1. 1828xbook.fm Page i Thursday, July 26, 2007 3:10
PMCCENT/CCNA ICND1Official Exam Certification Guide,Second
EditionWendell Odom,CCIE No. 1624Cisco Press800 East 96th
StreetIndianapolis, Indiana 46240 USA
2. 1828xbook.fm Page ii Thursday, July 26, 2007 3:10 PM ii
CCENT/CCNA ICND1 Official Exam Certification Guide, Second Edition
Wendell Odom Copyright 2008 Cisco Systems, Inc. Published by: Cisco
Press 800 East 96th Street Indianapolis, IN 46240 USA All rights
reserved. No part of this book may be reproduced or transmitted in
any form or by any means, electronic or mechanical, including
photocopying, recording, or by any information storage and
retrieval system, without written permission from the publisher,
except for the inclusion of brief quotations in a review. Printed
in the United States of America First Printing August 2007 Library
of Congress Cataloging-in-Publication Data. Odom,
Wendell.CCENT/CCNA ICND1 ofcial exam certication guide / Wendell
Odom. p. cm.ISBN 978-1-58720-182-0 (hardback w/cd) 1. Electronic
data processing personnel--Certication. 2. Computer net-
works--Examinations--Study guides. I. Title.QA76.3.O358
2007004.6--dc222007029241 ISBN-13: 978-1-58720-182-0 ISBN-10:
1-58720-182-8 Warning and Disclaimer This book is designed to
provide information about the Cisco ICND1 (640-822), ICND2
(640-816), and CCNA (640-802) exams. Every effort has been made to
make this book as complete and accurate as possible, but no
warranty or tness is implied. The information is provided on an as
is basis. The author, Cisco Press, and Cisco Systems, Inc. shall
have neither liability nor responsibility to any person or entity
with respect to any loss or damages arising from the information
contained in this book or from the use of the discs or programs
that may accompany it. The opinions expressed in this book belong
to the author and are not necessarily those of Cisco Systems,
Inc.
3. 1828xbook.fm Page iii Thursday, July 26, 2007 3:10 PM
iiiTrademark AcknowledgmentsAll terms mentioned in this book that
are known to be trademarks or service marks have been
appropriatelycapitalized. Cisco Press or Cisco Systems, Inc. cannot
attest to the accuracy of this information. Use of a term in
thisbook should not be regarded as affecting the validity of any
trademark or service mark.Corporate and Government SalesThe
publisher offers excellent discounts on this book when ordered in
quantity for bulk purchases or special sales,which may include
electronic versions and/or custom covers and content particular to
your business, training goals,marketing focus, and branding
interests. For more information, please contact: U.S. Corporate and
Government Sales1-800-382-3419 [email protected]
sales outside the United States please contact: International
[email protected] InformationAt Cisco Press,
our goal is to create in-depth technical books of the highest
quality and value. Each book is craftedwith care and precision,
undergoing rigorous development that involves the unique expertise
of members of theprofessional technical community.Reader feedback
is a natural continuation of this process. If you have any comments
about how we could improvethe quality of this book, or otherwise
alter it to better suit your needs, you can contact us through
e-mail [email protected]. Please be sure to include the
book title and ISBN in your message.We greatly appreciate your
assistance.Publisher: Paul BogerCopy Editor: Gayle Johnson and Bill
McManusAssociate Publisher: Dave DusthimerTechnical Editors: Teri
Cook, Brian DAndrea, and Steve KalmanCisco Representative: Anthony
WolfendenEditorial Assistant: Vanessa EvansCisco Press Program
Manager: Jeff BradyBook and Cover Designer: Louisa AdairExecutive
Editor: Brett Bartow Composition: ICC Macmillan Inc.Managing
Editor: Patrick Kanouse Indexer: Tim WrightSenior Development
Editor: Christopher Cleveland Proofreader: Suzanne ThomasSenior
Project Editor: San Dee Phillips and Meg Shaw
4. 1828xbook.fm Page iv Thursday, July 26, 2007 3:10 PM iv
About the AuthorWendell Odom, CCIE No. 1624, has been in the
networking industry since 1981. Hecurrently teaches QoS, MPLS, and
CCNA courses for Skyline Advanced TechnologyServices
(http://www.skyline-ats.com). He has also worked as a network
engineer,consultant, systems engineer, instructor, and course
developer. He is the author of allprevious editions of the CCNA
Exam Certication Guide, as well as the Cisco QOS ExamCertication
Guide, Second Edition, Computer Networking First-Step, CCIE Routing
andSwitching Ofcial Exam Certication Guide, Second Edition, and
CCNA Video Mentorall from Cisco Press.
5. 1828xbook.fm Page v Thursday, July 26, 2007 3:10 PMv About
the Technical Reviewers Teri Cook (CCSI, CCDP, CCNP, CCDA, CCNA,
MCT, and MCSE 2000/2003: Security) has more than ten years of
experience in the IT industry. She has worked with different types
of organizations in the private business and DoD sectors, providing
senior-level network and security technical skills in the design
and implementation of complex computing environments. Since
obtaining her certications, Teri has been committed to bringing
quality IT training to IT professionals as an instructor. She is an
outstanding instructor who uses real-world experience to present
complex networking technologies. As an IT instructor, Teri has been
teaching Cisco classes for more than ve years. Brian DAndrea (CCNA,
CCDA, MCSE, A+, and Net+) has 11 years of IT experience in both
medical and nancial environments, where planning and supporting
critical networking technologies were his primary responsibilities.
For the last ve years he has dedicated himself to technical
training. Brian spends most of his time with The Training Camp, an
IT boot camp provider. Using his real-world experience and his
ability to break difcult concepts into a language that students can
understand, Brian has successfully trained hundreds of students for
both work and certication endeavors. Stephen Kalman is a data
security trainer. He is the author or tech editor of more than 20
books, courses, and CBT titles. His most recent book is Web
Security Field Guide, published by Cisco Press. In addition to
those responsibilities he runs a consulting company, Esquire Micro
Consultants, which specializes in network security assessments and
forensics. Mr. Kalman holds SSCP, CISSP, ISSMP, CEH, CHFI, CCNA,
CCSA (Checkpoint), A+, Network+ and Security+ certications and is a
member of the New York State Bar.
6. 1828xbook.fm Page vi Thursday, July 26, 2007 3:10 PM vi
DedicationFor Brett Bartow. Thanks for being such a steady,
insightful, and incredibly trustworthyguide through the publishing
maze.
