4930 CCNA, 2nd edition

Cisco ICND1 Exam ObjectivesInterconnecting Cisco Networking Devices Part 1 ICND1 Exam Number: 640-822 ICND1 Associated Certifications: CCENT and CCNA Duration: 90 Minutes 50-60 questions

Trang 2

CCNA Second Edition

Jeremy Cioara, David Minutella, Heather Stevenson

Trang 3

mitted by any means, electronic, mechanical, photocopying, recording, or otherwise, without

writ-ten permission from the publisher No pawrit-tent liability is assumed with respect to the use of the

information contained herein Although every precaution has been taken in the preparation of this

book, the publisher and author assume no responsibility for errors or omissions Nor is any liability

assumed for damages resulting from the use of the information contained herein.

ISBN-13: 978-0-7897-3713-7

ISBN-10: 0-7897-3713-2

Library of Congress Cataloging-in-Publication Data

Cioara, Jeremy.

CCNA exam prep : (exam 640-802) / Jeremy Cioara, David Minutella,

Heather Stevenson 2nd ed.

p cm.

ISBN 978-0-7897-3713-7 (pbk w/cd)

1 Electronic data processing personnel Certification 2 Computer

networks Examinations Study guides I Minutella, David II.

Stevenson, Heather III Title

QA76.3.C4779 2007

004.6076 dc22

2007044227 Printed in the United States on America

First Printing: December 2007

Trademarks

All terms mentioned in this book that are known to be trademarks or service marks have been

appro-priately capitalized Pearson Education Inc cannot attest to the accuracy of this information Use of a

term in this book should not be regarded as affecting the validity of any trademark or service mark.

Cisco, Cisco Systems, CCENT, and CCNA are registered trademarks of Cisco Systems, Inc or its

affiliates in the U.S and certain other countries All other trademarks mentioned in this book are the

property of their respective owners.

Warning and Disclaimer

Every effort has been made to make this book as complete and as accurate as possible, but no

war-ranty or fitness is implied The information provided is on an “as is” basis The authors and the

publisher shall have neither liability nor responsibility to any person or entity with respect to any

loss or damages arising from the information contained in this book or from the use of the CD or

programs accompanying it.

Bulk Sales

Que Publishing offers excellent discounts on this book when ordered in quantity for bulk purchases

or special sales For more information, please contact

U.S Corporate and Government Sales

Christopher Cleveland

Technical Editors

David Camardella Steve Kalman

Trang 4

Cisco ICND1/ICND2/CCNA Exam Objectives xxxiii

Trang 5

Answers to Practice Exam 901

Trang 6

Introduction .1

How This Book Helps You 1

Network Hardware and Software Requirements 3

Advice on Taking the Exam .5

CHAPTER 1: Standard Internetworking Models .7

Introduction .10

What Is an Internetwork? 10

Types of Internetworks .11

Local Area Network (LAN) .11

Metropolitan Area Network (MAN) .12

Wide Area Network (WAN) .12

Storage Area Network (SAN) 14

Virtual Private Network (VPN) 14

Open Systems Interconnection (OSI) Model .14

Upper Layers .15

Application Layer 16

Presentation Layer 17

Session Layer .18

Lower Layers .18

Transport Layer .19

Network Layer .20

Data Link Layer 21

Physical Layer 23

OSI Layered Communications 24

TCP/IP Model 26

Application Layer 26

Transport Layer .27

Internet Layer 31

Network Interface Layer 33

Trang 7

Cisco 3-Layer Hierarchical Model .33

Access Layer .34

Distribution Layer .35

Core Layer .35

Chapter Summary .37

Key Terms .38

Apply Your Knowledge .39

Exercise .39

Review Questions 40

Exam Questions .40

Answers to Review Questions 44

Answers to Exam Questions .47

Suggested Reading and Resources 647

CHAPTER 20: Enabling Internet Connectivity with NAT .649

Introduction .652

NAT Concepts .653

Static NAT .654

Dynamic NAT .655

NAT Overload and Port Address Translation .656

NAT Terminology .657

Trang 22

Configuring NAT Using Cisco SDM 659Configuring NAT Overload 659Verifying NAT Configuration .672Troubleshooting NAT 675Chapter Summary .677Key Terms 677Apply Your Knowledge .678Review Questions 678Exam Questions .678Answers to Review Questions .681Answers to Exam Questions .681Suggested Reading and Resources 682

