CCENT 100-101 ICND1 Exam InfoThe 100-101 Interconnecting Cisco Networking Devices Part 1 (ICND1) is the exam associated with theCCENT certificationand the first step in achieving theCCNA Routing and Switching certification. Candidates can prepare for this exam by taking the Interconnecting Cisco Networking Devices Part 1 (ICND1) v2.0 course. This exam tests a candidate's knowledge and skills required to successfully install, operate, and troubleshoot a small branch office network. The exam includes topics on the Operation of IP Data Networks; LAN Switching Technologies; IP Addressing (IPv4 & IPv6); IP Routing Technologies; IP Services (DHCP, NAT, ACLs); Network Device Security; Basic Troubleshooting.

http://www.dummies.com/how-to/content/ccent-certification-allinone-for-dummies-cheat-she.html

CCENT 100-101 ICND1 Exam TopicsOperation of IP Data Networks Recognize the purpose and functions of various network devices such as Routers, Switches, Bridges and Hubs. Select the components required to meet a given network specification. Identify common applications and their impact on the network Describe the purpose and basic operation of the protocols in the OSI and TCP/IP models. Predict the data flow between two hosts across a network. Identify the appropriate media, cables, ports, and connectors to connect Cisco network devices to other network devices and hosts in a LAN

LAN Switching Technologies Determine the technology and media access control method for Ethernet networks Identify basic switching concepts and the operation of Cisco switches. Collision Domains Broadcast Domains Types of switching CAM Table Configure and verify initial switch configuration including remote access management. Cisco IOS commands to perform basic switch setup Verify network status and switch operation using basic utilities such as ping, telnet and ssh. Describe how VLANs create logically separate networks and the need for routing between them. Explain network segmentation and basic traffic management concepts Configure and verify VLANs Configure and verify trunking on Cisco switches DTP Auto negotiationIP addressing (IPv4 / IPv6) Describe the operation and necessity of using private and public IP addresses for IPv4 addressing Identify the appropriate IPv6 addressing scheme to satisfy addressing requirements in a LAN/WAN environment. Identify the appropriate IPv4 addressing scheme using VLSM and summarization to satisfy addressing requirements in a LAN/WAN environment. Describe the technological requirements for running IPv6 in conjunction with IPv4 such as dual stack Describe IPv6 addresses Global unicast Multicast Link local Unique local eui 64 autoconfigurationIP Routing Technologies Describe basic routing concepts CEF Packet forwarding Router lookup process Configure and verify utilizing the CLI to set basic Router configuration Cisco IOS commands to perform basic router setup Configure and verify operation status of an ethernet interface Verify router configuration and network connectivity Cisco IOS commands to review basic router information and network connectivity Configure and verify routing configuration for a static or default route given specific routing requirements Differentiate methods of routing and routing protocols Static vs. Dynamic Link state vs. Distance Vector next hop ip routing table Passive interfaces Configure and verify OSPF (single area) Benefit of single area Configure OSPF v2 Configure OSPF v3 Router ID Passive interface Configure and verify interVLAN routing (Router on a stick) sub interfaces upstream routing encapsulation Configure SVI interfacesIP Services Configure and verify DHCP (IOS Router) configuring router interfaces to use DHCP DHCP options excluded addresses lease time Describe the types, features, and applications of ACLs Standard Sequence numbers Editing Extended Named Numbered Log option Configure and verify ACLs in a network environment Named Numbered Log option Identify the basic operation of NAT Purpose Pool Static 1 to 1 Overloading Source addressing One way NAT Configure and verify NAT for given network requirements Configure and verify NTP as a clientNetwork Device Security Configure and verify network device security features such as Device password security Enable secret vs enable Transport Disable telnet SSH VTYs Physical security Service password Describe external authentication methods Configure and verify Switch Port Security features such as Sticky MAC MAC address limitation Static / dynamic Violation modes Err disable Shutdown Protect restrict Shutdown unused ports Err disable recovery Assign unused ports to an unused VLAN Setting native VLAN to other than VLAN 1 Configure and verify ACLs to filter network traffic Configure and verify an ACLs to limit telnet and SSH access to the routerTroubleshooting Troubleshoot and correct common problems associated with IP addressing and host configurations. Troubleshootand Resolve VLAN problems identify that VLANs are configured port membership correct IP address configured Troubleshoot and Resolve trunking problems on Cisco switches correct trunk states correct encapsulation configured correct vlans allowed Troubleshoot and Resolve ACL issues Statistics Permitted networks Direction Interface Troubleshoot and Resolve Layer 1 problems Framing CRC Runts Giants Dropped packets Late collision Input / Output errors

OSI Model for the CCENT Certification ExamThe CCENT certification tests you heavily on the OSI model and the different protocols and devices that run at each layer of the OSI model. The following table reviews the OSI model by giving you a description of each layer and examples of protocols and devices that run at each layer.LayerDescriptionExamples

7.ApplicationResponsible for initiating or services the request.SMTP, DNS, HTTP, and Telnet