7. 1828xbook.fm Page vii Thursday, July 26, 2007 3:10
PMviiAcknowledgments The team who helped produce this book has been
simply awesome. Everyone who touched this book has made it better,
and theyve been particularly great at helping catch the errors that
always creep into the manuscript. Brian, Teri, and Steve all did a
great job TEing the book. Besides helping a lot with technical
accuracy, Brian made a lot of good suggestions about traps that he
sees when teaching CCNA classes, helping the book avoid those same
pitfalls. Teris ability to see each phrase in the context of an
entire chapter, or the whole book, was awesome, helping catch
things that no one would otherwise catch. Steve spent most of his
TE time on the ICND2 book, but he did lend great help with this
one, particularly with his reviews of the security-oriented topics,
an area in which hes an expert. And more so than any other book Ive
written, the TEs really sunk their teeth into the specics of every
example, helping catch errors. Thanks so much! Another (ho-hum)
all-star performance from Chris Cleveland, who developed the book.
Now I empathize with sports writers who have to write about the
local teams star who bats .300, hits 40 homers, and drives in 100
runs, every year, for his whole career. How many ways can you say
he does a great job? Ill keep it simple: Thanks, Chris. The
wonderful and mostly hidden production folks did their usual great
job. When every time I see how they reworded something, and think,
Wow; why didnt I write that?, it makes me appreciate the kind of
team we have at Cisco Press. The nal copy edit, gure review, and
pages review process required a fair amount of juggling and effort
as well thanks to Patricks team, especially San Dee, Meg, Tonya,
for working so well with all the extra quality initiatives weve
implemented. Thanks to you all! Additionally, several folks who
didnt have any direct stake in the book also helped it along.
Thanks to Frank Knox for the discussions on the exams, why theyre
so difcult, and about troubleshooting. Thanks to Rus Healy for the
help with wireless. Thanks to the Mikes at Skyline for making my
schedule work to get this book (and the ICND2 book) out the door.
And thanks to the course and exam teams at Cisco for the great
early communications and interactions about the changes to the
courses and exams. Finally, thanks to my wife Kris for all her
support with my writing efforts, her prayers, and her understanding
when the deadline didnt quite match with our vacation plans this
summer. And thanks to Jesus Christall this effort is just striving
after the wind without Him.
8. 1828xbook.fm Page viii Thursday, July 26, 2007 3:10 PM viii
This Book Is Safari Enabled The Safari Enabled icon on the cover of
your favorite technol- ogy book means that the book is available
through Safari Book- shelf. When you buy this book, you get free
access to the online edition for 45 days. Safari Bookshelf is an
electronic reference library that lets you easily search thousands
of technical books, nd code samples, download chapters, and access
technical information whenever and wherever you need it. To gain
45-day Safari Enabled access to this book: Go to
http://www.ciscopress.com/safarienabled. Complete the brief
registration form. Enter the coupon code 6EM9-WNXL-7Z1E-9UL2-KAEC.
If you have difculty registering on Safari Bookshelf or access- ing
the online edition, please e-mail customer-service@safari-
booksonline.com.
9. 1828xbook.fm Page ix Thursday, July 26, 2007 3:10 PM
ixContents at a GlanceForeword xxviIntroduction xxviiPart
INetworking Fundamentals3Chapter 1 Introduction to Computer
Networking Concepts 5Chapter 2 The TCP/IP and OSI Networking Models
17Chapter 3 Fundamentals of LANs41Chapter 4 Fundamentals of
WANs71Chapter 5 Fundamentals of IP Addressing and Routing 93Chapter
6 Fundamentals of TCP/IP Transport, Applications,and Security
129Part II LAN Switching 165Chapter 7 Ethernet LAN Switching
Concepts167Chapter 8 Operating Cisco LAN Switches 197Chapter 9
Ethernet Switch Configuration231Chapter 10Ethernet Switch
Troubleshooting 267Chapter 11Wireless LANs 299Part IIIIP
Routing329Chapter 12IP Addressing and Subnetting 331Chapter
13Operating Cisco Routers399Chapter 14Routing Protocol Concepts and
Configuration435Chapter 15Troubleshooting IP Routing 471Part IV
Wide-Area Networks509Chapter 16WAN Concepts511Chapter 17WAN
Configuration 539
10. 1828xbook.fm Page x Thursday, July 26, 2007 3:10 PM x Part
VFinal Preparation563 Chapter 18Final Preparation565 Part VI
Appendixes 575 Appendix AAnswers to the Do I Know This Already?
Quizzes 577 Appendix BDecimal to Binary Conversion Table591
Appendix CICND1 Exam Updates: Version 1.0595 Glossary599 Index 624
Part VIICD-Only Appendix CICND1 Exam Updates: Version 1.0 Appendix
DSubnetting Practice Appendix ESubnetting Reference Pages Appendix
FAdditional Scenarios Appendix G Subnetting Video Reference
Appendix HMemory Tables Appendix IMemory Tables Answer Key Appendix
JICND1 Open-Ended Questions
11. 1828xbook.fm Page xi Thursday, July 26, 2007 3:10
PMxiContentsForeword xxviIntroduction xxviiPart I Networking
Fundamentals3Chapter 1Introduction to Computer Networking Concepts
5 Perspectives on Networking 5 The Flintstones Network: The First
Computer Network? 8Chapter 2The TCP/IP and OSI Networking
Models17Do I Know This Already? Quiz 18 Foundation Topics 21The
TCP/IP Protocol Architecture 22 The TCP/IP Application Layer 23 The
TCP/IP Transport Layer 25 The TCP/IP Internet Layer 27 The TCP/IP
Network Access Layer 28 Data Encapsulation Terminology 30The OSI
Reference Model 32 Comparing OSI and TCP/IP 32 OSI Layers and Their
Functions 34 OSI Layering Concepts and Benefits 35 OSI
Encapsulation Terminology 36 Exam Preparation Tasks 38Review all
the Key Topics 38 Complete the Tables and Lists from Memory38
Definitions of Key Terms 38 OSI Reference 39Chapter 3Fundamentals
of LANs 41Do I Know This Already? Quiz 41 Foundation Topics 45An
Overview of Modern Ethernet LANs 45A Brief History of Ethernet 48
