1.
CSMA/CD stands for Carrier Sense Multiple Access/Collision Detection.
Correct Answer
A. True
Explanation
CSMA/CD stands for Carrier Sense Multiple Access/Collision Detection. This is a protocol used in Ethernet networks to control access to the network medium. It allows multiple devices to share the same communication channel by sensing if the channel is idle before transmitting data. If two devices attempt to transmit data at the same time and a collision occurs, they both detect the collision and wait for a random amount of time before retransmitting. Therefore, the statement "CSMA/CD stands for Carrier Sense Multiple Access/Collision Detection" is true.
2.
Which of the following are the parts of an Ethernet Frame?
Correct Answer(s)
A. Preamble/Start of Frame Delimiter
B. Destination Address
C. Source Address
D. Length/Type
E. Data
F. FCS/Frame Check Sequence
Explanation
An Ethernet Frame consists of several parts that are necessary for the transmission and reception of data. The Preamble/Start of Frame Delimiter is the first part of the frame and is used to synchronize the receiving device with the incoming data. The Destination Address specifies the intended recipient of the frame. The Source Address identifies the sender of the frame. The Length/Type field indicates the length of the data or the type of protocol being used. The Data field contains the actual payload or information being transmitted. Finally, the FCS/Frame Check Sequence is a checksum value used for error detection.
3.
Which of the following are the parts of a MAC Address?
Correct Answer(s)
A. Broadcast
B. Local
C. OUI number
D. Vendor number
Explanation
A MAC address, also known as a Media Access Control address, is a unique identifier assigned to a network interface card (NIC) by the manufacturer. It consists of six pairs of hexadecimal digits, separated by colons or hyphens. The parts of a MAC address mentioned in the options are all correct. The "Broadcast" refers to a special MAC address that is used to send data to all devices on a network. The "Local" part refers to the locally assigned address that is unique to a particular device. The "OUI number" (Organizationally Unique Identifier) is the first three pairs of digits in a MAC address, which identifies the manufacturer. The "Vendor number" refers to the last three pairs of digits, which further specifies the device model or type.
4.
What are the characteristics of half-duplex?
Correct Answer(s)
A. Unidirectional data flow
B. Higher potential for collision
C. Hub connectivity
Explanation
The characteristics of half-duplex include unidirectional data flow, which means that data can only flow in one direction at a time. This leads to a higher potential for collision, as multiple devices may try to transmit data simultaneously. Half-duplex is often associated with hub connectivity, where multiple devices are connected to a central hub. It is also typically used in point-to-point connections only, meaning it can only be connected to one other device at a time. Lastly, in half-duplex mode, the collision detect circuit is disabled, as collisions are expected to occur.
5.
What are the characteristics of full-duplex?
Correct Answer(s)
D. Point-to-Point only
E. Attached to dedicated switch port
F. Collision detect circuit disabled
Explanation
Full-duplex communication allows for simultaneous two-way data flow, meaning data can be transmitted and received at the same time. It requires a point-to-point connection, where only two devices are connected directly to each other, typically through a dedicated switch port. In full-duplex mode, the collision detect circuit is disabled because collisions cannot occur in this type of communication.
6.
If auto-negotiation fails because the attached device does not support it, the Catalyst switch defaults the switch port to half-duplex mode.
Correct Answer
A. True
Explanation
If the auto-negotiation process between the Catalyst switch and the attached device fails, it means that they are unable to agree on the communication parameters such as speed and duplex mode. In such a case, the Catalyst switch will default the switch port to half-duplex mode. This means that the switch port will only be able to send or receive data at one time, reducing the overall bandwidth available for communication. Therefore, the given statement is true.
7.
Half-duplex on one end and full-duplex on the other causes late collision errors at the half-duplex end.
Correct Answer
A. True
Explanation
When one end of a communication link is operating in half-duplex mode, it can only transmit or receive data at a time, while the other end is operating in full-duplex mode, allowing simultaneous transmission and reception. This combination can lead to late collision errors at the half-duplex end. Late collisions occur when a device detects a collision after it has started transmitting data, resulting in wasted time and potential data loss. Therefore, the statement is true.
