CLI

0.0(0)
Studied by 0 people
call kaiCall Kai
Locked
learnLearn
examPractice Test
spaced repetitionSpaced Repetition
heart puzzleMatch
flashcardsFlashcards
GameKnowt Play
Card Sorting

1/45

encourage image

There's no tags or description

Looks like no tags are added yet.

Last updated 10:42 PM on 6/21/26
Name
Mastery
Learn
Test
Matching
Spaced
Call with Kai
Chat

No analytics yet

Send a link to your students to track their progress

46 Terms

1
New cards

To create and name VLAN 10 on a Cisco switch

vlan 10 name DATA Used with/for

2
New cards

When assigning GigabitEthernet0/1 as access port in VLAN 10

interface GigabitEthernet0/1 switchport mode access switchport access vlan 10 Used with/for

3
New cards

When configuring voice VLAN 50 on access port Gi0/1 for IP phones

interface GigabitEthernet0/1 switchport mode access switchport access vlan 10 switchport voice vlan 50 Used with/for

4
New cards

When setting up 802.1Q trunk on Gi0/1 with native VLAN 99 and allowed VLANs 10,20

interface GigabitEthernet0/1 switchport mode trunk switchport trunk native vlan 99 switchport trunk allowed vlan 10,20 Used with/for

5
New cards

When configuring Router-on-a-Stick subinterface for VLAN 10 inter-VLAN routing

On router interface GigabitEthernet0/0.10 encapsulation dot1q 10 ip address 192.168.10.1 255.255.255.0 On connected switch

6
New cards

When bundling Gi0/1 and Gi0/2 into LACP EtherChannel group 1 (active mode both ends)

interface range GigabitEthernet0/1 - 2 channel-group 1 mode active interface Port-channel1 switchport mode trunk Used with/for

7
New cards

When enabling port security with sticky MACs max 2 addresses violation shutdown on access port

interface GigabitEthernet0/1 switchport mode access switchport port-security switchport port-security maximum 2 switchport port-security mac-address sticky switchport port-security violation shutdown Used with/for

8
New cards

When locking port to specific static MAC with port security

interface GigabitEthernet0/1 switchport port-security switchport port-security mac-address 0011.2233.4455 Used with/for

9
New cards

When configuring IPv4 static route to 172.16.0.0/16 via next-hop 10.1.1.2

ip route 172.16.0.0 255.255.0.0 10.1.1.2 Used with/for

10
New cards

When adding default static route (gateway of last resort)

ip route 0.0.0.0 0.0.0.0 192.168.1.1 Used with/for

11
New cards

When creating floating static route as backup (AD 120 > OSPF 110)

ip route 10.0.0.0 255.0.0.0 192.168.2.1 120 Used with/for

12
New cards

When configuring IPv6 static route

ipv6 route 2001:db8:1::/64 2001:db8:2::1 Used with/for

13
New cards

When assigning IPv4 address and enabling interface

interface GigabitEthernet0/0 ip address 192.168.1.1 255.255.255.0 no shutdown Used with/for

14
New cards

When configuring IPv6 global unicast with EUI-64

interface GigabitEthernet0/0 ipv6 address 2001:db8:1::/64 eui-64 Used with/for

15
New cards

When manually setting link-local IPv6 address

interface GigabitEthernet0/0 ipv6 address fe80::1 link-local Used with/for

16
New cards

When enabling single-area OSPFv2 and advertising networks with wildcard masks into area 0

router ospf 1 router-id 1.1.1.1 network 192.168.1.0 0.0.0.255 area 0 network 10.0.0.0 0.255.255.255 area 0 Used with/for

17
New cards

When forcing specific OSPF Router-ID

router ospf 1 router-id 2.2.2.2 Used with/for

18
New cards

When influencing OSPF DR/BDR election (higher priority wins, set 0 to never become DR)

interface GigabitEthernet0/0 ip ospf priority 100 Used with/for

19
New cards

When making OSPF interfaces passive (no hellos, still advertise network)

router ospf 1 passive-interface default no passive-interface GigabitEthernet0/1 Used with/for

