSH.
Interconnect using SSH.
Background/Scenario
Traditionally, remote administrative access on routers was configured using Telnet on TC !ort
"#. However, Telnet was develo!ed in the days when security was not an issue. $or this reason,
all Telnet traffic is forwarded in !lain te%t. SSH has re!laced Telnet as the best !ractice for
!roviding remote router administration with connections that su!!ort strong !rivacy and session
integrity. SSH uses !ort TC "". It !rovides functionality that is similar to that of an outbound
Telnet connection, e%ce!t that the connection is encry!ted. &ith authentication and encry!tion,
SSH allows for secure communications over an insecure network. In this configuration, four
routers are interconnected in a hub'and's!oke $rame (elay configuration. (outer () is the hub,
and routers (", (#, and (* are the s!okes. +ynamic routing has been configured using multiarea
,S$.
Task 1: View the Default Configuration
Step 1. Verify the Frame Relay configuration on the routers.
a. ,n all four routers, enter user E-EC mode with the !assword cisco.
b. Enter !rivileged E-EC mode with the !assword cisco.
c. $rom !rivileged E-EC mode on all four routers, issue the show frame'relay ma! command to
verify $rame (elay connectivity.
Step 2. Verify the routing tables.
$rom !rivileged E-EC mode on all four routers, issue the show i! route command to verify the
all network segments are being advertised.
Step 3. Verify connectivity between routers.
a. $rom (), !ing all ./0 interfaces to verify connectivity.
b. /gain from router (), Telnet to (" using it1s ./0 interface I address. E%it and re!eat the
ste! for routers (# and (*.ing other Cs on the same network.
Task !: Configure SS" on the "ub #outer $#1%
Step 1. nable an! configure SSH on R1.
To enable SSH on the router, the following !arameters must be configured2
' Hostname
' +omain name
' /symmetrical keys
' .ocal authentication
a. The hostname on () is !re'configured. Therefore configure the domain name cisco.com using
the i! domain'name domain'name command.
b. The asymmetrical (S/ keys must be generated on () using the cry!to key generate rsa
command. &hen !rom!ted for a modulus si3e, s!ecify a modulus of )4"* bits.
c. SSH will !rom!t for a username and !assword combination when enabled. Therefore, a local
username database entry must be configured using the username name !assword !assword
command. Create a local account for the user admin and !assword cisco.
d. Configure the SSH version using the i! ssh version command. In this lab, we will be
configuring to use version ".
e. 0e%t, we need to disable Telnet and enable SSH communication to the VT5 lines. To do so,
enter the following commands on ().
()6config78 line vty " #
()6config'line78 no transport input all
()6config'line78 transport input ssh
()6config'line78 login local
()6config'line78 en!
f. Save the configuration.
Step 2. Chec$ results.
5our com!letion !ercentage should be "9:. If not, click Check (esults to see which re;uired
com!onents are not yet com!leted.
Task &: Configure SS" on the S'oke #outers #!( #& and #)
Step 1. Configure SSH on routers R2% R3% an! R#.
(e!eat the Ste!s from Task " on routers (", (# and (*.
5our com!letion !ercentage should be )44:. If not, click Check (esults to see which re;uired
Task ): Verif* SS"
Step 1. Verify the SSH configuration.
/fter configuring SSH on all routers, verify the SSH configuration on ().
a. Issue the show ip ssh command to verify which version of SSH is configured, and what the
default settings are.
()8 sho ip ssh
SSH Enabled ' version ).<<
/uthentication timeout2 )"4 secs= /uthentication retries2 #
b. 0e%t, issue the show ip ssh command to verify if SSH is currently running.
()8show ssh
:0o SSHv" server connections running.
:0o SSHv) server connections running.
Step 2. connect to R2.e&t.
a. 0ow Telnet to router (".e%t, to issue the show i! ssh command to verify if SSH is currently
running.
()8 telnet 1".2".2".1
Trying )4."4."4.) ...
>Connection to )4."4."4.) closed by foreign host?
(ecall that Telnet was deactivated using the no trans!ort in!ut all command. ,nly SSH can be
used to establish a remote connection.
b. @sing () as the SSH client, SSH to router (" using the ssh Al username i!'address command.
()8ssh 'l a!min 1".2".2".1
assword2
c. &hen !rom!ted for a !assword, enter cisco. 5ou should now be connected to router (".
Configuring S()
*b+ectives
View the default configuration of the s!anning tree !rotocol.
Select and enable the root bridge.
Enable !ortfast on !orts connected directly to host devices
View how these configurations change the way in which traffic is forwarded.
,ac$groun!-Scenario
The s!anning'tree !rotocol is useful in ensuring that loo!s do not e%ist in the network. However,
it can introduce increased latency and unintended inefficiencies if left to auto negotiate the root
bridge. In this activity, observe how the s!anning'tree !rotocol affects !ath selection and how that
!ath selection can change based on the configuration of the root bridge.
(as$ 1. View the /efault Configuration.
Step 1. 0ait for S() convergence to occur.
S!anning'tree must converge before connectivity occurs on a network. &ait for all link
lights to turn either green or orange 6green for forwarding, orange for blocking7.
*bservation. /ll !orts take e;ually as long to converge, including those !orts that are
connected to host devices.
Step 2. /etermine the root bri!ge.
a. ,n the Central switches, enter !rivileged E-EC mode using the console !assword
cisco and the secret !assword class.
b. $rom !rivileged E-EC mode, issue the show spanning1tree command and observe
the out!ut.
*bservation. Central is 0,T the root bridge. 0otice that $a4B)# is !laced in designated
forwarding, Ci4B" is !laced in alternate blocking, and Ci4B) is s!ecified as (oot $wd.
Ci4B) is connected to Switch).
c. ,n Switch), from the !rivileged E-EC mode, issue the show spanning1tree
command.
*bservation. Switch) is 0,T the root bridge. 0otice that all !orts are forwarding, and
fa4B"" is s!ecified as (oot $wd. $a4B"" is connected to S&'D.
d. ,n S&'D, from the !rivileged E-EC mode, issue the show spanning1tree command.
*bservation. S&'D is the root bridge. This is evident by the line EThis bridge is the
rootF.
Step 3. View how traffic is forwar!e! base! on S01, as root.
e. Click on the simulation button. The simulation button can be found on the lower right'
hand corner of the T window, behind the (ealtime clock.
f. Close the Event .ist window by selecting the % in the u!!er right'hand corner, Gust
below the View!ort button. This will allow you to see then entire to!ology.
g. 0otice the /uto Ca!ture B lay button and the Ca!ture B $orward button on the bottom
screen of the T window. Delow these buttons is a dro! down bo% with Scenario 4 and
Scenario ). De sure that Scenario 4 is selected. Scenario 4 is a !ing originating from
C'T E) and destined to Server'T &orkgrou! Server ). Click the /uto Ca!ture B
lay button to view the !ath that the !acket will take to reach that server. &hen the
Duffer $ull message a!!ears, click on view previous events.
h. Is the !ath that the !acket took to reach that destination the most efficient !athH &hy
did the !acket take that !athH
i. 0e%t, in the dro! down bo%, select Scenario ). Scenario ) is a !ing originating from
C'T E" and destined for Server'T &orkgrou! Server ". Click the /uto Ca!ture B
j. Is the !ath that the !acket took to reach that destination the most efficient !athH &hy
did the !acket take that !athH
Step #. 2anually configure the root bri!ge.
k. Click on the real time button. The real time button can be found on the lower right'
hand corner of the T window, behind the simulation timed clock.
l. Select Central switch.
m. $rom the E-EC !riviledge mode, enable the central switch as the root bridge by
ty!ing the command spanning1tree vlan 1 root primary.
n. Save the configuration with the command copy run start.
o. Select Switch ".
p. $rom the E-EC !riviledge mode, enable the Switch " as the secondary root bridge by
ty!ing the command spanning1tree vlan 1 root secon!ary.
q. Save the configuration with the command copy run start.
Step 3. nable )ortfast.
To s!eed u! convergence, it is also good !ractice to enable !ortfast on !orts that are
known to connect to servers and workstations. &hen an interface is configured with
!ortfast, the ST for that !ort assumes that the !ort is not !art of a loo! and immediately
moves to the forwarding state and does not go through the blocking, listening, or learning
states. $or this e%ercise, enable !ortfast on !orts that are connected to servers.
r. Click on S&'/
s. @sing the interface range command, enable !ortfast on !orts $a4B) A $a4B*.
/dditionally enable !ortfast on the !ort connected to &orkgrou! Server " 6$a4B)#7
E%am!le2
Switch6config78 interface range fa4B) A fa4B*
Switch6config'if'range78 spanning1tree portfast
Switch6config'if'range78 interface fa"-13
Switch6config'if78 spanning1tree portfast
t. Save the configuration with the copy run start command.
u. (e!eat ste!s a and b on switches S&'D, S&'C, S&'+, S&'E, and S&'$. In addition,
on switch Central, enable !ortfast on !ort fa4B)#
v. ,nce you have com!leted the configuration, click the button E!ower cycle devicesF.
This will reboot all devices and allow you to watch the s!anning'tree convergence. Be
sure that you saved all configurations before rebooting devices.
Step 4. View how traffic is forwar!e! base! on Central as the root.
w. Click on the simulation button.
x. Close the Event .ist window by selecting the % in the u!!er right'hand corner, Gust
below the View!ort button. This will allow you to see then entire to!ology.
y. In the dro! down bo%, select Scenario 4. Scenario 4 is a !ing originating from C'T
E) and destined to Server'T &orkgrou! Server ). Click the /uto Ca!ture B lay
button to view the !ath that the !acket will take to reach that server. &hen the Duffer
$ull message a!!ears, click on view previous events.
z. How has the !ath changedH Is the !ath more efficientH Is there more efficient !aths
availableH
aa. 0e%t, in the dro! down bo%, select Scenario ). Scenario ) is a !ing originating from
C'T E" and destined for Server'T &orkgrou! Server ". Click the /uto Ca!ture B
bb. How has the !ath changedH Is the !ath more efficientH Is there more efficient !aths
availableH
Step 5. Reflection.
cc. How does s!ecifying the root bridge affect efficiencies in the networkH Changing the
root bridge affects how !ackets are forwarded. &ith the root bridge, all !orts are
!laced to forwarding. &hereas on other switches, certain !orts may be !laced in
blocking, !reventing traffic from taking the most EefficientF !ath.
dd. &hat are some factors that may be im!ortant to consider when selecting the root
bridgeH The decision varies on several factors. In this case, Central is the connection
to the Internet and the &orkgrou! Server ) and may be the most im!ortant or
commonly accessed !ath for all devices. In addition, the s!eed of the connections to
Central is Cigabit, versus $astethernet. So !ackets taking that !ath have faster
connection times.
ee. In this to!ology there is only one V./0 and ) root bridge. There is a se!arate
instance of s!anning'tree for each V./0. How can s!ecifying multi!le V./0S and
different root bridges for each V./0 im!rove efficiencyH If there are several devices
that must reach a s!ecific server, such as workgrou! server ", it is !ossible to !lace all
of these devices and the server in a se!arate V./0. The root bridge for that V./0
can then be s!ecified based on the most efficient !ath to reach that server.
ff. How does enabling !ortfast increase efficiency in the networkH The ST for that !ort
assumes that the !ort is not !art of a loo! and immediately moves to the forwarding
state and does not go through the blocking, listening, or learning states. $or a switch
that is newly connected to the network, this means that host devices connected to
!ortfast enabled !orts will be able to start sending and receiving traffic immediately.
Configuring therChannel
Complete! (opology
*b+ectives
View the default .ayer " configuration.
Configure EtherChannel.
,ac$groun!-Scenario
EtherChannel enables the switch administrator to increase bandwidth between switches by
bundling together between " and I links. In this scenario, you will bundle two $ast Ethernet links
to form a single logical link with an effective full'du!le% bandwidth of *44 JbBs.
6*(. This activity is for observation !ur!oses only and does not re;uire configuration, thus
grading will not be conducted.
Step 1. Verify the trun$ing an! V786 configuration on the switches.
gg. ,n the two switches, enter !rivileged E-EC mode.
hh. erform a show run to view the current configuration.
ii. Issue the show interfaces trun$ and show interfaces switchport commands.
*bservation. The show interface truck command dis!layed no out!ut, hence there are no
trunk !orts configured. The show interfaces switch!ort command dis!layed all !orts in
dynamic auto mode.
jj. Issue the show vlan command to verify !ro!er V./0 configuration.
*bservation. V./0 )4 is the only non'default V./0 a!!earing. Currently, all !orts are
associated with V./0 ).
Step 2. Verify the V() configuration on the switches.
kk. $rom !rivileged E-EC mode on both +.S) and +.S" access layer switches, issue
the show vtp status command to verify VT modes and V./0 information.
*bservation. Doth +.S) and +.S" are VT servers with no VT domain name
configured.
Step 3. Verify 9 :"2.1/ spanning1tree.
ll. $rom each switch, issue the show spanning1tree command.
mm. Verify that all switches are running IEEE I4".)+ s!anning'tree.
nn. Verify that S) is the root bridge for V./0s )')44).
*bservation. Doth switches are running IEEE I4".)+. +.S) is the s!anning'tree root
bridge for all V./0s.
(as$ 2. Configure therChannel on the switches.
Step 1. 8!! therChannel functionality to /7S1 an! /7S2.
oo. To enable EtherChannel on +.S), enter the interface range mode for !orts $4B)) and
$4B)" on with the command interface range f"-11 1 12.
pp. Enter the command switch!ort mode trunk.
qq. Enter the command channel'grou! ) mode desirable.
rr. (e!eat ste!s a through c on +.S".
Step 2. 8!! a logical )ort Channel associate! with the physical interfaces.
a. Create ort Channel ) with the interface port1channel 1 command.
b. Enter the switchport mo!e trun$ command.
(as$ 3. Verify the therChannel configuration.
a. Enter the command show etherchannel summary and observe the out!ut.
*bservation. orts $4B)) and $4B)" a!!ear under Crou! ), associated with a ort
Channel labeled o).The default !ort bundling !rotocol is /g.
b. Enter the command show interface switchport.
*bservation. The !hysical !orts $4B)) and $4B)", and the logical !ort o) all a!!ear as
I4".))K trunk !orts.
c. ,n +.S), enter the command ping 1".1".1".2. The !ing should be successful.
d. Enter the command show running1config to determine the EtherChannel load'
balancing mechanism.
*bservation. The out!ut dis!lays E!ort'channel load'balance src'macF, indicating that
load balancing across the logical EtherChannel is based on the source J/C address of the
data.
(roubleshoot a 2ultipoint Frame Relay Connection with *S)F
8!!ressing (able
/evice 9nterface 9) 8!!ress Subnet 2as$ /7C9
(outer4
S4B4B4 6+TE7 )<".)LI.4.) "99."99."99."9"
)<".)LI.4." ' *4)
)<".)LI.4.# ' *4"
$a4B4 )4.).".) "99."99."99.4
(outer )
S4B4B4 6+TE7 )<".)LI.4." "99."99."99."9"
)<".)LI.4.) ' *)4
)<".)LI.4.# ' *)"
$a4B4 )4.).).) "99."99."99.4

