Full Quiz Questions

Quiz
1. Which three statements about networks are accurate? (Choose three.)
Networks transmit data in many kinds of environments, including homes, small businesses,
and large enterprises.
A main office can have hundreds or even thousands of people who depend on net-work
access to do their jobs.
A network is a connected collection of devices that can communicate with each other.
A main office usually has one large network to connect all users.
The purpose of a network is to create a means to provide all workers with access to all
information and components that are accessible by the network.
Remote locations cannot connect to a main office through a network.

Quiz
2. What is the purpose of a router?

To interconnect networks and choose the best paths between them

To provide the connection points for the media
To serve as the endpoint in the network, sending and receiving data
To provide the means by which the signals are transmitted from one networked device to
another

Quiz
3. What is the purpose of a switch?
To connect separate networks and filter the traffic over those networks so that the data is
transmitted through the most efficient route
To choose the path over which data is sent to its destination
To serve as the endpoint in the network, sending and receiving data
To provide network attachment to the end systems and intelligent switching of the data
within the local network

Quiz
4. What is the purpose of network interconnections?
To connect separate networks and filter the traffic over those networks so that the data is
transmitted through the most efficient route
To choose the path over which data is sent to its destination
To provide a means for data to travel from one point to another in the network
To provide network attachment to the end systems and intelligent switching of the data
within the local network

Quiz
5. Which resource is not sharable on a network?
Memory
Applications
Peripherals
Storage devices

Quiz
6. Which three of the following are common network applications? (Choose three.)
E-mail
Collaboration
Graphics creation
Databases
Word processing
Spreadsheets

Quiz
7. Match each network characteristic to its definition.
____1. speed
____2. cost
____3. security
____4. availability
____5. scalability
____6. reliability
____7. topology
a. Indicates how easily users can access the network
b. Indicates how dependable the network is
c. Indicates the protection level of the network itself and the data that is transmitted
d. Indicates how fast data is transmitted over the network
e. Indicates how well the network can accommodate more users or data transmission
requirements
f. Indicates the structure of the network
g. Indicates the general price of components, installation, and maintenance of the network
D
G
C
A
E
B
F

Quiz
8. Which statements about physical networking topologies are accurate? (Choose two.)

A physical topology defines the way in which the computers, printers, network devices, and
other devices are connected.
There are three primary categories of physical topologies: bus, ring and star.
A physical topology describes the paths that signals travel from one point on a network to
another.
The choice of a physical topology is largely influenced by the type of data to be transmitted
over the network.

Quiz
9. Which statement about logical topologies is accurate?

A logical topology defines the way in which the computers, printers, network devices, and
other devices are connected.
A logical topology depends solely on the type of computers to be included in the network.
A logical topology describes the paths that the signals travel from one point on a network to
another.
A network cannot have different logical and physical topologies.

Quiz
10. Match each topology type to its correct description.
____ 1. All of the network devices connect directly to each other in a linear fashion.
____ 2. All of the network devices are directly connected to one central point with no other
connections between them.
____ 3. All of the devices on a network are connected in the form of a circle.
____ 4. Each device has a connection to all of the other devices.
____ 5. At least one device maintains multiple connections to other devices.
____ 6. This design adds redundancy to the network.
a. star
b. bus
c. mesh
d. ring
e. partial-mesh
f. dual-ring
B
A
D
C
E
F

Quiz
11. What is the main threat to a closed network?

A deliberate attack from outside

A deliberate or accidental attack from inside
Misuse by customers
Misuse by employees

Quiz
12. Which two factors have recently influenced the increase in threats from hackers?
(Choose two.)

Hacker tools require more technical knowledge to use.

Hacker tools have become more sophisticated.
The number of reported security threats has remained constant year to year.
Hacker tools require less technical knowledge to use.

Quiz
13. Which of the following four attacks are classified as access attacks? (Choose two.)

Password attacks
DDoS
Trojan horse
Love Bug
Building a Simple Network
Week 02
Understanding the Host-to-Host Communications Model
Understanding Host-to-Host Communications
Older model
Proprietary
Application and combinations software controlled by one vendor
Standards-based model
Multivendor software
Layered approach
Why a Layered Network Model?
Reduces complexity
Standardizes interfaces
Facilitates modular engineering
Ensures interoperable technology
Accelerates evolution
Simplifies teaching and learning
The Seven Layers of the OSI Model
The Seven Layers of the OSI Model (Cont.)
The Seven Layers of the OSI Model (Cont.)
The Seven Layers of the OSI Model (Cont.)
The Seven Layers of the OSI Model (Cont.)
The Seven Layers of the OSI Model (Cont.)
The Seven Layers of the OSI Model (Cont.)
Data Encapsulation
Data De-Encapsulation
Peer-to-Peer Communication
Defines four layers
Uses different names for Layers 1 through 3
Combines Layers 5 through 7 into single application layer
TCP/IP Stack
TCP/IP Stack vs. the OSI Model
Building a Simple Network
Understanding the TCP/IP Internet Layer
Internet Protocol Characteristics
Operates at network layer of OSI
Connectionless protocol
Packets treated independently
Hierarchical addressing
Best-effort delivery
No data-recovery features
Why IP Addresses?
They uniquely identify each device on an IP network.
Every host (computer, networking device, peripheral) must have a unique address.
Host ID:
Identifies the individual host
Is assigned by organizations to individual devices
Network.Host
IP PDU Header
IP Address Format: Dotted Decimal Notation
The binary-to-decimal and decimal-to-binary conversion will be detailed later in this
course.
IP Address Classes: The First Octet
IP Address Ranges
*127 (01111111) is a Class A address reserved for loopback testing and cannot be assigned
to a network.
Reserved Address
Public IP Addresses
Private IP Addresses
DHCP
Application specified in the TCP/IP suite
A way to translate human-readable names into IP addresses
DNS
Network Connection
ipconfig

Quiz
1. Which two statements about wireless networks are accurate? (Choose two.)
Instead of cables, wireless communication uses RFs or infrared waves to transmit data.
To receive the signals from the access point, a computer needs to have a wireless adapter
card or wireless NIC.
For wireless LANs, a key component is a router, which propagates signal distribution.
Wireless networks are not very common, and generally only large corporations use them.

Quiz
2. Which two statements about the purpose of the OSI model are accurate? (Choose two.)
The OSI model defines the network functions that occur at each layer.
The OSI model facilitates an understanding of how information travels through-out a
network.
The OSI model ensures reliable data delivery through its layered approach.
The OSI model allows changes in one layer to affect the other layers.

Quiz
3. Match each OSI layer to its function.
___1. physical
___2. data link
___3. network
___4. transport
___5. session
___6. presentation
___7. application
a. Provides connectivity and path selection between two host systems that might be located
on geographically separated networks
b. Ensures that the information sent at the application layer of one system is read-able by
the application layer of another system
c. Defines how data is formatted for transmission and how access to the network is
controlled
d. Segments data from the system of the sending host and reassembles the data into a data
stream on the system of the receiving host
e. Defines the electrical, mechanical, procedural, and functional specifications for activating,
maintaining, and deactivating the physical link between end systems
f. Provides network services to the applications of the user, such as e-mail, file transfer, and
terminal emulation
g. Establishes, manages, and terminates sessions between two communicating hosts and
also synchronizes dialogue between the presentation layers of the two hosts and manages
their data exchange
e
c
a
d
g
b
f

Quiz
4. Arrange the steps of the data encapsulation process in the correct order.
____1. Step 1
____2. Step 2
____3. Step 3
____4. Step 4
____5. Step 5
____6. Step 6
____7. Step 7
____8. Step 8
a. The presentation layer adds the presentation layer header (Layer 6 header) to the data.
This then becomes the data that is passed down to the session layer.
b. The session layer adds the session layer header (Layer 5 header) to the data. This then
becomes the data that is passed down to the transport layer.
c. The application layer adds the application layer header (Layer 7 header) to the user data.
The Layer 7 header and the original user data become the data that is passed down to the
presentation layer.
d. The network layer adds the network layer header (Layer 3 header) to the data. This then
becomes the data that is passed down to the data link layer.
e. The transport layer adds the transport layer header (Layer 4 header) to the data. This
then becomes the data that is passed down to the network layer.
f. The user data is sent from an application to the application layer.
g. The data link layer adds the data link layer header and trailer (Layer 2 header and
trailer) to the data. A Layer 2 trailer is usually the frame check sequence, which is used by
the receiver to detect whether the data is in error. This then becomes the data that is passed
down to the physical layer.
h. The physical layer then transmits the bits onto the network media.
f
c
a
b
e
d
g
h

Quiz
5. At which layer does de-encapsulation first occur?

Application
Data link
Network
Transport

Quiz
6. Match each layer with the function it performs in peer-to-peer communication.
____1. network layer
____2. data link layer
____3. physical layer
a. Encapsulates the network layer packet in a frame
b. Moves the data through the internetwork by encapsulating the data and attaching a
header to create a packet
c. Encodes the data link frame into a pattern of 1s and 0s (bits) for transmission on the
medium (usually a wire)
b
a
c
Quiz
7. What is the function of a network protocol?

Uses sets of rules that tell the services of a network what to do

Ensures reliable delivery of data
Routes data to its destination in the most efficient manner
Is a set of functions that determine how data is defined

Quiz
8. Match each TCP/IP stack layer to its function.
____1. Provides applications for file transfer, network troubleshooting, and Internet
activities, and supports the network
____2. Defines how data is formatted for transmission and how access to the network is
controlled
____3. Defines the electrical, mechanical, procedural, and functional specifications for
activating, maintaining, and deactivating the physical link between end systems
____4. Provides routing of data from the source to a destination by defining the packet and
addressing scheme, moving data between the data link and transport
layers, routing packets of data to remote hosts, and performing fragmentation and
reassembly of data packets
____5. Provides communication services directly to the application processes running on
different network hosts
a. physical layer
b. data link layer
c. Internet layer
d. transport layer
e. application layer
D
B
A
C
E

Quiz
9. Which area of the OSI model and the TCP/IP stack is most diverse?

network layer
transport layer
application layer
data link layer

Quiz
10. How many bits are in an IPv4 address?

16
32
48
64
128

Quiz
11. In a Class B address, which of the octets are the host address portion and are assigned
locally?

The first octet is assigned locally.

The first and second octets are assigned locally.
The second and third octets are assigned locally.
The third and fourth octets are assigned locally.

Quiz
12. The address 172.16.128.17 is of which class?

Class A
Class B
Class C
Class D

Quiz
13. Which of the following statements is true of a directed broadcast address?

A broadcast address is an address that has all 0s in the host field.

Any IP address in a network can be used as a broadcast address.
A directed broadcast address is an address that has all 1s in the host field.
None of the above is correct.
Quiz
14. Which two of these addresses are private IP addresses? (Choose two.)

10.215.34.124
172.16.71.43
171.17.10.10
225.200.15.10

Quiz
15. Which three statements about IP are accurate? (Choose three.)

IP is a connectionless protocol.
IP uses relational addressing.
IP delivers data reliably.
IP operates at Layer 2 of the TCP/IP stack and OSI model.
IP does not provide any recovery functions.
IP delivers data on a best-effort basis.