6.PresentationFormats the information so that it is understood by the receiving system.Compression and encryption depending on the implementation

5.SessionResponsible for establishing, managing, and terminating the session.NetBIOS

4.TransportBreaks information into segments and is responsible for connection and connectionless communication.TCP and UDP

3.NetworkResponsible for logical addressing and routingIP, ICMP, ARP, RIP, IGRP, and routers

2.Data LinkResponsible for physical addressing, error correction, and preparing the information for the mediaMAC address, CSMA/CD, switches, and bridges

1.PhysicalDeals with the electrical signal.Cables, connectors, hubs, and repeaters

Cisco IOS Basics for the CCENT Certification ExamThe CCENT certification exam will test you on the basics of the Cisco Internetwork Operating System (IOS) and how to configure the IOS. The following are some key points that summarize the IOS basics to remember for the CCENT certification exam: Types of Memory:There are different types of memory on a Cisco device:. ROM:The Read-Only Memory (ROM) on a Cisco device is like the ROM on a computer in the sense that it stores the POST and the boot loader program. The boot loader program is responsible for locating the IOS.. Flash:The flash memory is used to store the Cisco IOS.. RAM:RAM is used to store things like the routing table on a router, or the MAC address table on a switch. It is also used to store the running-config. RAM is also known as volatile RAM, or VRAM.. NVRAM:Non-volatile RAM (NVRAM) is used to store the startup-config, which is copied to the running-config on bootup after the IOS is loaded. The Boot Process:For the CCENT certification exam, you need to know the high-level steps that occur when a Cisco device starts up. The following is a quick review of the boot process of a Cisco router:. POST:The first thing that occurs when a Cisco device boots up is the POST routine, which is responsible for performing a self diagnostic to verify everything is functioning on the router or switch.. Locate IOS:After the POST, the bootloader program, which is stored in ROM, locates the IOS in flash memory and loads it into RAM.. Startup-configapplied:After the IOS is loaded into memory, the bootloader program then locates the startup-config and applies it to the device. Configuration Modes:When making changes to the Cisco device, there are a number of different configuration modes, and each change is made in a specific configuration mode. The following summarizes the major configuration modes:. User Exec:When you connect to a Cisco device, the default configuration mode is user exec mode. With user exec mode, you can view the settings on the device but not make any changes. You know you are in user exec mode because the IOS prompt displays a ">".. Priv Exec:In order to make changes to the device, you must navigate to priv exec mode, where you may be required to input a password. Priv exec mode displays with a "#" in the prompt.. Global Config:Global configuration mode is where you go to make global changes to the router, such as the hostname. To navigate to global configuration mode from priv exec mode, you typeconfig term, where you will be placed at the "(config)#" prompt.. Sub Prompts:You can navigate to a number of different sub prompts from global configuration, such as the interface prompts to modify settings on a specific interface and the line prompts to modify the different ports on the device.Configuring Users and Passwords for the CCENT Certification ExamThe CCENT certification exam will test you on basic configuration of the Cisco IOS, including setting passwords and creating users. The following are some key points that summarize configuring passwords on Cisco devices:Command(s)Result

R1>enableR1#config termR1(config)#enable password mypassR1(config)#enable secret mysecretThese commands are used to create an enable password and an enable secret. Remember that the enable password is stored in clear text within the configuration file while the enable secret is encrypted.

R1>enableR1#config termR1(config)#line con 0R1(config-line)#password conpassR1(config-line)#loginThese commands are used to create a console password on the console port. Remember that after the password is set, you must specify the login command to require authentication on the port.

R1>enableR1#config termR1(config)#line aux 0R1(config-line)#password auxpassR1(config-line)#loginThese commands are used to create an auxiliary port password on the router. Again, notice the use of the login command after setting the password; if you forget to use it then the router will not prompt for a password on that port.

R1>enableR1#config termR1(config)#line vty 0 15R1(config-line)#password vtypassR1(config-line)#loginThese commands are used to create a password for telnet connections that are made to the device.

R1>enableR1#config termR1(config)#username glen password glenpass

R1(config)#line con 0R1(config-line)#login local

R1(config)#line vty 0 15R1(config-line)#login localThese commands are used to create a username calledglenwith a password ofglenpass. You then use thelogin localcommand on each of the console port, auxiliary port, and vty ports to require authentication with a usernameandpassword.

R1(config)#banner motd #Enter TEXT message. End with the character'#'.This device is for authorized personnel only.Please disconnect at once if you have not been given permission to access this device#R1(config)#This command creates a message-of-the-day banner, which displays before someone logs in. This is used to give legal notice that unauthorized access is prohibited.