(outer"
S4B4B4 6+TE7 )<".)LI.4.# "99."99."99.4
)<".)LI.4.) ' *"4
)<".)LI.4." ' *")
$a4B4 )4.).#.) "99."99."99.4
e%!aris
6webserver
7 0IC )4.).#.94 "99."99."99.4
e%lond
6webserver
7 0IC )4.).".94 "99."99."99.4
*b+ectives
@se various tools and show commands to troubleshoot connectivity issues.
Scenario
/ network administrator recently im!lemented a frame relay connection from the 0ew 5ork
office to the offices in aris and .ondon. @sers at the 0ew 5ork location are com!laining that
they are unable to reach the web server www.e%lond.com. Information located on both the aris
and .ondon servers are time sensitive. +etermine the cause of the connectivity issue and fi% the
!roblem as ;uickly as !ossible.
Step 1. Verify connectivity to both the )aris an! 7on!on web servers
a. ,n 05 admin, use the web browser to attem!t to access both www.e%lond.com and
www.e%!aris.com.
*bservation. www.e%!aris.com connects, however when attem!ting to connect to
www.e%lond.com, the re;uest times out.
b. $rom the command !rom!t, !ing the I address of the e%lond server 6)4.).".947
*bservation. Dy !inging the server by the I address, this confirms whether the !roblem is with
the +0S server 6name translation7 or if connectivity is truely down. The !ing fails, therefore, the
!roblem is with the connection between 05 admin and the server. This could be a frame'relay
connection issue or an ,S$ issue.
Step 2. Verify the frame relay an! *S)F configurations an! ma$e any necessary
configuration changes.
a. ,n 05 admin, use the terminal window to access (outer) via the console cable.
b. @se the show ip route command to view the routes that are available
*bservation. ,S$ has discovered a route to the )4.).#.4 network, but not the )4.).".4 network.
c. ing the inside interface on (outer4 6)<".)LI.4.)7. +oes the !ing !ass or failH
d. ing the outside interface on (outer4 6)4.).".)7. +oes the !ing !ass or failH
*bservation. The !ing to )<".)LI.4.) !asses. This indicates that the frame'relay connection is
o!erational. However, the !ing to )4.).".) fails, indicating that routing is not o!erating as
e%!ected.
e. @se various tools and show commands to verify the ,S$ configuration on (outer) and
(outer4 6this re;uires telnetting to (outer47. Jake any necessary configuration changes.
6*(. In acket Tracer, ,S$ convergence across a frame relay network may take u! to a
minute. /fter making a configuration change, save the configuration and select the button M!ower
cycle devicesM to s!eed u! convergence times.
Step 3. Verify connectivity.
a. @se show commands and the web browser to verify connectivity.
b. &hen finished, Click Check (esults.
Reflection
). &hy would an administrator attem!t to connect to both the www.e%!aris.com and
www.e%lond.com web servers as a first ste!, even though www.e%!aris.com is not on the
same network as www.e%lond.comH This confirms that the issue is only with the network
connection that contains the e%lond server and narrows down where the administrator
must troubleshoot.
.ist the ste!s that you took to solve the !roblem. .ooking at them again, was there a more
efficient way to determine the !roblemH /nswers vary
". &hat is the !ur!ose of the ip ospf networ$ broa!cast commandH This command is used
to define the network ty!e as broadcast. The network ty!e is defined on nonbroadcast
networks to avoid configuring the neighbors e%!licitly
Configuring )ort1Security
Complete! (opology
*b+ectives
Configure !ort security.
,ac$groun!-Scenario
ort security enables the switch administrator to !revent unauthori3ed devices from gaining
access to the network. ort security is normally enabled on access layer switches for this !ur!ose.
6*(. This activity is for observation !ur!oses only and does not re;uire configuration, thus
grading will not be conducted.
ss. ,n the three switches, enter !rivileged E-EC mode using the console !assword cisco
and the secret !assword class.
tt. $rom !rivileged E-EC mode, issue the show interfaces trun$ and show interfaces
switchport commands.
*bservation. ,n S), !orts $4B) and $4B" are I4".)K trunk !orts. ,n S", !ort $4B) is an
I4".)K trunk !ort. ,n S#, !ort $4B" is an I4".)K trunk !ort. The native V./0 is << for
all trunk !orts.
uu. Issue the show vlan command to verify !ro!er V./0 configuration.
*bservation. V./0s )4 6facultyBstaff7, "4 6students7, #4 6guest7, and << 6management7
are configured on the three switches2 V./0 ) is the default V./0 on each switch.
S) V./0 )2 all !orts e%ce!t for trunk !orts $4B) and $4B".
S" V./0 )2 !orts $4B"'9, C)B)'".
S" V./0 )42 !orts $4B))')N
S" V./0 "42 !orts $4B)I'"*
S" V./0 #42 !orts $4BL')4
S# V./0 )2 !orts $4B), $4B#'9, C)B)'"
S# V./0 )42 !orts $4B)I'"*
S# V./0 "42 !orts $4B))')N
S# V./0 #42 !orts $4BL')4
vv. $rom !rivileged E-EC mode on the access layer switches, issue the show vtp status
command to verify VT modes and V./0 information.
*bservation. S) is a VT server. S" is a VT client. S# is in VT trans!arent mode. The
V./0s configured on S) successfully !ro!agated to S".
a. $rom each switch, issue the show spanning1tree command.
b. Verify that all switches are running IEEE I4".)+ s!anning'tree.
c. Verify that S) is the root bridge for V./0s )')44).
*bservation. /ll switches are running IEEE I4".)+. S) is the s!anning'tree root bridge
for the to!ology.
(as$ 2. Configure port security on the switches.
Step 1. nable port security on S2 an! enforce a ma&imum number of 28C a!!resses.
a. To enable !ort security on S", enter the interface mode for !ort $4BL and issue the
command switchport port1security.
b. (e!eat ste! ).a. on !orts $4B)) and $4B)I of S".
c. ,n !orts $4BL, $4B)), and $4B)I of S", enter the command switchport port1security
ma&imum
d. Enter the show run command in !rivileged E-EC mode to see the effect of ste! ".a.
*bservation. The command switchport port1security ma&imum 1 does not a!!ear
under the interfaces $4BL, $4B)), and $4B)I. This is because the default ma%imum for !ort
security on an interface is ). The command switchport port1security ma&imum ; will
only a!!ear if a value higher than ) is configured.
e. (e!eat ste!s a through d on !orts $4BL, $4B)), and $4B)I of switch S#.
Step 2. Configure !ynamic learning for port security an! verify operation.
a. ,n !orts $4BL, $4B)), and $4B)I of S" and S#, enter the command switchport port1
security mac1a!!ress stic$y. Issue the show run command to view the final
configuration on both S" and S#.
b. Click on CL. CL is currently connected to $a4BL on S#. $rom the command !rom!t
on CL, issue the command ping 152.15.3".23. This will !ing C#, which is
connected to $a4BL on S". The !ing should be successful.
c. ,n S" and S#, enter the command show run and check to see if anything has changed
in the out!ut.
*bservation. ,n S", the entry Eswitchport port1security mac1a!!ress stic$y
"""1.C5C8.31CF now a!!ears under the configuration for !ort $4BL. ,n S#, the entry
Eswitchport port1security mac1a!!ress stic$y ""3".8383.8:C2F now a!!ears under
the configuration for !ort $4BL.
d. ,n S#, enter the command show port1security interface fa"-4.
*bservation. ort security is enabled, !ort'status is secure'u!, security violation count is
4.
Step 3. *bserve what happens when a security violation occurs.
a. Click on the red % button on the right hand !ortion of the T window. This will allow
you to delete a connection in the to!ology. lace the % over the connection between
CL and S# and click. The connection should disa!!ear.
b. Select the lightening bolt button on the bottom left'hand corner of the T window to
!ull u! connection ty!es. Click the Eco!!er straight'throughF connection. Click the
TestC device and select the fastethernet !ort. 0e%t, click on S# and select !ort $a4BL.
c. $rom the command !rom!t of TestC ty!e the command ping 152.15.3".23. The !ing
should fail.
d. ,n S#, enter the command show port1security interface fa"-4.
*bservation. ort security is enabled, !ort'status is secure'shutdown, security violation
count is ).
e. +elete the connection between TestC and S#. lace a new connection between CL
and S# using !ort $a4BL. (emember that once a !ort is shutdown due to a security
violation, the !ort must be administratively shutdown and re'enabled to bring the !ort
back online. ,n $a4BL on S#, issue the command no shut!own.
f. $rom the command !rom!t on CL, ty!e the command ping 152.15.3".23. The !ing
should succeed. ,n S#, issue the command show !ort'security interface $a4BL. The
status of the !ort should be back to normal.
5ou have com!leted this configurationBobservation activity.

