Cisco® CCENT Exam Cram Notes : Telnet, Cdp, Auxiliary Password, And Cisco Router Configuration.
38)TCP and UDP work at transport layer of OSI model or the Host-to-Host layer of DOD Model.
Telnet command works at Layer 7 of your TCP/IP stack. If you are able to Telnet to your remote router, you can be sure that the TCP/IP stack is properly installed.
Other commands, such as Ping, trace, and ipconfig work at lower layers of the TCP/IP stack.
Telnet is used for terminal emulation that runs programs remotely.
FTP is used to transfer files.
TCP/IP is the protocol used when you are Telnetting to a remote host. HTTP is used for accessing the World Wide Web services.
39)The "no cdp enable" instruction has to be given at the interface configuration mode, where CDP needs to be disabled. (in this case S0/0).
The actual encryption process occurs when the current configuration is written or when a password is configured. Service password encryption is applied to all passwords, including username passwords, authentication key passwords, the privileged command password, console and virtual terminal line access passwords. This command is primarily useful for keeping unauthorized individuals from viewing your password in your configuration file.
The address range and the corresponding binary values for the first octet of Ip classes are as given below:
Class A: 0-127 binary: 00000000-01111111
Class B: 128-191 binary: 10000000 - 10111111
Class C: 192-223 binary: 11000000 - 11011111
Class D: 224-239 binary: 11100000 - 11101111
Note that the IP address 220.127.116.11 belongs to class B, and hence the applicable binary address range is 10000000 - 10111111.
40)The auxiliary password is used to set the password for the auxiliary port.
Assuming that you are at # prompt, the sequence of commands are:
RouterA(config)#line aux 0
Now you are set with a password <password>. Type "<ctrl>Z " to take you to the # prompt or "exit" to go back to global configuration "RouterA(config)#" prompt.
Similar procedure is applicable for setting vty and console passwords as well.
A banner is displayed whenever anyone logs in to your Cisco router. The syntax for configuring the banner is
"banner motd # " . MOTD stands for "Message Of The Day".
# symbol signifies the start of the banner message to the router. You will be prompted for the message to be displayed. You need to enter "#" symbol at the end of the message, signifying that the msg has ended.
The Catalyst 1900 and 2820 series switches support three types of switching methods:
1. FastForward (Cut-through): In this type of switching, the packet is forwarded as soon as the destination address is read. This has least latency.
2. FragmentFree ( Modified cut-through): This type of switching is useful when your network is experiencing large number of collisions. FragmentFree switching has a latency in between FastFoward and the Store-and_Forward.
3. Store-and-Forward: This method stores the entire frame and checks for errors before forwarding it on to another port. Store-and-forward has the highest latency compared with both FastForward and FragmentFree.
The default switching method used by Catalyst 1900 series switches is FastForward.
41)The Cisco router can be configured from many locations.
1. Console port: During the initial installation, you configure the router from a console terminal connected to the "Console port" of the router.
2. Virtual Terminals (vty): A virtual terminal (vty) is typically accessed through Telnet. A router can be accessed through vty after it the initial installation in the network. There are five virtual terminals, namely, vty0,vty1,vty2,vty3,vty4.
3. Auxiliary Port: you can configure a router through auxiliary port. Typically, a modem is used to configure the modem through aux port.
4. TFTP Server: Configuration information can be downloaded from a TFTP server over the network.
5. NMS (Network Management Station): You can also manage router configuration through NMS such as CiscoWorks or HP OpenView.
42)The command "ipx routing" selects IPX as a routing protocol and starts the routing process.
Some other important commands are:
1. ipx maximum-paths 2: This command allows load sharing over parallel metric paths to the destination. The parallel paths that can be used is limited to 2.
2. Interface ethernet 0.1 : Indicates the first sub interface on interface e0.
The command "no router rip" is used for removing all rip entries from the router.
The command "show CDP neighbors" displays all the neighboring devices connected and their capability. Several capability codes are:
R - Router H - Host
T - Trans Bridge I - IGMP
B - Source Route Bridge r - repeater
S - Switch
This command displays the following:
1. Neighbor Device ID : The name of the neighbor device;
2. Local Interface : The interface to which this neighbor is heard
3. Capability: Capability of this neighboring device - R for router, S for switch, H for Host etc.
4. Platform: Which type of device the neighbor is. (2500 router or anything else)
5. Port ID: The interface of the remote neighbor you receive CDP information
6. Holdtime: Decremental hold time in seconds
43)The command "terminal no editing" stops all advance editing features.
The command "cdp run" in global configuration mode enables CDP globally on the router. The command "cdp enable" is used to enable CDP on a particular interface/port.
The command used to disable CDP is " no cdp enable".
The command "ip default-gateway 192.168.1.1" in global configuration mode can be used to sets the default gateway on a Cisco switch/router.