Quiz
16. Which three statements about TCP are accurate? (Choose three.)
TCP operates at Layer 3 of the TCP/IP stack.
TCP is a connection-oriented protocol.
TCP provides no error checking.
TCP packets are numbered and sequenced so that the destination can reorder packets and
determine if a packet is missing.
TCP provides no recovery service.
Upon receipt of one or more TCP packets, the receiver returns an acknowledge-ment to the
sender indicating that it received the packets.
Building a Simple Network
Week 03
Understanding the TCP/IP Transport Layer
Transport Layer
Session multiplexing
Segmentation
Flow control (when required)
Connection-oriented
(when required)
Reliability (when required)
Reliable vs. Best-Effort Comparison
Operates at transport layer of OSI and TCP/IP models
Provides applications with access to the network layer without the overhead of reliability
mechanisms
Is a connectionless protocol
Provides limited error checking
Provides best-effort delivery
Has no data-recovery features
UDP Characteristics
UDP Header
TCP Characteristics
Transport layer of the TCP/IP stack
Access to the network layer for applications
Connection-oriented protocol
Full-duplex mode operation
Error checking
Sequencing of data packets
Acknowledgement of receipt
Data-recovery features
TCP Header
File transfer
FTP
TFTP
Network File System
E-mail
Simple Mail Transfer Protocol
Remote login
Telnet
rlogin
Network management
Simple Network Management
Protocol
Name management
Domain Name System
TCP/IP Application Layer Overview
Mapping Layer 3 to Layer 4
Mapping Layer 4 to Applications
Establishing a Connection
Three-Way Handshake
CTL = Which control bits in the TCP header are set to 1
Flow Control
TCP Acknowledgment
Fixed Windowing
TCP Sliding Windowing
TCP Sequence and Acknowledgment Numbers
Quiz
1. Which three statements about TCP are accurate? (Choose three.)
TCP operates at Layer 3 of the TCP/IP stack.
TCP is a connection-oriented protocol.
TCP provides no error checking.
TCP packets are numbered and sequenced so that the destination can reorder packets and
determine if a packet is missing.
TCP provides no recovery service.
Upon receipt of one or more TCP packets, the receiver returns an acknowledgement to the
sender indicating that it received the packets.

Quiz
2. Which characteristic is similar between TCP and UDP?
Operates at Layer 4 (transport layer) of the OSI model and the TCP/IP stack
Capable of performing a very limited form of error checking
Provides service on a best-effort basis and does not guarantee packet delivery
Provides no special features that recover lost or corrupted packets

Quiz
3. When a single computer with one IP address has several websites open at once, this is
called _____.

windowing
session multiplexing
segmenting
connection-oriented protocol

Quiz
4. TCP is best for which two of the following applications? (Choose two.)

E-mail
Voice streaming
Downloading
Video streaming

Quiz
5. Which three of the following characteristics apply to UDP? (Choose three.)
Packets are treated independently.
Packet delivery is guaranteed.
Packet delivery is not guaranteed.
Lost or corrupted packets are not resent.

Quiz
6. Which two of the following characteristics apply to TCP? (Choose two.)

Packet delivery is not guaranteed.

Lost or corrupted packets are not resent.
Lost or corrupted packets are resent.
TCP segment contains a sequence number and an acknowledgment number.

Quiz
7. Proprietary applications use which kind of port?

Dynamically assigned ports

Well-known ports
Registered ports

Quiz
8. Ports that are used only for the duration of a specific session are called _____.

dynamically assigned ports

well-known ports
registered ports

Quiz
9. The source port in both a UDP header and a TCP header is a _____.

16-bit number of the called port

16-bit length of the header
16-bit sum of the header and data fields
16-bit number of the calling port

Quiz
10. Which field in a TCP header ensures that data arrives in correct order?
Acknowledgment number
Sequence number
Reserved
Options

Quiz
11. In a TCP connection setup, the initiating device sends which message?

ACK
Receive SYN
Send SYN

Quiz
12. Acknowledgment and windowing are two forms of _____.

flow control
TCP connection
TCP sequencing
reliable connections

Quiz
13. Windowing provides which of the following services?

The sender can multiplex.

The receiver can have outstanding acknowledgments.
The receiver can multiplex.
The sender can transmit a specified number of unacknowledged segments.

Quiz
14. Sequence numbers and acknowledgment numbers are found where?

UDP header
TCP header
Initial sequence number
Application layer
Building a Simple Network
Week 04
Exploring the Packet Delivery Process
Layer 1 Devices
Layer 1 provides the physical media and its encoding.
Examples:
Ethernet
Serial
Repeater
Physical interface of the NIC
Layer 2 Devices
Layer 2 devices provide an interface with the physical media.
Examples:
NIC
Bridge
Switch
Layer 2 Addressing
MAC address
Assigned to end devices
Layer 3 Devices and Their Function
The network layer provides connectivity and path selection between two host systems.
In the host, this is the path between the data link layer and the upper layers of the NOS.
In the router, it is the actual path across the network.
Layer 3 Addressing
Each NOS has its own Layer 3 address format.
OSI uses an NSAP.
TCP/IP uses IP.
ARP (Address Resolution Protocol)
ARP Table
Host-to-Host Packet Delivery (1 of 22)
Host-to-Host Packet Delivery (2 of 22)
Host-to-Host Packet Delivery (3 of 22)
Host-to-Host Packet Delivery (4 of 22)
Host-to-Host Packet Delivery (5 of 22)
Host-to-Host Packet Delivery (6 of 22)
Host-to-Host Packet Delivery (7 of 22)
Host-to-Host Packet Delivery (8 of 22)
Host-to-Host Packet Delivery (9 of 22)
Host-to-Host Packet Delivery (10 of 22)
Host-to-Host Packet Delivery (11 of 22)
Host-to-Host Packet Delivery (12 of 22)
Host-to-Host Packet Delivery (13 of 22)
Host-to-Host Packet Delivery (14 of 22)
Host-to-Host Packet Delivery (15 of 22)
Host-to-Host Packet Delivery (16 of 22)
Host-to-Host Packet Delivery (17 of 22)
Host-to-Host Packet Delivery (18 of 22)
Host-to-Host Packet Delivery (19 of 22)
Host-to-Host Packet Delivery (20 of 22)
Host-to-Host Packet Delivery (21 of 22)
Host-to-Host Packet Delivery (22 of 22)
Function of the Default Gateway
In the host-to-host packet delivery example, if the two hosts are on the same network, the
host was able to use ARP to map a destination’s MAC address to the destination’s IP
address.
If the two hosts are on different networks, the sending host must send the data to the
default gateway, which forwards the data to the destination.
Default Gateway
Building a Simple Network
Week 05
Understanding Ethernet
Local Area Network
LAN Components
Computers
PCs
Servers
Interconnections
NICs
Media
Network devices
Hubs
Switches
Routers
Protocols
Ethernet
IP
ARP
DHCP
Functions of a LAN
Data and applications
Share resources
Provide communication path to other networks
LAN Sizes
Ethernet Evolution
LAN Standards
LLC : Logical Link Control
MAC : Media Access Control
CSMA/CD
Ethernet Frame Structure
Communicating Within the LAN
MAC Address Components
OUI: ORGANIZATIONALLY UNIQUE IDENTIFIER
MAC Addresses
Building a Simple Network
Connecting to an Ethernet LAN
Network Interface Card
Comparing Ethernet Media Requirements
Differentiating Between Connections
1000BASE-T GBIC
Cisco Fiber-Optic GBICs
Short wavelength (1000BASE-SX)
Long wavelength/long haul (1000BASE-LX/LH)
Extended distance (1000BASE-ZX)
Unshielded Twisted-Pair Cable
Speed and throughput: 10 to 1000 Mb/s
Average cost per node: Least expensive
Media and connector size: Small
Maximum cable length: Varies
RJ-45 Connector
RJ-45 Jack
Cable 10BASE-T/
100BASE-TX Straight-Through
Pin Label
Pin Label
1
2
3
4
5
6
7
8
TX+
TX-
RX+
NC
NC
RX-
NC
NC
1
2
3
4
5
6
7
8
TX+
TX-
RX+
NC
NC
RX-
NC
NC
Straight-Through Cable
Wires on cable ends
are in same order.
UTP Implementation (Straight-Through)
Cable 10BASE-T or
100BASE-TX Straight-Through
Crossover Cable
Some wires on cable
ends are crossed.
Pin Label
Pin Label
1
2
3
4
5
6
7
8
TX+
TX-
RX+
NC
NC
RX-
NC
NC
1
2
3
4
5
6
7
8
TX+
TX-
RX+
NC
NC
RX-
NC
NC
EIA/TIA T568A
EIA/TIA T568B
UTP Implementation (Crossover)
UTP Implementation: Straight-Through vs. Crossover
Using Varieties of UTP
LAN Connections
Constructing a Network Addressing Scheme
Flat Topology
Problems
All devices share the same bandwidth.
All devices share the same broadcast domain.
It is difficult to apply a security policy.
Subnetworks
Smaller networks are easier to manage.
Overall traffic is reduced.
You can more easily apply network security policies.
What a Subnet Mask Does
Tells the router the number of bits to look at when routing
Defines the number of bits that are significant
Used as a measuring tool, not to hide anything
Possible Subnets and Hosts for a Class C Network
Possible Subnets and Hosts for a Class B Network
Possible Subnets and Hosts for a Class A Network
End System Subnet Mask Operation
How Routers Use Subnet Masks
Applying the Subnet Address Scheme
Octet Values of a Subnet Mask
Subnet masks, like IP addresses, are represented in the dotted decimal format like
255.255.255.0
Default Subnet Masks
Example Class A address (decimal): 10.0.0.0
Example Class A address (binary): 00001010.00000000.00000000.00000000
Default Class A mask (binary): 11111111.00000000.00000000.00000000
Default Class A mask (decimal): 255.0.0.0
Default classful prefix length: /8
Example Class C address (decimal): 192.168.42.0
Example Class C address (binary): 11000000.10101000.00101010.00000000
Default Class C mask (binary): 11111111.11111111.11111111.00000000
Default Class C mask (decimal): 255.255.255.0
Default classful prefix length: /24
Example Class B address (decimal): 172.16.0.0
Example Class B address (binary): 10010001.10101000.00000000.00000000
Default Class B mask (binary): 11111111.11111111.00000000.00000000
Default Class B mask (decimal): 255.255.0.0
Default classful prefix length: /16
Procedure for Implementing Subnets
Determine the IP address assigned by the registry authority.
Based on the organizational and administrative structure, determine the number of subnets
required.
Based on the address class and required number of subnets, determine the number of bits
you need to borrow from the host ID.
Determine the binary and decimal value of the subnet mask.
Apply the subnet mask to the network IP address to determine the subnet and host
addresses.
Assign subnet addresses to specific interfaces.
Eight Easy Steps for Determining Subnet Addresses
Eight Easy Steps for Determining Subnet Addresses (Cont.)
Example: Applying a Subnet Mask for a
Class C Address
Example: Applying a Subnet Mask for a
Class B Address
Example: Applying a Subnet Mask for a
Class A Address

Quiz
What organization is responsible for Ethernet standards?

a. ISO
b. IEEE
c. EIA
d. IEC

Quiz
1. What organization is responsible for Ethernet standards?

a. ISO
b. IEEE
c. EIA
d. IEC

Quiz
2. What are three characteristics of Ethernet 802.3? (Choose three.)

a. Based on the CSMA/CD process

b. Is a standard that has been replaced by Ethernet II
c. Specifies the physical layer (Layer 1)
d. Developed in the mid-1970s
e. Specifies the MAC portion of the data link layer (Layer 2)
f. Also referred to as thick Ethernet

Quiz
3. Which statement about an Ethernet address is accurate?
a. The address used in an Ethernet LAN directs data to the proper receiving location.
b. The source address is the 4-byte hexadecimal address of the NIC on the computer that is
generating the data packet.
c. The destination address is the 8-byte hexadecimal address of the NIC on the LAN to which
a data packet is being sent.
d. Both the destination and source addresses consist of a 6-byte hexadecimal number.

Quiz
4. Which statement about MAC addresses is accurate?
a. A MAC address is a number in hexadecimal format that is physically located on the NIC.
b. A MAC address is represented by binary digits that are organized in pairs.
c. It is not necessary for a device to have a unique MAC address to participate in the
network.
d. The MAC address can never be changed.
Quiz
5. Which statement about NICs is accurate?

a. The NIC plugs into a USB port and provides a port for connecting to the network.
b. The NIC communicates with the network through a serial connection and communicates
with the computer through a parallel connection.
c. The NIC communicates with the network through a parallel connection and
communicates with the computer through a serial connection.
d. An NIC is also referred to as a switch adapter.

