Network Management

Question 1

What is the Software on Cisco Devices

Answer 1

Cisco IOS (Internetwork Operating System)
- Uses a Command Line Interface
- Commandas available are determined by mode

Question 2

Common Cisco Commands

Answer 2

?
- Displays Commands available in the current mode
- displays the next required component for a command

Show Running-Configuration
- shows current config in effect
- running config does not persist after reboot
- (switch)# copy run start
- used to save running config to startup config

Show ip interface brief
- displays status of all interfaces

**Show int <g/f>1/0/<x>**
- displays detailed information of a specific interface</x>

shutdown / no shutdown

**ping <ip>**
• Test ICMP connectivity to destination</ip>

show ip route
• Display routing table

Write erase
• Erases configuration of switch

show version
• Display version of IOS

**traceroute <ip>**
• Test/Display dev</ip>

Question 3

Cisco IOS Modes

Answer 3

User Exec
Privileged Exec
Global Config
Interface Config
Sub-Interface Config
Setup
ROMMON

Question 4

User EXEC mode

Answer 4

• Initial Level
• Temporary changes to terminal settings
• Basic tests
• List system info
  1. Hostname>

Question 5

Privileged EXEC mode

Answer 5

• sets operating parameters
• high level testing
• common commands
  
  • show, copy, ping
• aka enable mode

1. Hostname> enable
2. Password: <password></password>
3. Hostname#
4. Hostname# end
5. Hostname>

Question 7

Global Config mode

Answer 7

• used for applying changes to entire device
• unable to perform some commands at the Priv EXEC mode without “do” “End” “Exit” or [Ctrl]+[C]

1. Hostname> enable
2. Hostname# configure terminal
3. Hostname (config) #
4. Hostname (config) #end
5. Hostname>

Question 8

Interface Config Mode

Answer 8

1.Hostname> enable

2.Hostname# configure terminal

3.Hostname(config)#

4.Hostname(config)#interface (g/f) 1/0/<X></X>

5.Hostname(config-if)#

6.Hostname(config-if)#end

7.Hostname>

Question 9

Setup Mode

Answer 9

Used to initially configure a device
- Prompt at boot when no config exists

Question 10

ROMMON Mode

Answer 10

Bootstrap program that initializes hardware of switch and boots IOS when no IOS is found

Question 11

Router Configurations

Answer 11

Physical Connection
- Uses Console cable (DB-9) or on a newer device USB Mini
- If using console cable, may need serial to USB adapter

Tera Terminal
- Application for consoling into router or switch

Question 12

Switch Confiuration

Answer 12

• Passwords
  
  • Privileged EXEC
  • One or the other, not both
  • Unencrypted password
    
    • switch (config) #enable password <password></password>
  • VTY - config Telnet sessions
    
    • switch (config) #line vty 0 <#>
    • switch (config-line) #password <password></password>
    • switch (config-line) #login
    • switch#username <X> priv <X> password <X></X></X></X>

Hostname
- Switch (confi) #hostname <device> <Device>(config) #</Device></device>

Banner
- displayed when logging in via Telnet , any deliminating charecter
- Hostname (config) #banner %message%

IP Routing
- Enables routing between known networks in the switch (required for EIGRP statements)

EIGRP
- Dynamic Routing
- Works on router or switch
- Uses unique ASNs (Advertise Networks)
Hostname (config) #switch EIGRP <asn>
Hostname (config-switch) #network <net> <snm></snm></net></asn>

Configure Interface
- Hostname (config) #int gi<#/#>

Description
- Hostname (config-if) #desc <description></description>

Set IP
- Hostname (config-if) #no switchport

Open/Close
- Hostname (config-if) #no shut
- Hostname (config-if) #shut

Rules
- passwords
- Hostname
- banner
- configure ports (IP, desc, no shut)
- apply protocols (IP, routing, EIGRP)
- Configure inside -> out
- get inside net squared away first before trying to connect out

Routing
- Static
- used to define exit point of small networks
- Hostname (config) #ip route <destination> <dest> <gateway>
- Default Route
- Hostname (config) #ip route
192.168.121.0
255.255.255.0
192.168.120.1</gateway></dest></destination>

Config VLANs
- Hostname (conf) #vlan <#>
- Hostname (conf-vlan) #name <VLAN>
- Hostname (conf-vlan) #int vlan <X>
- Hostname (config-if) #</X></VLAN>

Assign interface to VLAN
•hostname(conf)#int gi0/0
•hostname(conf-if)#switchport mode access
•hostname(conf-if)#switchport access vlan<X>
•hostname(conf)#sho vlanbrief</X>

Question 13

Network Security

Answer 13

Information Assurance
- Availability = ensure info is accessible by those authorized
- Integrity = Ensure it has been modified
- Authentication = make sure its legit
- Confidentiality = prevent unauthorized disclosure
- Non-repudiation = confirmation of receipt

ACLS
- standards (only filters by IP address)
- permit or deny
- Implicit Deny
- Create Rule
-router(config)#access-list <#> <permit|deny> <ip> <wild card|snm>
- router (config) #access-list <#> remark <description></description></ip>

Assign rule to interface
- router (config-if) #ip access-group <ACL#> <in|out>