The Original Ethernet Standards: 10BASE2 and 10BASE5 48 Repeaters
50 Building 10BASE-T Networks with Hubs 51Ethernet UTP Cabling 52
UTP Cables and RJ-45 Connectors 52 Transmitting Data Using Twisted
Pairs 54 UTP Cabling Pinouts for 10BASE-T and 100BASE-TX 55
1000BASE-T Cabling 58
12. 1828xbook.fm Page xii Thursday, July 26, 2007 3:10 PM xii
Improving Performance by Using Switches Instead of Hubs
58Increasing Available Bandwidth Using Switches 61Doubling
Performance by Using Full-Duplex Ethernet 62Ethernet Layer 1
Summary 63 Ethernet Data-Link Protocols 63Ethernet Addressing
64Ethernet Framing 65Identifying the Data Inside an Ethernet Frame
67Error Detection 68Exam Preparation Tasks 69 Review All the Key
Topics 69 Complete the Tables and Lists from Memory 69 Definitions
of Key Terms 69 Chapter 4Fundamentals of WANs 71 Do I Know This
Already? Quiz 71Foundation Topics 74 OSI Layer 1 for Point-to-Point
WANs 74WAN Connections from the Customer Viewpoint 77WAN Cabling
Standards 78Clock Rates, Synchronization, DCE, and DTE 80Building a
WAN Link in a Lab 81Link Speeds Offered by Telcos 82 OSI Layer 2
for Point-to-Point WANs 83HDLC 83Point-to-Point Protocol
85Point-to-Point WAN Summary 85 Frame Relay and Packet-Switching
Services 86The Scaling Benefits of Packet Switching 86Frame Relay
Basics 87Exam Preparation Tasks 91 Review All the Key Topics 91
Complete the Tables and Lists from Memory 91 Definitions of Key
Terms 91 Chapter 5Fundamentals of IP Addressing and Routing93 Do I
Know This Already? Quiz 93Foundation Topics 98 Overview of Network
Layer Functions 98Routing (Forwarding) 99 PC1s Logic: Sending Data
to a Nearby Router 100 R1 and R2s Logic: Routing Data Across the
Network 100 R3s Logic: Delivering Data to the End Destination
100
13. 1828xbook.fm Page xiii Thursday, July 26, 2007 3:10 PM
xiiiNetwork Layer Interaction with the Data Link Layer 101IP
Packets and the IP Header 102Network Layer (Layer 3) Addressing
103Routing Protocols 104IP Addressing 105IP Addressing Definitions
105How IP Addresses Are Grouped 106Classes of Networks 107 The
Actual Class A, B, and C Network Numbers 109 IP Subnetting 110IP
Routing 114Host Routing 114Router Forwarding Decisions and the IP
Routing Table 115IP Routing Protocols 118Network Layer Utilities
121Address Resolution Protocol and the Domain Name System 121 DNS
Name Resolution 122 The ARP Process 122Address Assignment and DHCP
123ICMP Echo and the ping Command 125 Exam Preparation Tasks
126Review All the Key Topics 126Complete the Tables and Lists from
Memory 127Definitions of Key Terms 127Chapter 6Fundamentals of
TCP/IP Transport, Applications, and Security129Do I Know This
Already? Quiz 129 Foundation Topics 133TCP/IP Layer 4 Protocols:
TCP and UDP 133 Transmission Control Protocol 134Multiplexing Using
TCP Port Numbers 135Popular TCP/IP Applications 138Error Recovery
(Reliability) 140Flow Control Using Windowing 141Connection
Establishment and Termination 142Data Segmentation and Ordered Data
Transfer 144 User Datagram Protocol 145TCP/IP Applications 146 QoS
Needs and the Impact of TCP/IP Applications 146 The World Wide Web,
HTTP, and SSL 149Universal Resource Locators 150Finding the Web
Server Using DNS 150Transferring Files with HTTP 152
14. 1828xbook.fm Page xiv Thursday, July 26, 2007 3:10 PM xiv
Network Security 153Perspectives on the Sources and Types of
Threats 154Firewalls and the Cisco Adaptive Security Appliance
(ASA) 158Anti-x 160Intrusion Detection and Prevention 160Virtual
Private Networks (VPN) 161Exam Preparation Tasks 163 Review All the
Key Topics 163 Complete the Tables and Lists from Memory 163
Definitions of Key Terms 163 Part II LAN Switching165 Chapter
7Ethernet LAN Switching Concepts167 Do I Know This Already? Quiz
167Foundation Topics 171 LAN Switching Concepts 171Historical
Progression: Hubs, Bridges, and Switches 171Switching Logic 174The
Forward Versus Filter Decision 175How Switches Learn MAC Addresses
177Flooding Frames 178Avoiding Loops Using Spanning Tree Protocol
179Internal Processing on Cisco Switches 180LAN Switching Summary
182 LAN Design Considerations 183Collision Domains and Broadcast
Domains 183Collision Domains 183Broadcast Domains 184The Impact of
Collision and Broadcast Domains on LAN Design 185Virtual LANs
(VLAN) 187Campus LAN Design Terminology 188Ethernet LAN Media and
Cable Lengths 191Exam Preparation Tasks 194 Review All the Key
Topics 194 Complete the Tables and Lists from Memory 194
Definitions of Key Terms 195 Chapter 8Operating Cisco LAN Switches
197 Do I Know This Already? Quiz 197Foundation Topics 200 Accessing
the Cisco Catalyst 2960 Switch CLI 200Cisco Catalyst Switches and
the 2960 Switch 201
15. 1828xbook.fm Page xv Thursday, July 26, 2007 3:10 PM xv
Switch Status from LEDs 202 Accessing the Cisco IOS CLI 205 CLI
Access from the Console 206 Accessing the CLI with Telnet and SSH
208 Password Security for CLI Access 208 User and Enable
(Privileged) Modes 210 CLI Help Features 211 The debug and show
Commands 213Configuring Cisco IOS Software 214 Configuration
Submodes and Contexts 215 Storing Switch Configuration Files 217
Copying and Erasing Configuration Files 220 Initial Configuration
(Setup Mode) 221 Exam Preparation Tasks 226Review All the Key
Topics 226Complete the Tables and Lists from Memory 226Definitions
of Key Terms 226Command References 226 Chapter 9 Ethernet Switch
Configuration 231Do I Know This Already? Quiz 231 Foundation Topics
235Configuration of Features in Common with Routers 235 Securing
the Switch CLI 235 Configuring Simple Password Security 236
Configuring Usernames and Secure Shell (SSH) 239 Password
Encryption 242 The Two Enable Mode Passwords 244 Console and vty
Settings 245 Banners 245 History Buffer Commands 246 The logging
synchronous and exec-timeout Commands 247LAN Switch Configuration
and Operation 248 Configuring the Switch IP Address 248 Configuring
Switch Interfaces 251 Port Security 253 VLAN Configuration 256
Securing Unused Switch Interfaces 259 Exam Preparation Tasks
261Review All the Key Topics 261Complete the Tables and Lists from