Configuring Frame Relay
*b+ectives
View the default internetwork configuration.
Configure $rame (elay connectivity.
Configure Static and +efault routing.
Verify connectivity.

,ac$groun!-Scenario
$our routers must be interconnected in a hub'and's!oke $rame (elay configuration. (outer () is
the hub, and routers (", (#, and (* are s!oke routers. The $rame (elay connections will be
established using $rame (elay !oint'to'!oint connections over subinterfaces from () to each
s!oke router. (outing will be established using static routes on the hub router and default routes
on all s!oke routers. The frame relay switch6es7 have already been configured within the cloud.

(emote administrative access is established using SSH with the username a!min and !assword
cisco.

(as$ 1. Configure Frame Relay an! Static Routing on the Hub Router <R1=.
Step 1. Verify /efault Configurations.
g. ,n all four routers, enter !rivileged E-EC mode with the !assword cisco.
h. $rom !rivileged E-EC mode on all four routers, issue the show running1config
command to verify running configurations.
6ote. /ll routers have been !reconfigured with hostnames, enable !assword, and SSH
connectivity. /ll ./0 interfaces have also been configured with I addresses and are currently
active.
i. @se the show ip route command to verify routing tables.
Step 2. Configure the )hysical Frame Relay 9nterface on R1.
&hen configuring frame'relay subinterfaces, the main physical interface must be enabled for
$rame (elay connectivity= therefore, configure $rame (elay on the serial 4B4B4 interface of router
(). The $rame (elay .JI ty!e is autosensed and will not be manually configured.
j. $rom !rivileged E-EC mode on (), enter global configuration mode.
k. Enter the following commands on () to enable $rame (elay on the !hysical interface.
()6config78 interface serial"-"-"
()6config'if78 encapsulation frame1relay
()6config'if78 no shut!own
Step 3. Configure the Subinterfaces on R1.
$rame (elay subinterfaces will be configured using !oint'to'!oint $rame (elay. Configure the
!oint'to'!oint connections to the three s!oke routers via subinterfaces and assign the a!!ro!riate
dlci number to each frame relay connection, see the table below2
S4B4B4.)4" I2 )4.4.).)
SJ2 "99."99."99."9"
+.CI2 )4"
S4B4B4.)4# I2 )4.4.).9
SJ2 "99."99."99."9"
+.CI2 )4#
S4B4B4.)4* I2 )4.4.).<
SJ2 "99."99."99."9"
+.CI2 )4*
l. Create and configure subinterface s4B4B4.)4". $rom global configuration mode, enter
the following commands2
()6config78 interface Serial"-"-".1"2 point1to1point
()6config'subif78 ip a!!ress 1".".1.1 233.233.233.232
()6config'subif78 frame1relay interface1!lci 1"2
()6config'subif78 e&it
m. (e!eat the above ste!s to create and configure subinterface s4B4B4.)4# and s4B4B4.)4*.
()6config78 interface Serial"-"-".1"3 point1to1point
()6config'subif78 ip a!!ress 1".".1.3 233.233.233.232
()6config'subif78 frame1relay interface1!lci 1"3
()6config78 interface Serial"-"-".1"# point1to1point
()6config'subif78 ip a!!ress 1".".1.> 233.233.233.232
()6config'subif78 frame1relay interface1!lci 1"#

Step #. Configure Static Routing on R1 to reach the 786s of each spo$e router.
(outing between sites could be configured using dynamic or static routing. In this activity, you
will configure static routes to each remote ./0 sites.
n. $rom global configuration mode, enter the following static routes.
()6config78 ip route 1".2".2"." 233.233.233." 1".".1.2
()6config78 ip route 1".3".3"." 233.233.233." 1".".1.4
()6config78 ip route 1".#".#"." 233.233.233." 1".".1.1"
o. E%it out of configuration mode and issue the show running1config command to view
the final configuration on ().

