CCENT Section 2

What are local-area networks?
Local-area networks (LAN) are high-speed, low-error data networks that cover a small geographic area.
LANs are usually located in a building or campus and do not cover a large distance. They are relatively inexpensive to develop and maintain. LANs connect computers, printers, and other devices in a single building or a limited area.
What are LAN standards?
LAN standards define the physical media and connectors used to connect to the media at the physical layer and the way devices communicate at the data link layer.
LAN standards encompass Layers 1 and 2 of the OSI model. An example of a LAN standard is Ethernet, which is also known as 802.3.
What are the typical components found in LANs?
Typical components found in LANs are
Computers: PCs, servers, tablets
Interconnections: NICs, media
Network devices: Switches, routers, access points
Protocols: Ethernet, IP, ARP, DHCP
What is the logical topology of Ethernet?
Bus. Ethernet uses a logical bus topology and either a physical bus or star topology.
What are two types of Layer 1 network devices?
Two types of Layer 1 network devices are as follows:
Image Repeaters: Regenerate and retime network signals, allowing the signal to travel a longer distance on a network media.
Image Hubs: Known as a multiple-port repeaters, hubs also regenerate and retime network signals. The main difference between a hub and a repeater is the number of ports a hub has. A repeater typically has two ports, whereas a hub has from 4 to 48 ports.

NOTE:In Ethernet networks, both hubs and repeaters share the LAN bandwidth. All devices compete to use network bandwidth, and only one device can access the network at a time. For example, if you have ten devices connected to a 100-Mbps hub, all ten devices share the 100 Mbps of bandwidth.

What are some network devices that operate at the data link layer (Layer 2)?
Bridges and switches are network devices that operate at the data link layer. Both devices make decisions about what traffic to forward, flood, or drop (filter) by MAC addresses, and logical network addresses are not used at this layer. Data link layer devices assume a flat address space.
Typically, a bridge is designed to create two or more LAN segments and is software implemented.
A switch is a hardware version of a bridge, has many more ports than a bridge, and is designed to replace a hub while providing the filtering benefits of a bridge.
What is a LAN segment?
A LAN segment is a network connection made by a single unbroken network cable.
Segments are limited by physical distance because, after a certain distance, the data transmission becomes degraded because of line noise and the reduction of signal strength.
What devices can you use to extend a LAN segment?
To extend a LAN segment, you can use the following devices:
How do collisions occur on an Ethernet LAN?
Collisions occur on a shared LAN segment when two devices try to communicate at the same time. In a shared Ethernet segment, only one device can transmit on the cable at a time. When two devices try to transmit at the same time, a collision occurs.
When a collision occurs, a jam signal is sent from a workstation. A collision affects all the machines on the segment, not just the two that collided; when the jam signal is on the wire, no workstations can transmit data. The more collisions that occur in a network, the slower it will be, because the devices must resend the packets that collided.
What are collision domains?
A collision domain is set of LAN interfaces whose frames could collide with each other. For example, all devices connected to a hub are in the same collision domain.
What happens when you segment the network with hubs/repeaters?
Hubs and repeaters operate at the physical layer of the OSI model; segmenting a network with these devices appears as an extension to the physical cable.
Hubs and repeaters are transparent to devices; they are unintelligent devices. All devices that connect to a hub/repeater share the same bandwidth. Hubs/repeaters create a single broadcast and collision domain.
What is the advantage of segmenting a LAN with switches?
Switches operate at Layer 2 of the OSI model and filter and forward by MAC address. Each port on a switch provides fully dedicated bandwidth and creates a single collision domain. Because switches operate at Layer 2 of the OSI model, they cannot filter broadcasts, and they create a single broadcast domain.
What devices are used to break up collision domains?
Switches, bridges, and routers are used to break up collision domains. They create more collision domains and result in fewer network collisions. Each port on a bridge, switch, and router creates one collision domain. For example, if you have a switch with 24 ports, you have 24 separate collision domains.
In an attempt to extend your Ethernet LAN segment, you add a 24-port hub. How many collision domains will you have in the segment with the addition of the hub?
You will have one collision domain.
A hub only extends the Ethernet segment, and all devices share the same segment bandwidth. As a result, a hub does not create more collision domains.
In an attempt to extend your Ethernet LAN segment, you add a 24-port switch. How many collision and broadcast domains will you have in the segment with the addition of a switch?
You will have 24 collision domains and one broadcast domain.
Switches operate at Layer 2 of the OSI model, and they divide the network into different segments, thus creating more collision domains. Each port on a switch creates one collision domain. Also, because a switch operates at Layer 2 of the OSI model, it cannot filter broadcasts. As such, a switched network will have one broadcast domain.
What are broadcast domains?
A broadcast domain defines a group of devices that receive each other’s broadcast messages. As with collisions, the more broadcasts that occur on the network, the slower the network will be. This is because every device that receives a broadcast must process it to see whether the broadcast is intended for that device.