Memory 261Definitions of Key Terms 262Command References 262
16. 1828xbook.fm Page xvi Thursday, July 26, 2007 3:10 PM xvi
Chapter 10 Ethernet Switch Troubleshooting267 Do I Know This
Already? Quiz 267Foundation Topics 271 Perspectives on Network
Verification and Troubleshooting 271 Attacking Sim Questions 271
Simlet Questions 272 Multiple-Choice Questions 273 Approaching
Questions with an Organized Troubleshooting Process 273 Isolating
Problems at Layer 3, and Then at Layers 1 and 2 275 Troubleshooting
as Covered in This Book 276 Verifying the Network Topology with
Cisco Discovery Protocol 277 Analyzing Layer 1 and 2 Interface
Status 282 Interface Status Codes and Reasons for Nonworking States
282 Interface Speed and Duplex Issues 284 Common Layer 1 Problems
on Working Interfaces 287 Analyzing the Layer 2 Forwarding Path
with the MAC Address Table 289 Analyzing the Forwarding Path 292
Port Security and Filtering 293Exam Preparation Tasks 295 Review
All the Key Topics 295 Complete the Tables and Lists from Memory
295 Definitions of Key Terms 295 Command References 295 Chapter 11
Wireless LANs 299 Do I Know This Already? Quiz 299Foundation Topics
302 Wireless LAN Concepts 302Comparisons with Ethernet LANs
302Wireless LAN Standards 304Modes of 802.11 Wireless LANs
305Wireless Transmissions (Layer 1) 307 Wireless Encoding and
Nonoverlapping DSSS Channels 309 Wireless Interference 311 Coverage
Area, Speed, and Capacity 311Media Access (Layer 2) 314 Deploying
WLANs 315Wireless LAN Implementation Checklist 315 Step 1: Verify
the Existing Wired Network 316 Step 2: Install and Configure the
APs Wired and IP Details 317 Step 3: Configure the APs WLAN Details
317 Step 4: Install and Configure One Wireless Client 318 Step 5:
Verify That the WLAN Works from the Client 319
17. 1828xbook.fm Page xvii Thursday, July 26, 2007 3:10 PM
xviiWireless LAN Security 320 WLAN Security Issues 320 The
Progression of WLAN Security Standards 322Wired Equivalent Privacy
(WEP) 322SSID Cloaking and MAC Filtering 323The Cisco Interim
Solution Between WEP and 802.11i 324Wi-Fi Protected Access (WPA)
325IEEE 802.11i and WPA-2 325 Exam Preparation Tasks 327Review All
the Key Topics 327 Complete the Tables and Lists from Memory 327
Definitions of Key Terms 327Part III IP Routing329Chapter 12 IP
Addressing and Subnetting 331Do I Know This Already? Quiz 331
Foundation Topics 336Exam Preparation Tools for Subnetting
336Suggested Subnetting Preparation Plan 337More Practice Using a
Subnet Calculator 338IP Addressing and Routing 339IP Addressing
Review 339Public and Private Addressing 341IP Version 6 Addressing
342IP Subnetting Review 343IP Routing Review 345Math Operations
Used When Subnetting 347Converting IP Addresses and Masks from
Decimal to Binary and Back Again 347Performing a Boolean AND
Operation 349Prefix Notation/CIDR Notation 351 Binary Process to
Convert Between Dotted Decimal and Prefix Notation 352 Decimal
Process to Convert Between Dotted Decimal and PrefixNotation
353Practice Suggestions 355Analyzing and Choosing Subnet Masks
355Analyzing the Subnet Mask in an Existing Subnet Design 356 The
Three Parts: Network, Subnet, and Host 356 Binary Process: Finding
the Number of Network, Subnet, and Host Bits 357 Decimal Process:
Finding the Number of Network, Subnet, and Host Bits 358
Determining the Number of Subnets and Number of Hosts Per Subnet
359 Number of Subnets: Subtract 2, or Not? 360 Practice Examples
for Analyzing Subnet Masks 361
18. 1828xbook.fm Page xviii Thursday, July 26, 2007 3:10 PM
xviiiChoosing a Subnet Mask that Meets Design Requirements
362Finding the Only Possible Mask 363Finding Multiple Possible
Masks 365Choosing the Mask that Maximizes the Number of Subnets or
Hosts 366Practice Suggestions 367 Analyzing Existing Subnets
368Finding the Subnet Number: Binary 368Finding the Subnet Number:
Binary Shortcut 371Finding the Subnet Broadcast Address: Binary
372Finding the Range of Valid IP Addresses in a Subnet 375Finding
the Subnet, Broadcast Address, and Range of Addresses: Decimal
Process 377Decimal Process with Easy Masks 377Decimal Process with
Difficult Masks 378Finding the Broadcast Address: Decimal
381Summary of Decimal Processes to Find the Subnet, Broadcast, and
Range 382Practice Suggestions 383 Design: Choosing the Subnets of a
Classful Network 384Finding All Subnets with Fewer Than 8 Subnet
Bits 384Finding All Subnets with Exactly 8 Subnet Bits 388Practice
Suggestions 389Finding All Subnets with More Than 8 Subnet Bits
389More Practice Suggestions 393Exam Preparation Tasks 394 Review
All the Key Topics 394 Complete the Tables and Lists from Memory
396 Definitions of Key Terms 396 Read Appendix F Scenario 1, Part A
396 Subnetting Questions and Processes 396 Chapter 13 Operating
Cisco Routers399 Do I Know This Already? Quiz 399Foundation Topics
403 Installing Cisco Routers 403 Installing Enterprise Routers 403
Cisco Integrated Services Routers 405 Physical Installation 406
Installing Internet Access Routers 407 A SOHO Installation with a
Separate Switch, Router, andCable Modem 407 A SOHO Installation
with an Integrated Switch, Router, andDSL Modem 408 Regarding the
SOHO Devices Used in This Book 409
19. 1828xbook.fm Page xix Thursday, July 26, 2007 3:10 PM
xixCisco Router IOS CLI 409Comparisons Between the Switch CLI and
Router CLI 410Router Interfaces 411 Interface Status Codes 413
Router Interface IP Addresses 414 Bandwidth and Clock Rate on
Serial Interfaces 415Router Auxiliary (Aux) Port 417Initial
Configuration (Setup Mode) 417Upgrading Cisco IOS Software and the
Cisco IOS Software Boot Process 420Upgrading a Cisco IOS Software
Image into Flash Memory 420The Cisco IOS Software Boot Sequence 423
The Three Router Operating Systems 425 The Configuration Register
425 How a Router Chooses Which OS to Load 426 The show version
Command and Seeing the Configuration Registers Value 429 Exam
Preparation Tasks 431Review All the Key Topics 431Complete the
Tables and Lists from Memory 431Definitions of Key Terms 432Read
Appendix F Scenario 2 432Command References 432 Chapter 14 Routing