Configuring Interfaces for the CCENT Certification ExamThe CCENT certification exam requires you to know how to configure basic settings on the router, such as the hostname and the interfaces. The following commands review those configuration tasks.The following commands are used to configure the name of the router with thehostnamecommand. The name of the router appears in the prompt once it is set. Notice that the hostname is changed in global configuration mode.Router>enableRouter#config termRouter(config)#hostname R2The following commands are used to configure the FastEthernet port on the router. Notice that the interface is referenced with the slot/port syntax on theinterfacecommand. The IP address is set and then the description of the interface, the speed and duplex mode are then set, and finally the port is enabled with the no shutdown command.R2(config)#interface f0/0R2(config-if)#ip address 25.0.0.1 255.0.0.0R2(config-if)#description Private LANR2(config-if)#speed 100R2(config-if)#duplex fullR2(config-if)#no shutdownThe following commands are used to configure the Serial port on the router. Notice that the interface is referenced with the slot/port syntax on theinterfacecommand. The IP address is set and then the encapsulation protocol (PPP or HDLC) is set. Because this is the DCE end of a back-to-back serial cable, the clock rate needs to be set, otherwise the service provider sets that. Finally, the interface is enabled with theno shutdowncommand.R1>enableR1#config termR1(config)#interface serial 0/0R1(config-if)#ip address 24.0.0.1 255.0.0.0R1(config-if)#encapsulation hdlcR1(config-if)#clock rate 64000 (only set for DCE device)R1(config-if)#no shutdownConfiguring Network Services for the CCENT Certification ExamThis section reviews popular commands used when configuring a Cisco device for name resolution, DHCP services, and NAT. You'll need to know these for the CCENT Certification exam.The following commands configure the hostname table on a router and display the entries in the hostname table:NY-R1>enableNY-R1#config termNY-R1(config)#ip host BOS-R1 24.0.0.2To verify that the entry has been added:NY-R1(config)#exitNY-R1#show hostsThe following commands enable DNS lookups and specify the DNS server of 23.0.0.200 to send DNS queries to. The domain name is also set to gleneclarke.com.NY-R1>enableNY-R1#config termNY-R1(config)#ip domain-lookupNY-R1(config)#ip name-server 23.0.0.200NY-R1(config)#ip domain-name gleneclarke.comThe following commands configure your router as a DHCP server by setting an address pool (range of addresses to give out) and setting up excluded addresses that are not to be given out. The lease time is set to 7 days in this example.NY-R1(config)#ip dhcp pool NY_NetworkNY-R1(dhcp-config)#network 23.0.0.0 255.0.0.0NY-R1(dhcp-config)#default-router 23.0.0.1NY-R1(dhcp-config)#dns-server 23.0.0.200NY-R1(dhcp-config)#lease 7 0 0NY-R1(dhcp-config)#exitNY-R1(config)#ip dhcp excluded-address 23.0.0.1 23.0.0.15The following commands configure NAT overload services on a router called NY-R1. In this example, a list of source addresses is created in access list #1, which is then used as the inside source list. The FastEthernet 0/0 port is the overloaded public address port that all inside addresses get translated to.NY-R1(config)#Access-list 1 permit 10.0.0.0 0.255.255.255NY-R1(config)#ip nat inside source list 1 interface FastEthernet 0/0 overloadNY-R1(config)#interface FastEthernet0/0NY-R1(config-if)#ip nat outsideNY-R1(config-if)#interface FastEthernet0/1NY-R1(config-if)#ip nat insideBasic Switch Commands to Remember for the CCENT Certification ExamThis section outlines some of the popular commands you use on a Cisco switch for the CCENT certification exam. Most of the basic router commands, such as setting passwords and banners, work on the switch.Command(s)Result

Switch#show mac-address-tableUsed to display the MAC address table on the switch.

Switch>enableSwitch#config termSwitch(config)#hostname NY-SW1NY-SW1(config)#Used to change the hostname on the switch.

NY-SW1>enableNY-SW1#config termNY-SW1(config)#interface vlan1NY-SW1(config-if)#ip address 23.0.0.25 255.0.0.0NY-SW1(config-if)#no shutdownNY-SW1(config-if)#exitNY-SW1(config)#ip default-gateway 23.0.0.1Configures the switch for an IP address so that you can remotely connect to the switch and manage it. Also notice that the default gateway is set. If you do not set the default gateway, you will be unable to manage the switch from a different network.

Switch>enableSwitch#config termSwitch(config)#interface f0/5Switch(config-if)#speed 100Switch(config-if)#duplex fullSwitch(config-if)#description Web ServerSwitch(config-if)#no shutdownThese commands are used to manually configure a port for 100 Mbps, full duplex, and assigns a description to the port. The port is then enabled with theno shutdowncommand.

Switch(config-if)#shutdownDisables the port.

SW1>enableSW1#config termSW1(config)#interface f0/6SW1(config-if)#switchport mode accessSW1(config-if)#switchport port-securitySW1(config-if)#switchport port-security mac-address stickySW1(config-if)#switchport port-security maximum 1SW1(config-if)#switchport port-security violation shutdownThis group of commands configures port security on port #6. Port security is a way to limit which systems can connect to a switch. This code example uses a "sticky" MAC address that tells the switch to configure the port for whatever MAC uses the port first. It then sets the maximum number of MACs for the port to 1 and shuts down the port if there is a violation.

show port-security addressShow the MAC addresses that have been configured for each port.

show port-security interface f0/6Show the configuration of port security on port 6.