Quiz
6. Which minimum category of UTP is required for Ethernet 1000BASE-T?

a. Category 3
b. Category 4
c. Category 5
d. Category 5e

Quiz
7. Match the UTP categories to the environments in which they are most commonly used.
____1. Category 1
____2. Category 2
____3. Category 3
____4. Category 4
____5. Category 5
____6. Category 5e
____7. Category 6
a. Capable of transmitting data at speeds up to 100 Mbps
b. Used in networks running at speeds up to 1000 Mbps (1 Gbps)
c. Consists of 4 pairs of 24-gauge copper wires, which can transmit data at speeds up to
1000 Mbps
d. Used for telephone communications; not suitable for transmitting data
e. Used in Token Ring networks; can transmit data at speeds up to 16 Mbps
f. Capable of transmitting data at speeds up to 4 Mbps
g. Used in 10BASE-T networks; can transmit data at speeds up to 10 Mbps
d
f
g
e
a
b
c

Quiz
8. Which three characteristics pertain to UTP? (Choose three.)

a. UTP cable is an eight-pair wire.

b. An insulating material covers each of the individual copper wires in UTP cable.
c. The wires in each pair are wrapped around each other.
d. There is limited signal degradation from EMI and RFI.
e. There are seven categories of UTPa cable.

Quiz
9. Which of the following statements about the functions of a hub are accurate? (Choose
two.)

a. A hub extends an Ethernet LAN.

b. A hub reduces the size of a collision domain.
c. Adding a hub eliminates the need for users on a network segment to compete for the
same bandwidth.
d. A hub is a data link layer device.
e. A hub amplifies the data signal before retransmitting it.

Quiz
10. Which of the following statements best describe collisions? (Choose three.)

a. Collisions occur when two or more stations on a shared media transmit at the same time.
b. Larger segments are less likely to have collisions.
c. In a collision, the frames are destroyed, and each station in the segment begins a random
timer that must be completed before attempting to retransmit the data.
d. Adding a hub to a network can improve collision issues.
e. Collisions are by-products of a shared LAN.
f. More segments on a network mean greater potential for collisions.

Quiz
11. Which of these choices best describes a collision domain?
a. Two or more devices trying to communicate at the same time
b. Two networks that are connected
c. Network segments that share the same bandwidth
d. None of the above

Quiz
12. What type of hardware will help eliminate collisions?

a. Repeater
b. Bridge
c. Hub
d. Extender

Quiz
13. Which of the following factors are typical causes of network congestion? (Choose three.)

a. High-bandwidth applications
b. Many network segments
c. Increasing volume of network traffic
d. More powerful computer and network technologies
e. Few network segments
f. Greater distances for LANs

Quiz
14. Which of the following are characteristics of a bridge? (Choose three.)
a. Bridges forward but do not filter data frames between LAN segments.
b. Bridges maintain MAC address tables.
c. Bridges extend the distance of the LAN farther than hubs.
d. Bridges can buffer and forward frames between two or more LAN segments.
e. Bridges create fewer collision domains.
f. Bridges operate at Layer 3 of the OSI model.

Quiz
15. Which of the following are major benefits of adding a bridge to a network? (Choose
two.)

a. Isolating potential network problems to specific segments

b. Increasing the speed of a network
c. Extending a LAN to cover greater distances by joining multiple segments
d. Creating fewer collision domains
e. Forwarding data frames between LAN segments

Quiz
16. Match each of the following terms related to the operation of a switch in a network to its
description.
___ If the switch determines that the destination MAC address of the frame resides on the
same network segment as the source, it does not forward the frame.
___ If the switch determines that the destination MAC address of the frame is not from the
same network as the source, it transmits the frame to the appropriate segment.
___ If the switch does not have an entry for the destination address, it will transmit the
frame out of all ports except the port on which it received the frame.
a. Flooding b. Filtering c. Forwarding
B
C
A

Quiz
17. Which of the following characteristics apply to a switch? (Choose three.)

a. Uses a table of MAC addresses to determine the port to which the data is to be sent
b. Connects LAN segments
c. Reduces the number of collision domains
d. Increases the number of collision domains
e. Filters data before forwarding it to its destination on the network

Quiz
18. Which of the following features differentiate switches from bridges? (Choose three.)

a. Large frame buffers

b. Use of a table of MAC addresses to determine the segment to which the data is to be sent
c. Support for mixed media rates
d. High port densities
e. Ability to segment LANs
Ethernet LANs
Week 06
Understanding the Challenges of
Shared LANs
Signals degrade with transmission distance.
Each Ethernet type has a maximum segment length.
LAN Segment Limitations
Extending LAN Segments
Shares bandwidth
Extends cable distances
Repeats or amplifies signal
Collisions
Multiple Collision Domains
Ethernet LANs
Solving Network Challenges with Switched LAN Technology
Network Congestion
High-performance PCs
More networked data
Bandwidth-intensive applications
Bridges
Operate at Layer 2 of the OSI model
Forward, filter, or flood frames
Have few ports
Are slow
LAN Switch
High port density
Large frame buffers
Mixture of port speeds
Fast internal switching
Switching modes:
Cut-through
Store-and-forward
Fragment-free
LAN Switch Features
Switches Supersede Bridges
Operate at Layer 2 of the OSI model
Forward, filter, or flood frames
Have many ports
Are fast
Switching Frames
LANs Today
Users grouped by physical location
More switches added to networks
Switches connected by high-speed links
VLAN = Broadcast Domain = Logical Network (Subnet)
VLAN Overview
Segmentation
Flexibility

Security
Ethernet LANs
Exploring the Packet Delivery Process
Layer 2 Addressing
Uses MAC address
Assigned to end devices
Layer 3 Addressing
Each NOS has its own Layer 3 address format.
OSI uses NSAP.
TCP/IP uses IP.
Host-to-Host Packet Delivery (1 of 10)
Host-to-Host Packet Delivery (2 of 10)
Host-to-Host Packet Delivery (3 of 10)
Host-to-Host Packet Delivery (4 of 10)
Host-to-Host Packet Delivery (5 of 10)
Host-to-Host Packet Delivery (6 of 10)
Host-to-Host Packet Delivery (7 of 10)
Host-to-Host Packet Delivery (8 of 10)
Host-to-Host Packet Delivery (9 of 10)
Host-to-Host Packet Delivery (10 of 10)
Ethernet LANs
Operating Cisco IOS Software
Cisco IOS Software
Features to carry the chosen network protocols and functions
Connectivity for high-speed traffic between devices
Security to control access and prohibit unauthorized network use
Scalability to add interfaces and capability as needed for network growth
Reliability to ensure dependable access to networked resources
Configuring Network Devices
Initial default settings are sufficient for the switch to operate at Layer 2 as a switch.
A Cisco device will prompt for initial configuration if there is no configuration in memory.
Additional configuration tasks set up the device with the following:
Protocol addressing and parameter settings
Options for administration and management
An Overview of Cisco Device Startup
External Configuration Sources
Configurations can come from many sources.
Configurations will act in device memory.
CLI is used to enter commands.
Operations vary on different internetworking devices.
Users type or paste entries in the console command modes.
Command modes have distinctive prompts.
Enter key instructs device to parse and execute the command.
Two primary EXEC modes are user mode and privileged mode.
Cisco IOS User Interface Functions
There are two main EXEC modes for entering commands.
Cisco IOS Software EXEC Mode (User)
Cisco IOS Software EXEC Mode (Privileged)
Switch Command-Line Help Facilities
Context-Sensitive Help
Context-Sensitive Help (Cont.)
SwitchX>Shape the future of internetworking by creating unpreced
Shape the future of internetworking by creating unprecedented value for customers,
employees, and partners.
Enhanced Editing Commands
Enhanced Editing Commands (Cont.)
Router Command History
Viewing the Configuration
Displays the current and saved configuration
show running-config and show startup-config Commands

Quiz
1. Which of the following statements are accurate about how the network performance of a
switch compares to that of a bridge? (Choose three.)
a. Switches operate at much higher speeds than bridges.
b. Switches operate at lower speeds than bridges.
c. Switches support more advanced functionality than bridges.
d. Switches support less functionality than bridges.
e. Switches support dedicated communication between devices.
f. Switches do not support dedicated communication between devices.

Quiz
2. Which of the following statements about microsegmentation are accurate? (Choose
three.)
a. Implementing a bridge creates microsegmentation.
b. Microsegmentation increases bandwidth availability.
c. Each device on a network segment is connected directly to a switch port.
d. Microsegmentation eliminates collisions.
e. Microsegmentation limits the number of segments on a network.
f. Microsegmentation uses half-duplex operation.
Quiz
3. Match each of the following function descriptions with either full-duplex or half-duplex
communication.
___ The network sends and receives data frames one at a time, but not simultaneously.
___ This communication type effectively doubles the amount of bandwidth between the
devices.
___ The network sends and receives data frames simultaneously.
a. Full-duplex communication
b. Half-duplex communication
b
a
a

Quiz
4. Match each of the following connectivity functions to the appropriate Ethernet type.
a. Ethernet 10BASE-T b. Fast Ethernet c. Gigabit Ethernet
___ At the end-user level, gives high-performance PC workstations 100-Mbps access to a
server
___ Not typically used at the end-user level
___ At the workgroup level, provides connectivity between the end user and workgroups
___ At the backbone level, provides interswitch connectivity for low- to medium-volume
applications
___ At the workgroup level, provides high-performance connectivity to the enterprise server
___ At the backbone level, provides backbone and interswitch connectivity
___ At the end-user level, provides connectivity between the end user and the user-level
switch
___ Provides interswitch connectivity for low- to medium-volume applications
b
c
a
b
b
c
a
c

Quiz
5. When a Cisco device starts up, which of the following does it run to check its hardware?
a. Flash
b. RAM
c. POST
d. TFTP

Quiz
6. When a Catalyst switch or Cisco router starts up, what is the first operation performed?

a. The device performs system startup routines.

b. The device performs hardware checking routines.
c. The device attempts to locate other devices on the network.
d. The device tries to find and apply software configuration settings.

Quiz
7. Upon initial installation of a Cisco switch or router, the network administrator typically
configures the networking devices from a _____.

a. CD-ROM
b. TFTP server
c. console terminal
d. modem connection

Quiz
8. If a network administrator is supporting a remote device, the preferred method is to use a
modem connection to the _____ of the device for remote configuration.

a. LAN port
b. uplink port
c. console port
d. auxiliary port

Quiz
9. Which access level allows a person to access all router commands and can be password
protected to allow only authorized individuals to access the router?

a. User EXEC level

b. Setup EXEC level
c. Enable EXEC level
d. Privileged EXEC level

Quiz
10. How do you instruct a Cisco device to parse and execute an entered command?
a. Press the Send key.
b. Press the Enter key.
c. Add a space at the end of the command.
d. Wait 5 seconds after you enter a command.

Quiz
11. Which CLI prompt indicates that you are working in privileged EXEC mode?

a. hostname#
b. hostname>
c. hostname-exec>
d. hostname-config

Quiz
12. Which command would you enter in the privileged EXEC mode to list the command
options?

a. ?
b. init
c. help
d. login

Quiz
13. Match each of the following steps of the physical Catalyst switch startup process to its
description.
___ Step 1
___ Step 2
___ Step 3
a. Attach the power cable plug to the switch power supply socket.
b. Observe the boot sequence, including the Cisco IOS Software output text on the console.
c. Verify that all cable connections are secure, the terminal is connected to the con-sole port,
and the console terminal application is selected.
A
B
C

Quiz
14. How do you start a Catalyst 2950 series switch?

a. Press the On/Off switch.

b. Power up the redundant power supply.
c. Connect a network cable to another switch on the network.
d. Attach the power cable plug to the switch power supply socket.