(as$ 2. Configure Frame Relay an! /efault routing on the Spo$e Routers.
Step 1. Configure the )hysical Frame Relay 9nterface on the spo$e routers.
Oust as we configured the hub router for $rame (elay, the s!oke routers must also be configured.

p. $rom !rivileged E-EC mode on (", enter global configuration mode.
q. Configure the main !hysical interface for $rame (elay connectivity. Enter the
following commands on (".
("6config78 interface serial"-"-"
("6config'if78 encapsulation frame1relay
("6config'if78 no shut!own
Step 2. Configure the Subinterfaces on R2.
$rom global configuration mode, enter the following commands to create and configure the
subinterface. /ssign +.CI number )4) to the connection.
("6config78 interface Serial"-"-".1"1 point1to1point
("6config'subif78 ip a!!ress 1".".1.2 233.233.233.232
("6config'subif78 frame1relay interface1!lci 1"1
("6config'subif78 e&it
Step 3. Configure /efault Routing on R2.
$rom global configuration mode, enter the following static routes.
("6config78 ip route "."."." "."."." 1".".1.1

Step #. Repeat Steps 1 ' 3 on R3 an! R#.
r. ,n router (#, configure the following commands. /ssign +.CI )4) to the frame relay
connection
(#6config78 interface serial"-"-"
(#6config'if78 encapsulation frame1relay
(#6config'if78 no shut!own
(#6config78 interface Serial"-"-".1"1 point1to1point
(#6config'subif78 ip a!!ress 1".".1.4 233.233.233.232
(#6config'subif78 frame1relay interface1!lci 1"1
(#6config'subif78 e&it
(#6config78 ip route "."."." "."."." 1".".1.3

s. ,n router (*, configure the following commands. /ssign +C.I )4) to the frame'
relay connection.
(*6config78 interface serial"-"-"
(*6config'if78 encapsulation frame1relay
(*6config'if78 no shut!own
(*6config78 interface Serial"-"-".1"1 point1to1point
(*6config'subif78 ip a!!ress 1".".1.1" 233.233.233.232
(*6config'subif78 frame1relay interface1!lci 1"1
(*6config'subif78 e&it
(*6config78 ip route "."."." "."."." 1".".1.>

(as$ #. Verify Connectivity.
Step 1. Verify the Frame Relay networ$.
/fter configuring $rame (elay on all routers, verify the $rame (elay configuration on ().
t. Issue the show frame1relay map command on () to verify the connections to the
s!oke routers.
()8 show frame1relay map
Serial4B4B4.)4" 6u!72 !oint'to'!oint dlci, dlci )4", broadcast, status defined, active
Serial4B4B4.)4# 6u!72 !oint'to'!oint dlci, dlci )4#, broadcast, status defined, active
Serial4B4B4.)4* 6u!72 !oint'to'!oint dlci, dlci )4*, broadcast, status defined, active
u. 0e%t, issue the show frame1relay lmi command on ().
()8 show frame1relay lmi
.JI Statistics for interface Serial4B4B4 6$rame (elay +TE7 .JI T5E P CISC,
Invalid @nnumbered info 4 Invalid rot +isc 4
Invalid dummy Call (ef 4 Invalid Jsg Ty!e 4
Invalid Status Jessage 4 Invalid .ock Shift 4
Invalid Information I+ 4 Invalid (e!ort IE .en 4
Invalid (e!ort (e;uest 4 Invalid Qee! IE .en 4
0um Status En;. Sent "L 0um Status msgs (cvd "L
0um @!date Status (cvd 4 0um Status Timeouts )L

.JI Statistics for interface Serial4B4B4.)4" 6$rame (elay +TE7 .JI T5E P CISC,
0um Status En;. Sent 4 0um Status msgs (cvd 4

.JI Statistics for interface Serial4B4B4.)4# 6$rame (elay +TE7 .JI T5E P CISC,

.JI Statistics for interface Serial4B4B4.)4* 6$rame (elay +TE7 .JI T5E P CISC,

v. $inally, issue the show frame1relay pvc command on ().
()8 show frame1relay pvc
VC Statistics for interface Serial4B4B4 6$rame (elay +TE7
+.CI P )4", +.CI @S/CE P .,C/., VC ST/T@S P /CTIVE, I0TE($/CE P
Serial4B4B4.)4"

in!ut !kts )*499 out!ut !kts #"N<9 in bytes )4<L""I
out bytes L")L)99 dro!!ed !kts 4 in $EC0 !kts 4
in DEC0 !kts 4 out $EC0 !kts 4 out DEC0 !kts 4
in +E !kts 4 out +E !kts 4
out bcast !kts #"N<9 out bcast bytes L")L)99