Switch>enableSwitch#vlan databaseSwitch(vlan)#vlan 2 name ExecutivesVLAN 2 added:Name: ExecutivesSwitch(vlan)#exitConfigures a VLAN namedExecutivesin the VLAN database.

Switch#show vlanDisplay a list of VLANs.

Switch(config)#interface range f0/6 - 9Switch(config-if-range)#switchport access vlan 2Place ports 69 in the newly created VLAN 2.

Troubleshooting Commands for the CCENT Certification ExamWhen problems arise on Cisco devices, there are a number ofshowcommands you can use to help identify what the problem is. The following table lists popularshowcommands:Command(s)Result

show running-configDisplays the running configuration stored in VRAM.

show startup-configDisplays the startup configuration stored in NVRAM.

show ip interface briefShows a summary of the interfaces and their status.

show interfacesDisplays detailed information about each interface.

show interface serial 0/0Displays detailed information about a specific interface.

show ip routeDisplays the routing table.

show hostsDisplays the host name table.

show controller serial0/1Displays whether the serial interface is a DCE or DTE device.

show ip protocolsDisplays what routing protocols are loaded.

show cdp neighborsDisplays basic information about neighboring devices such as name, type of device, and model.

show cdp neighbors detailDisplays detailed information about neighboring devices such as name, type of device, model, and IP address.

Security Best Practices for the CCENT Certification ExamOne of the most important skills to have as a CCENT is the capability of implementing basic security practices on your Cisco devices. The following are some key points to remember about securing devices when you take the CCENT exam: Secure Location:Be sure to locate your Cisco routers and switches in a secure location a locked room where limited access is permitted. Disable Ports:In high secure environments, you should disable unused ports so that unauthorized systems cannot connect to the network. Configure Port Security:In order to control which systems can connect to the enabled ports, use port security to limit which MAC addresses can connect to which ports. Set Passwords:Be sure to configure passwords on the console port, auxiliary port, and the vty ports. Also configure the enable secret for access to priv exec mode. Login Command:Do not forget the login command after setting the password on the port. The login command tells the Cisco device that anyone connecting must log in and forces the prompt for a password. Login Local Command:If you are looking to create usernames and passwords for login, then use thelogin localcommand to tell the Cisco device that you wish to authenticate persons by the usernames and password configured on the device. Encrypt Passwords:Be sure to encrypt all passwords in the configuration with theservice password-encryptioncommand! Banners:Be sure to configure banners that do not have the word "welcome" in the message or any other inviting phrases. You want to make sure that the banners indicate that unauthorized access is prohibited. Secure Communication:To remotely manage the device, use SSH instead of telnet as the communication is encrypted.Network Cabling for the CCENT Certification ExamThe CCENT certification tests you on the different types of cabling that are used in different scenarios. The following are some key points to remember about network cabling. Rollover cable:A rollover cable is also known as aconsole cableand gets the namerolloverbecause the order of the wires from one end of the cable to the other are totally reversed, or rolled over. The rollover/console cable is used to connect a computer to the console port or auxiliary port of the router for administration purposes. Back-to-back serial cable:The back-to-back serial cable is used to connect two Cisco routers directly together over a serial link. A back-to-back serial link will have one router act as the DCE device with the clock rate set and the other router act as the DTE device. Straight-through cable:A straight-through cable is used to connect dissimilar devices together. Scenarios that use straight-through cables are computer-to-switch and switch-to-router. Crossover cable:A crossover cable has wires 1 and 2 switch positions with wires 3 and 6 on one end and is used to connect similar devices together. Scenarios that use crossover cables are computer-to-computer, switch-to-switch, and computer-to-router (they are both hosts). Coaxial cable:A network cable type used in old Ethernet environments, such as 10Base2 and 10Base5. Coaxial cable is seen in high-speed Internet connections with cable companies today. Fiber optic cable:A unique cable type that has a glass core which carries pulses of light as opposed to copper cable carrying electrical signals (coax and twisted pair cabling).Network Devices and Services Overview for the CCENT Certification ExamYou can be sure to get a few questions on the CCENT certification exam that test your knowledge of types of devices and different network services. The following are some key points to remember about devices and services:Network devices Hub:A hub is a layer-1 device that is used to connect systems together. When a hub receives data in the form of an electrical signal, it sends the data to all other ports in hopes the destination system is at one of those ports. All ports on the hub create a single collision domain and a single broadcast domain. Repeater:A repeater is a layer-1 device that is used to amplify the signal. As the signal travels along the network, it gets weaker due to interference, so the purpose of the repeater is to regenerate that signal so it can travel more distance. Bridge:A bridge is a layer-2 device that creates multiple network segments. The bridge maintains a table in memory of what systems reside on what segments by their MAC addresses. When data reaches the bridge, the bridge filters the traffic by only sending the data to the network segment that the destination system resides on. The purpose of the bridge is that it filters traffic by sending the data only to the segment where the destination system resides. Each segment on the bridge creates a separate collision domain, but it is all one broadcast domain. Switch:The switch, another layer-2 device, is an improvement on a bridge in the sense that each port on the switch acts as a network segment. The switch filters traffic by sending the data only to the port on the switch where the destination MAC address resides. The switch stores each MAC address and the port the MAC address resides on in an area of memory known as theMAC address table. Each port on the switch creates a separate collision domain, but all ports are part of the same broadcast domain. Router:A router is a layer-3 device that handles routing of data from one network to another network. The router stores a listing of destination networks in the routing table which is found in memory on the router.Network services DHCP:The DHCP service is responsible for assigning IP addresses to hosts on the network. When a client boots up, it sends a DHCP discover message, which is a broadcast message designed to locate a DHCP server. The DHCP server responds with a DHCP Offer, offering the client an IP address. The client then responds with a DHCP request message asking for the address before the server responds with a DHCP ACK to acknowledge that the address has been allocated to that client. DNS:The DNS service is responsible for converting the Fully Qualified Domain Name, (FQDN) such as www.gleneclarke.com to an IP address. NAT:Network Address Translation is responsible for converting the internal address to a public address that is used to access the Internet. NAT offers the benefit of being able to purchase only one public IP address and have a number of clients on the network use that one IP address for Internet access. NAT also offers the security benefit that the internal addresses are not used on the Internet helping to keep the internal addresses unknown to the outside world. There are two types of NAT to know for the CCENT certification exam:. Static NAT:Static NAT is the mapping of one internal address to one public address. With static NAT, you will need multiple public addresses to allow internal clients to access the Internet.. NAToverloading:A more popular form of NAT, NAT overloading is the concept that all internal address get translated to the one public address on the NAT device. Web services:There are a number of Web services you should be familar with for the CCENT certification exam:. POP3/IMAP4:POP3 and IMAP4 are the Internet protocols for receiving email over the Internet.. SMTP:SMTP is the Internet protocol for sending email over the Internet. SMTP servers are also known asemail servers.. HTTP:HTTP servers are also known asWeb serversand are used to host Web sites. HTTP is a protocol that is used to send the Web page from the Web server to the Web client.. FTP:FTP is an Internet protocol used to transfer files over the Internet. The files are hosted on FTP servers, which are then downloaded to any clients on the Internet.Configuring Routing for the CCENT Certification ExamRouting protocols will certainly come up on your CCENT certification exam. This section reviews popular commands that deal with routing and routing protocols, such as RIPv1 and RIPv2.Command(s)Result