8.
With this feature enabled, the switch detects the interface required for copper media and configures the interface accordingly.
Correct Answer
auto-MDIX
automatic medium-dependent interface crossover
auto-mdix
Explanation
This feature, known as auto-MDIX or automatic medium-dependent interface crossover, allows the switch to detect the type of interface required for copper media and automatically configures the interface accordingly. This means that the switch can determine whether a straight-through or crossover cable is needed for the connection and adjusts the interface settings accordingly, eliminating the need for manual configuration or the use of crossover cables.
9.
Switches use MAC addresses to direct network traffic to the appropriate port.
Correct Answer
A. True
Explanation
Switches use MAC addresses to direct network traffic to the appropriate port. This is because switches operate at the data link layer of the OSI model and use MAC addresses to identify and forward data packets to the correct destination. Each device connected to a switch has a unique MAC address, and the switch maintains a table that maps these addresses to the corresponding ports. When a data packet arrives at the switch, it examines the destination MAC address and forwards the packet only to the port associated with that address, ensuring efficient and accurate delivery of network traffic.
10.
If a destination address is not in the table, the switch forwards the frame out all ports except the receiving port.
Correct Answer
A. True
Explanation
If a destination address is not found in the table, it means that the switch does not have information about where to forward the frame. In this case, the switch will use a technique called flooding, where it forwards the frame out all ports except the one it received the frame on. This ensures that the frame reaches its intended destination, even if the switch is not aware of its location. Therefore, the statement is true.
11.
When two connected hosts want to communicate with each other, the switch uses the switching table to establish a connection between the ports. This provided maximum available bandwidth to both hosts, as if the network has only two hosts.
Correct Answer
microsegment
Explanation
Microsegmentation is a network design technique where a switch divides a network into smaller segments, allowing for better bandwidth utilization and improved network performance. In this scenario, the switch uses its switching table to establish a direct connection between the ports of the two connected hosts, effectively creating a microsegment. This ensures that the maximum available bandwidth is dedicated to the communication between these two hosts, simulating a network with only two hosts and minimizing congestion or interference from other devices on the network.
12.
Only Layer 3 devices or a VLAN form separate broadcast domains.
Correct Answer
A. True
Explanation
The statement is true because Layer 3 devices, such as routers, can separate broadcast domains by using IP addresses to route traffic between different networks. Additionally, VLANs (Virtual Local Area Networks) can also create separate broadcast domains by logically dividing a single physical network into multiple virtual networks. Both Layer 3 devices and VLANs help to reduce network congestion and improve network performance by limiting the broadcast traffic to specific areas.
13.
A collection of interconnected switches.
Correct Answer
broadcast domain
Explanation
A broadcast domain refers to a network segment where all devices can receive broadcast messages sent by any other device within that same segment. In this context, a collection of interconnected switches can create a broadcast domain. When switches are interconnected, they allow broadcast messages to be forwarded across the network, enabling devices connected to different switches to receive these broadcast messages. Therefore, the given answer of "broadcast domain" is a suitable explanation for a collection of interconnected switches.
14.
This means that LANs are segmented into a number of smaller collision and broadcast domains using routers and switches.
Correct Answer
lan segmentation
Explanation
LAN segmentation refers to the process of dividing a LAN (Local Area Network) into smaller collision and broadcast domains using routers and switches. This is done to improve network performance, security, and manageability. By segmenting the LAN, network traffic is isolated, reducing collisions and improving overall network efficiency. Routers and switches are used to create these segments, allowing for separate broadcast domains and controlling the flow of data between them. This helps to enhance network performance and ensure that data is delivered only to the intended recipients.
15.
Design considerations for Ethernet.
