Giáo trình đổi mới của cisco nhằm thay đổi hệ thống chứng chỉ của họ, sự thay đổi này gồm những kiến thức mới và công nghệ mới đực áp dụng trong các công nghệ của cisco. Đây là tài liệu co các bạn mới bắt đầu theo học
Trang 25 About the Author
6 About the Contributing Author
7 About the Technical Reviewer
8 Acknowledgments
9 Contents at a Glance
10 Reader Services
11 Icons Used in This Book
12 Command Syntax Conventions
13 Contents
14 Introduction
1 About Cisco Certifications and CCNA
2 Book Features
3 Book Organization, Chapters, and Appendixes
4 About Building Hands-On Skills
5 For More Information
15 Figure Credits
16 Part I: IP Access Control Lists
1 Chapter 1 Introduction to TCP/IP Transport and Applications
1 “Do I Know This Already?” Quiz
Trang 31 “Do I Know This Already?” Quiz
2 Foundation Topics
3 IPv4 Access Control List Basics
4 Standard Numbered IPv4 ACLs
5 Practice Applying Standard IP ACLs
6 Chapter Review
3 Chapter 3 Advanced IPv4 Access Control Lists
1 “Do I Know This Already?” Quiz
2 Foundation Topics
3 Extended Numbered IP Access Control Lists
4 Named ACLs and ACL Editing
5 Chapter Review
4 Part I Review
17 Part II: Security Services
1 Chapter 4 Security Architectures
1 “Do I Know This Already?” Quiz
2 Foundation Topics
3 Security Terminology
4 Common Security Threats
5 Controlling and Monitoring User Access
6 Developing a Security Program to Educate Users
7 Chapter Review
2 Chapter 5 Securing Network Devices
1 “Do I Know This Already?” Quiz
2 Foundation Topics
3 Securing IOS Passwords
4 Firewalls and Intrusion Prevention Systems
5 Chapter Review
3 Chapter 6 Implementing Switch Port Security
1 “Do I Know This Already?” Quiz
2 Foundation Topics
3 Port Security Concepts and Configuration
Trang 44 Port Security Violation Modes
5 Chapter Review
4 Chapter 7 Implementing DHCP
1 “Do I Know This Already?” Quiz
2 Foundation Topics
3 Dynamic Host Configuration Protocol
4 Identifying Host IPv4 Settings
5 Chapter Review
5 Chapter 8 DHCP Snooping and ARP Inspection
1 “Do I Know This Already?” Quiz
2 Foundation Topics
3 DHCP Snooping
4 Dynamic ARP Inspection
5 Chapter Review
6 Part II Review
18 Part III: IP Services
1 Chapter 9 Device Management Protocols
1 “Do I Know This Already?” Quiz
2 Foundation Topics
3 System Message Logging (Syslog)
4 Network Time Protocol (NTP)
5 Analyzing Topology Using CDP and LLDP
6 Chapter Review
2 Chapter 10 Network Address Translation
1 “Do I Know This Already?” Quiz
2 Foundation Topics
3 Perspectives on IPv4 Address Scalability
4 Network Address Translation Concepts
5 NAT Configuration and Troubleshooting
6 Chapter Review
3 Chapter 11 Quality of Service (QoS)
Trang 51 “Do I Know This Already?” Quiz
4 Chapter 12 Miscellaneous IP Services
1 “Do I Know This Already?” Quiz
2 Foundation Topics
3 First Hop Redundancy Protocol
4 Simple Network Management Protocol
5 FTP and TFTP
6 Chapter Review
5 Part III Review
19 Part IV: Network Architecture
1 Chapter 13 LAN Architecture
1 “Do I Know This Already?” Quiz
2 Foundation Topics
3 Analyzing Campus LAN Topologies
4 Small Office/Home Office
5 Power over Ethernet (PoE)
6 Chapter Review
2 Chapter 14 WAN Architecture
1 “Do I Know This Already?” Quiz
Trang 61 “Do I Know This Already?” Quiz
2 Foundation Topics
3 Server Virtualization
4 Cloud Computing Services
5 WAN Traffic Paths to Reach Cloud Services
6 Chapter Review
4 Part IV Review
20 Part V: Network Automation
1 Chapter 16 Introduction to Controller-Based
Networking
1 “Do I Know This Already?” Quiz
2 Foundation Topics
3 SDN and Controller-Based Networks
4 Examples of Network Programmability and SDN
5 Comparing Traditional Versus Controller-Based Networks
6 Chapter Review
2 Chapter 17 Cisco Software-Defined Access (SDA)
1 “Do I Know This Already?” Quiz
2 Foundation Topics
3 SDA Fabric, Underlay, and Overlay
4 DNA Center and SDA Operation
5 DNA Center as a Network Management Platform
6 Chapter Review
3 Chapter 18 Understanding REST and JSON
1 “Do I Know This Already?” Quiz
2 Foundation Topics
3 REST-Based APIs
4 Data Serialization and JSON
5 Chapter Review
4 Chapter 19 Understanding Ansible, Puppet, and Chef
1 “Do I Know This Already?” Quiz
Trang 72 Foundation Topics
3 Device Configuration Challenges and Solutions
4 Ansible, Puppet, and Chef Basics
5 Chapter Review
5 Part V Review
21 Part VI: Final Review
1 Chapter 20 Final Review
1 Advice About the Exam Event
2 Exam Review
22 Part VII: Appendixes
1 Appendix A Numeric Reference Tables
2 Appendix B CCNA 200-301, Volume 2 Exam Updates