Although too many broadcasts can slow your network, they are used by many protocols for communications. To avoid excessive broadcasts, segment your network with routers or Layer 3 switches.

You install a six-port router on your network. How many collision domains and broadcast domains will be created on the network with the addition of the six-port router?
Six collision domains and six broadcast domains will be created.
Each interface on a router creates a collision domain and a broadcast domain.
What is a broadcast storm?
Broadcast storms occur when many broadcasts are sent simultaneously across all network segments. They are usually caused by Layer 2 loops because of spanning tree misconfigurations, a bad network interface card (NIC), a faulty network device, or a virus.
What three primary functions do Layer 2 switches provide?
The three primary functions that Layer 2 switches provide are as follows:
MAC address learning
Frame forwarding/filtering
Loop avoidance with the Spanning Tree Protocol
How does a switch differ from a hub?
Switches are Layer 2 devices and make forwarding decisions based on Layer 2 information. Hubs operate on Layer 1. Switches make forwarding decisions based on Layer 2 information by learning MAC addresses on incoming frames and storing these frames in a MAC address table.
A fundamental concept behind LAN switching is that it provides microsegmentation. What is microsegmentation?
Microsegmentation is a network design (functionality) where each workstation or device on a network gets its own dedicated segment (collision domain) to the switch. Each network device gets the full bandwidth of the segment and does not have to contend or share the segment with other devices. Microsegmentation reduces collisions because each segment is its own collision domain.
What advantages are offered by LAN segmentation using LAN switches?
A switch considers each LAN port to be an individual segment. The advantages offered by LAN segmentation using LAN switches are as follows:

Collision-free domains from one larger collision domain
Efficient use of bandwidth with full duplex
Low latency and high frame-forwarding rates at each interface port

What are the three switching methods (frame transmission modes) in Cisco Catalyst switches?
The three frame operating modes to handle frame switching are as follows:
What is the Cisco Catalyst store-and-forward switching method?
In the store-and-forward switching method, the switch’s incoming interface receives the entire frame before it forwards it. The switch compares the last field in the datagram, the cyclic redundancy check (CRC), against its own frame check sequence (FCS) calculations to make sure that the frame is free from physical and data-link errors. If the switch observes any errors in the FCS calculations, the frame is dropped. If the frame is a runt (less than 64 bytes, including the CRC) or a giant (more than 1518 bytes, including the CRC), the switch discards it. Because the switch stores the frame before forwarding it, latency is introduced in the switch. Latency through the switch varies with the size of the frame.
What is the Cisco Catalyst cut-through switching method?
In cut-through switching mode, the switch only checks the frame’s destination address and immediately begins forwarding the frame out the appropriate port. Because the switch checks the destination address in only the header and not the entire frame, the switch forwards a frame that has a bad CRC calculation.
What is the Cisco Catalyst fragment-free switching method?
Also known as modified cut-through, fragment-free switching checks the first 64 bytes of the frame before forwarding the frame. If the frame is less than 64 bytes, the switch discards the frame. Ethernet specifications state that collisions should be detected during the first 64 bytes of the frame. By reading the first 64 bytes of the frame, the switch can filter most collisions, although late collisions are still possible.
What are six ways to configure a Cisco device?
Six ways to configure a Cisco device are as follows:
Console connection
Auxiliary connection (through a modem)
Telnet connection
HTTP/HTTPS connection
Secure Shell (SSH) Connection
Cisco Prime
What type of cable do you need to connect to a Cisco device’s console port?
You need an RJ-45-to-RJ-45 rollover cable. A rollover cable is a cable that has each pin wired to its opposite number at the other end.
What are the console configuration settings needed to connect to a Cisco device’s console port?
The COM port configuration settings needed to connect to a Cisco device’s console port are as follows:
Speed: 9600 bits per second
Data bits: 8
Parity: None
Stop bit: 1
Flow control: None
What two EXEC modes are supported in Cisco IOS?
The two Cisco IOS EXEC modes are
User EXEC mode (user mode)
Privileged EXEC mode (enable or privileged mode)
What is user EXEC mode in Cisco IOS?
User EXEC mode allows a person to access only a limited number of basic monitoring commands. This mode is limited and is mostly used to view statistics. You cannot change a router’s configuration in this mode. By default, the greater-than sign (>) indicates that you are in user mode. This is how the router prompt looks in user mode:


You can change the default user-mode prompt and enable-mode prompt by using the prompt global mode command.

In Cisco IOS, what is privileged EXEC mode?
In privileged EXEC mode, you can view and change the configuration in a router; you have access to all the router’s commands and the powerful debug commands.
To enter privileged mode, enter the enable command while in user mode. By default, the pound symbol (#) indicates that you are in privileged mode. This mode is usually protected with a password. Here is an example of how to enter privileged mode. You also see the output of the prompt:
Router> enable
When you are in privilege EXEC mode, how do you return to user EXEC mode?
You can return to user EXEC mode by using the disable IOS command. Here is an example of using the disable command:
Router# disable
What two types of context-sensitive help are available in the Cisco IOS?
Two types are word help and command syntax help.
Word help uses a question mark (?) and identifies commands that start with a character or sequence of characters. For example, the following router output shows the use of word help for any IOS command that starts with the letters “cl”:
Router# cl?
clear clock

Command syntax help is when you use a question mark (?) after a command so that you can see how to complete the command. For example:
Router# clock ?
set Set the time and date

You enter a command in EXEC mode and receive the following error:
% Ambiguous command:

What does this error mean?

“% Ambiguous command” means that not enough characters were entered for the IOS to recognize the command.
From EXEC mode, you issue the show ip command. After pressing Enter, you receive the following error:
% Incomplete command

Why did you get this error?

You received the error because you did not enter all the values or keywords that IOS requires for this command.
In this case, IOS does not know which show ip command you want to view.
Upon entering a command in EXEC mode, you receive the following error:
% Invalid input detected at ‘^’ marker

Why did you get this error?

You received the “% Invalid input detected at ‘^’ marker” error because you entered the command incorrectly. For example, if you entered sjow ip instead of show ip, you would receive this error.
What are Cisco IOS global commands?
Global configuration commands are commands that affect the entire device. They can be executed only in global configuration mode.
How do you enter global configuration mode?
To enter global configuration mode, you enter the configure terminal command from privileged EXEC mode, as follows:
Router# configure terminal
Enter configuration commands, one per line. End with CTRL-Z.

Notice how the command prompt changes to (config)# in global configuration mode.

On a Cisco IOS device, name the enhanced editing commands that do the following:
Move the cursor to the beginning of the line
Move the cursor to the end of the line
Move the cursor forward one word
Move the cursor forward one character to the right
Move the cursor back one character
Delete all characters from the cursor back to the beginning of the command line
The enhanced editing commands are as follows:
Move the cursor to the beginning of the line: Ctrl-A
Move the cursor to the end of the line: Ctrl-E
Move the cursor forward one word: Esc-F
Move the cursor forward one character to the right: Ctrl-F
Move the cursor back one character: Ctrl-B
Delete all characters from the cursor back to the beginning of the command line: Ctrl-U
What Cisco IOS command would you use to view a list of the most recently used commands?
The show history command, by default, displays the last ten commands used. You can also use the up-arrow key (or press Ctrl-P) to display the very last command you entered and the down-arrow key (or press Ctrl-N) to display the previous commands you entered. As you use the up- or down-arrow keys, you are scrolling through the history buffer. The following is an example of the show history command:
Router# show history
show running-config
show history
show version
show clock
show history
Command history is enabled by default and records ten commands in its history buffer for the current session. How do you edit the number of commands that are stored in the Cisco IOS device’s history buffer?
To edit the number of command lines stored for the current session, use the terminal history [size number-of-lines] command in privileged EXEC mode.
For example, the following changes the history size to 20 lines:
Router# terminal history size 20

The maximum number of lines you can set for the current session is 256, but doing so wastes device memory.