+.CI P )4#, +.CI @S/CE P .,C/., VC ST/T@S P /CTIVE, I0TE($/CE P
Serial4B4B4.)4#


+.CI P )4*, +.CI @S/CE P .,C/., VC ST/T@S P /CTIVE, I0TE($/CE P
Serial4B4B4.)4*


6*(. C) and C# should now be able to successfully !ing each other and the web server. If
not, make sure that you entered all the commands e%actly as s!ecified in the !revious ste!s.
Step 2. Verify connectivity to the spo$e 786s.
$rom the () router, !ing the ./0 interfaces of routers (", (#, and (*. 5ou should be able to
successfully !ing.
5our com!letion !ercentage should be )44:. If not, click Chec$ Results to see which re;uired
Configuring 9nter1V786 Routing with 2ultilayer Switches
Complete! (opology
*b+ectives
Configure the switch virtual interfaces 6SVIs7.
Verify inter'V./0 routing.
,ac$groun!-Scenario
Inter'V./0 routing on distribution layer switches is made !ossible with switch virtual interfaces
6SVIs7. Jultilayer switches, such as Cisco Catalyst #9L4 switches, are ca!able of wires!eed I
routing in addition to traditional .ayer " switching. In this case, distribution layer bound I
subnets with hosts !ointing to the SVIs as default gateways for the res!ective I subnets. $ull I
communications, !reviously available only with dedicated routers, are made available with these
multilayer switches.
In this configuration, two distribution layer switches, +.S) and +.S" are connected in a !artial'
mesh to!ology with the access layer switches, /.S) and /.S". +.S) and +.S" load balance
the traffic at .ayer " on a !er'V./0 basis. SVIs are configured for each V./0 to enable inter'
V./0 I communication.
w. ,n all four switches, enter !rivileged E-EC mode with the enable command.
x. $rom !rivileged E-EC mode, issue the show interfaces trun$ and show interfaces
y. ,n the two distribution switches, issue the show vlan command to verify !ro!er
V./0 configuration.
*bservation. $a4B), $a4B", and $a4B# are configured for I4".); trunking. /dditionally,
all three are configured to trunk V./0s ), )4, "4, #4, << and all default vlans. The native
management V./0 is V./0<<.
$rom !rivileged E-EC mode on the access layer switches, issue the show vtp status
command to verify the !ro!agation of V./0 information. +.S) and +.S" should be
VT servers. /.S) and /.S" should be VT clients.
z. $rom each switch, issue the show spanning1tree command.
aa. Verify that all switches are running IEEE I4".)+ s!anning'tree.
bb. $or V./0s ), )4, "4, #4 and <<, which switch is the root bridgeH
*bservation. +.S) is the root bridge for V./0s ), "4, and <<. +.S" is the root bridge
for V./0s )4 and #4.
(as$ 2. Configure inter1V786 routing on the switches.
Step 1. Create the SV9s on the !istribution layer switches.
a. To create SVIs switches, enter the global configuration command interface vlan + on
+.S) and +.S" for V./0s )4, "4, #4, and <<.
b. ,n +.S), configure I addresses for each SVI. V./0)42 )4.4.)4.)B"*, V./0"42
)4.4."4.)B"*, V./0#42 )4.4.#4.)B"*, and V./0<<2 )4.4.<<.)B"*.
E%am!le
+.S)6config78 interface vlan 1"
+.S)6config'if78 ip a!!ress 1".".1".1 233.233.233."
c. ,n +.S", configure I addresses for each SVI. V./0)42 )4.4.)4."B"*, V./0"42
)4.4."4."B"*, V./0#42 )4.4.#4."B"*, V./0<<2 )4.4.<<."B"*.
(as$ 3. Verify inter1V786 routing.
Step 1. Configure 9) a!!ressing on the access layer switches.
a. Enter interface vlan 1 mode on /.S) and /.S" and enter the shut!own command.
b. Issue the interface vlan >> command followed by the no shut!own command on
/.S) and /.S".
c. Cive /.S) the management interface I address of )4.4.<<.#B"*.
d. Cive /.S" the management interface I address of )4.4.<<.*B"*.
e. ,n /.S), configure the default gateway to be )4.4.<<.)B"*.
f. ,n /.S", configure the default gateway to be )4.4.<<."B"*.
Step 2. (est 9C2) connectivity from the access layer switches to the !istribution layer SV9s.
cc. ,n /.S), issue the !rivileged E-EC command ping 1".".1".1. (e!eat for )4.4.)4.",
)4.4."4.), )4.4."4.", )4.4.#4.), )4.4.#4.", )4.4.<<.), and )4.4.<<.". The !ing tests
should all be successful.
dd. ,n /.S", issue the !rivileged E-EC command ping 1".".1".1. (e!eat for )4.4.)4.",
)4.4."4.), )4.4."4.", )4.4.#4.), )4.4.#4.", )4.4.<<.), and )4.4.<<.". The !ing tests
should all be successful.
5our com!letion !ercentage should be )44:. If not, click Chec$ Results to see which
re;uired com!onents are not yet com!leted.
Configuring RS()
Objectives
Enable (ST.
Configure !rimary and secondary root bridges.
Background/Scenario
S!anning tree modes other than VSTR are available. ,ne of these modes is (ST 6ra!id
s!anning tree !rotocol7, which greatly reduces the time between a !ort coming u! and changing
to forwarding, while still !reventing bridging loo!s. +uring the transition !eriod between (ST
states, ra!id s!anning tree falls back to regular s!anning tree on links that have regular s!anning
tree on one side.
In this configuration, two distribution layer switches, +.S) and +.S" are connected in a full'
mesh to!ology with the access layer switches, /.S) and /.S". +.S) and +.S" load balance
the traffic at .ayer " on a !er'V./0 basis.
a. ,n all four switches, enter !rivileged E-EC mode with the enable command.
b. $rom !rivileged E-EC mode, issue the show interfaces trun$ and show interfaces
*bservation. $a4BN, $a4B< and $a4B)) have all been configured as trunk !orts.
c. ,n the two distribution switches 6+.S) and +.S"7, issue the show vlan command to verify
!ro!er V./0 configuration.
*bservation. orts $a4BN, $a4B< and $a4B)) are not listed within a s!ecific vlan. /lso
V./0)44, ))4, )"4 and )#4 are created and active2
)44 Server'$arm') active
))4 Server'$arm'" active
)"4 0et'Eng active
)#4 Staff active
$rom !rivileged E-EC mode on the +.S), +.S", /.S), and /.S", issue the show vtp status
command to verify the !ro!agation of V./0 information.
*bservation. In +.S) and +.S", the o!erating mode is set to EserverF. In /.S) and /.S", the
o!erating mode is set to EclientF.
Step 3. Verify 9 :"2.1/ spanning1tree an! Root configuration on /7S1.
a. ,n switch +.SI, issue the show spanning1tree command and the show spanning1tree
summary command.
b. Verify that it is running IEEE I4".)+ s!anning'tree.
c. Verify that +.S) is the root bridge for all the V./0s.
*bservation. In the show spanning1tree out!ut the line EThis bridge is the rootF indicates the
current switch is the root bridge. /dditionally, the show spanning1tree summary out!ut
indicates2 (oot bridge for2 default Server'$arm') Server'$arm'" 0et'Eng Staff
d. Verify that !orts $4BN, $4B<, and $4B)) are designated forwarding !orts on +.S).
*bservation. In the out!ut, each interface is listed with the status set to forward. E%am!le2 $a4BN
+esg $&+
Step #. Verify 9 :"2.1/ spanning1tree an! port status on /7S2% 87S1% an! 87S2.
a. ,n each switch, issue the show spanning1tree command.
b. ,n +.S", verify that !ort $4BN is designated forwarding, !ort $4B< is non'designated blocking,
and $4B)) is root forwarding.
c. ,n /.S), verify that !ort $4BN is root forwarding and !orts $4B< and $4B)) are designated
forwarding.
d. ,n /.S", verify that !orts $4BN and $4B)) are non'designated blocking and !ort $4B< is root
forwarding.
*bservation. in the show spanning1tree out!ut, you should see each interface listed with the
status set. E%am!le2 $a4B< /ltn D.Q 6meaning non'designated blocking7
(as$ 2. Configure RS() on the switches an! loa! balance.
Step 1. nable RS().
To enable (ST on the switches, enter the global configuration command spanning1tree mo!e
rapi!1pvst on each switch.
Step 2. Configure /7S1 as the primary root bri!ge for V786s 1% 1""% an! 12" an! as the
secon!ary root bri!ge for V786s 11" an! 13".
a. ,n +.S), issue the spanning1tree vlan 1%1""%12" root primary command.
b. ,n +.S), issue the spanning1tree vlan 11"%13" root secon!ary command.
Step 3. Configure /7S2 as the primary root bri!ge for V786s 11" an! 13" an! as the
secon!ary root bri!ge for V786s 1% 1""% an! 12".
a. ,n +.S", issue the spanning1tree vlan 11"%13" root primary command.
b. ,n +.S", issue the spanning1tree vlan 1%1""%12" root secon!ary command.
Step #. Save the configuration an! power cycle all !evices.
a. ,n each swich, issue the command copy run start .
b. ,n T, below the to!ology, click on the button E!ower cycle devicesF.
(as$ 3. Verify RS() output.
Step 1. Verify the RS() configuration.
/fter configuring (ST on all switches, verify the (ST configuration on +.S).
a. Issue the show spanning1tree summary command to verify which version of s!anning tree
!rotocol is running on +.S) and to observe the V./0s for which +.S) is the root bridge.
*bservation.
+.S)8 show spanning1tree summary
Switch is in ra!id'!vst mode
(oot bridge for2 default Server'$arm') 0et'Eng
b. 0e%t, issue the show spanning1tree summary command to verify which version of s!anning
tree !rotocol is running on +.S" and to observe the V./0s for which +.S" is the root bridge.
*bservation.
+.S"8 show spanning1tree summary
Switch is in ra!id'!vst mode
(oot bridge for2 Server'$arm'" Staff
6ote. If this out!ut does not a!!ear, go back and ensure that all commands from Task " were
!erformed on all switches. /lso, be sure to !ower cycle the devices to allow for ;uicker
convergence in T.
(ests
9ntro!ucing Computer 6etwor$s
Com!uter networks do which of the followingH
/. /llow com!uter hosts to communicate data between each other
D. rovide a user interface to control com!uter hosts
C. rovide a user interface to control networking devices
+. ,!erate solar !ower stations
0etworking devices do which of the followingH
/. rovide an o!erating system for the Internet
D. /llow users to use more than one com!uter at once
C. Control and o!timi3e communication between host devices
+. /llow users to use more than one user interface at once
/ hub does which of the followingH
/. Jodifies the J/C address of a data'link frame to allow transmission over longer distances
D. Sends frames it receives on all !orts, e%ce!t on the !ort where the frame is received
C. /m!lifies the electrical signal to allow transmission over longer distances
+. Sends frames it receives only on the !ort that corres!onds to the destination J/C address of
the data'link frame
/ switch does which of the followingH
/. Jodifies the J/C address of a data'link frame to allow transmission over longer distances
D. Sends frames it receives on all !orts, e%ce!t on the !ort where the frame is received
C. /m!lifies the electrical signal to allow transmission over longer distances
+. Sends frames it receives only on the !ort that corres!onds to the destination J/C address of
the data'link frame
(he *S9 Reference 2o!el
&hat is the ,!en Systems Interconnection 6,SI7 reference modelH
/. / cabling standard that !hone and networking com!anies im!lement
D. / com!uter host architecture blue!rint that com!uter device manufacturers im!lement
C. / network architecture blue!rint that network and com!uter device manufacturers im!lement
+. / network device architecture blue!rint that network device manufacturers im!lement
How does the ,SI reference model guarantee inde!endence of layer functionalityH
/. Dy enca!sulating data at each layer and by defining clear interfaces between each layer
D. Dy allowing network and com!uter device manufacturers to im!lement !ro!rietary layers
C. Dy allowing communication between com!uter hosts over a network
+. Dy o!timi3ing the network route between com!uter hosts
&hat is the function of the a!!lication layer of the ,SI reference modelH
/. Segments and delivers data, correcting transmission errors
D. ,!ens and maintains communication channels, authenticating data communications
C. Converts data, encry!ts data, and translates data
+. Janages the user interface and !rocesses data before handing it off to the user
&hat is the function of the !resentation layer of the ,SI reference modelH
&hat is the function of the session layer of the ,SI reference modelH
&hat is the function of the trans!ort layer of the ,SI reference modelH
&hat is the function of the network layer of the ,SI reference modelH
D. Janages electrical, o!tical, and over'the'air transmission of data bits
C. (outes data frames locally and manages local !hysical addressing
+. (outes data !ackets between networks and manages global logical addressing
&hat is the function of the data link layer of the ,SI reference modelH
&hat is the function of the !hysical layer of the ,SI reference modelH
9ntro!ucing the (C) H) )rotocol Suite
&hich of the following describes a &eb browserH
/. .ayer N 6a!!lication7 !rotocol
D. .ayer N software a!!lication
C. .ayer L 6!resentation7 software a!!lication
+. /ll of the above
In connection'oriented trans!ort, which of the following occursH
/. Sending and receiving hosts e%change TC acknowledgments.
D. Sending and receiving hosts se;uence their TC segments.
C. Sending and receiving hosts !erform a three'way handshake.
+. /ll of the above.
&hat does the three'way handshake !rocess allow two hosts to doH
/. ,!en a bidirectional TC connection
D. ,!en a bidirectional I channel
C. ,!en a bidirectional @+ session
+. /ll of the above
&hat ha!!ens whenever a TC segment is missing at destinationH
/. The receiving com!uter host aborts transmission.
D. The sending com!uter host aborts transmission.
C. The receiving com!uter host re;uests a retransmission.
+. The sending com!uter host re;uests a retransmission.
&hat does the !ositive acknowledgment and retransmission 6/(7 TC !rocess ensureH
/. That all TC segments are received within a certain time !eriod
D. That all @+ segments are received within a certain time !eriod
C. That all TCBI segments are received within a certain time !eriod
+. That all I segments are received within a certain time !eriod
&hat do TC and @+ !orts allow multi!le network a!!lications to doH
/. (esolve the J/C address of the com!uter host they run on
D. Connect to network interface card 60IC7 drivers
C. Connect their sending and receiving counter!arts on the same sending and receiving com!uter
hosts
+. (esolve the I address of the com!uter host they run on