Correct Answer(s)
A. Bandwidth and Throughput
B. Collision Domains
C. Microsegment
D. Broadcast Domains
E. Network Latency
F. Network Congestion
G. LAN Segmentation
Explanation
The answer includes various design considerations for Ethernet networks. Bandwidth and throughput refer to the capacity and speed of data transmission. Collision domains are areas where network collisions can occur, affecting network performance. Microsegmentation involves dividing a network into smaller segments to improve performance and security. Broadcast domains are areas where broadcast messages are sent, affecting network traffic. Network latency refers to the delay in data transmission. Network congestion occurs when there is a high volume of data traffic, leading to performance issues. LAN segmentation involves dividing a LAN into smaller segments for better network management and performance.
16.
Two primary considerations for designing a LAN:
-
Controlling network latency
-
Removing bottlenecks
Correct Answer
A. True
Explanation
The given answer is true because controlling network latency and removing bottlenecks are indeed two primary considerations for designing a LAN. Network latency refers to the delay in data transmission between devices on a network, and controlling it is crucial for ensuring efficient communication and minimizing delays. Removing bottlenecks involves identifying and resolving any points in the network where data congestion occurs, which helps to optimize network performance and prevent data flow issues. Both of these considerations are essential for designing a LAN that can support smooth and seamless communication.
17.
Methods switches use to forward Ethernet frames.
Correct Answer(s)
A. Store-and-forward
B. Cut-through
Explanation
Store-and-forward and cut-through are two methods that switches use to forward Ethernet frames.
Store-and-forward is a method where the switch receives the entire Ethernet frame before forwarding it. It checks the frame for errors and then forwards it to the appropriate destination. This method ensures that the frame is error-free before forwarding it, but it introduces some latency as the switch needs to wait for the entire frame to be received.
Cut-through, on the other hand, is a method where the switch starts forwarding the frame as soon as it receives the destination MAC address. It does not wait for the entire frame to be received or check for errors. This method reduces latency but may forward frames with errors.
Straight-through is not a method used by switches to forward Ethernet frames.
18.
Store-and forward is the only method used on current Cisco Catalyst switches.
Correct Answer
A. True
Explanation
Store-and-forward is a method used on current Cisco Catalyst switches. This method involves receiving the entire data frame before forwarding it to the destination, allowing the switch to perform error checking and ensure data integrity. This method is commonly used to handle collisions and errors in the network, making it an essential feature of Cisco Catalyst switches. Therefore, the given statement is true.
19.
Any corrupt frames are still forwarded and consume network bandwidth in cut-through method.
Correct Answer
A. True
Explanation
In the cut-through method of forwarding frames in a network, any corrupt frames are still forwarded to their destination. This means that even if a frame is damaged or contains errors, it will still be transmitted across the network, consuming bandwidth. This can be inefficient as it can potentially lead to the transmission of corrupted data, which may need to be retransmitted later. Therefore, the statement is true.
20.
In symmetric switching, all ports have the same bandwidth.
Correct Answer
A. True
Explanation
In symmetric switching, all ports have the same bandwidth. This means that each port on the switch has an equal amount of bandwidth available for data transmission. This allows for equal distribution of network traffic and prevents any one port from becoming a bottleneck. Symmetric switching is commonly used in Ethernet networks to ensure fair and efficient data transfer between devices.
21.
In asymmetric switching, more bandwidth can be assigned to a server to prevent bottlenecks.
Correct Answer
A. True
Explanation
In asymmetric switching, more bandwidth can be assigned to a server to prevent bottlenecks. This means that the network can allocate a higher amount of data transmission capacity to a specific server, allowing it to handle more traffic and reducing the chances of congestion or bottlenecks. This can be particularly useful for servers that require a higher bandwidth due to their criticality or high demand. By assigning more bandwidth to these servers, the network can ensure smoother and more efficient data transmission.
22.
In memory buffering, switch analyzes some or all of a packet before it forwards it to the destination host based on the forwarding method.
Correct Answer
A. True
Explanation
In memory buffering, the switch examines the content of a packet before sending it to the intended recipient based on the forwarding method. This allows the switch to make decisions about how to handle the packet, such as determining the appropriate output port or applying quality of service policies. By analyzing the packet in memory before forwarding, the switch can optimize the network's performance and ensure efficient delivery of data. Therefore, the statement "True" accurately describes the concept of memory buffering in switches.