How can an administrator determine whether a switch has been configured when it is first powered up?
When first powered up, an unconfigured switch enters the setup mode.
Where on a Cisco device are the names of the two configuration files?
The names of the two configuration files are
Running configuration: The current configuration of the device

Startup configuration: The configuration file in NVRAM that is loaded when a Cisco device is powered up or rebooted

What can cause a switch to enter setup mode?
A switch enters setup mode if any of the following occur:
The switch is a new switch, with no previous configuration.
No configuration is stored in NVRAM.
The setup command was issued from the privileged mode prompt.
Which router component stores the routing tables, packet buffer, and ARP cache?
RAM holds the router’s routing table, packet buffers, and ARP cache. The running config is also stored in RAM. On most Cisco routers, the IOS is loaded into RAM as well.
What is the function of ROM on a Cisco device?
On a Cisco device, ROM starts and maintains the router or switch.
What is flash memory used for on a Cisco device?
Flash memory stores the Cisco IOS Software image and, if room exists, multiple configuration files or multiple IOS files for backup purposes. Flash memory is not erased when the router or switch is reloaded.
What is the function of NVRAM on a Cisco switch or router?
Nonvolatile random-access memory (NVRAM) holds the saved router or switch configuration. This configuration is maintained when the device is turned off or reloaded. NVRAM also stores boot system commands and the configuration register.
What Cisco IOS command displays the contents of flash memory?
The show flash command displays the contents of flash memory. This includes the images stored in flash memory, the images’ names, bytes used in flash memory, bytes available, and the total amount of flash memory on your router, as follows:
cnat2-2901-1# show flash
-#- –length– —–date/time—— path
1 74856492 Apr 5 2012 18:43:10 +00:00
c2900 universalk9-mz.SPA.151-4.M3.bin
2 2903 Apr 5 2012 18:51:04 +00:00 cpconfig-29xx.cfg
3 3000320 Apr 5 2012 18:51:20 +00:00 cpexpress.tar
4 1038 Apr 5 2012 18:51:34 +00:00 home.shtml
5 122880 Apr 5 2012 18:51:44 +00:00 home.tar
6 1697952 Apr 5 2012 18:52:04 +00:00 securedesktop-
How do you display the amount of flash and RAM available on a Cisco router or switch?
The show version command displays the amount of flash and RAM available on a router and switch.
What IOS command would you use to back up the running configuration on a Cisco IOS device to a TFTP server?
To back up the running configuration to a TFTP server, use the copy running-config tftp privileged EXEC command, which can also be shortened to copy run tftp. The example that follows shows this command in action:

RouterB# copy run tftp
Address or name of remote host []?
Destination filename [routerb-confg]?
780 bytes copied in 6.900 secs (130 bytes/sec)

How do you restore your Cisco IOS router to its factory defaults?
Answer 53
The erase startup-config privileged EXEC command, as follows, erases your router’s configuration, thus bringing it back to its factory defaults:
RouterB# erase startup-config
Erasing the nvram filesystem will remove all files! Continue?
Erase of nvram: complete

To complete the process, you need to reload the router. To restore a Cisco router to its factory defaults, you need to erase the startup config file and the VLAN.dat file, too.

How do you restore the configuration file from a TFTP server to your Cisco IOS device’s RAM?
The copy tftp running-config privileged EXEC command merges the previously backed up and running configuration into your Cisco device’s RAM, so any commands not explicitly changed or removed will remain in the running configuration. Sample command output is as follows:
RouterB# copy tftp running-config

Address or name of remote host []?
Source filename []? routerb-confg
Destination filename [running-config]?
Accessing tftp://…
Loading routerb-confg from (via Ethernet0): !
[OK – 780/1024 bytes]
780 bytes copied in 4.12 secs (195 bytes/sec)

