CCNA v7: IPv6, EIGRP, and Static Routing

Questions and Answers

What will router R1 do with a packet that has a destination IPv6 address of 2001:db8:cafe:5::1?

• forward the packet out GigabitEthernet0/0 (correct)
• forward the packet out Serial0/0/0
• forward the packet out GigabitEthernet0/1
• drop the packet

Which floating static route would create a backup route to the 10.10.0.0/16 network in the event that the link between R1 and Branch2 goes down?

• ip route 10.10.0.0 255.255.0.0 209.165.200.226 100
• ip route 10.10.0.0 255.255.0.0 209.165.200.225 100
• ip route 10.10.0.0 255.255.0.0 Serial 0/0/0 100
• ip route 10.10.0.0 255.255.0.0 209.165.200.225 50 (correct)

How should the static route on R1 be changed to allow user traffic from the LAN to reach the Internet?

• Add the next-hop neighbor address of 209.165.200.226.
• Add an administrative distance of 254.
• Change the destination network and mask to 0.0.0.0 0.0.0.0 (correct)
• Change the exit interface to S0/0/1.

Which option shows a correctly configured IPv4 default static route?

ip route 0.0.0.0 0.0.0.0 S0/0/0 (D)

Which static route command can be entered on R1 to forward traffic to the LAN connected to R2?

ipv6 route 2001:db8:12:10::/64 S0/0/0 (D)

What is a method to launch a VLAN hopping attack?

introducing a rogue switch and enabling trunking (C)

Which type of LAN attack is the analyst targeting during this evaluation?

MAC address table overflow (B)

Which statement explains the reason that the number of active clients is 0?

The state is not maintained by the DHCPv6 server under stateless DHCPv6 operation. (C)

Which entry should be seen in the ARP table on Host1 in order to gain connectivity to the Internet?

the virtual IP address and the virtual MAC address for the HSRP group 1 (D)

Match the forwarding characteristic to its type.

Layer 1 = down/down problem Layer 2 = up/down problem Administratively = Disabled Operational = up/up

Which statement is correct about how a Layer 2 switch determines how to forward frames?

Frame forwarding decisions are based on MAC address and port mappings in the CAM table. (D)

Which statement describes a result after multiple Cisco LAN switches are interconnected?

The broadcast domain expands to all switches. (B)

Match the link state to the interface and protocol status.

Layer 1 = down/down problem Layer 2 = up/down problem Administratively = disabled Operational = up/up

How is a frame sent from PCA forwarded to PCC if the MAC address table on switch SW1 is empty?

SW1 floods the frame on all ports on SW1, excluding the port through which the frame entered the switch. (D)

Why were VLANs 10 and 100 not removed after the administrator used the command erase startup-config?

Because these VLANs are stored in a file that is called vlan.dat that is located in flash memory, this file must be manually deleted. (D)

Match the description to the correct VLAN type.

Native VLAN = Carries untagged traffic Management VLAN = An IP address and subnet mask are assigned to this VLAN, allowing the switch to be accessed by HTTP, Telnet, SSH, or SNMP Default VLAN = All switch ports are assigned to this VLAN after the initial bootup of the switch Data VLANs = Configured to carry user-generated traffic

What will STP do in the situation where two switches are connected using redundant links?

STP will block one of the redundant links. (B)

What is a secure configuration option for remote access to a network device?

Configure SSH. (D)

Which wireless encryption method is the most secure?

WPA2 with AES (C)

What type of network device includes all of the described features?

wireless router (C)

What will be the source MAC and IP addresses on the packet when it arrives at host B?

Source MAC: 00E0.FE91.7799, Source IP: 10.1.1.10 (B)

What is the purpose of the command ip route 0.0.0.0 0.0.0.0 serial 0/1/1?

Packets with a destination network that is not 10.10.0.0/16 or is not 10.20.0.0/16 or is not a directly connected network will be forwarded to the Internet. (A)

Which two VTP modes allow for the creation, modification, and deletion of VLANs on the local switch? (Choose two.)

master (B), server (D)

Which three steps should be taken before moving a Cisco switch to a new VTP management domain? (Choose three.)

Configure the switch with the name of the new management domain. (A), Select the correct VTP mode and version. (D), Reset the VTP counters to allow the switch to synchronize with the other switches in the domain. (E)

What action takes place when a frame entering a switch has a multicast destination MAC address?