0ame one of the main functions of .ayer # 6network layer7 TCBI !rotocols.
/. Janage the electrical as!ect of network links
D. Choose the best route to send data !ackets between hosts, even when the hosts are se!arated
by several networks
C. Choose the best route to send data frames between hosts, only when the hosts are located
within the same local network
+. /ll of the above
I addresses are hierarchical to facilitate which of the followingH
/. Counting the number of hosts in a network
D. Counting the number of networks in a network
C. (outing of data !ackets in local and global networks
+. (outing of data frames in local networks
/ routed !rotocol is a .ayer " 6network layer7 !rotocol that does which of the followingH
/. (oute data !ackets
D. Send route u!date !ackets
C. (oute data !ackets and send route u!date !ackets
+. /ll of the above
/ routing !rotocol is a .ayer " 6network layer7 !rotocol that does which of the followingH
/. (oute data !ackets
D. Send route u!date !ackets
C. (oute data !ackets and send route u!date !ackets
+. /ll of the above
&hat do Jedia /ccess Control 6J/C7 addresses uni;uely identifyH
/. / s!ecific wide'area network 6&/07
D. / s!ecific local'area network 6./07
C. / s!ecific network device, such as a switch or a router, or a network interface card 60IC7 in a
com!uter host device
+. /ll of the above
/ata ncapsulation

&hat does inde!endence of layer functionality allowH
/. .ayers to change internally without im!acting other layers
D. .ayers to interact with network hardware
C. .ayers to interact with network software
+. .ayers to migrate from one o!erating system to another
+escribe !rotocol data units 6+@s7.
/. Dasic encry!tion method that allows a network interface card 60IC7 to send encry!ted data
!ackets over the network
D. Dasic encoding method that allows a network interface card 60IC7 to send data !ackets over
the network
C. Dasic data container used by each !rotocol to e%change data between hosts in a network
+. Dasic data container used by each !rotocol to set u! a virtual circuit
Each !rotocol data unit 6+@7 contains which of the followingH
/. +ata !ayload and control information about the local com!uter host
D. +ata !ayload and control information that hel!s the !rotocol figure out what to do with the
data !ayload
C. +ata !ayload and control information about devices in the network
+. +ata !ayload and control information about the remote com!uter host
,n the sending host, what is the function of each network layerH
/. (eceives a +@ from the u!!er layer
D. Duilds its own +@ containing the u!!er'layer +@ enca!sulated within its own +@
C. Enca!sulates original data !ayload in several nested +@s, one for each layer
+. /ll of the above
,n the receiving host, what is the function of each network layerH
/. (eceives a +@ from the lower layer
D. Stri!s out the lower'layer header and trailer because it doesnSt need them
C. E%tracts its own +@, containing a control header, data !ayload, and o!tionally a control
trailer
+. /ll of the above
,inary% He&a!ecimal an! /ecimal Systems
&hich of the following com!uter and network features rely on the !ro!erties of the he%adecimal
and binary numbering systemsH
/. Dit ma!s
D. Subnet masks
C. 0etwork addresses
+. /ll of the above
Convert )4)4)" to decimal notation.
/. ")
D. )
C. *+
+. $
Convert )L)4 to binary notation.
/. )44)4
D. 4)44)
C. )4444
+. )4))4
Convert L*)4 to binary notation.
/. )444444
D. ))4)4)4
C. ))))4)4
+. 44)4)4)
Convert )4)4)" to he%adecimal notation.
/. $
D. +
C. )9
+. )*
&hat does a nibble corres!ond toH
/. * bits
D. ) he%adecimal digit
C. T byte
+. /ll of the above
&hat does a byte corres!ond toH
/. * bits
D. ) he%adecimal digit
C. I bits
+. /ll of the above
Convert ))4)4)" to he%adecimal notation.
/. $
D. #9
C. "9
+. +)
Convert )44))))4)4)" to he%adecimal notation.
/. *$D
D. *+9
C. 9E)
+. +#"
Convert )L)L to binary notation.
/. )))
D. )4))4
C. )9
+. 4)4)
Convert )L$/)L to binary notation.
/. )))4)))4))444
D. )4))44))4)44)
C. )4))4)))))4)4
+. 4)4)44))44)4)
Convert +C)*$/)Lto binary notation.
/. 44)4))))4)4)4))4)4)4))))
D. )))4)4)44)4))))))4)44)4)
C. 4)4)))4)44)))4)44)4)4)4)
+. ))4)))44444)4)44)))))4)4