ip routingEnables routing on the router. Should be on by default.

no ip routingDisables routing on the router.

show ip routeDisplays the routing table.

ip route 23.0.0.0 255.0.0.0 22.0.0.2Adds a static route to the router for the 23.0.0.0 network and sends any data for that network to the 22.0.0.2 address (next hop).

no ip route 23.0.0.0 255.0.0.0 22.0.0.2Deletes the static route from the routing table.

ip route 0.0.0.0 0.0.0.0 22.0.0.2Sets the gateway of last resort on the router to forward any packets with unknown destinations to the 22.0.0.2 address.

ROUTERB>enableROUTERB#config termROUTERB(config)#router ripROUTERB(config-router)#network 26.0.0.0ROUTERB(config-router)#network 27.0.0.0Configures the router for RIPv1. RIP is a dynamic routing protocol that is used to share routing information with other routers running RIP. In this example, RIP will share knowledge of the 26.0.0.0 and the 27.0.0.0 networks.

ROUTERB>enableROUTERB#config termROUTERB(config)#router ripROUTERB(config-router)#network 26.0.0.0ROUTERB(config-router)#network 27.0.0.0ROUTERB(config-router)#version 2To configure the router for RIPv2, you use the same commands but add the "version 2" command at the end.

show ip protocolsDisplay what routing protocols are running on the router.

debug ip ripEnable RIP debugging, which will display RIP related messages on the screen as RIP-related events occur (packets are sent and received).

no debug allTurns off debugging once you are done troubleshooting RIP.