Protocol Concepts and Configuration435Do I Know This Already? Quiz
435 Foundation Topics 439Connected and Static Routes 439 Connected
Routes 439 Static Routes 442 Extended ping Command 444 Default
Routes 446Routing Protocol Overview 448 RIP-2 Basic Concepts 449
Comparing and Contrasting IP Routing Protocols 450Interior and
Exterior Routing Protocols 451Routing Protocol Types/Algorithms
452Metrics 452Autosummarization and Manual Summarization
454Classless and Classful Routing Protocols 454Convergence
455Miscellaneous Comparison Points 455 Summary of Interior Routing
Protocols 455
20. 1828xbook.fm Page xx Thursday, July 26, 2007 3:10 PM xx
Configuring and Verifying RIP-2 456RIP-2 Configuration 456Sample
RIP Configuration 457RIP-2 Verification 458Interpreting the Output
of the show ip route Command 460Administrative Distance 461The show
ip protocols Command 462Examining RIP Messages with debug 464Exam
Preparation Tasks 467 Review All the Key Topics 467 Complete the
Tables and Lists from Memory 467 Definitions of Key Terms 468
Command References 468 Chapter 15 Troubleshooting IP Routing 471 Do
I Know This Already? Quiz 471Foundation Topics 475 IP
Troubleshooting Tips and Tools 475 IP Addressing 475Avoiding
Reserved IP Addresses 475One Subnet, One Mask, for Each LAN
476Summary of IP Addressing Tips 478 Host Networking Commands 478
Troubleshooting Host Routing Problems 482 Finding the Matching
Route on a Router 483 Troubleshooting Commands 485The show ip arp
Command 485The traceroute Command 486Telnet and Suspend 487 A
Routing Troubleshooting Scenario 491 Scenario Part A: Tasks and
Questions 491 Scenario Part A: Answers 494 Scenario Part B: Analyze
Packet/Frame Flow 495 Scenario Part B: Answers 496Scenario Part B:
Question 1 497Scenario Part B: Question 2 498Scenario Part B:
Question 3 499Scenario Part B: Question 4 501Scenario Part B:
Question 5 501Scenario Part B: Question 6 502Scenario Part B:
Question 7 503 Scenario Part C: Analyze Connected Routes 503
Scenario Part C: Answers 503
21. 1828xbook.fm Page xxi Thursday, July 26, 2007 3:10 PMxxi
Exam Preparation Tasks 505Review All the Key Topics 505Complete the
Tables and Lists from Memory506Command Reference 506 Part IV
Wide-Area Networks509 Chapter 16 WAN Concepts 511Do I Know This
Already? Quiz 511 Foundation Topics 514WAN Technologies
514Perspectives on the PSTN 514Analog Modems 517Digital Subscriber
Line 519 DSL Types, Speeds, and Distances 521 DSL Summary 522Cable
Internet 523Comparison of Remote-Access Technologies 525ATM
525Packet Switching Versus Circuit Switching 527Ethernet as a WAN
Service 527IP Services for Internet Access 528Address Assignment on
the Internet Access Router 529Routing for the Internet Access
Router 530NAT and PAT 531 Exam Preparation Tasks 536Review All the
Key Topics 536Complete the Tables and Lists from Memory
536Definitions of Key Terms 537 Chapter 17 WAN Configuration 539Do
I Know This Already? Quiz 539 Foundation Topics 542Configuring
Point-to-Point WANs 542 Configuring HDLC 542 Configuring PPP
545Configuring and Troubleshooting Internet Access Routers 546
Internet Access Router: Configuration Steps 547Step 1: Establish IP
Connectivity 547Step 2: Install and Access SDM 548Step 3: Configure
DHCP and PAT 549Step 4: Plan for DHCP Services 554Step 5: Configure
the DHCP Server 556 Internet Access Router Verification 557
22. 1828xbook.fm Page xxii Thursday, July 26, 2007 3:10 PM
xxiiExam Preparation Tasks 560 Review All the Key Topics 560
Complete the Tables and Lists from Memory 560 Definitions of Key
Terms 560 Command References 560 Part V Final Preparation563
Chapter 18 Final Preparation565Tools for Final Preparation 565Exam
Engine and Questions on the CD 565 Install the Software from the CD
566 Activate and Download the Practice Exam 566 Activating Other
Exams 567The Cisco CCNA Prep Center 567Subnetting Videos, Reference
Pages, and Practice Problems 568Scenarios 568Study Plan 569Recall
the Facts 569Practice Subnetting 570Build Troubleshooting Skills
Using Scenarios 571Use the Exam Engine 571 Choosing Study or
Simulation Mode 572 Choosing the Right Exam Option 572Summary 573
Part VI Appendixes 575 Appendix A Answers to the Do I Know This
Already? Quizzes577Chapter 2577Chapter 3578Chapter 4578Chapter
5579Chapter 6579Chapter 7580Chapter 8581Chapter 9581Chapter
10582Chapter 11583Chapter 12584Chapter 13585Chapter 14586Chapter
15587Chapter 16588Chapter 17589
23. 1828xbook.fm Page xxiii Thursday, July 26, 2007 3:10
PMxxiiiAppendix BDecimal to Binary Conversion Table591Appendix
CICND1 Exam Updates: Version 1.0595Glossary599Index 624Part VII
CD-onlyAppendix CICND1 Exam Updates: Version 1.0Appendix
DSubnetting PracticeAppendix ESubnetting Reference PagesAppendix
FAdditional ScenariosAppendix GSubnetting Video ReferenceAppendix
HMemory TablesAppendix IMemory Tables Answer KeyAppendix JICND1
Open-Ended Questions
24. 1828xbook.fm Page xxiv Thursday, July 26, 2007 3:10 PM xxiv
Icons Used in This BookWeb Web PC LaptopServer ServerBrowserPrinter
PhoneIP PhoneCable Modem CSU/DSURouter Multiservice Switch ATM
SwitchFrame Relay Switch Switch PBXAccess Point ASA DSLAM WAN
SwitchHub PIX Firewall Bridge Wireless ConnectionNetwork
CloudEthernet Connection Serial LineVirtual Circuit Connection
25. 1828xbook.fm Page xxv Thursday, July 26, 2007 3:10 PM xxv
Command Syntax Conventions The conventions used to present command
syntax in this book are the same conventions used in the IOS
Command Reference. The Command Reference describes these
conventions as follows: Bold indicates commands and keywords that
are entered literally as shown. In actual conguration examples and
output (not general command syntax), bold indicates commands that
the user enters (such as a show command). Italic indicates
arguments for which you supply actual values. Vertical bars (|)
separate alternative, mutually exclusive elements. Square brackets
([ ]) indicate an optional element. Braces ({ }) indicate a
required choice. Braces within brackets ([{ }]) indicate a required
choice within an optional element.