The switch will forward the frame out all ports except the incoming port. (B)

What should be done or checked when a traceroute to a device on the new network revealed a wrong path and unreachable status?

Check the configuration of the exit interface on the new static route. (A)

Which method of IPv6 prefix assignment relies on the prefix contained in RA messages?

SLAAC (B)

Which two protocols are used to provide server-based AAA authentication? (Choose two.)

TACACS+ (C), RADIUS (D)

Which mitigation technique would prevent rogue servers from providing false IP configuration parameters to clients?

turning on DHCP snooping (B)

Which protocol or technology uses source IP to destination IP as a load-balancing mechanism?

EtherChannel (A)

What action takes place when a frame entering a switch has a unicast destination MAC address that is not in the MAC address table?

The switch will forward the frame out all ports except the incoming port. (B)

What protocol or technology manages trunk negotiations between switches?

DTP (B)

What does the command 'ip dhcp snooping limit rate 6' do?

It restricts the number of discovery messages, per second, to be received on the interface. (A)

Flashcards

IPv6 Default Route

Compressed form of IPv6 default route ::/0, used when a more specific route is absent.

Floating Static Route

A backup route that becomes active if the primary EIGRP learned route fails.

Correcting Static Route

Change the destination network and mask to 0.0.0.0 0.0.0.0 to correct a static route.

IPv4 Default Static Route

The static route ip route 0.0.0.0 0.0.0.0 S0/0/0 matches all networks.

Macof Attack

A network attack that uses a tool mainly to flood LAN switches with MAC addresses.

Show IPv6 DHCP Pool shows 0 active clients

The IPv6 DHCP pool configuration has no IPv6 address range specified.

Hosts and HSRP

ARP replies from HSRP routers contain this to the virtual MAC. Hosts will use virtual IP address.

Layer 2 Switch Forwarding

Based MAC address and port mappings in the CAM table.

Interconnected Cisco LAN Switches

Expands to all switches.

A frame sent from PCA forwarded to PCC

Floods the frame on all ports on SW1, excluding the port through which the frame entered the switch.

VLANs still exist on switch

A file located in flash memory because these VLANs are stored in a file that is called vlan.dat.

Data VLAN

configured to carry user generated traffic.

STP will block one of the redundant links

To block one of the redundant links.

Secure Configuration

Configure an ACL and apply it to the VTY lines.

The source MAC and IP addresses on the packet when it arrives at host B

00E0.FE91.7799, 10.1.1.10.

Command Purpose

Packets, destined for networks that are not in the routing table of HQ will be dropped.

Command Purpose

The packets that are received from the Internet will be forwarded to the LAN which is connected to R1 or R2.

Protocol

EtherChannel

VLAN 99 missing

Because VLAN 99 has not yet been created

PaGP Channel

DTP

Rounting table

Remove the route using the no ip route command

DHCPv4 relay agent

Is configured as a DHCPv4 relay agent.

First

Perform low-level CPU initialization

Ethernet 0/1

The ip helper-address command was applied on the wrong interface

The static route

has no connectivity with the site since lunch time.

Credential

a key that matches the key on the AP

Study Notes

• The following are detailed study notes for students preparing for the CCNA 2: Switching, Routing, and Wireless Essentials (Version 7.00) exam.

IPv6 Addressing and Routing

• Router R1 forwards IPv6 packets with destination address 2001:db8:cafe:5::1 via Serial0/0/0.
• ::/0 signifies the IPv6 default route used when no specific route is found.

EIGRP and Floating Static Routes

• A floating static route provides a backup path when the primary EIGRP route fails.
• A floating static route must have an administrative distance higher than EIGRP's (90).
• The floating static route to network 10.10.0.0/16 uses 209.165.200.225 as the next hop IP addresses.

Static Route Configuration

• A default static route is configured using 0.0.0.0/0 as the destination.
• An incorrectly configured static route can prevent LAN users from reaching the internet.
• Correct the wrong destination network and mask on R1 by configuring IP Route 0.0.0.0 0.0.0.0.

IPv4 Default Static Route

• The correct configuration for an IPv4 default static route is ip route 0.0.0.0 0.0.0.0 [exit interface].
• IPv6 static route forwards traffic to a LAN connected to R2 with S0/0/1 and fe80::2.

VLAN Hopping Attacks

• VLAN hopping attacks can be launched by introducing rogue switches and enabling trunking or sending spoofed native VLAN information.