CHAPTER 21:

Command-Line NAT Implementation .683

Introduction .686Reviewing NAT Concepts .686NAT Configurations .689Static NAT .689Dynamic Pool Translations .695NAT Overload .699Verifying NAT Operation .704Troubleshooting NAT Operation .705Chapter Summary .708Key Terms 708Apply Your Knowledge .709Exercise .709Exam Questions .712Answers to Exam Questions .714Suggested Readings and Resources .715

CHAPTER 22:

Wide Area Network Connections .717

Introduction .720WAN Connection Types .720Leased Lines .721Circuit-Switched Networks .721

Trang 23

Packet-Switched Networks 722Broadband 722Virtual Private Networks (VPNs) .723Metropolitan Ethernet (Metro Ethernet) 723The WAN Physical Layer .724WAN Data Link Encapsulations .725Serial Line Internet Protocol (SLIP) .725Point-to-Point Protocol (PPP) .726Cisco High-Level Data Link Control (HDLC) .726X.25 Link Access Procedure, Balanced (LAPB) .726Frame Relay .726Asynchronous Transfer Mode (ATM) .726PPP over Ethernet (PPPoE) and PPP over ATM (PPPoA) .727Cisco HDLC .727PPP .727Sub-Layer 1: ISO HDLC 729Sub-Layer 2: Link Control Protocol (LCP) .729Sub-Layer 3: Network Control Protocol .733Configuring PPP .734Authentication .734Compression 736Verifying PPP 737Troubleshooting PPP .738Chapter Summary .741Key Terms 741Apply Your Knowledge .742Exercises .742Review Questions 745Exam Questions .745Answers to Review Questions .747Answers to Exam Questions .748Suggested Reading and Resources 749

CHAPTER 23:

Frame Relay 751

Introduction .754Frame Relay Overview .754

Trang 24

Virtual Circuits 755Hub and Spoke Design .756Partial Mesh Design .757Full Mesh Design 757Frame Relay Terminology .758Permanent Virtual Circuit .758Switched Virtual Circuit .758Local Management Interface .759Data Link Connection Identifier 759Local Access Rate 760Committed Information Rate 760Backwards Explicit Congestion Notification .761Forward Explicit Congestion Notification 762Discard Eligible .762The Nature of NBMA Networks .763Subinterfaces 764Multipoint Subinterfaces 764Point-to-Point Subinterfaces .765Address Mapping in Frame Relay .765Inverse ARP .765Static Mappings .766Configuring Frame Relay .766Configuring Frame Relay for a Single Neighbor .767Configuring Frame Relay That Uses a Multipoint Interface .773Configuring Frame Relay That Uses Point-to-Point Interfaces 780Verifying Frame Relay .785show frame-relay lmi .785show frame-relay pvc 785show frame-relay map .786Troubleshooting Frame Relay .786Chapter Summary .790Key Terms 791Apply Your Knowledge .792Exercises .792Review Questions 799Exam Questions .799

Trang 25

Answers to Review Questions .802Answers to Exam Questions .803Suggested Reading and Resources 804

CHAPTER 24:

Understanding VPN Connectivity .805

Introduction .808Understanding VPN Connectivity .808VPN Benefits and Considerations 809Types of VPNs .810The Pieces That Make a VPN Tick .814Understanding IPsec .815Encryption .816Diffie-Hellman 818Secure Socket Layer (SSL) .819Authentication/Data Integrity .820IPsec Protocols 821Chapter Summary .823Key Terms 823Apply Your Knowledge .824Review Questions 824Exam Questions .824Answers to Review Questions .826Answers to Exam Questions .827Suggested Readings and Resources .828