26. 1828xbook.fm Page xxvi Thursday, July 26, 2007 3:10 PM xxvi
ForewordCCENT/CCNA ICND1 Ofcial Exam Certication Guide, Second
Edition, is an excellentself-study resource for the CCENT and CCNA
ICND1 exam. Passing the ICND1 examvalidates the knowledge and
skills required to successfully install, operate, andtroubleshoot a
small branch ofce network. It is the sole required exam for
CCENTcertication and the rst of two exams required for CCNA
certication.Gaining certication in Cisco technology is key to the
continuing educational developmentof todays networking
professional. Through certication programs, Cisco validates
theskills and expertise required to effectively manage the modern
Enterprise network.Cisco Press exam certication guides and
preparation materials offer exceptionalandexibleaccess to the
knowledge and information required to stay current in your eld
ofexpertise, or to gain new skills. Whether used as a supplement to
more traditional trainingor as a primary source of learning, these
materials offer users the information andknowledge validation
required to gain new understanding and prociencies.Developed in
conjunction with the Cisco certications and training team, Cisco
Pressbooks are the only self-study books authorized by Cisco. They
offer students a series ofexam practice tools and resource
materials to help ensure that learners fully grasp theconcepts and
information presented.Additional authorized Cisco instructor-led
courses, e-learning, labs, and simulations areavailable exclusively
from Cisco Learning Solutions Partners worldwide. To learn
more,visit http://www.cisco.com/go/training.I hope that you nd
these materials to be an enriching and useful part of your
exampreparation.Erik UllandersonManager, Global
CerticationsLearning@CiscoAugust 2007
27. 1828xbook.fm Page xxvii Thursday, July 26, 2007 3:10
PMxxviiIntroduction Congratulations! If youre reading this
Introduction, youve probably already decided to go for your Cisco
certication. If you want to succeed as a technical person in the
networking industry, you need to know Cisco. Cisco has a
ridiculously high market share in the router and switch
marketplacemore than 80 percent in some markets. In many
geographies and markets around the world, networking equals Cisco.
If you want to be taken seriously as a network engineer, Cisco
certication makes sense. Historically speaking, the rst entry-level
Cisco certication has been the Cisco Certied Network Associate
(CCNA) certication, rst offered in 1998. The rst three versions of
the CCNA certication (1998, 2000, and 2002) required that you pass
a single exam to become certied. However, over time, the exam kept
growing, both in the amount of material covered and the difculty
level of the questions. So, for the fourth major revision of the
exams, announced in 2003, Cisco continued with a single certication
(CCNA) but offered two certication options: a single exam option
and a two-exam option. The two- exam option allowed people to study
roughly half the material and then take and pass one exam before
moving on to the next. Cisco announced changes to the CCNA
certication and exams in June 2007. This announcement includes many
changes; here are the most notable: The exams collectively cover a
broader range of topics. The exams increase the focus on proving
the test takers skills (as compared with just testing knowledge).
Cisco created a new entry-level certication: Cisco Certied Entry
Networking Technician (CCENT). For the current certications,
announced in June 2007, Cisco created the ICND1 (640-822) and ICND2
(640-816) exams, along with the CCNA (640-802) exam. To become CCNA
certied, you can pass both the ICND1 and ICND2 exams, or just the
CCNA exam. The CCNA exam simply covers all the topics on the ICND1
and ICND2 exams, giving you two options for gaining your CCNA
certication. The two-exam path gives people with less experience a
chance to study for a smaller set of topics at one time. The
one-exam option provides a more cost-effective certication path for
those who want to prepare for all the topics at once. Although the
two-exam option is useful for some certication candidates, Cisco
designed the ICND1 exam with a much more important goal in mind.
The CCNA certication grew to the point that it tested knowledge and
skills beyond what an entry-level network technician would need.
Cisco needed a certication that better reected the skills
required
28. 1828xbook.fm Page xxviii Thursday, July 26, 2007 3:10 PM
xxviii for entry-level networking jobs. So Cisco designed its
Interconnecting Cisco Networking Devices 1 (ICND1) course, and the
corresponding ICND1 640-822 exam, to include the knowledge and
skills most needed by an entry-level technician in a small
Enterprise network. And so that you can prove that you have the
skills required for those entry-level jobs, Cisco created a new
certication, CCENT. Figure I-1 shows the basic organization of the
certications and the exams used to get your CCENT and CCNA
certications. (Note that there is no separate certication for
passing the ICND2 exam.) Figure I-1Cisco Entry-Level Certications
and ExamsTake ICND1pass CCENTTake ICND2(640-822) Exam
Certified(640-816) Exam passTake CCNA passCCNA(640-802)
ExamCertified As you can see, although you can obtain the CCENT
certication by taking the ICND1 exam, you do not have to be CCENT
certied before getting your CCNA certication. You can choose to
take just the CCNA exam and bypass the CCENT certication. The ICND1
and ICND2 exams cover different sets of topics, with a minor amount
of overlap. For example, ICND1 covers IP addressing and subnetting,
and ICND2 covers a more complicated use of subnetting called
variable-length subnet masking (VLSM). Therefore, ICND2 must then
cover subnetting to some degree. The CCNA exam covers all the
topics covered on both the ICND1 and ICND2 exams. Although the
popularity of the CCENT certication cannot be measured until a few
years have passed, certainly the Cisco CCNA is the most popular
entry-level networking certication program. A CCNA certication
proves that you have a rm foundation in the most important
components of the Cisco product linerouters and switches. It also
proves that you have broad knowledge of protocols and networking
technologies. Format of the CCNA Exams The ICND1, ICND2, and CCNA
exams all follow the same general format. When you get to the
testing center and check in, the proctor gives you some general
instructions and then takes you into a quiet room containing a PC.