Wireless Networking Terminology for the CCENT Certification ExamAt its most basic, wireless communication is the sending and receiving of data through airwaves. But the CCENT certification exam expects you to understand wireless terminology and concepts. The following are some key points to remember for the exam:Know the following organizations that help define wireless: Institute of Electrical and Electronics Engineers (IEEE):Creates the wireless standards, such as 802.11a/b/g/n Federal Communications Commission (FCC):Regulates the use of wireless devices (licenses of frequencies) WiFi-Alliance:Ensures compatibility of wireless components. The WiFi-Alliance is responsible for testing and certification of wireless devices.Know the two types of wireless networks: Ad hoc mode:No wireless access point is used. The wireless clients communicate in a peer-to-peer environment. Infrastructure mode:Uses a wireless access pointKnow the IEEE Standards for wireless: 802.11a:A wireless standard that uses the 5 GHz frequency range and runs at 54 Mbps. 802.11b:A wireless standard that uses the 2.4 GHz frequency range and runs at 11 Mbps. The WiFi standard was created and 802.11b is part of that standard. This is the frequency used by cordless phones and microwaves, so you may experience interference from those devices. As a correction, you can change the channel of the wireless network or purchase phones that use a different frequency. 802.11g:A wireless standard, which is compatible with 802.11b, that also uses the 2.4 GHz frequency range and runs at 54 Mbps. 802.11n:A new wireless standard that can use either the 2.4 GHz frequency range or the 5 GHz frequency range and is compatible with 802.11a/b/g. 802.11n has a transfer rate of approximately 150 Mbps.Other wireless terms to know for the exam: Basic Service Set (BSS):A wireless network consisting of one access point using an SSID. If you had three access points, each using a different SSID, then this would be three BSS networks. Extended Service Set (ESS):A wireless network comprising multiple access points using the same SSID.Be sure to know the configuration requirements to set up an ESS: The SSID on each access point must be the same. The range of the access points must overlap by 10% or more. Each access point must use a different channel.Know the difference between the different wireless encryption types: Wired Equivalent Privacy (WEP):An old wireless encryption protocol that involves configuring a pre-shared key on the access point and the wireless client that is used to encrypt and decrypt data. WEP uses the RC4 encryption algorithm with the pre-shared key and is not considered secure due to the way the key is used. WEP supports 64-bit and 128-bit encryption. WiFi Protected Access (WPA):The improvement on WEP that adds the TKIP protocol in order to perform key rotation to help improve on the fact that WEP uses a static key. WPA has two modes:personal modeinvolves configuring a pre-shared key, andenterprise modecan use an authentication server such as RADIUS. WiFi Protected Access 2 (WPA2):Improves upon WPA by changing the encryption algorithm to theAdvanced Encryption Standard(AES) and supports both personal mode and enterprise mode.The following are some key points regarding best practices to improve the security of your wireless network: Disable wireless:If you aren't using wireless, then disable the wireless functionality on the wireless router. Change the SSID:Make sure you change the SSID to something meaningless. You don't want the SSID set to a value that will help the hacker identify the building you're in because he could move closer to the building to get a stronger signal. Disable SSID broadcasting:After disabling SSID broadcasting. the router won't advertise the existence of the wireless network. This makes it harder for someone to connect because they have to manually configure their client for the SSID name. Implement MAC filtering:MAC filtering allows you to limit who can connect to the wireless network by the MAC address of the network card. Implement encryption:Be sure to encrypt wireless traffic with WEP, WPA, or WPA2. WPA2 is the most secure of the three.

CCENT/CCNA Certification Practice Quiz 1

Question 1:The frame shown enters the switch. Select the operation or operations the switch will perform:

Top of FormWill forward the frame out all portsWill forward the frame out fa0/2 and add 0000.00cc.cccc to the MAC address tableWill forward the frame out fa0/3 and add 0000.00bb.bbbb to the MAC address tableWill forward the frame out all active portsWill drop the frame because it is invalidBottom of Form

Question 2:Top of FormYou need to configure a default gateway for management access to a switch. Select the command you would type in the switch CLI to learn the ip address of an attached router.Show neighborShow cdp neighbor detailShow peripheralsShow ip neighborshow iptablesBottom of FormQuestion 3:

The network with ip address 192.168.100.0/27 is to be used on a router. If ip subnet-zero is configured, which statement describe the resulting number of available subnets and hosts?Top of Form7 usable subnets, each with 32 host addresses8 usable subnets, each with 30 host addresses8 usable subnets, each with 27 host addresses7 usable subnets, each with 24 host addresses9 usable subnets, each with 24 host addressesQuestion 4:Top of FormAfter the devices have been configured as shown, it is determined that the branch office in Chicago doesn't have connectivity to the Internet through the headquarters in Dallas. How would you fix the problem?

Change ip address on the WAN side of the Chicago routerChange subnet mask on the WAN side of the Chicago routerChange ip address on the LAN side of the Chicago routerChange ip address on the LAN side of the Dallas routerChange ip address on the WAN side of the Dallas routerQuestion 5:Top of FormYou are a network administrator at a branch office and received a router from the headquarters. The router had previously been in production and still has the old configuration. You want to erase the configuration. What command would you type at the CLI?erase nvramclear configThis cannot be done, you need to restore the router to factory defaultsdelete memoryCycle the power 3 times, then type clrsetQuestion 6:Top of FormWhich of the following will prevent workstations with unauthorized MAC address from connecting to the network through a switch?BPDUDTPRSTPPort securityVTPNoneQuestion 7:Top of FormYou are a network administrator at a branch office and received a router from the headquarters. When you try to login to the router to clear the configuration you find you don't have access to it. Nobody knows the password to the router so you need to reset it. What value should you set in the registry and how does the router accomplish this? (Choose 2)0x21020x2142The router will ignore the configurationThe router will prompt you to enter a new passwordIt can't be doneQuestion 8:Top of FormThe exhibit below shows the output of a show ip interface brief on a Cisco router.r1#show ip interface brief