Fast Facts 829

OSI Model in Review .829Application Protocols Supported by the Application Layer .830Network Domains .832Cabling, Lines, and Services .833MAC Addressing .834Framing and Duplex Types .835WAN Interfaces .835Memory Types .836IOS File Naming Conventions .836Utilities Using ICMP .837

Trang 26

Network Security 837Access Attacks 837Reconnaissance Attacks 838Denial of Service (DoS) Attacks 838Mitigating Network Threats .838

IP Addressing .838Classless Addressing .840Private Ranges .840Subnetting 840IPv6 .841Types of IPv6 Addresses .842Integrating IPv4 and IPv6 .842Layer 3 Functions .842IOS Terminal Access Methodologies .843IOS Boot Processes .843IOS Navigation .844Context-Sensitive Help 844Terminal Editing Keys .844Syntax Errors .845Global Configuration Commands 845Securing the IOS .845SSH .846Interface Configuration Commands .847Switch Commands 847The copy Command .847The show Command 848Interface Status 848Cisco Discovery Protocol .849Telnet 849DHCP .850Switches 850Duplex Connections .851Spanning Tree Protocol IEEE 802.1d .851Rapid Spanning Tree Protocol 853RSTP Convergence 854

Trang 27

Virtual LANs (VLANs) 854VLAN Configuration .854Voice VLANs .855Trunks .855Trunk Configuration .855VLAN Trunking Protocol .855VTP Configuration .856InterVLAN Routing .856Port Security 857Routing Characteristics 857Routing Sources .857Static and Default Routes .858Dynamic Routing Protocols 858Routing Metrics .859Interior and Exterior Gateway Routing Protocols .859Classful and Classless Routing Updates .859Routing Protocol Classes .860Redistribution 860Distance Vector Routing Loop Mitigation .860RIP and RIPv2 .861RIP Configuration .862Verifying and Troubleshooting RIP .862OSPF Characteristics .862OSPF Configuration .864Verifying and Troubleshooting OSPF .865EIGRP Characteristics .865EIGRP Configuration 866Verifying and Troubleshooting EIGRP .866Passive Interfaces .866Wireless Networking .867Wireless Security and Implementation 867Cisco Access Lists .869TCP Ports 871UDP Ports .871

Trang 28

Network Address Translation (NAT) .872Wide-Area Networks .874Frame Relay .876VPN Connectivity 879

Practice Exam .881 Answers to Practice Exam .901

Answers at a Glance 901Answers with Explanations .902

APPENDIX

What’s on the CD-ROM .911

Multiple Test Modes .911Study Mode 911Certification Mode .911Custom Mode 911Attention to Exam Objectives .912Installing the CD .912Creating a Shortcut to the MeasureUp Practice Tests .913Technical Support .913

Glossary .915 Index 943

Trang 30

Jeremy Cioara(CCIE, CCVP, CCSP) works in many facets of the Cisco networking realm As

an author, he has written multiple books for Cisco Press and Exam Cram As an instructor, heteaches at Interface Technical Training (www.interfacett.com) in Phoenix, Arizona Likewise,Jeremy has recorded many E-Learning titles at CBTNuggets (www.cbtnuggets.com) Finally,Jeremy is the CIO of AdTEC Networks and works as a network consultant focusing on Cisconetwork and Voice over IP (VoIP) implementations What’s more? Jeremy also runs the CiscoBlog (www.ciscoblog.com) in his “free time.” Thankfully, he is married to the Certified BestWife in the World (CBWW) who helps him manage his time and priorities and prevents himfrom getting an enormous Cisco-logo tattooed across his chest

Dave Minutella (CCNP, CCDP, INFOSEC, CISSP, CTP, MCSA, MCDST, Security+,Network+, A+) has been working in the IT and telecom industry for over 14 years He cur-rently serves as Vice President of Educational Services for Training Camp Before that, he wasthe lead Cisco instructor, primarily teaching CCNA, CCDA, and CCNP courses Dave is also

the technical author of CSVPN Exam Cram 2 from Que Publishing and is the present Cisco

certifications expert for SearchNetworking.com’s Ask the Networking Expert panel

Heather Stevenson(CCNP) has over 7 years of experience in the IT industry and is currently

a senior network engineer at a global manufacturing company She has written a number oftechnical training guides and mentored fellow IT professionals throughout her career Whenshe is not working, Heather still loves spending time with her network of friends and family