When youre at the PC, you have a few
29. 1828xbook.fm Page xxix Thursday, July 26, 2007 3:10 PMxxix
things to do before the timer starts on your exam. For instance,
you can take a sample quiz to get accustomed to the PC and the
testing engine. Anyone who has user-level skills in getting around
a PC should have no problems with the testing environment.
Additionally, Chapter 18, Final Preparation, points to a Cisco
website where you can see a demo of Ciscos actual test engine. When
you start the exam, you are asked a series of questions. You answer
them and then move on to the next question. The exam engine does
not let you go back and change your answer. Yes, its true. When you
move on to the next question, thats it for the preceding question.
The exam questions can be in one of the following formats: Multiple
choice (MC) Testlet Drag-and-drop (DND) Simulated lab (sim) Simlet
The rst three types of questions are relatively common in many
testing environments. The multiple-choice format simply requires
that you point and click a circle beside the correct answer(s).
Cisco traditionally tells you how many answers you need to choose,
and the testing software prevents you from choosing too many.
Testlets are questions with one general scenario and several
multiple-choice questions about the overall scenario. Drag-
and-drop questions require you to click and hold, move a button or
icon to another area, and release the mouse button to place the
object somewhere elsetypically in a list. For some questions, to
get the question correct, you might need to put a list of ve things
in the proper order. The last two types of questions use a network
simulator to ask questions. Interestingly, the two types actually
allow Cisco to assess two very different skills. First, sim
questions generally describe a problem, and your task is to congure
one or more routers and switches to x it. The exam then grades the
question based on the conguration you changed or added.
Interestingly, sim questions are the only questions (to date) for
which Cisco has openly conrmed it gives partial credit for. The
simlet questions may well be the most difcult style of question.
Simlet questions also use a network simulator, but instead of
having you answer by changing the conguration, the question
includes one or more multiple-choice questions. The questions
require that you use the simulator to examine a networks current
behavior, interpreting the output of any
30. 1828xbook.fm Page xxx Thursday, July 26, 2007 3:10 PM
xxxshow commands you can remember to answer the question. Whereas
sim questions requireyou to troubleshoot problems related to a
conguration, simlets require you to analyze bothworking networks
and networks with problems, correlating show command output
withyour knowledge of networking theory and conguration commands.
Whats on the CCNA Exam(s)?Ever since I was in grade school,
whenever the teacher announced that we were having atest soon,
someone would always ask, Whats on the test? Even in college,
people wouldtry to get more information about what would be on the
exams. The goal is to know whatto study a lot, what to study a
little, and what to not study at all.Cisco wants the public to know
the variety of topics and have an idea of the kinds ofknowledge and
skills required for each topic, for every Cisco certication exam.
To thatend, Cisco publishes a set of objectives for each exam. The
objectives list the specic topicssuch as IP addressing, RIP, and
VLANs. The objectives also imply the kinds of skillsrequired for
that topic. For example, one objective might start with
Describe..., andanother might begin with Describe, congure, and
troubleshoot.... The second objectiveclearly states that you need a
thorough understanding of that topic. By listing the topics
andskill level, Cisco helps you prepare for the exams.Although the
exam objectives are helpful, keep in mind that Cisco adds a
disclaimer thatthe posted exam topics for all its certication exams
are guidelines. Cisco makes an effortto keep the exam questions
within the connes of the stated exam objectives. I know fromtalking
to those involved that every question is analyzed to ensure that it
ts within thestated exam topics. ICND1 Exam TopicsTable I-1 lists
the exam topics for the ICND1 exam. The ICND2 exam topics follow
inTable I-2. Although the posted exam topics are not numbered at
Cisco.com, Cisco Pressnumbers them for easier reference. The tables
also note the book parts in which each examtopic is covered.
Because the exam topics may change over time, it may be worth it
todouble-check the exam topics listed on Cisco.com (go to
http://www.cisco.com/go/ccna).If Cisco does happen to add exam
topics at a later date, note that Appendix C, ICND1Exam Updates,
describes how to go to http://www.ciscopress.com and
downloadadditional information about those newly added topics.NOTE
The table includes gray highlights that are explained in the
upcoming sectionCCNA Exam Topics.
31. 1828xbook.fm Page xxxi Thursday, July 26, 2007 3:10 PMxxxi
Table I-1ICND1 Exam TopicsBook Part(s) ReferenceWhere Topic Is
Number CoveredExam Topic Describe the operation of data networks
1IDescribe the purpose and functions of various network devices
2ISelect the components required to meet a given network
specication 3I, II, III Use the OSI and TCP/IP models and their
associated protocols to explain how data ows in a network
4IDescribe common networking applications including web
applications 5IDescribe the purpose and basic operation of the
protocols in the OSI and TCP models 6IDescribe the impact of
applications (Voice Over IP and Video Over IP) on a network 7IIV
Interpret network diagrams 8IIV Determine the path between two
hosts across a network 9I, III, IV Describe the components required
for network and Internet communications 10 IIV Identify and correct
common network problems at Layers 1, 2, 3, and 7 using a layered
model approach 11 II, IIIDifferentiate between LAN/WAN operation
and features Implement a small switched network 12 II Select the
appropriate media, cables, ports, and connectors to connect
switches to other network devices and hosts 13 II Explain the
technology and media access control method for Ethernet
technologies 14 II Explain network segmentation and basic trafc
management concepts 15 II Explain the operation of Cisco switches
and basic switching concepts 16 II Perform, save, and verify
initial switch conguration tasks including remote access
managementcontinues
32. 1828xbook.fm Page xxxii Thursday, July 26, 2007 3:10 PM
xxxii Table I-1ICND1 Exam Topics (Continued) Book Part(s) Reference
Where Topic Is NumberCoveredExam Topic 17II Verify network status
and switch operation using basic utilities(including: ping,
traceroute, Telnet, SSH, ARP, ipcong), showand debug commands 18II
Implement and verify basic security for a switch (port
security,deactivate ports) 19II Identify, prescribe, and resolve
common switched networkmedia issues, conguration issues,
autonegotiation, and switchhardware failuresImplement an IP
addressing scheme and IP services tomeet network requirements for a
small branch office 20I, III Describe the need for and role of