Quiz
15. If the POST completes successfully on a Catalyst switch, what display could you see on
the console?

a. The> prompt
b. The privileged EXEC prompt
c. The Management Console logon screen
d. A list of commands available on the switch

Quiz
16. What CLI command should you enter to display a list of commands that begin with the
letter “c” on a Catalyst switch?

a. c?
b. c ?
c. help c
d. help c*

Quiz
17. What CLI command should you enter to display the command syntax help so that you
can see how to complete a command that begins with “config”?

a. config?
b. config ?
c. help config
d. help config*
Quiz
18. Which Cisco IOS command correctly configures an IP address and subnet mask on a
switch?

a. ip address
b. ip address 196.125.243.10
c. 196.125.243.10 ip address
d. ip address 196.125.243.10 255.255.255.0

Quiz
19. Which configuration mode do you use to configure a particular port on a switch?

a. User mode
b. Global configuration mode
c. Interface configuration mode
d. Controller configuration mode

Quiz
20. When you use the show interface command to display the status and statistics for the
interfaces configured on a Catalyst switch, which output field indicates the MAC address
that identifies the interface hardware?

a. MTU 1500 bytes

b. Hardware is . . . 10BaseT
c. Address is 0050.BD73.E2C1
d. 802.1d STP State: Forwarding
Ethernet LANs
Week 07
Starting a Switch
Logging In to the Switch and Entering the Privileged EXEC Mode
Configuration modes:
Global configuration mode
SwitchX#configure terminal
SwitchX(config)#
Interface configuration mode
SwitchX(config)#interface fa0/1
SwitchX(config-if)#
Configuring the Switch
Sets the local identity for the switch
Configuring Switch Identification
Example:

SwitchX(config)#interface vlan 1
SwitchX(config-if)#ip address 10.5.5.11 255.255.255.0
SwitchX(config-if)#no shutdown
Note: It is necessary to use the no shutdown command to make the interface operational.
SwitchX(config)#interface vlan 1
SwitchX(config-if)#ip address {ip address} {mask}
Configuring the Switch IP Address
SwitchX(config)#ip default-gateway 172.20.137.1
Example:
SwitchX(config)#ip default-gateway {ip address}
Configuring the Switch Default Gateway
Saving Configurations
Copies the current configuration to NVRAM
SwitchX
SwitchX copy running-config startup-config
Destination filename [startup-config]?
Building configuration…

SwitchX
Showing Switch Initial Startup Status
SwitchX#show version
Displays the configuration of the system hardware, software version, names and sources of
configuration files, and boot images
SwitchX#show running-config
Displays the current active configuration file of the switch
SwitchX#show interfaces
Displays statistics for all interfaces configured on the switch
Catalyst 2960 Series
SwitchX#show mac-address-table
Mac Address Table
-------------------------------------------
Vlan Mac Address Type Ports
---- ----------- -------- -----
All 0008.a445.9b40 STATIC CPU
All 0100.0ccc.cccc STATIC CPU
All 0100.0ccc.cccd STATIC CPU
All 0100.0cdd.dddd STATIC CPU
1 0008.e3e8.0440 DYNAMIC Fa0/2
Total Mac Addresses for this criterion: 5
SwitchX#
Managing the MAC Address Table
Ethernet LANs
Understanding Switch Security
Configuring a Switch Password
Telnet vs. SSH Access
Telnet
Most common access method
Insecure
SSH-encrypted
!– The username command create the username and password for the SSH session
Username cisco password cisco

ip domain-name mydomain.com

crypto key generate rsa

ip ssh version 2

line vty 0 4
login local
transport input ssh
Cisco Catalyst 2960 Series
SwitchX(config-if)#switchport port-security [ mac-address mac-address | mac-address
sticky [mac-address] | maximum value | violation {restrict | shutdown}]
SwitchX(config)#interface fa0/5
SwitchX(config-if)#switchport mode access
SwitchX(config-if)#switchport port-security
SwitchX(config-if)#switchport port-security maximum 1
SwitchX(config-if)#switchport port-security mac-address sticky
SwitchX(config-if)#switchport port-security violation shutdown
Configuring Port Security
Securing Unused Ports
Unsecured ports can create a security hole.
A switch plugged into an unused port will be added to the network.
Secure unused ports by disabling interfaces (ports).
Disabling an Interface (Port)
shutdown
SwitchX(config-int)#
To disable an interface, use the shutdown command in interface configuration mode.
To restart a disabled interface, use the no form of this command.
Ethernet LANs
Maximizing the Benefits of Switching
Microsegmentation
Microsegmentation of the Network
Half Duplex (CSMA/CD)
Unidirectional data flow
Higher potential for collision
Hub connectivity
Full Duplex
Point-to-point only
Attached to dedicated switched port
Requires full-duplex support on both ends
Collision-free
Collision detect circuit disabled
Duplex Overview
Cisco Catalyst 2960 Series
SwitchX(config)#interface fa0/1
SwitchX(config-if)#duplex {auto | full | half}
Cisco Catalyst 2960 Series
SwitchX(config)#interface fa0/1
SwitchX(config-if)#speed {10 | 100 | 1000 | auto}
Setting Duplex and Speed Options
The Hierarchy of Connectivity
Loops
Spanning Tree Protocol

Quiz
1. Whichshow command requires you to have privileged EXEC mode access?

a. show ip
b. show version
c. show running
d. show interfaces

Quiz
2. How should you power up a Cisco router?

a. Press the Reset button.

b. Turn the power switch to “On.”
c. Connect the fiber cable to another router.
d. Attach the power cable plug to the router power supply socket.
Quiz
3. Which of the following would be considered a physical threat? (Choose two.)

a. A user leaving a password in her desk

b. Someone turning off the power to the switch to block network access
c. Someone turning off the air conditioning system in the network closet
d. Someone breaking into the cabinet that contains the network documentation

Quiz
4. Which of the following can be protected with a password? (Choose four.)

a. Console access
b. VTY access
c. TTY access
d. User-level access
e. EXEC-level access

Quiz
5. Which of the following is a customized text that is displayed before the username and
password login prompts?

a. Message of the day

b. Login banner
c. Access warning
d. User banner
e. Warning message

Quiz
6. Which of the following is the most secure method of remotely accessing a network
device?

a. HTTP
b. Telnet
c. SSH
d. RMON
e. SNMP
Quiz
7. Which of the following is an IOS command that can be used to control access to a switch
port based on a MAC address?

a. shutdown
b. port-security
c. mac-secure
d. firewall

Quiz
8. Which of the following is an IOS command that can be used to increase the security of
unused switch ports?

a. shutdown
b. port security
c. mac-secure
d. firewall

Quiz
9. Which problem is caused by redundant connections in a network?

a. Microsegmentation
b. Loops
c. Degradation
d. Collisions

Quiz
10. Which statement best describes how loops can affect performance in a switched LAN?

a. Broadcast storms can be created when loops occur, preventing data from being
transmitted over the network.
b. Any multicast, broadcast, or unknown traffic will be flooded out to all ports.
c. Incorrect information can be updated to the MAC address tables, resulting in inaccurate
forwarding of frames.
d. The loop removes the frame from the network.

Quiz
11. Which statement accurately describes Spanning Tree Protocol?
a. STP assigns roles to bridges and ports to ensure that only one forwarding path exists
through the network at any given time.
b. STP automatically keeps the previously inactive path inactive.
c. STP eliminates the segments in which there are problems.
d. STP allows ports to listen to, forward, and flood data frames.

Quiz
12. Which of the following IOS commands is the most useful when troubleshooting media
issues?

a. show controller
b. show run
c. show interface
d. show counters

Quiz
13. Which of the following IOS commands is the most useful when troubleshooting port
access issues?

a. show controller
b. show run
c. show interface
d. show counters

Quiz
14. Which of the following are methods used to mitigate configuration issues? (Choose
three.)

a. Secure unused ports.

b. Secure the configuration.
c. Verify changes before you save.
d. Know what you have before you start.

Quiz
15. Using six subnet bits, how many usable subnets are created?

a. 58
b. 60
c. 64

Quiz
16. How many host addresses can be used in a Class C network?

a. 253
b. 254
c. 255
d. 256

Quiz
17. What is the maximum number of bits that can be borrowed to create a subnet for a Class
C network?

a. 2
b. 4
c. 6
d. 8

Quiz
18. If a router does not match the appropriate address portions to a number in its routing
table, it _____.

a. sends the packet back to the sender

b. passes the packet to the next router in the hierarchy
c. adds that number to its table
d. discards the packet

Quiz
19. Which of the following are binary default subnet masks? (Choose two.)

a. 11111111.00000000.00000000.00000000
b. 11111111.11111111.01000000.00000000
c. 11111111.11111111.11111111.00000000
d. 255.255.224.0
Quiz
20. Which part of the IP address 172.17.128.47 does the subnet mask 255.255.0.0 tell the
router to look for?

a. 172.17.128.47
b. 172.17.128
c. 172.17
d. 10.172.47
Wireless LANs
Week 09
Exploring Wireless Networking
Market Trends
Differences Between WLAN and LAN
WLANs use radio waves as the physical layer.
WLANs use CSMA/CA instead of CSMA/CD for media access.
Two-way radio (half-duplex) communication.
Radio waves have problems that are not found on wires.
Connectivity issues:
Coverage problems
Interference, noise
Privacy issues
Access points are shared devices similar to an Ethernet hub for shared bandwidth.
WLANs must meet country-specific RF regulations.
Radio Frequency Transmission
Radio frequencies are radiated into the air via an antenna, creating radio waves.
Objects can affect radio wave propagation resulting in:
Reflection
Scattering
Absorption
Higher frequencies allow higher data rates; however, they have a shorter range.
Organizations That Define WLAN
ITU-R:
International Telecommunication Union-Radiocommunication Sector
Regulates the RF used in wireless
IEEE:
Institute of Electrical and Electronic Engineers
802.11 documents wireless technical standards
Wi-Fi Alliance:
Global nonprofit industry trade association
Promote wireless growth through interoperability certification
ITU-R with FCC Wireless
ISM: industry, scientific, and medical frequency band
No license required
No exclusive use
Best-effort
Interference possible
IEEE 802.11 Standards Comparison
Channel Layout in the 2.4-GHz Band
Wi-Fi Certification
Wi-Fi Alliance certifies interoperability between products.
Products include 802.11a, 802.11b, 802.11g, dual-band products, and security testing.
Provides assurance to customers of migration and integration options.
Cisco is a founding member of the Wi-Fi Alliance.
Certified products can be found at http://www.wi-fi.com.
Wireless LANs
Understanding WLAN Security
Mitigating the Threats
WEP
Basic encryption
No strong authentication
Static,
breakable keys
Not scalable
MAC filters and SSID-cloaking also used to complement WEP
Evolution of Wireless LAN Security
1997
2001
802.1x EAP
Dynamic keys
Improved encryption
User authentication
802.1X EAP (LEAP, PEAP)
RADIUS
2003
WPA
Standardized
Improved encryption
Strong, user authentication (such as, LEAP, PEAP, EAP-FAST)
2004 to Present
802.11i / WPA2
AES strong encryption
Authentication
Dynamic key management
Wireless Client Association
Access points send out beacons announcing SSID, data rates, and other information.
Client scans all channels.
Client listens for beacons and responses from access points.
Client associates to access point with strongest signal.
Client will repeat scan if signal becomes low to reassociate to another access point
(roaming).
During association, SSID, MAC address, and security settings are sent from the client to the
access point and checked by the access point.
WPA and WPA2 Modes
Wireless LANs
Implementing a WLAN
802.11 Topology Building Blocks
Ad hoc mode:
Independent Basic Service Set (IBSS)
Mobile clients connect directly without an intermediate access point.
Infrastructure mode:
Basic Service Set (BSS)
Mobile clients use a single access point for connecting to each other or to wired network
resources.
Extended Service Set (ESS):
Two or more BSSs are connected by a common distribution system .
BSA Wireless Topology—
Basic Coverage
ESA Wireless Topology—
Extended Cover
Wireless Topology Data Rates—802.11b
Access Point Configuration
Basic parameters:
IP address (static or using DHCP), subnet mask, and default gateway
Wireless protocol (802.11g only, 802.11a/b/g, 802.11a)
Channel adjustment if needed—channel 1,6, or 11 pending interference
Power adjustment if needed—or could change antenna
Security parameters:
Service Set Identifier (SSID)—identifies your network
Authentication method—usually WPA or WPA2 PSK
Encryption method—usually TKIP, or AES if hardware-supported

Quiz
1. What is the most tangible benefit of wireless implementation?

a. Cost reduction
b. Increased mobility
c. Better productivity
d. Improved security
Quiz
2. What method does a WLAN use to control transmissions?
a. CSMA/CA (carrier sense multiple access with collision avoidance)
b. CSMA/CD (carrier sense multiple access collision detect)
c. CSMA/CR (carrier sense multiple access with collision rejection)
d. CSMA/CW (carrier sense multiple access with collision weighting)

Quiz
3. Match each factor that influences the transmission of radio waves to its correct
description.
___Occurs when RF waves bounce off metal or glass surfaces
___Occurs when RF waves are soaked up by walls
___Occurs when RF waves strike an uneven surface and are reflected in many
directions
a. absorption
b. reflection
c. scattering
B
A
C