01:40:46: %SYS-5-CONFIG: Configured from tftp://

What IOS command is used to enter interface configuration mode?
To enter interface configuration mode, use the interface interface-id command.
To enter interface mode, you first need to be in global configuration mode. The interface-id parameter is the type and number of the interface you want to configure.
For example, to configure gigabit interface 0/1, enter the following:
switch(config)# interface g0/1
What IOS command would you use to issue a switch the host name of “BuildingB-Switch”?
The hostname BuildingB-Switch global configuration mode IOS command allows you to configure this switch with a host name.
As a network administrator, you have a new Catalyst switch. You want to assign it the IP address of What IOS commands do you need to enter the IP address to the switch?
To assign the IP address to the switch, enter the following commands:
interface vlan1
ip address
no shutdown
Follow these steps to assign the IP address to the switch:
1. Enter the VLAN 1 interface. This is a logical interface used for management.
2. Assign the IP address and subnet masks.
3. Enable the interface by issuing the no shutdown command.
How do you configure a Catalyst switch with a default gateway?
To configure the default gateway, use the ip default-gateway ip-address global configuration command. The following example configures the switch to use IP address as its default gateway:

Switch(config)# ip default-gateway

To remove the default gateway, use the no ip default-gateway command.

Because a switch operates at Layer 2 of the OSI model, why do you need to configure a default gateway on the switch?
You need to configure a default gateway on the switch to allow remote networks to manage the switch.
Although a switch does not see Layer 3 and above information, a default gateway is configured on a switch to allow administrators to remotely administer and configure the switch.
What is the purpose of assigning an IP address to a switch?
Assigning an IP address to a switch allows remote management of the switch.
The system LED is amber on a Cisco Catalyst switch. What does this indicate?
The switch is malfunctioning.
The System (SYST) LED provides a quick overall status of the switch with three states:

Off: The switch is not powered on.
On (green): The switch is powered on and operational.
On (amber): System malfunction. One ore more power-on self-tests errors occurred and the Cisco IOS did not load.

How do you display the current active configuration on a switch?
You display the current active configuration on a switch by issuing the show running-configuration or sh run privileged command.
What command allows you to view the statistics for all interfaces on a switch?
The show interfaces privileged command allows you to view the statistics for all interfaces configured on the switch.
What command displays the switch’s configured IP address, subnet mask, and default gateway?
The show ip interface user and privilege EXEC command displays all IP information configured for all interfaces on the switch. Following is the output of the show ip interface command:
Switch# show ip interface
Vlan1 is up, line protocol is down
Internet address is
Broadcast address is
Address determined by setup command
MTU is 1500 bytes
Helper address is not set
Directed broadcast forwarding is disabled
Outgoing access list is not set
Inbound access list is not set
Proxy ARP is enabled
By default, Telnet access to a switch is disabled. How do you enable Telnet access and configure a password to secure access to a switch?
To enable a password for Telnet access, enter the line vty 0 15 global configuration command, the login command, and finally the password line subcommand. The password is case sensitive.
In this example, the Telnet password is set to CCNA:

Switch(config)# line vty 0 15
Switch(config-line)# login
Switch(config-line)# password CCNA

Without the login command, the switch will not let you log on through Telnet, even if a password is set.

How many vty lines exist on a Catalyst switch?
A Cisco Catalyst switch has 16 vty lines.
Privileged EXEC mode allows you to make global configuration changes to a switch. Because of this, best practice is to restrict access to privileged EXEC mode to authorized users. How do you restrict access to privileged EXEC mode?
To restrict access to privileged EXEC mode, assign a password to privileged mode.
This is done in one of two ways: by either using the enable password global command or the enable secret global command.
Cisco recommends that you use the enable secret global command versus the enable password command because the enable secret command encrypts the password.
A network administrator issues the following commands on a Catalyst switch:
Cat2960(config)# enable password Cisco
Cat2960(config)# enable secret cisco1

What password will the switch use to enter privileged EXEC mode?