1 Always Get the Latest at the Book’s Product Page
Trang 81 Appendix D Topics from Previous Editions
1 Cisco Device Hardening
2 Implementing DHCP
3 Troubleshooting with IPv4 ACLs
4 Implementing HSRP
5 Gateway Load Balancing Protocol (GLBP)
6 Implementing Simple Network Management
2 Answers to Earlier Practice Problems
3 Appendix F Previous Edition ICND1 Chapter 35:
Managing IOS Files
1 Managing Cisco IOS Images and Upgrades
2 Password Recovery
3 Managing Configuration Files
4 Command References
4 Appendix G Exam Topics Cross-Reference
1 CCNA 200-301 Exam Topic Order
2 Book Chapters, with Exam Topics Covered in Each
5 Appendix H Study Planner
26 Where are the companion content files? - Login
Trang 927 Where are the companion content files? - Register
28 Inside Front Cover
29 Inside Back Cover
Trang 28About This eBook
ePUB is an open, industry-standard format for eBooks.However, support of ePUB and its many features variesacross reading devices and applications Use your device
or app settings to customize the presentation to yourliking Settings that you can customize often includefont, font size, single or double column, landscape orportrait mode, and figures that you can click or tap toenlarge For additional information about the settingsand features on your reading device or app, visit thedevice manufacturer’s Web site
Many titles include programming code or configurationexamples To optimize the presentation of these
elements, view the eBook in single-column, landscapemode and adjust the font size to the smallest setting Inaddition to presenting code and configurations in thereflowable text format, we have included images of thecode that mimic the presentation found in the printbook; therefore, where the reflowable format may
compromise the presentation of the code listing, youwill see a “Click here to view code image” link Click thelink to view the print-fidelity code image To return tothe previous page viewed, click the Back button on yourdevice or app
Trang 30CCNA 200-301 Official Cert Guide, Volume 2
Wendell Odom
Copyright © 2020 Pearson Education, Inc
Published by: Cisco Press
All rights reserved No part of this book may be
reproduced or transmitted in any form or by any means,electronic or mechanical, including photocopying,
recording, or by any information storage and retrievalsystem, without written permission from the publisher,except for the inclusion of brief quotations in a review.ScoutAutomatedPrintCode
Library of Congress Control Number: 2019949625
ISBN-13: 978-1-58714-713-5
ISBN-10: 1-58714-713-0
Warning and Disclaimer
This book is designed to provide information about theCisco CCNA 200-301 exam Every effort has been made
to make this book as complete and as accurate as
possible, but no warranty or fitness is implied
The information is provided on an “as is” basis Theauthors, Cisco Press, and Cisco Systems, Inc shall haveneither liability nor responsibility to any person or
Trang 31entity with respect to any loss or damages arising fromthe information contained in this book or from the use
of the discs or programs that may accompany it
The opinions expressed in this book belong to the
author and are not necessarily those of Cisco Systems,Inc
Trademark Acknowledgments
All terms mentioned in this book that are known to betrademarks or service marks have been appropriatelycapitalized Cisco Press or Cisco Systems, Inc., cannotattest to the accuracy of this information Use of a term
in this book should not be regarded as affecting thevalidity of any trademark or service mark
Microsoft and/or its respective suppliers make no
representations about the suitability of the informationcontained in the documents and related graphics
published as part of the services for any purpose Allsuch documents and related graphics are provided “asis” without warranty of any kind Microsoft and/ or itsrespective suppliers hereby disclaim all warranties andconditions with regard to this information, including allwarranties and conditions of merchantability, whetherexpress, implied or statutory, fitness for a particularpurpose, title and non-infringement In no event shallMicrosoft and/or its respective suppliers be liable forany special, indirect or consequential damages or anydamages whatsoever resulting from loss of use, data or
Trang 32profits, whether in an action of contract, negligence orother tortious action, arising out of or in connectionwith the use or performance of information availablefrom the services.