Quiz
4. Which regulatory agency controls the 801.11 standard that governs WLANs?

a. Wi-Fi Alliance
b. IEEE
c. EMA
d. WISC

Quiz
5. Which organization offers certification for interoperability among vendors of 802.11
products?

a. Wi-Fi
b. IEEE
c. EMA
d. WISC
Quiz
6. Which two are the unlicensed bands used by WLANs?

a. 2.4-MHz band
b. 900-MHz band
c. 2.4-GHz band
d. 5-GHz band
e. 900-GHz band

Quiz
7. Which two of the 802.11 standards has the highest possible data rates?

a. 802.11
b. 802.11a
c. 802.11b
d. 802.11d
e. 802.11g

Quiz
8. Which 802.11 standard transmits using the 5-GHz band?

a. 802.11
b. 802.11a
c. 802.11b
d. 802.11d
e. 802.11g

Quiz
9. Which is true about the Wi-Fi Alliance organization?
a. It is a global standards organization that controls the compatibility of Wi-Fi products.
b. It operates only in the United States and ensures the compatibility of Wi-Fi products.
c. It is a global, nonprofit industry trade association devoted to promoting the growth and
acceptance of wireless LANs.
d. It is a global, nonprofit industry trade association devoted to promoting the installation of
wireless LANs in retail locations.
Quiz
10. What is a rogue access point?

a. An access point that has an open WEP key

b. An access point that is broadcasting its SSID
c. An unsecured access point that has been placed on a WLAN
d. An access point that has had a hardware failure that causes it to endlessly broadcast its
SSID

Quiz
11. Which three are the steps to secure a WLAN?

a. Encryption for providing privacy and confidentiality

b. Authentication to ensure that legitimate clients and users access the network via trusted
access points
c. Controls to transmit power to limit the access point access range to the property
boundaries of the parent organization
d. Protection from security risks and availability with intrusion detection and intrusion
protection systems for WLANs

Quiz
12. Which standard provides the strongest level of WLAN security?

a. EAP
b. WEP
c. WPA
d. 802.11i/WPA2

Quiz
13. What factor determines which access point a client associates with?

a. The access point with the lowest SSID

b. The access point with the highest SSID
c. The access point whose SSID is received first
d. The access point that is received with the strongest signal

Quiz
14. When you are using 802.11x, how is the client authenticated?
a. The client is authenticated against a local database stored on the access point.
b. The access point forwards all network traffic to the server where it is either
authenticated or blocked.
c. The access point encapsulates any 802.1x traffic bound for the authentication server and
sends it to the server.
d. The client encapsulates the 802.1x authentication traffic before sending it to the access
point. This causes the access point to forward it to the server.

Quiz
15. Which is true when comparing WPA and WPA2?

a. WPA uses preshared keys whereas WPA 2 uses PSK.

b. WPA uses EAP authentication whereas WPA 2 uses 802.11x.
c. WPA uses a Personal Mode whereas WPA 2 uses an Enterprise Mode.
d. WPA uses TKIP/MIC encryption whereas WPA 2 uses AES-CCMP encryption.

Quiz
16. Match each of the following 802.11 topologies to its description.
___Mobile clients connect directly without an intermediate access point.
___The communication devices use a single access point for connectivity to each other or to
wired network resources.
___The wireless topology is two or more service sets connected by a distribution system
(DS) or, more commonly, a wired infrastructure.
a. Ad hoc mode b. Basic Service Set (BSS)
c. Extended Services Set (ESS)
A
B
C

Quiz
17. What does the physical area of radio frequency coverage provided by an access point
define?

a. The RF service area

b. The basic service area
c. The ad hoc service area
d. The extended services area
Quiz
18. When implementing Extended Service Areas, how much overlap is suggested?

a. 5 to 10 percent
b. 10 to 15 percent
c. 15 to 20 percent
d. 25 to 30 percent

Quiz
19. What strategy enables a client to communicate while moving?

a. The ability to shift data rates

b. The ability to vary transmit levels
c. The ability to match the transmit level to the receive level
d. The ability to perform error correction as the signal level changes

Quiz
20. Which three are basic wireless access point parameters?

a. SSID
b. Authentication
c. Data exchange rates
d. Transmit band selection
e. RF channel with optional power

Quiz
21. When implementing a WLAN, when should you use WEP?

a. Only if an AAA server is available

b. When you need the increased security of WEP
c. When you are planning to enable 802.11x authentication
d. Only if the hardware equipment does not support WPA

Quiz
22. Match the wireless client to its description.
___Full-featured supplicant for both wired and wireless client
___Windows operating systems basic wireless supplicant client
___More advanced wireless client features than those of native operating system
a. WZC
b. Cisco Compatible Extensions
c. Cisco Secure Services Client
C
A
B
LAN Connections
Week 10
Exploring the Functions of Routing
Routers
Routers have the following components:
CPU
Motherboard
RAM
ROM
Routers have network adapters to which IP addresses are assigned.
Routers may have the following two kinds of ports:
Console: For the attachment of a terminal used for management
Network: Different LAN or WAN media ports
Routers forward packets based upon a routing table.
Cisco 2800 Series Router
RouterX# show ip route
D 192.168.1.0/24 [90/25789217] via 10.1.1.1
R 192.168.2.0/24 [120/4] via 10.1.1.2
O 192.168.3.0/24 [110/229840] via 10.1.1.3
1
2
Lets other routers know about changes
Determines where to forward packets
Router Functions
Path Determination
Routing Tables
Routing Table Entries
Directly connected: Router attaches to this network
Static routing: Entered manually by a system administrator
Dynamic routing: Learned by exchange of routing information
Default route: Statically or dynamically learned; used when no explicit route to network is
known
Routing Metrics
Distance Vector Routing Protocols
Passes periodic copies of routing table to neighbor routes and accumulates distance vectors
Link-State Routing Protocols
After initial flood, passes small event-triggered link-state updates to all other routers
LAN Connections
Starting a Router
Unconfigured vs. Configured Router
Bootup Output from the Router
Logging in to the Cisco Router
You can abbreviate a command to the fewest characters that make a unique character
string.
Router User-Mode Command List
RouterX>?
Exec commands:
access-enable Create a temporary Access-List entry
access-profile Apply user-profile to interface
clear Reset functions
connect Open a terminal connection
disable Turn off privileged commands
disconnect Disconnect an existing network connection
enable Turn on privileged commands
exit Exit from the EXEC
help Description of the interactive help system
lat Open a lat connection
lock Lock the terminal
login Log in as a particular user
logout Exit from the EXEC
-- More --
You can complete a command string by entering the unique character string, then pressing
the Tab key.
Router Privileged-Mode Command List
RouterX#?
Exec commands:
access-enable Create a temporary Access-List entry
access-profile Apply user-profile to interface
access-template Create a temporary Access-List entry
bfe For manual emergency modes setting
cd Change current directory
clear Reset functions
clock Manage the system clock
configure Enter configuration mode
connect Open a terminal connection
copy Copy from one file to another
debug Debugging functions (see also 'undebug')
delete Delete a file
dir List files on a filesystem
disable Turn off privileged commands
disconnect Disconnect an existing network connection
enable Turn on privileged commands
erase Erase a filesystem
exit Exit from the EXEC
help Description of the interactive help system
-- More --
LAN Connections
Configuring a Cisco Router
Overview of Router Modes
Saving Configurations
Copies the current configuration to NVRAM
RouterX#
RouterX#copy running-config startup-config
Destination filename [startup-config]?
Building configuration…

RourterX#
Configuring Router Identification
Console-Line Commands
RouterX(config)#line console 0
RouterX(config-line)#exec-timeout 20 30
RouterX(config)#line console 0
RouterX(config-line)#logging synchronous
Modifies console session timeout
Redisplays interrupted console input
RouterX(config)#interface type number
RouterX(config-if)#
type includes serial, ethernet, token ring, fddi, hssi, loopback, dialer, null, async, atm, bri,
tunnel, and so on
number is used to identify individual interfaces
RouterX(config-if)#exit
Quits from current interface configuration mode
RouterX(config)#interface type slot/port
RouterX(config-if)#
For modular routers, selects an interface
Configuring an Interface
RouterX(config-if)# description string
string is a comment or a description to help you remember what is attached to this
interface.
The maximum number of characters for the string argument is 238.
Configuring an Interface Description
RouterX#configure terminal
RouterX(config)#interface serial 0
RouterX(config-if)#no shutdown
%LINK-3-UPDOWN: Interface Serial0, changed state to up
%LINEPROTO-5-UPDOWN: Line Protocol on Interface Serial0, changed state to up
Enables an interface that is administratively shut down
RouterX#configure terminal
RouterX(config)#interface serial 0
RouterX(config-if)#shutdown
%LINK-5-CHANGED: Interface Serial0, changed state to administratively down
%LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0, changed state to down
Administratively turns off an interface
Disabling or Enabling an Interface
Unique addressing allows communication
between end stations
Path choice is based on destination address
Configuring IP Addresses
Router show interfaces Command
RouterX#show interfaces
Ethernet0 is up, line protocol is up
Hardware is Lance, address is 00e0.1e5d.ae2f (bia 00e0.1e5d.ae2f)
Internet address is 10.1.1.11/24
MTU 1500 bytes, BW 10000 Kbit, DLY 1000 usec, rely 255/255, load 1/255
Encapsulation ARPA, loopback not set, keepalive set (10 sec)
ARP type: ARPA, ARP Timeout 04:00:00
Last input 00:00:07, output 00:00:08, output hang never
Last clearing of "show interface" counters never
Queueing strategy: fifo
Output queue 0/40, 0 drops; input queue 0/75, 0 drops
5 minute input rate 0 bits/sec, 0 packets/sec
5 minute output rate 0 bits/sec, 0 packets/sec
81833 packets input, 27556491 bytes, 0 no buffer
Received 42308 broadcasts, 0 runts, 0 giants, 0 throttles
1 input errors, 0 CRC, 0 frame, 0 overrun, 1 ignored, 0 abort
0 input packets with dribble condition detected
55794 packets output, 3929696 bytes, 0 underruns
0 output errors, 0 collisions, 1 interface resets
0 babbles, 0 late collision, 4 deferred
0 lost carrier, 0 no carrier
0 output buffer failures, 0 output buffers swapped out
Interpreting the Interface Status

Quiz
1. When you start a Cisco router, what should you see on the console?
a. Cisco IOS debug messages
b. The Diagnostic Console menu
c. Cisco IOS Software output text
d. A graphical picture showing the real-time status of the LED

Quiz
2. What is the primary purpose of setup mode on a Cisco router?

a. To display the current router configuration

b. To complete hardware and interface testing
c. To bring up a minimal feature configuration
d. To fully configure a Cisco router for IP routing

Quiz
3. Which statement best describes what the user EXEC mode commands allow you to
configure on a Cisco router?

a. You cannot configure anything; the user mode commands are used to display information.
b. The user EXEC mode allows you to perform global configuration tasks that affect the
entire router.
c. The user EXEC mode commands allow you to enter a secret password so that you can
configure the router.
d. The user EXEC mode commands allow you to configure interfaces, subinterfaces, lines,
and routers.

Quiz
4. Which Cisco IOS command is used to return to user EXEC mode from the privileged EXEC
mode?

a. exit
b. quit
c. disable
d. userexec

Quiz
5. Match each type of help available with the Cisco IOS CLI to its description.
__ Context-sensitive help
__ Console error messages
__ Command history buffer
a. Provides a list of commands and arguments associated with a specific command
b. Allows recall of long or complex commands or entries for reentry, review, or correction
c. Identifies problems with router commands incorrectly entered so that you can alter or
correct them
A
C
B

Quiz
6. What information does the show running-config command provide on a Cisco router?

a. Current (running) configuration in RAM

b. System hardware and names of configuration files
c. Amount of NVRAM used to store the configuration
d. Version of Cisco IOS Software running on the router

Quiz
7. Which Cisco IOS command displays the configuration of the system hardware and the
software version information?

a. show version
b. show interfaces
c. show startup-config
d. show running-config

Quiz
8. Match each of the following router prompts to its configuration mode.