Trang 31

From Jeremy: I’d like to dedicate this book to my newest daughter, Isabella She’s currently six

months old and is staring at me right now from a soft blanket on the floor By the time she’s old enough to read this, this book will probably be outdated as we will all have Ethernet ports implanted

in our skull (I’m opting for a wireless connection, myself) Hopefully, if we remember to pull this book off the shelf and read this dedication I can tell her what amazing joy she has brought me This tiny, arm flailing, cooing, cheesy-grinning, soft, delicate, playful, yet scandalously sly, giggling little girl has become my addiction I hope I can always help her know how incredibly special she is to me.

From Dave: This book is dedicated to my soon-to-be daughter, Chloe By the time this book is

print-ed, you will be born and your exquisite mother and I can have longwinded debates about which event was more distressing I very well may have written books about Cisco technology and whatnot, but as

for incredible blessings, it’s you who wrote the book.

From Heather: I would like to dedicate this book to anyone and everyone who has ever helped me in

my pursuit to learn I have been fortunate enough to have many wonderful teachers in my life Not just school teachers, but family and friends who have given me their hand along the way.

Trang 32

From Jeremy: My number one acknowledgment always goes to God who has blessed me in

more ways than I even realize Thank you for granting me the talent to be successful in therealm of Cisco networking Please allow me to use these talents to accomplish more for Yourkingdom than an Ethernet cable ever could Thanks to my darling wife, Susan You are myeyes and ears that help me to see what is REALLY going on around me I love you! And last,but not least: Thank you fish swimming in the big fish tank next to me You bring me muchpeace and serenity as I sit here typing these acknowledgments Especially the big yellowButterfly fish that swims this way and that Swish, swish, swish Swish, swish

From Dave: As always, I would like to put to paper yet again my undying gratitude and love

to my wife, Marsha Your beautiful spirit outshines the sun even on the brightest of days I alsowould like to thank my family and family-in-laws for your unwavering support I especiallywant to honor my mother-in-law, Pattie, who touched so many throughout her life Wordscannot fill the sorrow in our hearts, but your memories and spirit give us strength We willmiss you

From Heather: I would like to send out a huge hug and thank you to my parents and my

Dustin Dustin has been by my side for as long as I have been working in this industry He eventook me to my junior prom many, many years ago His support is immeasurable I am so lucky

to have amazing people around me to keep me sane Finally, DYB Bear and Grumpy Nigel alsodeserve a special hello Hello!

Trang 33

As the reader of this book, you are our most important critic and commentator We value your

opinion and want to know what we’re doing right, what we could do better, what areas you’dlike to see us publish in, and any other words of wisdom you’re willing to pass our way

As an associate publisher for Que Publishing, I welcome your comments You can email orwrite me directly to let me know what you did or didn’t like about this book—as well as what

we can do to make our books better

Please note that I cannot help you with technical problems related to the topic of this book We do have

a User Services group, however, where I will forward specific technical questions related to the book.

When you write, please be sure to include this book’s title and author as well as your name,email address, and phone number I will carefully review your comments and share them withthe author and editors who worked on the book

Trang 34

Cisco ICND1 Exam Objectives

Interconnecting Cisco Networking Devices Part 1 (ICND1)

Exam Number: 640-822 ICND1 Associated Certifications: CCENT and CCNA Duration: 90 Minutes (50-60 questions)

Exam Description

The 640-822 Interconnecting Cisco Networking Devices Part 1 (ICND1) is the exam associated with the Cisco Certified Entry Network Technician (CCENT) certification and a tangible first step in achieving the Cisco Certified Network Associate certification Candidates can prepare for this exam by taking the Interconnecting Cisco Networking Devices Part 1 (ICND1) v1.0 course This exam tests a candidate’s knowledge and skills required to successfully install, operate, and troubleshoot a small branch office network The exam includes topics on networking fundamentals; connecting to a WAN; basic security and wireless concepts; routing and switching fundamentals; the TCP/IP and OSI models; IP addressing; WAN technologies; operating and configuring IOS devices; configuring RIPv2, static and default routing; implementing NAT and DHCP; and configuring simple networks.