The documents and related graphics contained hereincould include technical inaccuracies or typographicalerrors Changes are periodically added to the
information herein Microsoft and/or its respectivesuppliers may make improvements and/or changes inthe product(s) and/or the program(s) described herein
at any time Partial screenshots may be viewed in fullwithin the software version specified
Microsoft and Windows are registered trademarks ofthe Microsoft Corporation in the U.S.A and other
countries Screenshots and icons reprinted with
permission from the Microsoft Corporation This book
is not sponsored or endorsed by or affiliated with theMicrosoft Corporation
Special Sales
For information about buying this title in bulk
quantities, or for special sales opportunities (which mayinclude electronic versions; custom cover designs; andcontent particular to your business, training goals,
marketing focus, or branding interests), please contactour corporate sales department at
corpsales@pearsoned.com or (800) 382-3419
Trang 33For government sales inquiries, please contact
members from the professional technical community.Readers’ feedback is a natural continuation of this
process If you have any comments regarding how wecould improve the quality of this book, or otherwisealter it to better suit your needs, you can contact usthrough email at feedback@ciscopress.com Please
make sure to include the book title and ISBN in yourmessage
We greatly appreciate your assistance
Editor-in-Chief: Mark Taub
Business Operation Manager, Cisco Press: Ronald
Trang 34Senior Project Editor: Tonya Simpson
Copy Editor: Chuck Hutchinson
Technical Editor: Elan Beer
Editorial Assistant: Cindy Teeters
Cover Designer: Chuti Prasertsith
Composition: Tricia Bronkella
Indexer: Ken Johnson
Proofreader: Debbie Williams
Americas Headquarters
Cisco Systems, Inc
San Jose, CA
Asia Pacific Headquarters
Cisco Systems (USA) Pte Ltd
Singapore
Europe Headquarters
Cisco Systems International BV
Amsterdam, The Netherlands
Cisco has more than 200 offices worldwide.Addresses, phone numbers, and fax numbers are
Trang 35listed on the Cisco Website at
CCDE, CCENT, Cisco Eos, Cisco HealthPresence, the Cisco logo, Cisco Lumin, Cisco Nexus, Cisco StadiumVision, Cisco TelePresence, Cisco
WebEx, DCE, and Welcome to the Human Network are trademarks;
Changing the Way We Work, Live, Play, and Learn and Cisco Store are service marks; and Access Registrar, Aironet, AsyncOS, Bringing the
Meeting To You, Catalyst, CCDA, CCDP, CCIE, CCIP, CCNA, CCNP, CCSP, CCVP, Cisco, the Cisco Certified Internetwork Expert logo, Cisco IOS, Cisco Press, Cisco Systems, Cisco Systems Capital, the Cisco Systems logo, Cisco Unity, Collaboration Without Limitation, EtherFast EtherSwitch, Event Center, Fast Step, Follow Me Browsing, FormShare, GigaDrive, HomeLink, Internet Quotient, IOS, iPhone, iQuick Study, lronPort, the lronPort logo, LightStream, Linksys, MediaTone, MeetingPlace, MeetingPlace Chime Sound, MGX, Networkers, Networking Academy, Network Registrar, PCNow, PIX, PowerPanels, ProConnect, ScriptShare, SenderBase,
SMARTnet, Spectrum Expert, StackWise, The Fastest Way to Increase Your Internet Quotient, TransPath, WebEx, and the WebEx logo are registered trademarks of Cisco Systems, Inc and/or its affiliates in the United States and certain other countries.