__ Line
__ Router
__ Interface
__ Controller
__ Subinterface
a. Router(config-if)#
b. Router(config-line)#
c. Router(config-subif)#
d. Router(config-router)#
e. Router(config-controller)#
B
D
A
F
C

Quiz
9. If you enter a major command on a Cisco router, what happens?

a. The router returns you to user EXEC mode.

b. The router returns a list of possible commands.
c. The router invokes a global configuration command.
d. The router switches you from one configuration mode to another.

Quiz
10. Which Cisco IOS command creates a message to be displayed upon router login?

a. hostname hostname
b. banner motd message
c. hostname interface description
d. description interface description

Quiz
11. If both the enable secret and the enable password commands are configured on your
router, how do you get to the # prompt?

a. Enter the enable secret command.

b. Enter the enable password command.
c. Enter either the enable secret or the enable password command.
d. Enter both the enable secret and the enable password commands.

Quiz
12. Which Cisco IOS command do you use to set the console session timeout to 15 minutes
and 30 seconds?

a. set exec timeout 15 30

b. console timeout 15 30
c. timeout 15 30
d. exec-timeout 15 30

Quiz
13. Which Cisco IOS command configures a serial port in slot 0, port 1 on a modular router?

a. interface serial 0-1

b. interface serial 0 1
c. interface serial 0/1
d. interface serial 0.1

Quiz
14. Which Cisco IOS command should you use to set the clock speed to 64 kbps on a serial
interface on a Cisco router?

a. clock rate 64
b. clock speed 64
c. clock rate 64000
d. clock speed 64000

Quiz
15. A serial interface displays “Serial1 is up, line protocol is down.” Which of the following
situations can cause this error? (Choose two.)

a. The clock rate has not been set.

b. The interface has been manually disabled.
c. No cable is attached to the serial interface.
d. There are no keepalives.
e. There is a mismatch in the encapsulation type.
WAN Connections
Week 11
Enabling Static Routing
A router needs to do the following:
Know the destination address.
Identify the sources from which the router can learn.
Discover possible routes to the intended destination.
Select the best route.
Maintain and verify routing information.
Router Operations
Routers must learn destinations that are not directly connected.
Router Operations (Cont.)
Static route
Uses a route that a network administrator enters into the router manually
Dynamic route
Uses a route that a network routing protocol adjusts automatically for topology or traffic
changes
Identifying Static and Dynamic Routes
Static Routes
Configure unidirectional static routes to and from a stub network to allow communications
to occur.
Defines a path to an IP destination network or subnet or host
Address = IP address of the next hop router
Interface = outbound interface of the local router
RouterX(config)# ip route network [mask]
{address | interface}[distance] [permanent]
Static Route Configuration
Static Route Example
This is a unidirectional route. You must have a route configured in the opposite direction.
RouterX(config)# ip route 172.16.1.0 255.255.255.0 172.16.2.1
Router(config)#ip route 172.16.1.0 255.255.255.0 s0/0/0
or
Default Routes
This route allows the stub network to reach all known networks beyond Router A.
Verifying the Static
Route Configuration
RouterX# show ip route
Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP
i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, * - candidate default
U - per-user static route

Gateway of last resort is 0.0.0.0 to network 0.0.0.0

10.0.0.0/8 is subnetted, 1 subnets

C 10.1.1.0 is directly connected, Serial0/0/0
S* 0.0.0.0/0 is directly connected, Serial0
WAN Connections
Enabling RIP
Routing Information Protocol
Routing protocols are used between
routers to determine paths and maintain routing tables.
After the path is determined, a router can route a routed protocol.
What Is a Routing Protocol?
An autonomous system is a collection of networks under a common administrative domain.
IGPs (Interior Gateway Protocols) operate within an autonomous system.
EGPs (Exterior Gateway Protocols) connect different autonomous systems.
Autonomous Systems: Interior or Exterior Routing Protocols
Classes of Routing Protocols
Administrative Distance:
Ranking Routes
Default Administrative Distances
RIP is a distance vector routing protocol.
The maximum allowable hop count is 15.
Hop-count metric selects the path
Routes update every 30 seconds
Load balancing maximum is 16 equal-cost paths (default = 4)
RIP Overview
RIPv1 and RIPv2 Comparison
Router configuration
Select routing protocols
Specify networks or interfaces
IP Routing Configuration Tasks
Starts the RIP routing process
RouterX(config)# router rip
RouterX(config-router)# network network-number
Selects participating attached networks
Requires a major classful network number
RIP Configuration
Enables RIP version 2
RouterX(config-router)# version 2
RIP Configuration Example
Verifying the RIP Configuration
Routing Protocol is "rip"
Sending updates every 30 seconds, next due in 6 seconds
Invalid after 180 seconds, hold down 180, flushed after 240
Outgoing update filter list for all interfaces is not set
Incoming update filter list for all interfaces is not set
Redistributing: rip
Default version control: send version 2, receive version 2
Interface Send Recv Triggered RIP Key-chain
FastEthernet0/0 2 2
Serial0/0/2 2 2
Automatic network summarization is in effect
Maximum path: 4
Routing for Networks:
10.0.0.0
172.16.0.0
Routing Information Sources:
Gateway Distance Last Update
10.1.1.2 120 00:00:25
Distance: (default is 120)

RouterA#
RouterA# show ip protocols
Displaying the IP Routing Table
RouterA# show ip route
Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP
i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, * - candidate default
U - per-user static route, o - ODR
T - traffic engineered route

Gateway of last resort is not set

172.16.0.0/24 is subnetted, 1 subnets

C 172.16.1.0 is directly connected, fastethernet0/0
10.0.0.0/24 is subnetted, 2 subnets
R 10.2.2.0 [120/1] via 10.1.1.2, 00:00:07, Serial0/0/2
C 10.1.1.0 is directly connected, Serial0/0/2
R 192.168.1.0/24 [120/2] via 10.1.1.2, 00:00:07, Serial0/0/2
debug ip rip Command
RouterA# debug ip rip
RIP protocol debugging is on
RouterA#
00:06:24: RIP: received v1 update from 10.1.1.2 on Serial0/0/2
00:06:24: 10.2.2.0 in 1 hops
00:06:24: 192.168.1.0 in 2 hops
00:06:33: RIP: sending v1 update to 255.255.255.255 via FastEthernet0/0 (172.16.1.1)
00:06:34: network 10.0.0.0, metric 1
00:06:34: network 192.168.1.0, metric 3
00:06:34: RIP: sending v1 update to 255.255.255.255 via Serial0/0/2 (10.1.1.1)
00:06:34: network 172.16.0.0, metric 1
Quiz
1. Which command displays information about static route configuration on a Cisco router?

a. show route ip
b. show ip route
c. show ip route static
d. show route ip static

Quiz
2. What does the command ip route 186.157.5.0 255.255.255.0 10.1.1.3 specify?

a. Both 186.157.5.0 and 10.1.1.3 use a mask of 255.255.255.0.

b. The router should use network 186.157.5.0 to get to address 10.1.1.3.
c. You want the router to trace a route to network 186.157.5.0 via 10.1.1.3.
d. The router should use address 10.1.1.3 to get to devices on network 186.157.5.0.

Quiz
3. Which of the following protocols is an example of an exterior gateway protocol?

a. RIP
b. BGP
c. IGRP
d. EIGRP

Quiz
4. In which situation is an administrative distance required?

a. When static routes are defined

b. When dynamic routing is enabled
c. When the same route is learned via multiple routing protocols
d. When multiple paths are available to the same destination and they are all learned via the
same routing protocol

Quiz
5. When a router receives a packet with a destination address that is in an unknown
subnetwork of a directly attached network, what is the default behavior if the ip classless
command is not enabled?
a. Drop the packet
b. Forward the packet to the default route
c. Forward the packet to the next hop for the directly attached network
d. Broadcast the packet through all interfaces except the one on which it was received

Quiz
6. How does a distance vector router learn about paths for networks that are not directly
connected?

a. From the source router

b. From neighboring routers
c. From the destination router
d. A distance vector router learns only about directly connected networks

Quiz
7. What does a distance vector router send to its neighboring routers as part of a periodic
routing table update?

a. The entire routing table

b. Information about new routes
c. Information about routes that have changed
d. Information about routes that no longer exist

Quiz
8. What is the maximum allowable hop count for RIP?

a. 6
b. 15
c. 30
d. 60

Quiz
9. With RIP, load balancing is performed over multiple paths that have which characteristic?

a. Equal cost
b. Equal weight
c. Equal distance
d. Equal bandwidth
Quiz
10. Which command correctly specifies RIP as the routing protocol?

a. Router(config)#rip
b. Router(config)#router rip
c. Router(config-router)#rip {AS no.}
d. Router(config-router)#router rip {AS no.}

Quiz
11. What is the default value of the RIP hold-down timer?

a. 30 seconds
b. 60 seconds
c. 90 seconds
d. 180 seconds
Medium-Sized Routed Network Construction
Week 12
Reviewing Routing Operations
Selecting the Best Route Using Metrics
Administrative Distance:
Ranking Routing Sources
Routers choose the routing source with the
best administrative distance:
RIP has an administrative distance of 120
OSPF has an administrative distance of 110.
EIGRP has an administrative distance of 90.
Distance Vector Routing Protocols
Routers pass periodic copies of their routing table to
neighboring routers and accumulate distance vectors.
Sources of Information and
Discovering Routes
Routers discover the best path to destinations from each neighbor.
Maintaining Routing Information
Updates proceed step by step from router to router.
OSPF Hierarchical Routing
Consists of areas and autonomous systems
Minimizes routing update traffic
Link-State Routing Protocol Algorithms
Benefits of link-state routing:
Fast convergence:
Changes are reported immediately by the affected source
Robustness against routing loops:
Routers know the topology
Link-state packets are sequenced and acknowledged
Hierarchical network design enables optimization of resources.
Drawbacks of link-state routing:
Significant demands for resources:
Memory (three tables: adjacency, topology, forwarding)
CPU (Dijkstra’s algorithm can be intensive, especially when there are many instabilities)
Requires very strict network design
Configuration can be complex when tuning various parameters and when design is complex
Benefits and Drawbacks of Link-State Routing
Single-Area OSPF Implementation
Implementing OSPF
OSPF Overview
Creates a neighbor relationship by exchanging hello packets
Propagates LSAs rather than routing table updates
Link: Router interface
State: Description of an interface and its relationship to neighboring routers
Floods LSAs to all OSPF routers in the area, not just directly connected routers
Pieces together all the LSAs generated by the OSPF routers to create the OSPF link-state
database
Uses the SPF algorithm to calculate the shortest path to each destination and places it in the
routing table
OSPF Hierarchy Example
Minimizes routing table entries
Localizes the impact of a topology change within an area
Neighbor Adjacencies: The Hello Packet
SPF Algorithm
Places each router at the root of a tree and calculates the
shortest path to each destination based on the cumulative cost
Cost = Reference Bandwidth / Interface Bandwidth (b/s)
10
1
10
1
1
Configuring Single-Area OSPF
network address wildcard-mask area area-id
Assigns networks to a specific OSPF area
router ospf process-id
Defines OSPF as the IP routing protocol
RouterX(config)#
RouterX(config-router)#
Configuring Loopback Interfaces
Router ID:
Number by which the router is known to OSPF
Default: The highest IP address on an active interface at the moment of OSPF process
startup
Can be overridden by a loopback interface: Highest IP address of any active loopback
interface
Can be set manually using the router-id command
Verifying the OSPF Configuration
RouterX# show ip protocols
Verifies that OSPF is configured
RouterX# show ip route
Displays all the routes learned by the router
RouterX# show ip route

Codes: I - IGRP derived, R - RIP derived, O - OSPF derived,

C - connected, S - static, E - EGP derived, B - BGP derived,
E2 - OSPF external type 2 route, N1 - OSPF NSSA external type 1 route,
N2 - OSPF NSSA external type 2 route