Exam Topics

The following topics are general guidelines for the content likely to be included on the Interconnecting Cisco Networking Devices Part 1 exam However, other related topics may also appear on any specific delivery of the exam In order to better reflect the contents of the exam and for clarity purposes, the guidelines below may change at any time without notice.

Describe the operation of data networks

Describe the purpose and functions of various

network devices

Select the components required to meet a given

network specification

Use the OSI and TCP/IP models and their

asso-ciated protocols to explain how data flows in a

network

Describe common networking applications

including web applications

Describe the purpose and basic operation of the

protocols in the OSI and TCP models

Describe the impact of applications (Voice Over

IP and Video Over IP) on a network

Interpret network diagrams

Determine the path between two hosts across a

network

Describe the components required for network

and Internet communications

Identify and correct common network problems

at layers 1, 2, 3 and 7 using a layered model

approach

Differentiate between LAN/WAN operation and

features

Implement a small switched network

Select the appropriate media, cables, ports, and connectors to connect switches to other network devices and hosts

Explain the technology and media access trol method for Ethernet technologies Explain network segmentation and basic traffic management concepts

con- Explain the operation of Cisco switches and basic switching concepts

Perform, save, and verify initial switch configuration tasks including remote access management

Verify network status and switch operation using basic utilities (including: ping, traceroute, telnet, SSH, arp, ipconfig), SHOW & DEBUG commands

Implement and verify basic security for a switch (port security, deactivate ports)

Identify, prescribe, and resolve common switched network media issues, configuration issues, autonegotiation, and switch hardware failures

Continues on Following Page

Trang 35

services to meet network requirements for a

small branch office

Describe the need and role of addressing in a

network

Create and apply an addressing scheme to a

network

Assign and verify valid IP addresses to hosts,

servers, and networking devices in a LAN

environment

Explain the basic uses and operation of NAT in a

small network connecting to one ISP

Describe and verify DNS operation

Describe the operation and benefits of using

pri-vate and public IP addressing

Enable NAT for a small network with a single

ISP and connection using SDM and verify

oper-ation using CLI and ping

Configure, verify, and troubleshoot DHCP and

DNS operation on a router.(including: CLI/SDM)

Implement static and dynamic addressing

serv-ices for hosts in a LAN environment

Identify and correct IP addressing issues

Implement a small routed network

Describe basic routing concepts (including:

packet forwarding, router lookup process)

Describe the operation of Cisco routers

(includ-ing: router bootup process, POST, router

components)

Select the appropriate media, cables, ports, and

connectors to connect routers to other network

devices and hosts

Configure, verify, and troubleshoot RIPv2

Access and utilize the router CLI to set basic

parameters

Connect, configure, and verify operation status

of a device interface

Verify device configuration and network

connec-tivity using ping, traceroute, telnet, SSH, or

Explain and select the appropriate trative tasks required for a WLAN

adminis- Describe standards associated with wireless media (including: IEEE WI-FI Alliance, ITU/FCC) Identify and describe the purpose of the components in a small wireless network (including: SSID, BSS, ESS)

Identify the basic parameters to configure on a wireless network to ensure that devices connect

to the correct access point Compare and contrast wireless security features and capabilities of WPA security (including: open, WEP, WPA-1/2)

Identify common issues with implementing wireless networks

Identify security threats to a network and describe general methods to mitigate those threats

Explain today’s increasing network security threats and the need to implement a comprehensive security policy to mitigate the threats Explain general methods to mitigate common security threats to network devices, hosts, and applications