23.
In port-based memory buffering, frames are stored in queues that are linked to specific incoming and outgoing ports.
Correct Answer
A. True
Explanation
Port-based memory buffering is a method of storing frames in queues that are associated with specific incoming and outgoing ports. This means that when a frame is received on a particular port, it is stored in the corresponding queue and can be retrieved from that queue when it needs to be transmitted out of the network. This method allows for efficient management of network traffic and ensures that frames are stored and transmitted in the correct order. Therefore, the statement "True" is the correct answer.
24.
In shared memory buffering, the switch deposits all frames into a common memory buffer that all the ports on the switch share. The amount of buffer memory required by a port is dynamically allocated.
Correct Answer
A. True
Explanation
Shared memory buffering is a technique used in switches where all frames are deposited into a common memory buffer that is shared by all the ports on the switch. This allows for efficient utilization of memory resources as the buffer memory required by a port is dynamically allocated. Therefore, the given statement is true.
25.
Characteristics of Layer 2 Switching:
Correct Answer(s)
A. Performs switching and filtering based only on the OSI Data Link layer (Layer 2) MAC address.
Performs switching and filtering based only on the OSI Data Link layer (Layer 2) MAC address.
Performs switching and filtering based only on the OSI Data Link layer (Layer 2) MAC address.
B. Completely transparent to network protocols and user applications.
Explanation
Layer 2 switches perform switching and filtering based only on the MAC address, which is a characteristic of Layer 2 switching. They are completely transparent to network protocols and user applications, meaning they do not modify or interfere with the data being transmitted. This allows for efficient and seamless communication between devices on the network. However, the given answer only mentions the first characteristic of Layer 2 switching and does not include the information about transparency to network protocols and user applications.
26.
Characteristics of Layer 3 Switching:
Correct Answer(s)
C. Can also use IP address information
D. Also learn which IP addresses are associated with its interfaces.
E. Direct traffic throughout the network based on IP address information.
Explanation
Layer 3 switching has the capability to use IP address information in addition to MAC address information for switching and filtering. It can learn which IP addresses are associated with its interfaces and can direct traffic throughout the network based on IP address information. This means that Layer 3 switches can make routing decisions based on IP addresses, allowing for more efficient and intelligent forwarding of network traffic.
27.
CLI commands that are the same with the router and switch.
Correct Answer(s)
A. Access modes with a password
B. Help Facility and Command History
C. Configure console and telnet access
D. Commands to configure options for each interface
E. Commands to verify the status of the switch
Explanation
The given answer includes CLI commands that are common for both routers and switches. Access modes with a password ensure that unauthorized users cannot access the device. Help Facility and Command History provide assistance and allow users to view previously executed commands. Configuring console and telnet access allows users to access the device remotely. Commands to configure options for each interface enable customization of interface settings. Commands to verify the status of the switch help in troubleshooting and monitoring.
28.
CLI commands that are different with the router and switch.
Correct Answer(s)
F. Commands to create and control VLANs
G. Configure a default gateway
H. Manage the MAC Address table
I. Switch security
Explanation
The given answer includes commands that are specific to switches and not routers. VLANs (Virtual Local Area Networks) are used to divide a switch into multiple virtual switches, allowing for better network management and security. Configuring a default gateway is necessary for a switch to communicate with devices outside of its local network. Managing the MAC Address table involves controlling the flow of data between devices connected to the switch. Switch security refers to implementing measures to protect the switch from unauthorized access and potential threats. These commands are not applicable to routers as their functionality and configuration differ from switches.
29.
MAC Adress that is learned from the frames received on each port.
Correct Answer(s)
dynamic mac adress
Explanation
The correct answer is "dynamic MAC address." A dynamic MAC address is learned from the frames received on each port. This means that the switch or network device is actively monitoring the network and updating its MAC address table based on the MAC addresses it detects in the incoming frames. Dynamic MAC addresses are temporary and can change as devices connect and disconnect from the network.