20
New cards

When creating numbered standard ACL and applying inbound

access-list 10 permit 192.168.10.0 0.0.0.255 interface GigabitEthernet0/0 ip access-group 10 in Used with/for

21
New cards

When building named standard ACL with logging

ip access-list standard NO_SALES permit 192.168.20.0 0.0.0.255 deny any log interface GigabitEthernet0/1 ip access-group NO_SALES out Used with/for

22
New cards

When creating extended numbered ACL permitting web traffic from subnet (p#80/443)

access-list 100 permit tcp 192.168.1.0 0.0.0.255 any eq 80 access-list 100 permit tcp 192.168.1.0 0.0.0.255 any eq 443 interface GigabitEthernet0/0 ip access-group 100 in Used with/for

23
New cards

When building named extended ACL allowing SSH (p#22) from management subnet only

ip access-list extended MGMT_SSH permit tcp 10.0.0.0 0.0.0.255 any eq 22 deny ip any any log Used with/for

24
New cards

When configuring static NAT one-to-one mapping

interface GigabitEthernet0/0 ip nat inside interface GigabitEthernet0/1 ip nat outside ip nat inside source static 192.168.1.50 203.0.113.50 Used with/for

25
New cards

When setting up dynamic NAT with address pool

ip nat pool PUBLIC 203.0.113.10 203.0.113.20 netmask 255.255.255.0 access-list 1 permit 192.168.0.0 0.0.255.255 ip nat inside source list 1 pool PUBLIC interface GigabitEthernet0/0 ip nat inside interface GigabitEthernet0/1 ip nat outside Used with/for

26
New cards

When enabling PAT/NAT overload sharing single public IP

ip nat inside source list 1 interface GigabitEthernet0/1 overload (plus matching ACL and inside/outside interfaces) Used with/for

27
New cards

When configuring DHCP server with exclusions and options

ip dhcp excluded-address 192.168.1.1 192.168.1.10 ip dhcp pool LANPOOL network 192.168.1.0 255.255.255.0 default-router 192.168.1.1 dns-server 8.8.8.8 Used with/for

28
New cards

When turning interface into DHCP relay to remote server

interface GigabitEthernet0/0 ip helper-address 192.168.100.10 Used with/for

29
New cards

When creating local privileged user for device access

username admin privilege 15 secret StrongPass123! Used with/for

30
New cards

When securing console line with local login

line console 0 login local exec-timeout 5 0 Used with/for

31
New cards

When enabling SSH on VTY lines (after hostname + ip domain-name + crypto key generate rsa modulus 1024)

line vty 0 4 transport input ssh login local Used with/for

32
New cards

When protecting privileged mode

enable secret MyEnableSecret Used with/for

33
New cards

When obfuscating plain-text passwords in config

service password-encryption Used with/for

34
New cards

When verifying VLAN configuration and ports

show vlan brief Used with/for

35
New cards

When checking trunk ports and native VLAN status

show interfaces trunk Used with/for

36
New cards

When verifying EtherChannel status and ports

show etherchannel summary Used with/for

37
New cards

When checking port security status and learned MACs

show port-security interface GigabitEthernet0/1 Used with/for

38
New cards

When viewing full IP routing table including static and OSPF routes

show ip route Used with/for

39
New cards

When checking OSPF neighbor adjacencies and states

show ip ospf neighbor Used with/for

40
New cards

When seeing OSPF-enabled interfaces and areas

show ip ospf interface brief Used with/for

41
New cards

When displaying configured ACLs and hit counts

show access-lists Used with/for

42
New cards

When viewing active NAT translations and types

show ip nat translations Used with/for

43
New cards

When checking DHCP server bindings and leases

show ip dhcp binding Used with/for

44
New cards

When confirming local usernames and privilege levels

show running-config | section username Used with/for

45
New cards

When verifying SSH status and connections

show ssh Used with/for

46
New cards

When generating RSA keys required for SSH

crypto key generate rsa modulus 1024 Used with/for