Describe the functions of common security appliances and applications

Describe security recommended practices including initial steps to secure network devices

Implement and verify WAN links

Describe different methods for connecting to a WAN

Configure and verify a basic WAN serial connection

Trang 36

Exam Number: 640-816 ICND2 Associated Certifications: CCNA Duration: 75 minutes (45-55 questions)

The 640-816 Interconnecting Cisco Networking Devices Part 2 (ICND2) is the exam associated with the Cisco Certified Network Associate certification Candidates can prepare for this exam by taking the Interconnecting Cisco Networking Devices Part 2 (ICND2) v1.0 course This exam tests a candidate’s knowledge and skills required to successfully install, operate, and troubleshoot a small to medium size enterprise branch network The exam covers topics on VLSM and IPv6 addressing; extending switched networks with VLANs; configuring, verifying and troubleshooting VLANs; the VTP, RSTP, OSPF and EIGRP protocols; determining IP routes; managing IP traffic with access lists; NAT and DHCP; establishing point-to-point connections; and establishing Frame Relay connections.

Exam Topics

The following topics are general guidelines for the content likely to be included on the Interconnecting Cisco Networking Devices Part 2 exam However, other related topics may also appear on any specific delivery of the exam In order to better reflect the contents of the exam and for clarity purposes, the guidelines below may change at any time without notice.

Configure, verify and troubleshoot a switch

with VLANs and interswitch communications

Describe enhanced switching technologies

(including: VTP, RSTP, VLAN, PVSTP, 802.1q)

Describe how VLANs create logically separate

networks and the need for routing between them

Configure, verify, and troubleshoot VLANs

Configure, verify, and troubleshoot trunking on

Cisco switches

Configure, verify, and troubleshoot interVLAN

routing

Configure, verify, and troubleshoot VTP

Configure, verify, and troubleshoot RSTP

operation

Interpret the output of various show and debug

commands to verify the operational status of a

Cisco switched network

Implement basic switch security (including: port

security, unassigned ports, trunk access, etc.)

Implement an IP addressing scheme and IP

Services to meet network requirements in a

medium-size Enterprise branch office network

Calculate and apply a VLSM IP addressing

design to a network

Determine the appropriate classless addressing

scheme using VLSM and summarization to

sat-isfy addressing requirements in a LAN/WAN

environment

Describe the technological requirements for running IPv6 (including: protocols, dual stack, tunneling, etc)

Describe IPv6 addresses Identify and correct common problems associated with IP addressing and host configurations

Configure and troubleshoot basic operation and routing on Cisco devices

Compare and contrast methods of routing and routing protocols

Configure, verify and troubleshoot OSPF Configure, verify and troubleshoot EIGRP Verify configuration and connectivity using ping, traceroute, and telnet or SSH

Troubleshoot routing implementation issues Verify router hardware and software operation using SHOW & DEBUG commands

Implement basic router security

Implement, verify, and troubleshoot NAT and ACLs in a medium-size Enterprise branch office network

Describe the purpose and types of access control lists

Configure and apply access control lists based

on network filtering requirements

Trang 37

Describe how a network works

Describe the purpose and functions of various

network devices

Select the components required to meet a

net-work specification

Use the OSI and TCP/IP models and their

asso-ciated protocols to explain how data flows in a

network

Describe common networked applications

including web applications

Describe the purpose and basic operation of the

protocols in the OSI and TCP models

Describe the impact of applications (Voice Over

IP and Video Over IP) on a network

Interpret network diagrams

limit telnet and SSH access to the router

Verify and monitor ACL’s in a network

environment

Troubleshoot ACL implementation issues

Explain the basic operation of NAT

Configure Network Address Translation for

given network requirements using CLI

Troubleshoot NAT implementation issues

Configure and verify Frame Relay on Cisco routers

Troubleshoot WAN implementation issues Describe VPN technology (including: impor- tance, benefits, role, impact, components) Configure and very PPP connection between Cisco routers