Gateway of last resort is 10.119.254.240 to network 10.140.0.0

O 10.110.0.0 [110/5] via 10.119.254.6, 0:01:00, Ethernet2

O IA 10.67.10.0 [110/10] via 10.119.254.244, 0:02:22, Ethernet2
O 10.68.132.0 [110/5] via 10.119.254.6, 0:00:59, Ethernet2
O 10.130.0.0 [110/5] via 10.119.254.6, 0:00:59, Ethernet2
O E2 10.128.0.0 [170/10] via 10.119.254.244, 0:02:22, Ethernet2
...
Verifying the OSPF Configuration (Cont.)
RouterX# show ip ospf
Routing Process "ospf 50" with ID 10.64.0.2
<output omitted>

Number of areas in this router is 1. 1 normal 0 stub 0 nssa

Number of areas transit capable is 0
External flood list length 0
Area BACKBONE(0)
Area BACKBONE(0)
Area has no authentication
SPF algorithm last executed 00:01:25.028 ago
SPF algorithm executed 7 times
<output omitted>
Displays the OSPF router ID, timers, and statistics
RouterX# show ip ospf
RouterX# show ip ospf interface ethernet 0

Ethernet 0 is up, line protocol is up

Internet Address 192.168.254.202, Mask 255.255.255.0, Area 0.0.0.0
AS 201, Router ID 192.168.99.1, Network Type BROADCAST, Cost: 10
Transmit Delay is 1 sec, State OTHER, Priority 1
Designated Router id 192.168.254.10, Interface address 192.168.254.10
Backup Designated router id 192.168.254.28, Interface addr 192.168.254.28
Timer intervals configured, Hello 10, Dead 60, Wait 40, Retransmit 5
Hello due in 0:00:05
Neighbor Count is 8, Adjacent neighbor count is 2
Adjacent with neighbor 192.168.254.28 (Backup Designated Router)
Adjacent with neighbor 192.168.254.10 (Designated Router)
RouterX# show ip ospf interface
Verifying the OSPF Configuration (Cont.)
Displays the area ID and adjacency information
RouterX# show ip ospf neighbor

ID Pri State Dead Time Address Interface

10.199.199.137 1 FULL/DR 0:00:31 192.168.80.37 FastEthernet0/0
172.16.48.1 1 FULL/DROTHER 0:00:33 172.16.48.1 FastEthernet0/1
172.16.48.200 1 FULL/DROTHER 0:00:33 172.16.48.200 FastEthernet0/1
10.199.199.137 5 FULL/DR 0:00:33 172.16.48.189 FastEthernet0/1
Verifying the OSPF Configuration (Cont.)
RouterX# show ip ospf neighbor
Displays the OSPF neighbor information on a per-interface basis
RouterX# show ip ospf neighbor 10.199.199.137
Neighbor 10.199.199.137, interface address 192.168.80.37
In the area 0.0.0.0 via interface Ethernet0
Neighbor priority is 1, State is FULL
Options 2
Dead timer due in 0:00:32
Link State retransmission due in 0:00:04
Neighbor 10.199.199.137, interface address 172.16.48.189
In the area 0.0.0.0 via interface Fddi0
Neighbor priority is 5, State is FULL
Options 2
Dead timer due in 0:00:32
Link State retransmission due in 0:00:03
Verifying the OSPF Configuration (Cont.)
RouterX# debug ip ospf events
OSPF:hello with invalid timers on interface Ethernet0
hello interval received 10 configured 10
net mask received 255.255.255.0 configured 255.255.255.0
dead interval received 40 configured 30

OSPF: rcv. v:2 t:1 l:48 rid:200.0.0.117

aid:0.0.0.0 chk:6AB2 aut:0 auk:

RouterX# debug ip ospf packet

OSPF: rcv. v:2 t:1 l:48 rid:200.0.0.116

aid:0.0.0.0 chk:0 aut:2 keyid:1 seq:0x0
OSPF debug Commands
Load Balancing with OSPF
OSPF load balancing:
Paths must be equal cost
By default, up to four equal-cost paths can be placed into the routing table
With a configuration change, up to a maximum of 16 paths can be configured:
(config-router)# maximum-paths <value>
To ensure paths are equal cost for load balancing, you can change the cost of a particular
link:
(config-if)# ip ospf cost <value>
Load Balancing with OSPF
OSPF Authentication
OSPF supports two types of authentication:
Plaintext (or simple) password authentication
MD5 authentication
The router generates and checks every OSPF packet.
The router authenticates the source of each routing update packet that it receives.
Configure a “key” (password); each participating neighbor must have the same key
configured.
Configuring OSPF Plaintext Password Authentication
ip ospf authentication-key password
RouterX(config-if)#
Assigns a password to use with neighboring routers
RouterX(config-if)#
ip ospf authentication [message-digest | null]
Specifies the authentication type for an interface (as of Cisco
IOS Release 12.0)
RouterX(config-router)#
area area-id authentication [message-digest]
Specifies the authentication type for an area
OR
Plaintext Password Authentication Configuration Example
Verifying Plaintext Password Authentication
RouterX#show ip ospf neighbor
Neighbor ID Pri State Dead Time Address Interface
10.2.2.2 0 FULL/ - 00:00:32 192.168.1.102 Serial0/0/1

RouterX#show ip route
<output omitted>
Gateway of last resort is not set
10.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
O 10.2.2.2/32 [110/782] via 192.168.1.102, 00:01:17, Serial0/0/1
C 10.1.1.0/24 is directly connected, Loopback0
192.168.1.0/27 is subnetted, 1 subnets
C 192.168.1.96 is directly connected, Serial0/0/1

RouterX#ping 10.2.2.2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.2.2.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 28/29/32 ms

Quiz
1. What are two characteristics of OSPF? (Choose two.)

a. OSPF uses a two-layer hierarchy.

b. OSPF is a proprietary routing protocol.
c. OSPF is an open standard.
d. OSPF is similar to the RIP routing protocol.
e. OSPF is a distance vector routing protocol

Quiz
2. OSPF routes packets within a single _____.

a. Area
b. Network
c. Segment
d. Autonomous system
Quiz
3. With OSPF, each router builds its SPF tree using the same link-state information, but each
will have a separate _____ of the topology.

a. State
b. View
c. Version
d. Configuration

Quiz
4. Which component of the SPF algorithm is inversely proportional to bandwidth?

a. Link cost
b. Root cost
c. Link state
d. Hop count

Quiz
5. Which command correctly starts an OSPF routing process using process ID 191?

a. Router(config)#router ospf 191

b. Router(config)#network ospf 191
c. Router(config-router)#network ospf 191
d. Router(config-router)#router ospf process-id 191

Quiz
6. What is the purpose of the show ip ospf interface command?

a. To display OSPF-related interface information

b. To display general information about OSPF routing processes
c. To display OSPF neighbor information on a per-interface basis
d. To display OSPF neighbor information on a per-interface type basis

Quiz
7. Which command output includes information about the length of the OSPF packet?

a. debug ip ospf events

b. debug ip ospf packet
c. debug ip ospf packet size
d. debug ip ospf mpls traffic-eng advertisements

Quiz
8. Which type of authentication does aut:1 indicate in the output from the debug ip ospf
packet command?

a. No authentication
b. Simple password
c. MD5
d. 3DES

Quiz
9. Which OSPF neighbor state indicates that two neighbors have exchanged routes?

a. Init
b. Two-way
c. Loading
d. Full
Address Space Management
Week 13
Scaling the Network
with NAT and PAT
Why using NAT
IP version 4(IPv4) is the limited number of unique network addresses; Two solutions are
Network Address Translation (NAT) and IP version 6(IPv6).
NAT provides a short-term solution to this problem by translating private IPv4 addresses
into globally unique, routable IPv4 addresses.
IPv6 is the long-term solution. By increasing the size of an IP address to 128 bits, IPv6
increases the total number of addresses that are available.
NAT terms
Inside local address: The IPv4 address that is assigned to a host on the inside network. The
inside local address is likely not an IPv4 address assigned by the Network Information
Center or service provider.
Inside global address: A legitimate IPv4 address assigned by the NIC or service provider
that represents one or more inside local IPv4 addresses to the outside world
Outside local address: The IPv4 address of an outside host as it appears to the inside
network. Not necessarily legitimate, the outside local address is allocated from a routable
address space on the inside.
Outside global address: The IPv4 address that is assigned to a host on the outside network
by the host owner. The outside global address is allocated from a globally routable address
or network space.
Forms of NAT
NAT has many forms and can work in the following ways:
Static NAT: Maps an unregistered IPv4 address to a registered IPv4 address (one to one).
Static NAT is particularly useful when a device must be accessible from outside the network.
Dynamic NAT: Maps an unregistered IPv4 address to a registered IPv4 address from a
group of registered IPv4 addresses.
NAT overloading: Maps multiple unregistered IPv4 addresses to a single registered IPv4
address (many to one) by using different ports. Overloading is also known as PAT and is a
form of dynamic NAT.
Network Address Translation
An IP address is either local or global.
Local IPv4 addresses are seen in the inside network.
Global IPv4 addresses are seen in the outside network.
Port Address Translation
Translating Inside Source Addresses
Establishes static translation between an inside local address and an
inside global address
RouterX(config)# ip nat inside source static local-ip global-ip
Marks the interface as connected to the inside
RouterX(config-if)# ip nat inside
Marks the interface as connected to the outside
RouterX(config-if)# ip nat outside
Displays active translations
RouterX# show ip nat translations
Configuring and Verifying Static Translation
Enabling Static NAT
Address Mapping Example
RouterX# show ip nat translations
Pro Inside global Inside local Outside local Outside global
--- 192.168.1.2 10.1.1.2 --- ---
interface s0
ip address 192.168.1.1 255.255.255.0
ip nat outside
!
interface e0
ip address 10.1.1.1 255.255.255.0
ip nat inside
!
ip nat inside source static 10.1.1.2 192.168.1.2
Establishes dynamic source translation, specifying the ACL that was
defined in the previous step
RouterX(config)# ip nat inside source list
access-list-number pool name
Defines a pool of global addresses to be allocated as needed
RouterX(config)# ip nat pool name start-ip end-ip
{netmask netmask | prefix-length prefix-length}
Defines a standard IP ACL permitting those inside local addresses
that are to be translated
RouterX(config)# access-list access-list-number permit
source [source-wildcard]
Displays active translations
RouterX# show ip nat translations
Configuring and Verifying Dynamic Translation
Dynamic Address Translation Example
RouterX# show ip nat translations
Pro Inside global Inside local Outside local Outside global
--- 171.69.233.209 192.168.1.100 --- ---
--- 171.69.233.210 192.168.1.101 --- ---
Overloading an Inside Global Address
Configuring Overloading
Establishes dynamic source translation, specifying the ACL that was
defined in the previous step
RouterX(config)# ip nat inside source list
access-list-number interface interface overload
Defines a standard IP ACL that will permit the inside local addresses
that are to be translated
RouterX(config)# access-list access-list-number permit
source source-wildcard
Displays active translations
RouterX# show ip nat translations
Overloading an Inside Global Address Example
RouterX# show ip nat translations
Pro Inside global Inside local Outside local Outside global
TCP 172.17.38.1:1050 192.168.3.7:1050 10.1.1.1:23 10.1.1.1:23
TCP 172.17.38.1:1776 192.168.4.12:1776 10.2.2.2:25 10.2.2.2:25
hostname RouterX
!
interface Ethernet0
ip address 192.168.3.1 255.255.255.0
ip nat inside
!
interface Ethernet1
ip address 192.168.4.1 255.255.255.0
ip nat inside
!
interface Serial0
description To ISP
ip address 172.17.38.1 255.255.255.0
ip nat outside
!
ip nat inside source list 1 interface Serial0 overload
!
ip route 0.0.0.0 0.0.0.0 Serial0
!
access-list 1 permit 192.168.3.0 0.0.0.255
access-list 1 permit 192.168.4.0 0.0.0.255
!
Clears a simple dynamic translation entry that contains an inside
translation or both an inside and outside translation
RouterX# clear ip nat translation inside global-ip
local-ip [outside local-ip global-ip]
Clears all dynamic address translation entries
RouterX# clear ip nat translation *
Clears a simple dynamic translation entry that contains an outside
translation
RouterX# clear ip nat translation outside
local-ip global-ip
Clears an extended dynamic translation entry (PAT entry)
RouterX# clear ip nat translation protocol inside global-ip
global-port local-ip local-port [outside local-ip
local-port global-ip global-port]
Clearing the NAT Translation Table
Translation Not Occurring:
Translation Not Installed in the Table
Verify that:
There are no inbound ACLs that are denying the packets entry to the NAT router
The ACL referenced by the NAT command is permitting all necessary networks
There are enough addresses in the NAT pool
The router interfaces are appropriately defined as NAT inside or NAT outside