MAC Address Table Overflow

• Analysts use the macof tool to check switches that are vulnerable to MAC address table overflow attacks.

DHCPv6 Server Configuration

• A DHCPv6 server must have in IPv6 pools, an IPv6 address range specified, for active Clients

HSRP Configuration

• Hosts send ARP requests to the virtual IP address.
• HSRP routers respond with the virtual MAC address for HSRP group 1, for Hosts to gain connectivity to Internet

Layer 2 Switching and Frame Forwarding

• Frame forwarding decisions on Layer 2 switches rely on MAC addresses and port mappings stored in the CAM table.
• Microsegmentation allows each Cisco LAN port to represent a separate collision domain

Cisco LAN Switches

• Interconnected Cisco LAN switches, do not filter broadcast frames which creates one large broadcast domain
• MAC address table is built by examining source MAC addresses of incoming frames.
• Switches forward frames out all ports except the ingress port if the destination MAC address is unknown

VLAN Configuration

• An erased startup-config will not remove VLANs in flash memory, vlan.dat file must be manually deleted from flash memory

VLAN Types

• Data VLANs carry user- generated traffic
• Management VLANs use an IP addresses and subnet mask and access the switch using HTTP, Telnet, SSH, or SNMP
• Native VLANs pass untagged traffic
• Default VLANs assign all switch ports to a VLAN after initial bootup

EtherChannel Technology

• STP blocks on redundant links by default to avoid creating a loop and broadcast storm

Remote Access Security

• Securing remote access includes access lists on VTY lines and SSH configuration

Wireless Network Configuration

• Most secure wireless encryption method is WPA2 with AES
• A network device with switch ports, SSID configuration and authentication settings (WLAN), firewall capabilities

Packet Source and Destination Addresses

• In packet flow, layer 2 addresses change while Layer 3 addresses stay the same.
• A firewall device places its own MAC Address as the Source MAC and replaces the Source IP with its own IP

Static Routes

• Used for traffic not a directly connected NW, requires the internet for Packet destination
• Packets for non-routing Table destinations are dropped or undeliverable

Layer 2 Loops

• Are disabled using STP, not VTP

VLAN Interface Issues

• Is usually a lack of configuration

Trunking Configurations

• To establish successful trunking choose three from one or more of the protocols
• dynamic desirable protocol
• trunk protocol
• spanning tree root

Cisco Express Forwarding (CEF)

• CEF is disabled for Ethernet to use static routes
• If Cisco Express Forwarding is disabled, multiaccess network interfaces require fully specified static routes

Static Routes

• Static Routes are used for network security
• With CEF disabled, you can use an exit interface or hop address to configure one

Switch Boot Sequence

• The correct Switch boot sequence should be, POST, ROM, CPU, Flash, IOS, and Control

IP Helper not configured on Interface

• Is an example where PCs can't receive proper IP Address

Open Defaults

• Open or default WiFi settings create network intrusion

Management SNMP Messages

• Is referred to as Traps

Wireless Setup

• To begin installing a Cisco 3500 series WLC, open the WIRELESS tab
• The default IP address of an AP, should be changed because it helps secure the network
• You should disable wireless data and packet info to help avoid intrusion

Troubleshooting

• Use multi-Lite Wave APs, it helps to centralize multiple Wave channels, and provides greater privacy

BPDU Ports

• It allows enhanced stability along a network

Attackers MAC flood switch

• Is an example of hackers attempting to see all data

IPv6 address

• Is configured when a stateless DHCPv6 configuration utilizes

AAA Networks

• Has data for proper network access

Wi-Fi operations

• Operates properly in a dual channel frequency, typically setup by a technician

Show Commands information

• Show switch port shows Spanning Tree BIDs and Roles

Trunk Protocol

• Does prevent information from being sent properly

Static Routes Protocol

• Do stop all IP addresses from being properly configured

HSRP Protocols

• Will send a HSRP to the default gateway

PAgP Protocols

• Are necessary for auto configurations

Shutdown Protocols

• Has default guard configuration

MAC Attacks

• Help others from gaining proper access

802.1x Setup

• Can have the highest levels of bandwidth

IPv6 Protocols

• Needs unicast and local configurations

Access protocols

• Work for a great number of applications

DHCP protocol

• has limited attacks without full configuration

Switch Configuration

• The protocols help get the device ready for use with full access.

DCHI server

• Will identify what network access can support