TNE- Networks and Switches

What are the layers in the TCP/IP Model

Application, Transport, Internet, Network Access

What are the benefits of the TCP/IP layered model?

Easier protocol design (splits up process into multiple layers), Open Standard (fosters competition), Changes to one layer don’t affect other layers, avoids compatibility issues, allows protocols and technologies to evolve.

What are the protocol data units for each layer?

Data (application), Segment (transport), Packet (Internet), Frame (data link),Bits (physical)

What is encapsulation?

The process where data gets wrapped with headers (and sometimes trailers) at each layer as it moves down a protocol stack

What are the layers in the OSI model?

Application, Presentation, Session, Transport, Network, Data Link, and Physical

What is the difference between encoding and signalling and what layer are they the primary function of?

Signalling is the physical method used to represent bits on a transmission medium, and encoding is the process of converting data bits into a code pattern. Primary functions of the physical layer.

What is the difference between throughput, bandwidth and goodput?

Bandwidth is the maximum potential data capacity of a medium, throughput is the actual data rate achieved, including overhead and errors, while goodput is the rate without them (just data)

What is the purpose of the datalink layer?

Communication layer between software and hardware

What is the difference between logical and physical topologies?

physical topology is the actual, tangible layout of cables and devices (like a star or bus), while logical topology is the virtual path data travels,

Which OSI layer does IP addressing belong to?

Layer 3

What does the type field in a frame indicate?

Tells receiver which protcol is encapsulated in data (how to process it)

What is the difference between half-duplex and full duplex.

Half have only one lane to receive and transmit, full has two dedicated for each.

What is the difference between controlled access and contention based access?

Contention-based access lets devices compete freely for the channel, risking collisions but efficient with low traffic (e.g., CSMA/CD in old Ethernet), while controlled access uses a central authority or tokens to schedule turns, preventing collisions for guaranteed access, ideal for high traffic

What does CSMA/CD stand for

Carrier Sense Multiple Access with Collision detection

How does CSMA/CD work? Where is it used?

It is a wired network protocol, primarily Ethernet, where devices "listen" (Carrier Sense) before transmitting; if a collision occurs (two transmit at once), they detect it, stop, send a jam signal, and wait a random time before retrying,

How does CSMA/CA work? Where is it used?

a wireless networking protocol (like Wi-Fi) where devices listen before transmitting, wait a random back-off time if busy, and use acknowledgments to ensure data isn't lost, preventing collisions by being proactive

What is the role of MAC addresses?

provides a unique hardware identifier for devices on a local network (LAN), enabling data packets to be delivered to the correct machine

What is the 802.2 LLC sublayer?

Logical Link COntrol is an Upper part of Layer 2 that identifies the Network Layer protocol and provides a common interface above the MAC sublayer, independent of LAN technology.

What is the the 802.3 MAC sublayer

Media Acces Control is Lower part of Layer 2 that controls how Ethernet devices access the network, including framing, MAC addressing, and media access (CSMA/CD).

What is a collision domain?

a network segment where data packets from multiple devices can "collide" if sent simultaneously

What is the purpose of a MAC address table, when is it updated?

Allows for targetted sending so more efficient and less congestion over netwrok, pdated dynamically by reading source Mac addresses.

What are the 3 different frame forwarding methods on Cisco switches?

Store and forward (receive whole frame, CRC value check)

Fast forwarding(Cut trhough method, sent as soon as MAC address read)

Fragment free switching (wait for first 64bytes)

What are the benefits of VLANs?

better security, improved performance (less congestion), and simplified management,

What is intra VLAN communication?

data exchange between devices located within the same Virtual Local Area Network (VLAN), operating at Layer 2 (Data Link Layer) using MAC addresses, where a switch forwards traffic directly without needing a router

What are the two 802… protocols and where are they used?

802.3: Communications without VLAN tagging

802.1q: Communication with VLAn tagging

What is VLAN tagging?

VLAN tagging (IEEE 802.1Q) is a method of adding a small header with a VLAN ID (VID) to Ethernet frames, allowing multiple virtual networks (VLANs) to share a single physical link (trunk) while keeping traffic logically separate

What is the difference between VLAN access ports and VLAN trunk ports?

VLAN access ports connect single end-user devices (like PCs) to one VLAN, sending untagged frames, while VLAN trunk ports connect switches or routers, carrying traffic for multiple VLANs using tags (like 802.1Q) to keep them separate

What are the two different types of VLAN membership allocation methods?

Static VLAN memberships (ports manually assigned), Dynamic VLAN membership(automatically assigned using VMPS)

What are the different switchport modes?

dynamic auto, dynamic desirable, trunk, access

What are the available VLAN types?

• Default VLAN (VLAN 1): All ports on a new switch belong here; it's the starting point, cannot be deleted, and carries management/user data initially.

• Data VLANs (User VLANs): Separate networks for user devices (PCs, laptops) to segment traffic.

• Voice VLANs: Dedicated for Voice over IP (VoIP) traffic, ensuring high priority and quality of service (QoS) for calls.

• Management VLANs: Used for remote administration and monitoring of network devices (e.g., SSH, SNMP).

• Native VLAN: Carries untagged traffic on trunk links (802.1Q), often set to a unique, unused VLAN for security.

Why is disabling ports a switch security best practice?

reduces the network's attack surface, preventing unauthorized physical access and rogue device connections, thereby stopping attackers from easily gaining entry, plugging in malicious hardware

What is a blackhole VLAN?

an unused or isolated VLAN is created to "sink" unwanted or unknown network traffic, preventing it from affecting the main network, often by assigning all unused switch ports to it

Why is forcing switchport modes a best security practice

eliminates automated, attacker-exploitable negotiation protocols and enforces strict, predictable network segmentation. 

What are two MAC address related hacks?

MAC address flooding - overflowing the mac address table

MAC address spoofing: pretending to have another MAC address

What configuration exist on CIsco switches that allow us to control MAC address traffic?

Restricting MAC addresses (max) using static, dynamic or sticky

Actions: protect (invalid frames dropped), restict (violation counter incremented, shutdown (disables port)