7ocal 8rea 6etwor$s <786=
&hich of the following describes EthernetH
/. / standard @T im!lementation that s!ecifies characteristics of @T cabling o!eration at the
!hysical and data link layers
D. / standard &/0 im!lementation that s!ecifies characteristics of &/0 o!eration at the
C. / standard fiber'o!tic im!lementation that s!ecifies characteristics of fiber'o!tic cabling
o!eration at the !hysical and data link layers
+. / standard ./0 im!lementation that s!ecifies characteristics of ./0 o!eration at the
&hat is the main !ur!ose of the CSJ/BC+ !rotocolH
/. To monitor a shared carrier medium used by several com!uter hosts to transmit data and to
detect frame collisions when they occur
D. To monitor a shared network interface card 60IC7 used by several com!uter hosts to transmit
data and to detect frame collisions when they occur
C. To monitor J/C addresses of incoming traffic on a network interface card 60IC7 on a
com!uter host and to detect frame collisions when they occur
+. To monitor J/C addresses of full'du!le% traffic on a network interface card 60IC7 on a
com!uter host and to detect frame collisions when they occur
&hat does the CSJ/BC+ back'off algorithm controlH
/. The Gam signal emitted by a sending host when a frame collision occurs
D. How much time com!uter hosts wait before they start sending again when a frame collision
occurs
C. The timeout for sending data'link frames when a frame collision occurs
+. The boot time of the network interface card 60IC7
&hich of the following describes full'du!le% transmissionsH
/. +ata frames are transmitted in one direction only over a single !air of wires
D. +ata frames are transmitted in both directions, simultaneously, over a single !air of wires
C. +ata frames are transmitted in both directions, simultaneously, over two !airs of wires
+. +ata frames are transmitted in both directions, simultaneously, over two wires
&hat is the ma%imum bandwidth of $ast EthernetH
/. )4444 Jb!s
D. )4 Jb!s
C. )444 Jb!s
+. )44 Jb!s
&hat is the ma%imum bandwidth of EthernetH
/. )4444 Jb!s
D. )4 Jb!s
C. )444 Jb!s
+. )44 Jb!s
&hat is the ma%imum bandwidth of Cigabit Ethernet 6CigE7H
/. )4444 Jb!s
D. )4 Jb!s
C. )444 Jb!s
+. )44 Jb!s
&hat is the ma%imum bandwidth of )4 Cigabit Ethernet 6) ,CigE7H
/. )4444 Jb!s
D. )4 Jb!s
C. )444 Jb!s
+. )44 Jb!s
&hat is the most common $ast Ethernet standardH
/. )4D/SE'T
D. )44D/SE'T-
C. )444D/SE'T
+. )4CD/SE'T
&hat is the most common Ethernet standardH
/. )4D/SE'T
D. )44D/SE'T-
C. )444D/SE'T
+. )4CD/SE'T
9ntro!ucing to 0i!e 8rea 6etwor$s <086=
+escribe wide'area networks 6&/0s7.
/. They s!an long distances.
D. They interconnect local'area networks 6./0s7.
C. They interconnect all the networks that make u! the Internet.
+. /ll of the above.
/ dedicated leased line is which of the followingH
/. / data communication line that is built by a customer
D. / data communication line that is used e%clusively by one customer
C. / data communication line that is shared by a few customers
+. /ll of the above
/dvantages of dedicated leased lines include which of the followingH
/. rivacy
D. (eliability
C. Highly available bandwidth
+. /ll of the above
&hat is the main disadvantage of circuit'switched connectionsH
/. .ow s!eed
D. .ack of !rivacy
C. High cost
+. .ow reliability
Circuit'switched connections use which of the following !rotocolsH
/. oint'to'oint rotocol 67
D. Serial .ine Internet rotocol 6S.I7
C. High'.evel +ata .ink Control 6H+.C7 rotocol
+. /ll of the above
&hat is the main disadvantage of !acket'switched connectionsH
/. .ow s!eed
D. Shared bandwidth
C. High cost
+. .ow reliability
9ntro!ucing 0ireless 6etwor$s
&hat is the main advantage of wireless ./0sH
/. Elimination of wired connections
D. Elimination of crosstalk
C. Elimination of signal attenuation
+. /ll of the above
&hat is a disadvantage of wireless ./0sH
/. .imited range
D. iggybacking
C. otential security risks
+. /ll of the above
+escribe wireless networks.
/. Short' or medium'range networks that connect host devices using satellites
D. Short' or medium'range networks that connect host devices using airwaves
C. Short' or medium'range networks that connect host devices using o!tical fiber
+. /ll of the above
&ireless local'area networks 6&./0s7 are standardi3ed by which of the following standardsH
/. IEEE I4".#w
D. IEEE I4".))w
C. IEEE I4".))
+. /ll of the above
&./0 security issues can be mitigated using which of the followingH
/. &i'$i rotected /ccess 6&/7
D. J/C address filtering
C. &ired E;uivalent rivacy 6&E7
+. /ll of the above
6etwor$ /esign
&hat is one of the layers defined by the Cisco hierarchical network modelH
/. +ata link layer
D. Session layer
C. /ccess layer
+. resentation layer
The core layer in the Cisco hierarchical network model is the layer that !rovides which of the
followingH
/. Very high's!eed, very highly available connectivity between large local networks
D. Very high's!eed, very highly available connectivity between large global networks
C. Very high's!eed, very highly available connectivity for hosts
+. Very high's!eed, very highly available connectivity for I !hones
To ensure that the core layer in the Cisco hierarchical network model is highly available, you
need to do which of the followingH
/. +esign redundancy into the network2 redundant routing, redundant links to distribution layer,
redundant !ower su!!lies, redundant cooling systems
D. +esign the network using blade hardware only2 use only blade'based routers when designing
core layer connectivity
C. +esign the core layer using .ayer " switches only
+. /ll of the above
&hat should you do to ensure that the core layer in the Cisco hierarchical network model is fastH
/. /void enabling any services that would slow the core router
D. /void connecting end devices such as host devices at the core layer
C. /void enabling slower routing !rotocols on core routers
+. /ll of the above
The distribution layer in the Cisco hierarchical network model is the layer that does which of the
followingH
/. .inks the session layer to the access layer
D. .inks the data link layer to the access layer
C. .inks the core layer to the access layer
+. .inks the !resentation layer to the access layer
&hat are distribution layer switches and routers best suited to doH
/. $ind the best network route for !ackets into and out of ./0s and &/0s
D. $ilter !ackets
C. Interconnect ./0s and connect ./0s to &/0s
+. /ll of the above
&hat do distribution layer switches and routers manageH
/. 0/T 60etwork /ddress Translation7, /C.s 6access control lists7, firewalls, inter'./0 and
inter'V./0 routing
D. 0/T 60etwork /ddress Translation7, /C.s 6access control lists7, firewalls, routing within
./0s and routing within V./0s
C. 0/T 60etwork /ddress Translation7, /C.s 6access control lists7, firewalls
+. /ll of the above
&hat is the function of the access layer in the Cisco hierarchical network modelH
/. Interconnects core routers to ./0s
D. Interconnects end devices such as hosts to ./0s
C. Interconnects distribution routers to ./0s
+. Interconnects end devices such as hosts to core routers
0ame some of the benefits of designing networks according to the Cisco hierarchical network
model.
/. S!eciali3ation
D. Scalability
C. .imitation of !roblem domain
+. /ll of the above
9ntro!ucing Cisco Har!ware
&hat is the Cisco I,SH
/. CiscoSs !ro!rietary switch and router o!erating system
D. CiscoSs !ro!rietary &eb'based switch and router network management system
C. CiscoSs !ro!rietary switch and router memory routing !rotocol
+. CiscoSs !ro!rietary &eb'based switch and router device management software a!!lication
&hat is the Cisco +evice JanagerH
/. CiscoSs !ro!rietary switch and router o!erating system
D. CiscoSs !ro!rietary &eb'based switch and router network management system
C. CiscoSs !ro!rietary switch and router memory routing !rotocol
+. CiscoSs !ro!rietary &eb'based switch and router device management software a!!lication
&hen does the !ower'on self test 6,ST7 runH
/. Immediately after the Cisco I,S loads on a switch or router
D. Immediately after the startu! configuration loads on a switch or router
C. Immediately after the flash memory is initiali3ed on a switch or router
+. Immediately after a Cisco switch or router is !owered u!
&hat is the main !ur!ose of the bootstra! !rogram, also known as the boot
loaderH
/. To bring u! a Cisco switch or router by loading the startu! configuration
from flash memory to (/J
D. To bring u! a Cisco switch or router by loading the Cisco I,S from flash memory to (/J
C. To bring u! a Cisco switch or router by loading the running configuration
from flash memory to (/J
+. To bring u! a Cisco switch or router by loading the Cisco +evice Janager from flash memory
to (/J
&hat is the main !ur!ose of the (,J Jonitor micro!rogram, also known as (,JJ,0H
/. To maintain, test, and troubleshoot the !ower consum!tion of a Cisco device
D. To maintain, test, and troubleshoot the console !ort of a Cisco device
C. To maintain, test, and troubleshoot the configuration stored in (,J and in the flash memory
of a Cisco device
+. To maintain, test, and troubleshoot the (,J !ort of a Cisco device
It is best !ractice to use entry'level switches, such as the Cisco Catalyst #9L4, at which of the
following layersH
/. /ccess and distribution layer
D. +istribution and core layer
C. Core layer
+. /ccess and core layer
&hat does the flash memory on a Cisco switch or router storeH
/. The startu! configuration of a Cisco switch or router
D. The image file of the Cisco I,S
C. The Cisco +evice Janager software a!!lication !rogram
+. /ll of the above
&here is the Cisco switch and router running configuration loaded fromH
/. The running configuration file during startu!
D. CiscoSs &eb site during startu!
C. The startu! configuration file during startu!
+. /ll of the above
The Cisco I,S command'line interface o!erates in setu! mode to do which of the followingH
/. Initially configure the (,J Jonitor 6(,JJ,07 micro!rogram
D. Initially configure the Cisco +evice Janager software a!!lication
C. Initially configure the I,S
+. Initially configure the switch or router
The Cisco I,S command'line interface o!erates in !rivileged configuration mode to do which of
the followingH
/. Configure the (,J Jonitor 6(,JJ,07 micro!rogram
D. Configure the Cisco +evice Janager software a!!lication
C. Configure the I,S
+. Configure the switch or router
9ntro!ucing (C)-9)
&hich layer of the ,SI model is res!onsible for reliable delivery of data across the !hysical
networkH
/. 0etwork layer
D. +ata link layer
C. Trans!ort layer
+. hysical layer
Transmission Control rotocol o!erates at which ,SI layerH
/. Trans!ort layer
D. 0etwork layer
C. Session layer
+. +ata link layer
&hich layer of the ,SI model is res!onsible for managing sessions between a!!licationsH
/. resentation layer
D. /!!lication layer
C. Trans!ort layer
+. Session layer
&hich of the following are not ste!s in the data'enca!sulation !rocessH 6Choose two.7
/. Segments are converted into frames
D. @ser information is converted into data
C. $rames are converted into bits
+. ackets are converted into frames
E. +ata is converted into !ackets
&hat does SJT stand forH
/. Sending Jail Transfer rotocol
D. Sim!le Jail Transfer rotocol
C. Sim!le Jethod Timing rotocol
+. Sim!le Janagement Transfer rotocol
The @ser +atagram rotocol o!erates at which ,SI layerH
/. Trans!ort layer
D. 0etwork layer
C. Session layer
+. +ata link layer
TCBI is based on which ty!e of technologyH
/. Circuit'switching
D. acket'switching
C. $rame'switching
+. Header'switching
&hich layer of the ,SI model theoretically resides closest to the end userH
/. resentation layer
D. +ata link layer
C. /!!lication layer
+. hysical layer
TC is considered to be what ty!e of !rotocolH
/. Connectionless
D. ro!rietary
C. Session'oriented
+. Connection'oriented
&hich layer in the +o+ model is res!onsible for routing I !acketsH
/. hysical layer
D. Session layer
C. 0etwork layer
+. Internet layer

(C)-9) 7ayers an! )rotocols
&hich !rotocol !revents bridging loo!sH
/. S!anning Tree rotocol
D. Dorder Cateway rotocol
C. ,!en Shortest ath $irst rotocol
+. Transmission Control rotocol
&hich function of Ethernet networks !revents data collisionsH
/. TCBI
D. CSJ/BC+
C. IC(
+. I4".#
&hich layer of the ,SI model contains the J/C and ..C sublayersH
/. hysical layer
D. 0etwork layer
C. Trans!ort layer
+. +ata link layer
&hich !rotocol does not acknowledge recei!t of dataH
/. @ser +atagram rotocol
D. @ser +atagram acket
C. Transmission Control rotocol
+. Internet Control Jessage rotocol
&hich of the following is a valid J/C addressH
/. )<".)LI.)4).)
D. 4)44)))4)))44)44
C. 44'4f')f'<c'"d'ad
+. "99."9U."99.4
+ata framing occurs at which ,SI layerH
/. Trans!ort layer
D. 0etwork layer
C. +ata link layer
+. Session layer