Cisco CCNA Exam Objectives

Cisco Certified Network Associate (CCNA) Exam Number: 640-802 CCNA Associated Certifications: CCNA Duration: 90 Minutes (50-60 questions)

The 640-802 Cisco Certified Network Associate (CCNA) is the composite exam associated with the Cisco Certified Network Associate certification Candidates can prepare for this exam by taking the Interconnecting Cisco Networking Devices Part 1 (ICND1) v1.0 and the Interconnecting Cisco Networking Devices Part 2 (ICND2) v1.0 courses This exam tests a candidate’s knowledge and skills required to install, operate, and troubleshoot a small to medium size enterprise branch network The topics include connecting to a WAN; implementing network security; network types; network media; routing and switching fundamentals; the TCP/IP and OSI models; IP addressing; WAN technologies; operating and configuring IOS devices; extending switched networks with VLANs; determining IP routes; managing IP traffic with access lists; establishing point-to-point connections; and establishing Frame Relay connections.

Exam Topics

The following topics are general guidelines for the content likely to be included on the Cisco Certified Network Associate exam However, other related topics may also appear on any specific delivery of the exam In order to better reflect the contents of the exam and for clarity purposes, the guidelines below may change at any time without notice.

Determine the path between two hosts across a network

Describe the components required for network and Internet communications

Identify and correct common network problems

at layers 1, 2, 3 and 7 using a layered model approach

Differentiate between LAN/WAN operation and features

Configure, verify and troubleshoot a switch with VLANs and interswitch communications

Select the appropriate media, cables, ports, and connectors to connect switches to other network devices and hosts

Trang 38

Explain network segmentation and basic traffic

management concepts

Explain basic switching concepts and the

opera-tion of Cisco switches

Perform and verify initial switch configuration

tasks including remote access management

Verify network status and switch operation

using basic utilities (including: ping, traceroute,

telnet, SSH, arp, ipconfig), SHOW & DEBUG

commands

Identify, prescribe, and resolve common

switched network media issues, configuration

issues, auto negotiation, and switch hardware

failures

Describe enhanced switching technologies

(including: VTP, RSTP, VLAN, PVSTP, 802.1q)

Describe how VLANs create logically separate

networks and the need for routing between

them

Configure, verify, and troubleshoot VLANs

Configure, verify, and troubleshoot trunking on

Cisco switches

Configure, verify, and troubleshoot interVLAN

routing

Configure, verify, and troubleshoot VTP

Configure, verify, and troubleshoot RSTP

operation

Interpret the output of various show and debug

commands to verify the operational status of a

Cisco switched network.

Implement basic switch security (including: port

security, trunk access, management vlan other

than vlan1, etc.)

Implement an IP addressing scheme and IP

Services to meet network requirements in

a medium-size Enterprise branch office

network

Describe the operation and benefits of using

pri-vate and public IP addressing

Explain the operation and benefits of using

DHCP and DNS

Configure, verify and troubleshoot DHCP and

DNS operation on a router.(including: CLI/SDM)

Implement static and dynamic addressing

serv-ices for hosts in a LAN environment

Calculate and apply an addressing scheme

including VLSM IP addressing design to a

network

environment Describe the technological requirements for running IPv6 in conjunction with IPv4 (including: protocols, dual stack, tunneling, etc) Describe IPv6 addresses

Identify and correct common problems ated with IP addressing and host configurations

associ-Configure, verify, and troubleshoot basic router operation and routing on Cisco devices

Describe basic routing concepts (including: packet forwarding, router lookup process) Describe the operation of Cisco routers (including: router bootup process, POST, router components)

Select the appropriate media, cables, ports, and connectors to connect routers to other network devices and hosts

Configure, verify, and troubleshoot RIPv2 Access and utilize the router to set basic parameters.(including: CLI/SDM)

Connect, configure, and verify operation status

of a device interface Verify device configuration and network connectivity using ping, traceroute, telnet, SSH or other utilities

Perform and verify routing configuration tasks for a static or default route given specific routing requirements

Manage IOS configuration files (including: save, edit, upgrade, restore)

Manage Cisco IOS Compare and contrast methods of routing and routing protocols

Configure, verify, and troubleshoot OSPF Configure, verify, and troubleshoot EIGRP Verify network connectivity (including: using ping, traceroute, and telnet or SSH) Troubleshoot routing issues Verify router hardware and software operation using SHOW & DEBUG commands.

