2302-Ch01: Device Configuration and Boot Sequence

Questions and Answers

What does a green LED on the port indicate?

• PoE is denied due to power capacity
• PoE is off
• PoE mode is selected and PoE is on (correct)
• PoE for the port has been disabled

What action must be taken first in recovering from a system crash?

• Unplug the power cord
• Type 'boot' command in the terminal
• Wait for the switch to reboot automatically
• Connect a PC to the switch console port (correct)

Which LED state indicates that PoE is denied due to exceeding switch power capacity?

• Amber
• Blinking amber
• Green-amber alternating (correct)
• Solid green

What command is used to initialize the flash file system?

flash_init (C)

What does the command 'BOOT=flash' accomplish?

Alters the BOOT environment variable path for loading IOS (B)

What does it indicate if the interface is up but the line protocol is down?

There is an encapsulation type mismatch. (A)

What causes CRC errors on Ethernet and serial interfaces?

Loose or damaged connections. (B)

What may cause excessive runt frames on an interface?

Malfunctioning Network Interface Cards (NICs). (D)

Which statement is true about late collisions?

They cannot occur on full-duplex operations. (C)

What does it mean if both the line protocol and the interface are down?

The cable is not attached or there is another interface issue. (A)

What command is used to generate an RSA key pair on a switch?

crypto key generate rsa (C)

What modulus length is specified in the sample configuration for the RSA keys?

1,024 bits (C)

How can an administrator delete the RSA key pair?

crypto key zeroize rsa (C)

Which command enables SSH protocol on the vty lines?

transport input ssh (A)

What is the purpose of the 'username username secret password' command?

To configure a username and password for local authentication (A)

What command is used to enable SSH version 2?

ip ssh version 2 (C)

What is the default behavior of SSH concerning version support?

Supports both SSH version 1 and version 2 (C)

What is the main reason for configuring Secure Shell (SSH) instead of Telnet?

SSH provides a secure encrypted connection. (D)

Which command would you use to check if the switch supports SSH?

show ip ssh (A)

What does the 'k9' in an IOS filename indicate?

It supports cryptographic features and capabilities. (B)

What is a primary vulnerability of using Telnet?

It transmits data, including credentials, in plaintext. (A)

What must you do before configuring SSH on a Catalyst 2960 switch?

Assign a unique hostname and correct network settings. (B)

Which TCP port does SSH use for secure connections?

Port 22 (B)

What is a requirement for a switch to support SSH?

It must be running a specific version of IOS with cryptographic support. (C)

What is the initial step in configuring SSH on a switch?

Verify the switch supports SSH. (A)

Flashcards

PoE LED Indicators

LED colors indicate the status of Power over Ethernet (PoE) on ports.

Green LED

If the port LED is green, PoE is enabled for that port.

Alternating Green-Amber LED

Indicates PoE is denied because power exceeds the switch's capacity.

Boot Loader Steps

A process that allows access to the switch when the OS fails.

BOOT Environment Variable

Path used by the switch to load the IOS from flash memory.

Line Protocol Status

Indicates whether keepalives are received on the data link layer.

Interface Up / Line Protocol Down

Indicates potential problems like encapsulation mismatch or hardware issues.

Input Errors

The total errors in datagrams received on an interface, including specific types like runt and CRC errors.

Runt Frames

Ethernet frames shorter than 64 bytes, often caused by malfunctioning NICs.

Output Errors

The errors preventing successful transmission of datagrams out of an interface.

SSH Version 2

A secure network protocol that encrypts communication between devices, providing enhanced security over SSH version 1.

RSA Key Pair

A set of keys (public and private) used for encrypting and decrypting data in SSH communications.

Modulus Length

The size of the key in bits used in RSA encryption, longer lengths provide more security but take longer to generate.

Delete RSA Key Pair

The command crypto key zeroize rsa removes existing RSA keys and disables the SSH server.

User Authentication

Process of verifying the identity of users accessing the SSH server, either through local credentials or an external server.