Quiz
1. Match each NAT term with its definition.
____ 1. Static NAT
____ 2. Dynamic NAT
____ 3. Inside local
____ 4. Inside global
a. Address that is subject to translation with NAT
b. Address of an inside host as it appears to the outside network
c. Maps an unregistered IPv4 address to a registered IPv4 address on a one-to-one basis
d. Maps an unregistered IPv4 address to a registered IPv4 address from a group of
registered IPv4 addresses
C
D
A
B

Quiz
2. Which Cisco IOS command would you use to define a pool of global addresses that can be
allocated as needed?

a. ip nat pool
b. ip nat inside pool
c. ip nat outside pool
d. ip nat inside source static

Quiz
3. What does the ip nat inside source static command do?

a. Selects the inside static interface

b. Marks the interface as connected to the outside
c. Creates a pool of global addresses that can be allocated as needed
d. Establishes permanent translation between an inside local address and an inside global
address

Quiz
4. Match each of these commands, which are used to configure NAT overloading, with its
function.
___ 1. ip nat inside
___ 2. ip nat outside
___ 3. access-list 1 permit 10.1.1.0 0.0.0.255
___ 4. ip nat inside source list 1 pool nat-pool overload
___ 5. ip nat pool nat-pool 192.1.1.17 192.1.1.20 netmask 255.255.255.240
a. Marks an interface as connected to the inside
b. Marks an interface as connected to the outside
c. Defines a pool of inside global addresses that can be allocated as needed
d. Establishes dynamic port address translation using the defined ACL
e. Defines a standard ACL that will permit the addresses that are to be translated
A
B
E
D
C

Quiz
5. Which command clears a specific extended dynamic translation entry from the NAT
translation table?

a. clear ip nat translation *

b. clear ip nat translation inside
c. clear ip nat translation outside
d. clear ip nat translation protocol inside

Quiz
6. The output of which command displays the active translations for a NAT translation
table?

a. show ip nat statistics

b. show ip nat translations
c. clear ip nat translation *
d. clear ip nat translation outside

Quiz
7. You are troubleshooting a NAT connectivity problem on a Cisco router. You determine
that the appropriate translation is not installed in the translation table. Which three actions
should you take? (Choose three.)

a. Determine whether the NAT pool has enough addresses.

b. Run debug ip nat detailed to determine the source of the problem.
c. Use the show ip route command to verify that the selected route exists.
d. Verify that the router interfaces are appropriately defined as NAT inside or NAT outside.
e. Verify that the ACL that is referenced by the NAT command is permitting all necessary
inside local IPv4 addresses.
Quiz
8. The output of which command provides information about certain errors or exceptional
conditions, such as the failure to allocate a global address?

a. debug ip nat
b. debug ip nat detailed
c. show ip nat statistics
d. show ip nat translations
Address Space Management
Week 14
Transitioning
to IPv6
IPv4 and IPv6
Currently, there are approximately 1.3 billion usable IPv4 addresses
available.
Why Do We Need a Larger
Address Space?
Internet population
Approximately 973 million users in November 2005
Emerging population and geopolitical address space
Mobile users
PDA, pen tablet, notepad, and so on
Approximately 20 million in 2004
Mobile phones
Already 1 billion mobile phones delivered by the industry
Transportation
1 billion automobiles forecast for 2008
Internet access in planes, for example, Lufthansa
Consumer devices
Sony mandated that all its products be IPv6-enabled by 2005
Billions of home and industrial appliances
IPv6 Advanced Features
Larger address space:
Global reachability and flexibility
Aggregation
Multihoming
Autoconfiguration
Plug-and-play
End-to-end without NAT
Renumbering
Mobility and security:
Mobile IP RFC-compliant
IPsec mandatory (or native)
for IPv6
Simpler header:
Routing efficiency
Performance and forwarding rate scalability
No broadcasts
No checksums
Extension headers
Flow labels
Transition richness:
Dual stack
6to4 and manual tunnels
Translation
IPv6 Address Representation
Format:
x:x:x:x:x:x:x:x, where x is a 16-bit hexadecimal field
Case-insensitive for hexadecimal A, B, C, D, E, and F
Leading zeros in a field are optional
Successive fields of zeros can be represented as :: only once per address
Examples:
2031:0000:130F:0000:0000:09C0:876A:130B
Can be represented as 2031:0:130f::9c0:876a:130b
Cannot be represented as 2031::130f::9c0:876a:130b
FF01:0:0:0:0:0:0:1 FF01::1
0:0:0:0:0:0:0:1 ::1
0:0:0:0:0:0:0:0 ::
IPv6 Address Types
Unicast:
Address is for a single interface
IPv6 has several types (for example, global, reserved, link-local, and site-local)
Multicast:
One-to-many
Enables more efficient use of the network
Uses a larger address range
Anycast:
One-to-nearest (allocated from unicast address space)
Multiple devices share the same address
All anycast nodes should provide uniform service
Source devices send packets to anycast address
Routers decide on closest device to reach that destination
Suitable for load balancing and content delivery services
IPv6 Unicast Addressing
Types of IPv6 unicast addresses:
Global: Starts with 2000::/3 and assigned by IANA
Reserved: Used by the IETF
Private: Link local (starts with FE80::/10)
Loopback (::1)
Unspecified (::)
A single interface may be assigned multiple IPv6 addresses of any type: unicast, anycast, or
multicast.
IPv6 addressing rules are covered by multiple RFCs.
Architecture defined by RFC 4291
IPv6 Global Unicast (and Anycast)
Addresses
IPv6 has the same address format for global unicast and for
anycast addresses.
Uses a global routing prefix—a structure that enables aggregation upward,
eventually to the ISP.
A single interface may be assigned multiple addresses of any type
(unicast, anycast, multicast).
Every IPv6-enabled interface contains at least one loopback (::1/128)
and one link-local address.
Optionally, every interface can have multiple unique local and global addresses.
Link-Local Addresses
Link-local addresses have a scope limited to the link and are dynamically
created on all IPv6 interfaces by using a specific link-local prefix FE80::/10
and a 64-bit interface identifier.
Link-local addresses are used for automatic address configuration, neighbor
discovery, and router discovery. Link-local addresses are also used by many
routing protocols.
Link-local addresses can serve as a way to connect devices on the same local
network without needing global addresses.
When communicating with a link-local address, you must specify the outgoing
interface because every interface is connected to FE80::/10.
Larger Address Space Enables
Address Aggregation
Address aggregation provides the following benefits:
Aggregation of prefixes announced in the global routing table
Efficient and scalable routing
Improved bandwidth and functionality for user traffic
Assigning IPv6 Global Unicast Addresses
Static assignment
Manual interface ID assignment
EUI-64 interface ID assignment
Dynamic assignment
Stateless autoconfiguration
DHCPv6 (stateful)
IPv6 EUI-64 Interface Identifier
Cisco can use the EUI-64 format for interface identifiers.
This format expands the 48-bit MAC address to 64 bits by
inserting “FFFE” into the middle 16 bits.
To make sure that the chosen address is from a unique
Ethernet MAC address, the U/L bit is set to 1 for global scope
(0 for local scope).
Stateless Autoconfiguration
DHCPv6 (Stateful)
DHCPv6 is an updated version of DHCP for IPv4:
Supports new addressing
Enables more control than stateless autoconfiguration
Can be used for renumbering
Can be used for automatic domain name registration of hosts using dynamic DNS
DHCPv6 Operation
DHCPv6 operates in a way that is similar to DHCPv4, except:
Client first detects the presence of routers on the link.
If a router is found, the router advertisement is examined to determine if DHCP can be used.
If no router is found, or if the router says DHCP can be used, then:
A DHCP solicit message is sent to the all-DHCP-agents multicast address.
The client uses the link-local address as the source address.
IPv6 Routing Protocols
IPv6 routing types:
Static
RIPng (RFC 2080)
OSPFv3 (RFC 2740)
IS-IS for IPv6
MP-BGP4 (RFC 2545/2858)
EIGRP for IPv6
The ipv6 unicast-routing command is required to enable
IPv6 before any routing protocol is configured.
RIPng (RFC 2080)
Similar IPv4 features:
Distance vector, radius of 15 hops, split horizon, and poison reverse
Based on RIPv2
Updated features for IPv6:
IPv6 prefix, next-hop IPv6 address
Uses the multicast group FF02::9, the all-rip-routers multicast group, as the destination
address for RIP updates
Uses IPv6 for transport
Named RIPng
IPv4-to-IPv6 Transition
Transition richness means:
No fixed day to convert; no need to convert all at once
Different transition mechanisms are available:
Dual stack
Manual tunnel
6to4 tunnel
ISATAP tunnel
Teredo tunnel
Different compatibility mechanisms:
Proxying and translation (NAT-PT)
Dual stack is an integration method in which a node has implementation and connectivity to
both an IPv4 and IPv6 network.
Cisco IOS Dual Stack
Cisco IOS Dual Stack (Cont.)
When both IPv4 and IPv6 are configured on an interface, the interface is considered dual-
stacked.
Tunneling is an integration method in which an IPv6 packet is encapsulated within another
protocol, such as IPv4. This method of encapsulation is IPv4.
Includes a 20-byte IPv4 header with no options and an IPv6 header and payload
Requires dual-stack routers
IPv6 Tunneling
Manually Configured IPv6 Tunnel
Configured tunnels require:
Dual-stack endpoints
IPv4 and IPv6 addresses configured at each end
Enabling IPv6 on Cisco Routers
ipv6 unicast-routing
RouterX(config)#
Enables IPv6 traffic forwarding
ipv6 address ipv6prefix/prefix-length eui-64
Configures the interface IPv6 addresses
RouterX(config-if)#
IPv6 Address Configuration Example
RIPng for IPv6 Configuration Example

Quiz
Which advantage does IPv4 have over IPv6?
a. Larger address space
b. Shorter header
c. Simpler header
d. Support for IPsec on every link
Quiz
Why is NAT not a requirement for IPv6?
a. NAT is not available with IPv6.
b. IPv6 addresses do not have a private address space.
c. IPv6 allows all users in an enterprise to have a global address.
d. Hexadecimal addresses cannot be translated.

Quiz
How does IPv6 enable smaller routing tables in Internet routers?
a. By defining aggregation points in the address space
b. By using a new routing protocol
c. With autoconfiguration
d. By using site local addresses

Quiz
How can you condense consecutive sets of zeros in an IPv6 address?
a. By using the ::: symbol
b. By eliminating leading zeros
c. By replacing four consecutive zeros with a single zero
d. By using the :: symbol

Quiz
Which type of IPv6 address is a global unicast address that is assigned to more than one
interface?
a. Anycast
b. Unicast
c. Multicast
d. Broadcast

Quiz
Which address type from IPv4 was eliminated in IPv6?
a. Unicast
b. Multicast
c. Broadcast
d. Everycast
Quiz
Which statement is true about the EUI-64 address format of the system ID for stateless
autoconfiguration that is used by Cisco?
a. It is the MAC address plus the Site-Level Aggregator.
b. It is the MAC address plus the ISO OUI.
c. It expands the 48-bit MAC address to 64 bits by inserting FFFE into the middle 16 bits.
d. It does not follow IEEE standards for uniqueness of the address.
e. It is only used by Cisco.

Quiz
Which term means that an IPv6 router is involved in providing an IPv6 address to a
requesting host?
a. Autoaddressing
b. Link local
c. IPv6 NAT
d. Standard stateless autoconfiguration
e. DHCP autoconfiguration

Quiz
What are the two most common IPv4-to-IPv6 transition techniques? (Choose two.)
a. IPv6 NAT
b. Dual stack
c. 6to4 tunnels
d. IPv6 mobile

Quiz
Which command is the global command that enables IPv6 or dual stack in a Cisco router?
a. ipv6 routing
b. ipv6 unicast-routing
c. ipv6 address
d. ipv6 dual stack
Any Questions?
Good luck!