Serial0/0 does not respond to ping requests. What step would you take to resolve the problem?Change ip address on Serial0/0Enable the interface Serial0/0The interface looks fine in status up, problem must be somewhere elseCheck the physical connection in Serial 0/0Change the ip address on Serial 0/1Question 9:Top of FormA junior network administrator configured and installed an 802.11g access point in the center of a square office. Some users are experiencing slow performance and drops while most users are operating normally. What are the likely causes of the problem? (Choose 2)mismatched TKIP encryptionnull ssidcordless phonesmismatched ssidmetal file cabinetsQuestion 10:Top of FormWhich IOS command enters global configuration mode?startupenableinterface vlan 0initconfigure terminalQuestion 11:Top of FormWhich IOS command enables access to high-level commands?susu rootadmin 0initenableQuestion 12:Top of FormWhich IOS command will create interface vlan 10 if it doesn't exist?interface vlan 10enable vlan 10config vlan 10init vlan 10enable interface 10Question 13:Top of FormWhich IOS command will configure a default gateway for management purposes?ip default gatewayinterface defaultconfig default gatewayinit defaultenable interface 10 defaultQuestion 14:Top of FormWhich two statements describe the operation of the CSMA/CD access method?(Choose 2)In a CSMA/CD collision domain, multiple stations can successfully transmit data simultaneouslyIn a CSMA/CD collision domain, stations must wait until the media is not in use before transmitting.The use of hubs to enlarge the size of collisions domains is one way to improve the operation of the CSMA/CD access methodAfter a collision, the station that detected the collision has first priority to resend the lost dataAfter a collision, all stations involved run an identical back off algorithm and then synchronize with each other prior to transmitting data.

CCENT/CCNA Certification Practice Quiz 2Question 1:You enter the partial configuration shown in a router.interface s0/0ip address 160.1.1.1 255.255.255.252No shutdownip nat outside

interface fa0/0ip address 10.2.2.254 255.255.255.0No shutdownip nat inside

ip subnet-zero

ip nat pool first 66.150.4.49 66.150.4.54 netmask 255.255.255.248ip nat inside source list 1 pool first

Access-list 1 permit 10.2.2.0 0.0.0.255

Which would be a valid "inside global address" after this router performs NAT?Top of Form10.2.2.166.150.4.5366.150.4.4810.2.2.25410.2.2.255Question 2:Which best describes the wireless security standard that is defined by WPA? (Choose 2 statements)Top of FormIt specifies the use of dynamic encryption keys that change each time a client establishes a connectionIt specifies use of a static encryption key that must be changed frequently to enhance securityIt includes authentication by PSKIt requires use of an open authentication methodIt requires that all access points and wireless devices use the same encryption keyQuestion 3:Your organization doubled in size during the past year and more growth is projected in the near future as shown in the exhibit:

Accounting: Currently 50 users. Projected growth 100 usersMarketing: Currently 20 users. Projected growth 60 usersIT: Currently 15 users. Projected growth 32 usersClient services: Currently 50 users. Projected growth 100 users

Currently all hosts in the organization are in the 10.20.20.0/24 range. What steps should you take to correct the situation and guarantee future expansion? Choose the best answer.Top of FormChange the subnet mask of all hosts to 255.255.255.0No action, the current range will accommodate future growthChange the subnet mask of all hosts to 255.255.254.0Change the subnet mask of all hosts to 255.255.252.0Question 4:

You are a network administrator at a branch office and have been assigned the 192.168.20.0/24 range for internal use. You need to subnet the range so 20 valid ip addresses are in the SERVER vlan, 32 valid ip addresses are in the EXECUTIVE vlan, 50 valid addresses are in the IT vlan, 50 for the ACCOUNTING vlan and the rest in the USERS vlan. At least 40 valid ip addresses must be in the USERS vlan. How would you accomplish this? (Choose the best answer)Top of FormSubnet as shown:SERVER: 192.168.20.0/27EXECUTIVE: 192.168.20.64/26IT: 192.168.20.128/26ACCOUNTING: 192.168.20.192/26USERS: 192.168.20.32/27

Subnet as shown:SERVER: 192.168.20.0/28EXECUTIVE: 192.168.20.32/26IT: 192.168.20.96/26ACCOUNTING: 192.168.20.160/26USERS: 192.168.20.224/27

Subnet as shown:SERVER: 192.168.20.0/27EXECUTIVE: 192.168.20.32/26IT: 192.168.20.96/26ACCOUNTING: 192.168.20.160/26USERS: 192.168.20.32/26

