| Let's test your knowledge of important topics | | | | |
| such as SYN attacks and VLANs for your Cisco | | | | CCNP Certification / BSCI Exam: |
| CCNA, CCNP, and CCENT exams, as well as the | | | | |
| CompTIA Security+ and Network+ certification | | | | If an IPv6 address begins with "FF", what |
| exams! | | | | type of address is it? |
| | | | |
| CCNA / CCENT / CompTIA Network+ | | | | A. broadcast |
| Certification: | | | | |
| | | | B. unicast |
| Host A and Host B are in the same VLAN. Host | | | | |
| C and Host D are in a different VLAN. Host A | | | | C. multicast |
| sends a broadcast. How many other hosts will | | | | |
| receive it? | | | | D. MACcast |
| | | | |
| A. Zero | | | | Answer: C. That's a multicast. There's no |
| | | | such thing as a MACcast. But there should be. |
| B. One | | | | ;) |
| | | | |
| C. Two | | | | CCNP Certification / BCMSN Exam: |
| | | | |
| D. Three | | | | Short answer: What interface-level command |
| | | | takes a port operating at L3 and places it |
| Answer: B. The other host in the same VLAN, | | | | into L2 operating mode? |
| Host B, will receive it. Broadcasts are not | | | | |
| forwarded to other VLANs. | | | | Answer: switchport. To change the port back |
| | | | to a routed port, use no switchport. |
| Security+ Certification: | | | | |
| | | | CCNP Certification / ISCW Exam: |
| Briefly describe a "SYN attack". | | | | |
| | | | Short answer: You're going to write a policy |
| Answer: The intruder will generate a series | | | | map that will be applied to a Serial |
| of SYN requests, and the | | | | interface running at T1 speed. By default, |
| soon-to-be-victimized network device sends a | | | | how much bandwidth can you assign in that |
| SYN-ACK in response. The device then waits | | | | policy? |
| for an ACK, but that never comes. These | | | | |
| unfinished connections result in the network | | | | Answer: The speed of a T1 line is 1544 kbps, |
| device not being able to accept SYN request | | | | but by default only 75% of that bandwidth can |
| from legitimate network hosts, since its | | | | be distributed in a policy map - that's 1158 |
| buffers will be overwhelmed with the false | | | | kbps (1544 * .75). |
| (and unfinished) requests. | | | | |