Cisco 642-813

Implementing Cisco IP Switched Networks (SWIC!"

http#$$p%ss&ors're(co$642-813(php
CCNP SWIC! 642-813
W%rning %nd )iscl%imer
This book is designed to provide information about the CCNP SWITCH Exam (Exam
6!"#$%& for the CCNP 'outing and S(it)hing )ertifi)ation* Ever+ effort has been
made to make this book as )omp,ete and as a))urate as possib,e- but no (arrant+ or
fitness is imp,ied* The information is provided on an .as is/ basis* The authors- Cis)o
Press- and Cis)o S+stems- In)* sha,, have neither ,iabi,it+ nor responsibi,it+ to an+
person or entit+ (ith respe)t to an+ ,oss or damages arising from the information
)ontained in this book or from the use of the dis)s or programs that ma+ a))ompan+ it*
The opinions expressed in this book be,ong to the author and are not ne)essari,+ those
of Cis)o S+stems- In)*
http#$$p%ss&ors're(co$642-813(php
http#$$p%ss&ors're(co$642-813(php
CCNP SWIC! 642-813
r%dem%rk *cknowledgments
0,, terms mentioned in this book that are kno(n to be trademarks or
servi)e marks have been appropriate",+ )apita,i1ed* Cis)o Press or Cis)o
S+stems- In)*- )annot attest to the a))ura)+ of this information* 2se of a
term in this book shou,d not be regarded as affe)ting the va,idit+ of an+
trademark or servi)e mark*
http#$$p%ss&ors're(co$642-813(php
http#$$p%ss&ors're(co$642-813(php
+'estion No# 1
Whi)h statement is true about 'STP topo,og+ )hanges3
*( 0n+ )hange in the state of the port generates a TC 4P52*
,( 6n,+ nonedge ports moving to the for(arding state generate a TC 4P52*
C( If either an edge port or a nonedge port moves to a b,o)k state- then a TC 4P52 is generated*
)( 6n,+ edge ports moving to the b,o)king state generate a TC 4P52*
-( 0n+ ,oss of )onne)tivit+ generates a TC 4P52*
*nswer# ,
-.pl%n%tion#
The IEEE #7!*$5 Spanning Tree Proto)o, (as designed to keep a s(it)hed or bridged net(ork ,oop free-
(ith ad8ustments made to the net(ork topo,og+ d+nami)a,,+* 0 topo,og+ )hange t+pi)a,,+ takes %7 se)onds-
(here a port moves from the 4,o)king state to the 9or(arding state after t(o interva,s of the 9or(ard 5e,a+
timer* 0s te)hno,og+ has improved- %7 se)onds has be)ome an unbearab,e ,ength of time to (ait for a
produ)tion net(ork to fai,over or :hea,: itse,f during a prob,em*
http#$$p%ss&ors're(co$642-813(php
+'estion No# 2
Whi)h des)ription )orre)t,+ des)ribes a ;0C address f,ooding atta)k3
*( The atta)king devi)e )rafts 0'P rep,ies intended for va,id hosts* The ;0C address of the atta)king devi)e
then be)omes the destination address found in the <a+er ! frames sent b+ the va,id net(ork devi)e*
,( The atta)king devi)e )rafts 0'P rep,ies intended for va,id hosts* The ;0C address of the atta)king devi)e
then be)omes the sour)e address found in the <a+er ! frames sent b+ the va,id net(ork devi)e*
C( The atta)king devi)e spoofs a destination ;0C address of a va,id host )urrent,+ in the C0; tab,e* The
s(it)h then for(ards frames destined for the va,id host to the atta)king devi)e*
)( The atta)king devi)e spoofs a sour)e ;0C address of a va,id host )urrent,+ in the C0; tab,e*The s(it)h
then for(ards frames destined for the va,id host to the atta)king devi)e*
-( 9rames (ith uni=ue- inva,id destination ;0C addresses f,ood the s(it)h and exhaust C0; tab,e spa)e*