This cannot be accomplished with the current address spaceQuestion 5:You are a network administrator at a branch office and received a router from the headquarters. You have been told the ip address of the router's eth0/0 interface is 192.168.1.254/24. You need to configure the router, but when attempting to locate a console cable, you cannot find one. What can you do to try to connect to the router? (Choose 3)

a) From your computer open up a tftp session to 192.168.1.254.b) Connect a straight through cable between your computer and the router's eth0/0c) Assign 192.168.1.255/24 to your computer's NICd) Connect a crossover cable between your computer and the router's eth0/0e) Assign 192.168.1.1/24 to your computer's NICf) From your computer open up a telnet session to 192.168.1.254.Top of Formb, c, ab, e, ad, e, aQuestion 6:Exhibit

A junior network administrator enters the following configuration in the new routers:R1 configurationinterface fa0/0ip address 10.4.101.254 255.255.255.0no shutdowninterface s0/0ip address 10.4.1.1 255.255.255.252no shutdownR2 configurationInterface fa0/010.4.102.254 255.255.255.0no shutdowninterface s0/0ip address 10.4.1.2 255.255.255.252ip route 10.4.101.0 255.255.255.0 10.4.1.1What is missing from the configuration so H1 can talk to H2?Top of FormEnable routing on R1Nothing, the hosts should be able to ping each otherOn R1, enter a static route to the 10.4.102.0/24 network pointing to R2Enter cdp run on R1Page 7 of 15Question 7:What type of cable would you employ to establish the following types of connections:Host to Host:Top of FormCrossover cableStraight through cableRollover cableHost to Switch:Bottom of FormTop of FormCrossover cableStraight through cableRollover cableSwitch to Switch:Bottom of FormTop of FormCrossover cableStraight through cableRollover cableHost to Console:Bottom of FormTop of FormCrossover cableStraight through cableRollover cableQuestion 8:You are tasked with developing a comprehensive network security plan, which of the following should be a part of it?Top of FormEncourage users write down their passwords so they don't get locked out if they forget them.Secure network equipment from access by unauthorized individuals.Delay deployment of software patches and updates until they are absolutely necessary.Allow users to choose whether they want to have security or not.Activate automatic antivirus client updates late at night only to minimize network traffic during the day.Question 9:What are the advantages of using switches over hubs? (select all that apply)Top of FormIncrease the number of collision domainsSimultaneous frame transmissionsIncrease size of broadcast domainsIncrease the maximum length of cabling between devicesFilter frames based on MAC addressesQuestion 10:In the exhibit, what is the correct addressing for a frame and packet received by H2 from H1?

Top of FormDestination MAC: 0001.0002.5678Destination IP: 10.4.22.21Source MAC: 0001.0002.aaaaSource IP: 10.4.21.21

Destination MAC: 0001.0002.5678Destination IP: 10.4.22.21Source MAC: 0001.0002.1234Source IP: 10.4.22.2

Destination MAC: 0001.0002.5678Destination IP: 10.4.22.21Source MAC: 0001.0002.aaaaSource IP: 10.4.21.1

Destination MAC: 0001.0002.5678Destination IP: 10.4.22.21Source MAC: 0001.0001.5678Source IP: 10.4.21.21Question 11:How will R1 handle a data frame received from H1 destined to H2? (Choose 2)Top of FormTake out the source ip address and replace it with the ip address on the forwarding Ethernet interfaceTake out the source mac address and replace it with the mac address on the forwarding Ethernet interfaceTake out the destination mac address and replace it with the mac address of H2Take out the destination ip address and replace it with the ip address of H2Question 12:You are a network administrator at a branch office and just purchased a new router. The serial interface is already configured and connects to the ISP. You need to configure the fa0/0 interface on the router so it serves as the default gateway for internal hosts.You enter the following in global config mode:

Interface fa0/0ip address 192.168.100.1 255.255.255.0

What command would you more likely enter next in the configuration?

Top of Formno shutdownenableenable default-gatewayenable DHCPcdp runQuestion 13:Which two addresses below are available for host addresses in the 172.16.240.32/27 subnet?Top of Form172.16.240.63172.16.240.62172.16.240.33172.16.240.32172.16.240.65172.16.240.64Question 14:You are a network administrator at a branch office and received a router from the headquarters. You enter the following:R1>show versionThe router displays the following (partial output):Cisco 2610 (MPC860) processor (revision 0x202) with 26624K/6144K bytes of memory(TOTAL DRAM: 26624K + 6144K = 32MB)Processor board ID TG9RFTGRF56 (34525435)M860 processor: part number 0, mask 49Bridging softwareX.25 software, Version 3.0.0.1 Ethernet/IEEE 820.3 interface(s)32K bytes of non-volatile configuration memory.8192K bytes of processor board System flash (Read/Write)(TOTAL FLASH 8192K = 8MB)Configuration register is 0x2102What is the largest configuration file that can be stored on this router?Top of Form32Mbytes32Kbytes8192Kbytes8MbytesBottom of FormBottom of FormBottom of FormBottom of FormBottom of FormBottom of FormBottom of FormBottom of FormBottom of FormBottom of FormBottom of FormBottom of FormBottom of FormBottom of FormBottom of FormBottom of FormBottom of FormBottom of FormBottom of FormBottom of FormBottom of FormBottom of FormBottom of FormBottom of FormBottom of FormBottom of Form