The command initialize will load the IOS during password recovery on a Cisco 2501. Typical sequence of steps involved in password recovery (on 2501 router) is:
1. Power cycle the router by turning it OFF and ON.
2. Press Break key (key configuration depends on the router type) within 60 seconds of power on.
3. Use the rommon command o/r 0X2142
4. Use rommon command INITIALIZE to load IOS
5. Skip the setup mode (by choosing NO to configuration commands).
6. Enter privileged mode
7. After entering the privileged mode, you can view the passwords by issuing appropriate config commands.
44)The command syntax for configuring RIP version1 on a router is:
Network <network number>
Note that the network numbers are specified as either class A, or Class B or Class C; and contain no subnetting information.
The other choices are wrong, as they contain subnetting information or subnet mask.
The command to configure a static route to network 18.104.22.168/28 from RouterA is
ip route 22.214.171.124 255.255.255.240 126.96.36.199
ip route <remote_network><mask> <default_gateway> [administrative_distance]
Administrative distance is an optional input.
45)The correct syntax for setting default route is
Router(config)#ip route 0.0.0.0 0.0.0.0 188.8.131.52
You can also set default route by specifying the interface as below:
Router(config)#ip route 0.0.0.0 0.0.0.0 s0
The correct syntax is
ip route 0.0.0.0 0.0.0.0 <next_hop_address>.
The default administrative distances are as below:
Directly connected ----- 0
Static Route ------------- 1
External BGP ------------20
EIGRP --------------------- 90
OSPF ----------- 110
RIP ------------ 120
The default port numbers used for some important services are:
SSL:443 (Secure socket layer)
When you are accessing a Web page, the browser sends the request over the default port number (For WWW, the default port number is 80). For any reason, If you change the default port number that a Web server listens to, users need to specify the port number in the URL
46)The distinguishing characteristics of a TCP frame are Sequence Number, Acknowledgment Number, and Window.
The first line "Serial0/0 is down, line protocol is down" says that the Serial 0/0 is down. It usually means a hardware failure on the router interface. Therefore, it is recommended to check Layer 1 (Physical layer) parameters. If the Physical layer is okay, and if there is any problem with protocol matching, you usually get the error "Serial0/0 is up, line protocol is down".
The following are frequently used OSI layer 2 (data link) protocols:
c. Frame Relay
f. Token Ring
47)The following are main features of route summarization in EIGRP:
1. By default, EIGRP summarizes routes at the major network boundaries (classful boundaries).
2. To enable summarization at any level other than major network boundary, you need to disable auto summarization using the command:
3. The following command enables summarization at an arbitrary network boundary:
"Ip summary-address <as-number> <address-mask>"
4. Note that you need to specify the IP address and routing mask of the summary route. No need to specify the metrics.
The following are some important commands that can be used to edit and review command history buffer. It will be useful to practice these commands.
<ctrl> A : Move to the beginning of the command line
<ctrl> E : Move to the end of the command line
<ctrl> F : Move forward one character, same as using "Right Arrow".
<ctrl> B : Move backward one character, same as using "Left Arrow".
<ctrl> P : Repeat Previous command, same as using "Up Arrow".
<ctrl> N : Repeat Next (more recent) command, same as using "Down Arrow".
<esc> B : Moves to beginning of previous word.
<esc> F : Moves to beginning of next word.
<ctrl>R : Creates new command prompt, followed by all the characters typed at the last one.
48)The following are some Presentation Layer standards:
Graphic and Visual Image: PICT, TIFF, JPEG
Movies and Sound: MIDI, MPEG, Quick Time
The following are Session layer standards:
The following are the important characteristics of SDM:
1. SDM doesn't use Telnet/SSH for communicating with the router. Actually, a web server will be running on the router, and the client software will be running on the host computer.
2. SDM uses web interface on a PC, and the user needs to connect to the router over an IP network and not through Console.
3. The configuration will be written to the router's running configuration file only after the Finish button is pressed on the SDM wizard. Note that the configuration is not written to the start-up configuration.
4. SDM configuration wizard allows DHCP client services to be configured, with an option to add PAT services or not.
The following are true about HDLC encapsulation over serial links:
a. HDLC encapsulation used on Cisco routers is proprietary (uses a Type field), and may not be compatible with routers manufactured by other vendors
b. It is recommended to use other encapsulation schemes such as PPP when connecting between a Cisco router and a non-Cisco router instead of HDLC encapsulation.
49)The following are true about the IP address 184.108.40.206/25
Subnet mask: 255.255.255.128
Subnet address: 220.127.116.11
Broadcast address: 18.104.22.168
Lowest valid host address in the given subnet: 22.214.171.124 (A hostaddress of all zeros cannot be used)
Highest valid host address in the given subnet: 126.96.36.199 (A host address of all ones cannot be used)
Valid host address range: 188.8.131.52 - 184.108.40.206
The following precautions may be taken to harden network infrastructure:
a. Use physical barriers such as room lock so that un-authorized persons do not have access to the network devices.
b. Use firewall so that outsiders cannot access network devices from outside the network
c. Enable SSH so that passwords are transmitted in encrypted form
The four layers of DoD model from Top to Bottom are:
1. Process Layer: Responsible for implementation of user-level aplications such as mail delivery, file transfer, and remote login.