&hat is the correct order of data enca!sulation starting from the a!!lication layer to the !hysical
layerH
/. Dits, $rames, ackets, Segments, @ser +ata
D. @ser data, $rames, ackets, Segments, Dits
C. @ser data, ackets, Segments, $rames, Dits
+. @ser data, Segments, ackets, $rames, Dits
&hich layer of the ,SI model most closely resembles the network access layer in the +o+
modelH
/. hysical layer
D. 0etwork layer
C. +ata link layer
+. Trans!ort layer
&hich ,SI layer is res!onsible for multi!le%ingH
/. +ata link
D. Trans!ort
C. Session
+. 0etwork
/( determines the address by using the known address.
/. Hardware, I
D. J/C, HE-
C. I, J/C
+. Ethernet, (/(
&hich of the following are routing !rotocolsH 6Choose all that a!!ly.7
/. I
D. DC
C. EIC(
+. @+
E. ,S$
TC sockets consist of the and .
/. J/C address, ICJ !ackets
D. frames, segments
C. I address, J/C address
+. I address, !ort number
9) a!!ressing
&hich !art of an I address identifies s!ecific devices on the networkH
/. 0etwork I+
D. Third octet
C. $irst " bits
+. Host I+
&hich of the following are routable Class / I host addressesH 6Choose two.7
/. )4.4.4.9*
D. )"L.4.4.)
C. I".I".I".I"
+. )"N."".#*.)44
E. 4.9*.<.N
&hich command can be used to verify internal TCBI stack functionalityH
/. !ing )<".)LI.).)
D. !ing )"N.4.4.)
C. !ing )4.4.4.)
+. !ing )N".)LI.4.)
&hat is the binary number 4)))))4) in decimalH
/. L
D. )*4
C. )"9
+. )"L
&hich of the following is the broadcast address for network )N".)LI.4.4 with a
"99."99.4.4 subnet maskH
/. )N".)LI.)L."9*
D. )N".)LI."99."99
C. )N".)LI."99."99
+. "99."99."99."9*
&hich of the following are reserved I addresses and cannot be issued to !ublic hostsH 6Choose
three.7
/. )"N.4.4.)44
D. )N".#).).)
C. 4.9.NN.")
+. )"L.*.)L.#L
E. ))).L".9*.*
$. )<).L.N.I

&hich !art of a Class / I address using a standard I'bit subnet mask identifies the host I+H
/. $irst octet
D. $irst, second, and third octet
C. $irst and second octet
+. Second, third, and fourth octet
&hich settings must be configured on a host to !ass I traffic across an inter networkH 6Choose
three.7
/. ICJ
D. +efault gateway
C. .oo!back address
+. I address
E. J/C address
$. Subnet mask
&hich !rotocol investigates the network for an I address from the known hardware addressH
/. (/(
D. ICJ
C. /(
+. /( !ro%y
Select some of the benefits of !rivate I addressingH 6Choose all that a!!ly.7
/. +oes not re;uire 0/T
D. Increased security
C. Saves Iv* address s!ace
+. /llows entire !rivate network to use one !ublic I address
Subneting
How many hosts are available on the "44.)44.)9.4B"* networkH
/. )"L
D. L"
C. "9*
+. #"
&hat is the !ur!ose of V.SJH
/. S!lits a network into e;ual !arts
D. Creates sub'subnets of various lengths
C. ,!timi3es and load'balances routing traffic
+. /utomatically u!dates routing tables
&hich command disables 6default'enabled7 I subnet 3ero on the routerH
/. 4 i! subnet'3ero
D. off i! subnet 3ero
C. disable i! subnet'3ero
+. no i! subnet'3ero
How many bits must you borrow from a Class D host I+ to get the subnet mask of
"99."99.""*.4H
/. "
D. #
C. 9
+. *
&hich of the following re!resents the reverse !rocess of subnettingH 6Choose three.7
/. Su!ernetting
D. (oute aggregation
C. V.SJ
+. Summari3ation
E. Subnet masking
$. Converting binary to dotted'decimal
&hat are im!ortant reasons for subnetting a networkH 6Choose three.7
/. (outing table si3e reduction
D. Troubleshooting and !roblem isolation
C. Se!arating broadcast traffic
+. Ease of management
E. (e;uires less !lanning
&hich routing !rotocols su!!ort V.SJH 6Choose all that a!!ly.7
/. IC(
D. EIC(
C. (I
+. IS'IS
E. ,S$
$. DC
5our Class C network re;uires )4 subnets with )4 hosts !er subnet. &hich subnet mask is
correctH
/. "99."99."99.4
D. "99."99."99."*4
C. "99."99."*4
+. "99."99."99."*I
&hich of the following networks would use the subnet mask of "99.4.4.4 by defaultH 6Choose all
that a!!ly.7
/. )I4.).9.4
D. )"<.4.4.)
C. )49.4.4.4
+. 4.L.4.9
&hat ty!e of I address is "4*."4).")4.*H
/. Host I
D. Droadcast I
C. 0etwork I
+. Julticast I
9ntro!ucing 7ayer 2 switches
The data link layer. .ayer " in the ,SI network reference model, is re!resented in TCBI by
which of the followingH
/. I addresses
D. Ethernet
C. EtherChannel
+. /ll of the above
&hat is the main function of the data link layerH
/. To handle data frame transmission locally between two devices connected on a local'area
network 6./07
D. To handle data frame transmission between two devices connected on a wide'area network
6&/07
C. To handle I !acket routing locally between two nodes connected on a local'area network
6./07
+. To handle I !acket routing between two nodes connected on a wide'area network 6&/07
.ayer " switches rely on the to determine whether they forward data'link frames on an outgoing
!ort.
/. $irmware version
D. I address
C. J/C address
+. /ll of the above
How does a hub forward a data frameH
/. ,nly on the outbound !ort where the target firmware connects
D. ,nly on the outbound !ort where the target I address connects
C. ,nly on the outbound !ort where the target J/C address connects
+. ,n all outbound !orts, e%ce!t on the !ort through which the frame came in
+escribe how a .ayer " switch learns addresses.
/. The switch saves the !ort number where each data frame enters the switch along with the
source I address of that frame in the I address table.
D. The switch saves the !ort number where each data frame enters the switch along with the
source J/C address of that frame in the J/C address table.
C. The switch saves the !ort number where each data frame enters the switch along with the
source firmware version of that frame in the J/C address table.
+. The switch saves the !ort number where each data frame enters the switch along with the
source firmware version of that frame in the I address table.
+escribe how a .ayer " switch floods a frame.
/. The switch eliminates redundant interswitch links.
D. The switch sends a data frame only on the outgoing !ort where the destination device can be
reached.
C. The switch sends a data frame on all outgoing !orts e%ce!t on the !ort where it entered the
switch.
+. The switch discards a data frame.
+escribe how a .ayer " switch forwards a frame.
reached.
switch.
+escribe how a .ayer " switch avoids loo!s.
reached.
switch.
@nicast transmission involves which of the followingH
/. / device sending a frame to multi!le target devices
D. / device sending a frame to all devices in its local network
C. / device sending a frame to a single target device
+. /ll of the above
Virtual local1area networ$s <V786s=
Virtual local'area networks 6V./0s7 allow you to do which of the followingH
/. Subdivide a ./0 into several logical ./0s
D. Subdivide a J/C address into several logical J/C addresses
C. Subdivide an I address into several logical I addresses
+. /ll of the above
Virtual local'area networks 6V./0s7 limit the domain.
/. collision
D. search
C. broadcast
+. /ll of the above
&hat is a benefit of using V./0sH
/. Qee!s things well organi3ed by logically grou!ing your network based on J/C addresses
D. Qee!s things well organi3ed by logically grou!ing your network based on business
de!artments and functions
C. Qee!s things well organi3ed by logically grou!ing your network based on &eb sites names
+. /ll of the above
5ou create a V./0 using the I,S command.
/. virtual lan create
D. vlan create
C. vlan
+. virtual lan enable
Static V./0 membershi! involves which of the followingH
/. Janually assigning a s!ecific !ort to a s!ecific V./0
D. /utomatically assigning a s!ecific !ort to a s!ecific V./0 using VJS
C. Janually enabling a s!ecific !ort with the virtual lan command
+. /utomatically enabling a s!ecific !ort with the virtual lan command
How is data'link traffic identified to belong to a s!ecific V./0H
/. Dy tagging each data'link frame with the ./0 I+
D. Dy tagging each data'link frame with the I address
C. Dy tagging each data'link frame with the J/C address
+. Dy tagging each data'link frame with the V./0 I+
&hat do you need to do to create a V./0 trunk over an EtherChannel logical !ortH
/. Create the EtherChannel logical !ort first and set it u! as a trunk !ort
D. Create the trunk !ort first and set it u! as an EtherChannel logical !ort
C. Create a V./0 first and set it u! as a trunk !ort
+. Create a V./0 first and set it u! as an EtherChannel logical !ort
&hat is the main !ur!ose of the +ynamic Trunking rotocol 6+T7H
/. To configure EtherChannel logical !orts automatically
D. To configure EtherChannel logical !orts and V./0 !ort trunks automatically
C. To configure V./0 !ort trunks automatically
+. /ll of the above
VT u!dates re!resent the !rocess by which a VT server does which of the followingH
/. +istributes information about new J/C addresses added to J/C address tables in the VT
domain using a VT notification
D. +istributes information about new EtherChannel logical !orts defined in the VT domain
using a VT notification
C. +istributes information about new V./0 trunk !orts defined in the VT domain using a VT
notification
+. +istributes information about new V./0s defined in the VT domain using a VT
notification
VT !runing re!resents the !rocess by which a VT server or client does which of the followingH
/. (efuses VT u!dates for V./0s that are not active on its !orts
D. (efuses VT u!dates for V./0 trunk !orts that are not active on its !orts
C. (efuses VT u!dates for EtherChannel logical !orts that are not active on its !orts
+. (efuses VT u!dates for J/C addresses that are not active on its !orts

Data Comm Tech

Uploaded by

Document Information

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Data Comm Tech

Uploaded by

Copyright:

Available Formats

Configuring SSH

You might also like