NETW2 Logs
Inter-VLAN routing is the process of forwarding network traffic from one VLAN (Virtual Local Area Network) to another, and the three methods are legacy (multi-interface), router-on-a-stick, and Layer 3 switching with SVIs (Switch Virtual Interfaces).
* A Layer 3 switch routing b...
Q Compare router-on-a-stick and Layer 3 switch inter-VLAN routing: when would you use each?
Use router-on-a-stick for small/medium networks (< 50 VLANs (Virtual Local Area Networks)) with existing routers and Layer 2 switches. Use Layer 3 switches for enterprise/campus networks requiring speed and scalability.
Feature
Router-on-a-Stick
Layer 3 Switch
Speed
Slower...
Q How does a VoIP (Voice over IP) phone handle VLAN (Virtual Local Area Network) tagging, and how can...
The IP (Internet Protocol) phone acts as a 3-port switch — it tags its own voice traffic with the voice VLAN and CoS (Class of Service) priority, while PC data traffic goes on the access VLAN. Use show interfaces switchport to verify.
* An IP phone as a 3-port switch: voice is t...
Q What configuration parameters must match on all interfaces in an EtherChannel bundle?
Speed, duplex, VLAN (Virtual Local Area Network) assignment (or trunk mode with matching native/allowed VLANs), and EtherChannel protocol mode.
All member ports must match:
Parameter
Requirement
Speed
All ports must be the same speed
Duplex
All ports must use the same du...
Q When a switch has multiple equal-cost paths to the root bridge, what three tiebreakers does STP (Spa...
Lowest sender BID (Bridge ID), then lowest sender port priority, then lowest sender port ID.
* The three STP tiebreakers, in order. *
When the internal root path cost is identical for multiple ports, STP uses these tiebreakers in order:
Priority
Tiebreaker
Details
1st
Low...
Q What network security devices protect the enterprise perimeter, and what does each do?
The three main perimeter security devices are: VPN (Virtual Private Network)-enabled routers (encrypted remote access), Next-Generation Firewalls (deep packet inspection), and Network Access Control devices (AAA (Authentication, Authorization, and Accounting) enforcement).
Dev...
Q What are the six categories of Layer 2 switch attacks?
The six categories are: MAC (Media Access Control) Table Attacks, VLAN (Virtual Local Area Network) Attacks, DHCP (Dynamic Host Configuration Protocol) Attacks, ARP (Address Resolution Protocol) Attacks, Address Spoofing Attacks, and STP (Spanning Tree Protocol) Attacks.
Categ...
Q What are the three fundamental routing table principles that every network administrator must unders...
1) Every router makes its own independent decision based only on its own routing table. 2) A route in one router's table doesn't mean other routers know the same route. 3) A route to a destination doesn't guarantee a return path exists.
* The return-route problem. *
Principle...
Q How does a routing protocol pick the "best path", and how is a metric different from administrative...
A metric is a quantitative measure of distance to a network — within one protocol, the path with the lowest metric wins. Administrative distance (AD) is different: it ranks the trust between protocols, deciding which source's route to install when two protocols both know the dest...
Q What are the four main WLAN security threats, and what makes wireless networks inherently more vulne...
The four main threats are: data interception (sniffing), wireless intruders, Denial of Service (DoS), and rogue APs. WLANs are more vulnerable because the medium (radio waves) is open to anyone within range — there's no physical cable to protect.
Threat
Description
Mitigation...