2. Host-to-Host Layer: Responsible for flow control,and retransmission of lost packets. TCP, and UDP protocols work at this layer.
3. Internet Layer: Responsible for routing data across a network of networks. Routed protocols such as IP work at this layer. Routing protocols are also associated with this layer.
4. Network Access Layer: Responsible for the delivery of data segments over a given particular hardware media. Different protocols such as CSMA/CD work at this layer.
50)The Internet architecture provides an unregulated network path to attack innocent hosts. Denial-of-service (DoS) attacks exploit this to target mission-critical services. DoS attacks, are explicit attempts to block legitimate users system access by reducing system availability. Any physical or host-based intrusions are generally addressed through hardened security policies and authentication mechanisms. Although software patching defends against some attacks, it fails to safeguard against DoS flooding attacks, which exploit the unregulated forwarding of Internet packets.
The Mac sublayer specification 802.3z describes gigabit Ethernet over fiber or shielded copper.
The Mac sublayer specification 802.3ab (1000BaseT) describes gigabit Ethernet over Category 5 UTP.
The MAC address contains 48 bits expressed as 12 hexadecimal digits. Note that 2 hexadecimal digits represent a byte. Therefore, a MAC address contains 6 bytes. The first 3 bytes represent the manufacturer identification code. The next 3 bytes represent the interface number unique to a given manufacturer.
MAC address represents the hardware address and is usually burned into the ROM. A typical MAC address looks like:
xx-xx-xx-xx-xx-xx, where x represents a hexadecimal digit.
Here, 00-00-0c represents the vendor address, and 12-14-33 typically represents the interface serial number. The last 6 hex digits are administered by respective vendors, and unique to a given vendor.
Note that other choices given in the question are not correct.
The MAC address table of a switch would be empty to begin with. However, it builds the MAC table learning from the frames that arrive at its ports by adding the MAC address and the corresponding port that it had arrived to the MAC table. In this case, there is no MAC entry for interface Fa0/10. Therefore, a new entry will be added to the MAC table with the MAC (of00a0.2a38.f23a) address of HostC.
51)The maximum allowed cable lengths are as given below:
10Base5: 500 meters
10Base2: 185 meters
10BaseT: 100 meters
100BaseT: 100 meters
1000BaseT: 100 meters
The number of distinct IPs' required in an IP network are
I) One each per client computer
2) One each per server computer
3) One each per router interface.
The port number used by TCP is 6 and that of UDP is 17.
TCP is a full-duplex, connection-oriented protocol. It incorporates error checking as well.
UDP (User Datagram Protocol): UDP is a thin protocol. UDP is a connectionless protocol. It doesn't contact the destination before sending the packet and doesn't care whether the packet is reached at the destination. UDP uses port number 6.
The port numbers used by different programs are as below:
FTP : Port #21
Telnet: Port #23
SMTP: Port #25
SNMP: Port #161
It is also worthwhile to know that FTP,Telnet,SMTP use TCP; whereas TFTP,SNMP use UDP.
52)The purpose of port security is to prevent access to the LAN from un-authorized hosts.
The range of numbers from 220.127.116.11 to 18.104.22.168 are used for multicast packets. This is known as Class D address range.
The serial port on a router is commonly used for connecting to an ISP's T1 circuit.
The store and forward switch works by first receives the whole packet before retransmission. Cut-through switch mode retransmits a frame as soon as it reads the destination address. Fragment-free switch mode reads the first 64 bytes before retransmission. Therefore, the latency of cut-through and fragment-free switch modes is constant, whereas that of store-and-forward varies depending on the length of the packet.
The subnet Id of the IP address 22.214.171.124/20 is 126.96.36.199
The available host address range is 188.8.131.52 - 184.108.40.206
Broadcast address: 220.127.116.11
The subnet Id of the IP address 18.104.22.168/20 is 22.214.171.124
The available host address range is 126.96.36.199 - 188.8.131.52
Broadcast address: 184.108.40.206
53)The subnet mask 255.255.255.224 uses 3 bits for network portion (4 usable subnets are possible) and 5 bits towards host portion (30 hosts addresses available).
The syntax for ping command is : "ping <destination_address>"
The following are possible responses to "ping" command:
U destination Unreachable
C Congestion experienced
! Successful receipt of echo reply
. Time out
? Packet type unknown
& Packet time to live exceeded
Ping sends ECMP echo. Ping can be used with almost any type of Network layer protocols including IPX, IP, VINES, AppleTalk etc.