30.
The process where dynamic MAC Address are removed from the table.
Correct Answer(s)
aging
Explanation
Aging refers to the process of removing dynamic MAC addresses from the table. In a network, MAC addresses are stored in a MAC address table to facilitate communication between devices. However, as devices are added or removed from the network, MAC addresses may become outdated or no longer in use. To ensure the table remains accurate and efficient, aging is performed to remove these unused MAC addresses. This helps free up space in the table and allows for better management of network resources.
31.
Default interval for aging Dynamic MAC Address.
Correct Answer(s)
300 seconds
300 secs
Explanation
The default interval for aging Dynamic MAC Address is 300 seconds or 300 secs. This means that the MAC addresses of devices connected to the network will be considered valid for 300 seconds before they are removed from the MAC address table. After this time period, if the device has not sent any traffic, its MAC address will be aged out and removed from the table.
32.
MAC Address specifically assigned by the network administrator and are not aged out.
Correct Answer(s)
static mac address
Explanation
A static MAC address is specifically assigned by the network administrator and does not age out. This means that it remains constant and does not change over time. Unlike dynamic MAC addresses, which are automatically assigned by the network device and may change if the device is replaced or reconfigured, static MAC addresses are manually configured and are typically used for devices that require a fixed address for identification or security purposes.
33.
Network Security Audits practices:
Correct Answer(s)
A. Reveals what sort of information an attacker can gather simply by monitoring network traffic.
B. Determine MAC address table limits and age-out period.
Explanation
Network security audits practices involve several activities. One of them is to reveal the type of information that an attacker can gather by simply monitoring network traffic. This helps in understanding the potential vulnerabilities and allows for appropriate countermeasures to be implemented. Additionally, determining the MAC address table limits and age-out period is important as it helps in managing and securing the network infrastructure effectively. Overall, network security audits aim to identify security weaknesses and plan strategies to avoid any performance impacts.
34.
Network Penetration Testing practices:
Correct Answer(s)
C. Identify security weaknesses.
D. Plan to avoid performance impacts.
Explanation
Network Penetration Testing practices help to identify security weaknesses in a network. By conducting penetration testing, organizations can simulate real-world attacks and identify vulnerabilities that could be exploited by attackers. This allows them to take proactive measures to strengthen their network security and protect sensitive information.
Additionally, network penetration testing helps in planning to avoid performance impacts. During the testing process, the impact on network performance can be assessed, and measures can be taken to minimize any potential disruptions. This ensures that the testing does not negatively affect the normal functioning of the network and allows organizations to maintain smooth operations while addressing security vulnerabilities.
35.
Common features of Network Security Tools:
Correct Answer(s)
A. Service Identification
B. Support of SSL Service
C. Non-destructive and Destructive Testing
D. Database of Vulnerabilities
Explanation
The common features of network security tools include service identification, support of SSL service, non-destructive and destructive testing, and a database of vulnerabilities. Service identification refers to the ability of the tool to identify and analyze various services running on a network. Support of SSL service means that the tool can handle secure communication protocols. Non-destructive and destructive testing refers to the tool's ability to perform both passive and active tests on the network to identify vulnerabilities. Lastly, the tool should have a database of vulnerabilities to compare and match against the network's security status.
36.
Usage of Network Security Tools:
Correct Answer(s)
A. Capture chat messages
B. Capture files from NFS traffic
C. Capture HTTP requests
D. Capture mail messages
E. Capture passwords
F. Display captured URLs in a browser in real-time
G. Flood a switched LAN with random MAC addresses
H. Forge replies to DNS addresses
I. Intercept packets
Explanation
This answer correctly identifies the various network security tools that can be used for different purposes. These tools include capturing chat messages, files from NFS traffic, HTTP requests, mail messages, and passwords. It also includes the ability to display captured URLs in a browser in real-time, flood a switched LAN with random MAC addresses, forge replies to DNS addresses, and intercept packets. These tools can be used to monitor and secure network traffic, detect and prevent unauthorized access, and analyze network vulnerabilities.