All other trademarks mentioned in this document or website are the
property of their respective owners The use of the word partner does not imply a partnership relationship between Cisco and any other company (0812R)
Trang 36About the Author
Wendell Odom, CCIE No 1624 Emeritus, has been in
the networking industry since 1981 He has worked as anetwork engineer, consultant, systems engineer,
instructor, and course developer; he currently workswriting and creating certification study tools This book
is his 29th edition of some product for Pearson, and he
is the author of all editions of the CCNA Cert Guidesabout Routing and Switching from Cisco Press He haswritten books about topics from networking basics,certification guides throughout the years for CCENT,CCNA R&S, CCNA DC, CCNP ROUTE, CCNP QoS, andCCIE R&S He maintains study tools, links to his blogs,and other resources at www.certskills.com
Trang 37About the Contributing Author
David Hucaby, CCIE No 4594, CWNE No 292, is a
network engineer for University of Kentucky
Healthcare He has been authoring Cisco Press titles for
20 years, with a focus on wireless and LAN switchingtopics David has bachelor of science and master ofscience degrees in electrical engineering He lives inKentucky with his wife, Marci, and two daughters
Trang 38About the Technical Reviewer
Elan Beer, CCIE No 1837, is a senior consultant and
Cisco instructor specializing in data center architectureand multiprotocol network design For the past 27 years,Elan has designed networks and trained thousands ofindustry experts in data center architecture, routing, andswitching Elan has been instrumental in large-scaleprofessional service efforts designing and
troubleshooting internetworks, performing data centerand network audits, and assisting clients with their
short- and long-term design objectives Elan has a globalperspective of network architectures via his
international clientele Elan has used his expertise todesign and troubleshoot data centers and internetworks
in Malaysia, North America, Europe, Australia, Africa,China, and the Middle East Most recently, Elan hasbeen focused on data center design, configuration, andtroubleshooting as well as service provider technologies
In 1993, Elan was among the first to obtain the CiscoCertified System Instructor (CCSI) certification, and in
1996, he was among the first to attain the Cisco Systemhighest technical certification, the Cisco Certified
Internetworking Expert Since then, Elan has been
involved in numerous large-scale data center and
telecommunications networking projects worldwide
Trang 39Brett Bartow continues to be the backbone of the CiscoPress brand, guiding the entire author team through thebig transition in 2019–2020 with all the changes Ciscointroduced to its certifications Simply the best! Thanksfor all you do, Brett!
Dave Hucaby teamed up again to write this book,
contributing one chapter here to go along with his fourchapters in the CCNA Volume 1 book It’s such a joy toreview his work and see such polished material from thefirst draft It’s been a joy to work with such a
consummate professional—thanks, Dave!
Chris Cleveland developed the book—again—and made
it much better—again—and did it with more jugglingthan ever before, I think Five months, roughly 50
technology chapters and another 50 other book
elements, and countless online elements, all done withapparent ease Kudos to Chris, yet again!
I so look forward to reading Elan Beer’s tech edits of thechapters That may seem strange to hear, but Elan hastruly amazing technical editing skills His insights rangefrom the details of technology, to the mind of the newlearner, to wording and clarity, to holes in networkinglogic as compared to the wording, to tiny typos that
Trang 40impact the meaning Thanks again Elan for improvingthe chapters so much!
Tonya Simpson managed this book, along with the
CCNA Volume 1 book, all in that same compressed
timeframe again As usual, on both projects, Tonya haskept the production processes rolling along and gettingthrough the idiosyncrasies of the content Thanks forshepherding the book through the wild again, Tonya!
As always, thanks to the production team that workswith Tonya From fixing all my grammar and passive-voice sentences to pulling the design and layout
together, they do it all; thanks for putting it all togetherand making it look easy And Tonya got to juggle twobooks of mine at the same time (again)— thanks formanaging the whole production process again
Mike Tanamachi, illustrator and mind reader, did a greatjob on the figures again Mike came through again withsome beautiful finished products Thanks again, Mike
I could not have made the timeline for this book
without Chris Burns of Certskills Professional Chrisowns much of the PTP question support and
administration process, works on the labs we put on myblog, and then catches anything I need to toss over myshoulder so I can focus on the books Chris, you are theman!
A special thank you to you readers who write in withsuggestions and possible errors, and especially those of