addressing in a network 21I, III Create and apply an addressing
scheme to a network 22IIIAssign and verify valid IP addresses to
hosts, servers, andnetworking devices in a LAN environment 23IV
Explain the basic uses and operation of NAT in a small
networkconnecting to one ISP 24I, III Describe and verify DNS
operation 25III, IVDescribe the operation and benets of using
private and publicIP addressing 26III, IVEnable NAT for a small
network with a single ISP andconnection using SDM and verify
operation using CLI and ping 27IIICongure, verify, and troubleshoot
DHCP and DNS operationon a router (including: CLI/SDM)
28IIIImplement static and dynamic addressing services for hosts in
aLAN environment 29IIIIdentify and correct IP addressing
issuesImplement a small routed network 30I, III Describe basic
routing concepts (including: packet forwarding,router lookup
process) 31IIIDescribe the operation of Cisco routers (including:
routerbootup process, POST, router components)
33. 1828xbook.fm Page xxxiii Thursday, July 26, 2007 3:10
PMxxxiiiTable I-1ICND1 Exam Topics (Continued)Book Part(s)Reference
Where Topic IsNumberCoveredExam Topic32I, III Select the
appropriate media, cables, ports, and connectors to connect routers
to other network devices and hosts33IIICongure, verify, and
troubleshoot RIPv234IIIAccess and utilize the router CLI to set
basic parameters35IIIConnect, congure, and verify operation status
of a device interface36IIIVerify device conguration and network
connectivity using ping, traceroute, Telnet, SSH, or other
utilities37IIIPerform and verify routing conguration tasks for a
static or default route given specic routing
requirements38IIIManage IOS conguration les (including: save, edit,
upgrade, restore)39IIIManage Cisco IOS40IIIImplement password and
physical security41IIIVerify network status and router operation
using basic utilities (including: ping, traceroute, Telnet, SSH,
ARP, ipcong), show and debug commands Explain and select the
appropriate administrative tasks required for a WLAN42II Describe
standards associated with wireless media (including: IEEE, Wi-Fi
Alliance, ITU/FCC)43II Identify and describe the purpose of the
components in a small wireless network (including: SSID, BSS,
ESS)44II Identify the basic parameters to congure on a wireless
network to ensure that devices connect to the correct access
point45II Compare and contrast wireless security features and
capabilities of WPA security (including: open, WEP, WPA-1/2)46II
Identify common issues with implementing wireless
networkscontinues
34. 1828xbook.fm Page xxxiv Thursday, July 26, 2007 3:10 PM
xxxiv Table I-1ICND1 Exam Topics (Continued) Book
Part(s)ReferenceWhere Topic IsNumber CoveredExam TopicIdentify
security threats to a network and describe generalmethods to
mitigate those threats47 IExplain todays increasing network
security threats and the needto implement a comprehensive security
policy to mitigate thethreats48 IExplain general methods to
mitigate common security threats tonetwork devices, hosts, and
applications49 IDescribe the functions of common security
appliances andapplications50 I, II, III Describe security
recommended practices including initial stepsto secure network
devicesImplement and verify WAN links51 IV Describe different
methods for connecting to a WAN52 IV Congure and verify a basic WAN
serial connection ICND2 Exam Topics Table I-2 lists the exam topics
for the ICND2 (640-816) exam, along with the book parts in the CCNA
ICND2 Ofcial Exam Certication Guide in which each topic is covered.
Table I-2ICND2 Exam Topics Book Part(s) Where Topic
IsReferenceCovered (inNumber ICND2) Exam TopicConfigure, verify,
and troubleshoot a switch with VLANsand interswitch
communications101IDescribe enhanced switching technologies
(including: VTP,RSTP, VLAN, PVSTP, 802.1q)102IDescribe how VLANs
create logically separate networks andthe need for routing between
them103ICongure, verify, and troubleshoot VLANs104ICongure, verify,
and troubleshoot trunking on Cisco switches
35. 1828xbook.fm Page xxxv Thursday, July 26, 2007 3:10 PM xxxv
Table I-2ICND2 Exam Topics (Continued) Book Part(s) Where Topic Is
Reference Covered (in NumberICND2)Exam Topic 105 IICongure, verify,
and troubleshoot interVLAN routing 106 I Congure, verify, and
troubleshoot VTP 107 I Congure, verify, and troubleshoot RSTP
operation 108 I Interpret the output of various show and debug
commands to verify the operational status of a Cisco switched
network 109 I Implement basic switch security (including: port
security, unassigned ports, trunk access, etc.) Implement an IP
addressing scheme and IP Services to meet network requirements in a
medium-size Enterprise branch office network 110 IICalculate and
apply a VLSM IP addressing design to a network 111 IIDetermine the
appropriate classless addressing scheme using VLSM and
summarization to satisfy addressing requirements in a LAN/WAN
environment 112 V Describe the technological requirements for
running IPv6 (including: protocols, dual stack, tunneling, etc.)
113 V Describe IPv6 addresses 114 II, III Identify and correct
common problems associated with IP addressing and host congurations
Configure and troubleshoot basic operation and routing on Cisco
devices 115 III Compare and contrast methods of routing and routing
protocols 116 III Congure, verify, and troubleshoot OSPF 117 III
Congure, verify, and troubleshoot EIGRP 118 II, III Verify
conguration and connectivity using ping, traceroute, and Telnet or
SSH 119 II, III Troubleshoot routing implementation issues
continues
36. 1828xbook.fm Page xxxvi Thursday, July 26, 2007 3:10 PM
xxxvi Table I-2ICND2 Exam Topics (Continued) Book Part(s) Where
Topic IsReferenceCovered (inNumber ICND2) Exam Topic120II, III,
IVVerify router hardware and software operation using show anddebug
commands121II Implement basic router securityImplement, verify, and
troubleshoot NAT and ACLs in amedium-size Enterprise branch office
network122II Describe the purpose and types of access control
lists123II Congure and apply access control lists based on
networkltering requirements124II Congure and apply an access
control list to limit Telnet andSSH access to the router125II
Verify and monitor ACLs in a network environment126II Troubleshoot
ACL implementation issues127VExplain the basic operation of
NAT128VCongure Network Address Translation for given
networkrequirements using CLI129VTroubleshoot NAT implementation
issuesImplement and verify WAN links130IV Congure and verify Frame
Relay on Cisco routers131IV Troubleshoot WAN implementation
issues132IV Describe VPN technology (including: importance,
benets,role, impact, components)133IV Congure and verify PPP
connection between Cisco routers CCNA Exam TopicsIn the previous
version of the exams, the CCNA exam covered a lot of what was in
theICND (640-811) exam, plus some coverage of topics in the INTRO
(640-821) exam. Thenew CCNA exam (640-802) covers all the topics on
both the ICND1 (640-822) and ICND2(640-816) exams. One of the
reasons for more-balanced coverage in the exams is that someof the
topics that used to be in the second exam have been moved to the
rst exam.