The switch will use cisco1 to enter privileged EXEC mode.
When a switch has the enable password and enable secret password configured, the switch will use the enable secret password as the password to enter privileged EXEC mode.
When you view the configuration on Cisco IOS devices, only the enable secret password is encrypted. How do you encrypt the console, Telnet, and enable passwords?
To encrypt the passwords, use the service password-encryption global command, as follows:
Switch(config)# service password-encryption
What Cisco switch IOS command displays the system hardware, software version, names of configuration files, and boot files?
The show version switch IOS command displays the system hardware, software version, boot images, and configuration register. The following is the output of the show version command:
cnat-2921-1# sh version
Cisco IOS Software, C2900 Software (C2900-UNIVERSALK9-M),
Version 15.1(4)M2, RELEASE SOFTWARE (fc1)
Technical Support:
Copyright (c) 1986-2011 by Cisco Systems, Inc.
Compiled Mon 26-Sep-11 17:37 by prod_rel_team

ROM: System Bootstrap, Version 15.0(1r)M9, RELEASE SOFTWARE (fc1)

cnat-2921-1 uptime is 1 week, 5 days, 17 hours, 38 minutes
System returned to ROM by power-on
System restarted at 15:23:13 CST Sun Feb 10 2013
System image file is
Last reload type: Normal Reload

Cisco CISCO2921/K9 (revision 1.0) with 2285536K/73728K bytes of memory.
Processor board ID FTX1549ALHF
4 Gigabit Ethernet interfaces
2 terminal lines
1 cisco Embedded service engine(s)
1 Services Module (SM) with Services Ready Engine (SRE)
Cisco SRE-V Software in slot/sub-slot 1/0
DRAM configuration is 64 bits wide with parity enabled.
255K bytes of non-volatile configuration memory.
255744K bytes of ATA System CompactFlash 0 (Read/Write)

Technology Technology-package Technology-package
Current Type Next reboot
ipbase ipbasek9 Permanent ipbasek9
security None None None
uc None None None
data None None None

Configuration register is 0x2102

As a system administrator, you want to view how long the switch has been running since its last reboot. What command do you issue to view the uptime of the switch?
Issue the show version EXEC command to view the uptime of the switch.
In addition to displaying the switch hardware configuration and software version information, the show version command displays switch uptime, switch platform information including RAM, switch serial number, and MAC address.
cisco2960-1# sh version

cisco2960-1 uptime is 27 weeks, 4 days, 20 hours, 4 minutes
System returned to ROM by power-on

How do you display the MAC address table on a Catalyst 2960 switch?
You display the MAC address table on a Catalyst 2960 by issuing the show mac-address-table privileged command, as follows:
Switch-1# show mac-address-table
Mac Address Table

Vlan Mac Address Type Ports
—- ———– ——– —–
All 0000.0000.0000 STATIC CPU
All 000b.469d.c900 STATIC CPU
10 0002.b3ef.c687 DYNAMIC Po1
10 0007.e980.d7a6 DYNAMIC Fa0/7
10 000d.65ac.507f DYNAMIC Po1
10 000f.207a.008c DYNAMIC Po1
10 0010.db72.b08f DYNAMIC Fa0/24

Static addresses are MAC addresses assigned to specific ports and not aged out. The Po1 port is a logical port used by EtherChannel. EtherChannel is discussed in ICND2.

How do you add a password to the console terminal line?
To add a password to the console terminal line, use the line console 0 global configuration command, followed by the login and password password line configuration mode commands, as follows:

Cat2960(config)# line console 0
Cat2960(config-line)# login
Cat2960(config-line)# password CCNA

The login subcommand forces the router to prompt for authentication. Without this command, the router will not authenticate a password. The password CCNA subcommand sets the console password to CCNA. The password set is case sensitive.
Sometimes, when people type login, they tend to want to type login local, which looks for a username/password statement in the local router configuration. If you do not have a username and password configured locally and you type in login local, the only way to access the system would be through password recovery.

How do you add a message of the day (MOTD) banner on a Cisco IOS device?
You add an MOTD banner by entering the banner motd # text # global configuration command.
The pound signs (#) are delimiting characters. They can be any character of your choice, but they must be the same and cannot be included in your text. They signify the beginning and end of your text. The following example shows the banner motd command:

Cat2960(config)# banner motd #
Enter TEXT message. End with the character ‘#’.
Warning only authorized users many access this switch.

The MOTD banner is displayed to anyone who connects to the router through VTY, the console port, or the auxiliary port.