The resu,t is that ne( entries )annot be inserted be)ause of the exhausted C0; tab,e spa)e- and traffi) is
subse=uent,+ f,ooded out a,, ports*
/( 9rames (ith uni=ue- inva,id sour)e ;0C addresses f,ood the s(it)h and exhaust C0; tab,e spa)e* The
resu,t is that ne( entries )annot be inserted be)ause of the exhausted C0; tab,e spa)e- and traffi) is
subse=uent,+ f,ooded out a,, ports*
*nswer# /
http#$$p%ss&ors're(co$642-813(php
+'estion No# 3
What does the )ommand ud,d reset a))omp,ish3
0* a,,o(s a 25<5 port to automati)a,,+ reset (hen it has been shut do(n
4* resets a,, 25<5 enab,ed ports that have been shutdo(n
C* removes a,, 25<5 )onfigurations from interfa)es that (ere g,oba,,+ enab,ed
5* removes a,, 25<5 )onfigurations from interfa)es that (ere enab,ed per"port
*nswer# ,
-.pl%n%tion#
When unidire)tiona, ,ink )ondition is dete)ted the 25<5 set port in error"disab,ed state* To reinab,e a,, ports
that 25<5 has errdiab,ed the )ommand>
Reference:
CCNP Se,f"Stud+- CCNP 4C;SN 6ffi)ia, Exam Certifi)ation ?uide- 9ourth Edition- Prote)ting 0gainst
Sudden <oss of 4P52s- 25<5- p* !@$
http#$$p%ss&ors're(co$642-813(php
+'estion No# 4
Whi)h statement is true about <a+er ! se)urit+ threats3
*( ;0C spoofing- in )on8un)tion (ith 0'P snooping- is the most effe)tive )ounter"measure against
re)onnaissan)e atta)ks that use 5+nami) 0'P Inspe)tion to determine vu,nerab,e atta)k points*
,( 5HCP snooping sends unauthori1ed rep,ies to 5HCP =ueries*
C( 0'P spoofing )an be used to redire)t traffi) to )ounter 5+nami) 0'P Inspe)tion*
)( 5+nami) 0'P Inspe)tion in )on8un)tion (ith 0'P spoofing )an be used to )ounter 5HCP snooping
atta)ks*
-( ;0C spoofing atta)ks a,,o( an atta)king devi)e to re)eive frames intended for a different net(ork host*
/( Port s)anners are the most effe)tive defense against 5+nami) 0'P Inspe)tion*
*nswer# -
-.pl%n%tion#
9irst of a,,- ;0C spoofing is not an effe)tive )ounter"measure against an+ re)onnaissan)e atta)kA it IS an
atta)kB 9urthermore- re)onnaissan)e atta)ks donCt use d+nami) 0'P inspe)tion (50I&A 50I is a s(it)h feature
used to prevent atta)ks*
http#$$p%ss&ors're(co$642-813(php
+'estion No# 0
When an atta)ker is using s(it)h spoofing to perform D<0N hopping- ho( is the atta)ker ab,e to gather
information3
*( The atta)king station uses 5TP to negotiate trunking (ith a s(it)h port and )aptures a,, traffi) that is
a,,o(ed on the trunk*
,( The atta)king station tags itse,f (ith a,, usab,e D<0Ns to )apture data that is passed through the s(it)h-
regard,ess of the D<0N to (hi)h the data be,ongs*
C( The atta)king station generates frames (ith t(o #7!*$E headers to )ause the s(it)h to for(ard the frames
to a D<0N that (ou,d be ina))essib,e to the atta)ker through ,egitimate means*
)( The atta)king station uses DTP to )o,,e)t D<0N information that is sent out and then tags itse,f (ith the
domain information to )apture the data*
*nswer# *
-.pl%n%tion#
5TP shou,d be disab,ed for a,, user ports on a s(it)h* If the port is ,eft (ith 5TP auto )onfigured (5efau,t on
man+ s(it)hes&- an atta)ker )an )onne)t and arbitrari,+ )ause the port to start trunking and therefore pass a,,
D<0N information*
http#$$p%ss&ors're(co$642-813(php
http#$$p%ss&ors're(co$642-813(php