VTY Lines

Virtual terminal lines that allow remote access to devices; configured to only accept SSH connections with transport input ssh command.

Local Authentication

A method where user credentials are stored locally on the device, using the username and secret commands to create user accounts.

Duplex Mismatch

Occurs when connected devices do not match duplex settings, causing network issues.

Telnet

An older protocol using TCP port 23 for unsecure remote access to devices.

Wireshark

A network protocol analyzer for capturing packets transmitted over a network.

SSH (Secure Shell)

A secure protocol using TCP port 22 for encrypted remote connections.

IOS Support for SSH

The Catalyst 2960 switch must run an IOS version with cryptographic capabilities to support SSH.

show version

Command used to display the current IOS version on the switch.

show ip ssh

Command to verify if the switch supports SSH features.

ip domain-name

Command used to set the network's IP domain name in global configuration mode.

Study Notes

Basic Device Configuration

• Switches and routers have built-in configurations, but further configuration is needed for complex networks.
• A model train analogy is used to illustrate the importance of configuring network devices.
• Network administrators must precisely configure switches and routers for desired network functionality.
• Packet Tracer is a valuable tool for developing these skills, preparing for certification exams, practicing networking courses, sharpening skills for job interviews, and examining the impact of new technologies on existing networks.
• Packet Tracer allows you to simulate real networks.

Switch Boot Sequence

• A Cisco switch, when powered on, undergoes a five-step boot sequence:
  • First, the switch loads a power-on self-test (POST) program stored in ROM.
  • Next, the switch loads the boot loader software.
  • The boot loader initializes the CPU and flash file system.
  • The boot loader loads the default IOS operating system.
  • The IOS initializes interfaces using files stored in flash.

Switch LED Indicators

• System LED: Indicates power status—off (no power), green (normal operation), amber (malfunction).
• Redundant Power System (RPS) LED: Indicates RPS status—off, green (connected and ready), blinking green (providing power to another device), amber (standby or fault), blinking amber (power supply failure).
• Port Status LED: Indicates port status—off (no link), green (link present), blinking green (data transmission), green-amber (link fault), amber (port blocked).
• Port Duplex LED: Indicates duplex mode—off (half-duplex), green (full-duplex).
• Port Speed LED: Indicates port speed—off (10 Mbps), green (100 Mbps), blinking green (1000 Mbps).
• Power over Ethernet (PoE) Mode LED: Indicates PoE mode—off (not selected), green (selected), blinking amber (PoE mode not selected due to fault).

Recovering from a System Crash

• The boot loader provides access if the operating system fails due to missing or damaged files.
• Access the boot loader using a console cable and software.
• The boot loader has a command-line interface.

Switch Virtual Interface (SVI) Configuration

• An SVI is a virtual interface, not physical, used for remote management access.
• An SVI needs an IPv4 or IPv6 address and subnet mask.
• Switches are configured with a default gateway if they are managed remotely.

Full-Duplex Communication

• Full-duplex allows simultaneous transmission and reception.
• It eliminates collisions and increases bandwidth efficiency.
• Full-duplex requires microsegmentation.

Half-Duplex Communication

• Half-duplex allows transmission or reception at a time.
• Collisions occur frequently due to simultaneous transmission.
• It is typically used with older hubs, which are now replaced by switches.

Switch Port Configuration

• Switch ports can be manually configured with speed and duplex settings.
• Full-duplex mode is the default setting for most ports.
• Auto-MDIX automatically detects the correct cable type for the connection.

Network Access Layer Issues

• Issues with media, collisions, and late collisions affect network performance.
• Analyzing command output can help determine interface and media issues.
• Show commands show running configuration, interfaces, and routes provide output to diagnose problems.

Command History Feature

• The command history stores executed commands for recall.
• Recall commands using Ctrl+P or the Up Arrow key (previous commands).
• Recall commands using Ctrl+N or the Down Arrow key (next commands).