Implement basic router security

Explain and select the appropriate trative tasks required for a WLAN

adminis- Describe standards associated with wireless media (including: IEEE WI-FI Alliance, ITU/FCC)

Trang 39

nents in a small wireless network (Including:

SSID, BSS, ESS)

Identify the basic parameters to configure on a

wireless network to ensure that devices connect

to the correct access point

Compare and contrast wireless security features

and capabilities of WPA security (including:

open, WEP, WPA-1/2)

Identify common issues with implementing

wireless networks (Including: Interface,

miss-configuration)

Identify security threats to a network and

describe general methods to mitigate those

threats

Describe today’s increasing network security

threats and explain the need to implement a

comprehensive security policy to mitigate the

threats

Explain general methods to mitigate common

security threats to network devices, hosts, and

applications

Describe the functions of common security

appliances and applications

Describe security recommended practices

including initial steps to secure network devices

ACLs in a medium-size Enterprise branch office network

Describe the purpose and types of ACLs Configure and apply ACLs based on network filtering requirements.(including: CLI/SDM) Configure and apply an ACLs to limit telnet and SSH access to the router using (including: SDM/CLI)

Verify and monitor ACLs in a network environment

.Troubleshoot ACL issues Explain the basic operation of NAT Configure NAT for given network requirements using (including: CLI/SDM)

.Troubleshoot NAT issues

Implement and verify WAN links

Describe different methods for connecting to a WAN

Configure and verify a basic WAN serial connection

Configure and verify Frame Relay on Cisco routers

Troubleshoot WAN implementation issues Describe VPN technology (including: impor- tance, benefits, role, impact, components) Configure and verify a PPP connection between Cisco routers

Trang 40

The Cisco Certified Network Associate (CCNA) accreditation has become the leading ductory-level network certification available today The CCNA certification is recognized byemployers as providing candidates with a solid foundation of Cisco networking concepts, ter-minology, and skills The CCNA exam covers a broad range of networking concepts to preparecandidates for the technologies they are likely to work with in today’s network environments.This book is your one-stop shop Everything you need to know to pass the exam is in here.You do not have to take a class in addition to buying this book to pass the exam However,depending on your personal study habits or learning style, you might benefit from buying this

intro-book and taking a class Taking a CCNA certification class gives you dedicated study time and

precious hands-on experience with live Cisco equipment

Exam Preps are meticulously crafted to give you the best possible learning experience for the

particular characteristics of the technology covered and the actual certification exam The

instructional design implemented in the Exam Preps reflects the task- and experience-based nature of Cisco certification exams The Exam Preps provide the factual knowledge base you

need for the exams and then take it to the next level, with exercises and exam questions thatare required in the CCNA certification

Cisco has split the single CCNA test into two separate exams, ICND1 and ICND2 Althoughthe single CCNA exam still remains, Cisco recommends that only those who are recertifying

an existing CCNA certification take this exam This CCNA Exam Prep title prepares you for

both the ICND1 exam, which covers the foundational Cisco network concepts andconfigurations, and the ICND2 exam, which covers the more advanced network concepts andconfigurations Personally, we recommend that you follow Cisco’s advice on taking the two-exam path rather than the single CCNA exam Although it may be tempting to go after theone-test “fast-track,” this single exam is extremely difficult and has discouraged many poten-tial CCNA candidates from continuing on their Cisco certification journey

How This Book Helps You

This book takes you on a self-guided tour of all the areas covered by the CCNA exam andteaches you the specific skills you need to achieve your certification This book also containshelpful hints, tips, real-world examples, and exercises, as well as references to additional studymaterials Specifically, this book is set up to help you in the following ways:

Định dạng
Số trang	1.009
Dung lượng	15,67 MB