CCENT™ ® Cisco Certified Entry Networking Technician Study Guide (Exam 640-822) This page intentionally left blank ® CCENT™ Cisco Certified Entry Networking Technician Study Guide (Exam 640-822) Matthew Walker Angie Walker This study/training guide and/or material is not sponsored by, endorsed by, or affiliated with Cisco Systems, Inc in any manner Cisco®, Cisco Systems®, CCDA®, CCNA®, CCDP®, CCNP®, CCIE®, CCIP®, CCSP®, CCVP®, CCDETM, CCENTTM, the Cisco Systems logo, and the Cisco Certified Internetwork Expert logo are trademarks or registered trademarks of Cisco Systems, Inc., in the United States and certain other countries All other trademarks are trademarks of their respective owners This publication and CD may be used in assisting students to prepare for an exam Neither The McGraw-Hill Companies nor Boson Software warrant that use of this publication and CD will ensure passing any exam New York Chicago San Francisco Lisbon London Madrid Mexico City Milan New Delhi San Juan Seoul Singapore Sydney Toronto Copyright © 2008 by The McGraw-Hill Companies All rights reserved Manufactured in the United States of America Except as permitted under the United States Copyright Act of 1976, no part of this publication may be reproduced or distributed in any form or by any means, or stored in a database or retrieval system, without the prior written permission of the publisher 0-07-164378-8 The material in this eBook also appears in the print version of this title: 0-07-159114-1 All trademarks are trademarks of their respective owners Rather than put a trademark symbol after every occurrence of a trademarked name, we use names in an editorial fashion only, and to the benefit of the trademark owner, with no intention of infringement of the trademark Where such designations appear in this book, they have been printed with initial caps McGraw-Hill eBooks are available at special quantity discounts to use as premiums and sales promotions, or for use in corporate training programs For more information, please contact George Hoare, Special Sales, at george_hoare@mcgraw-hill.com or (212) 904-4069 TERMS OF USE This is a copyrighted work and The McGraw-Hill Companies, Inc (“McGraw-Hill”) and its licensors reserve all rights in and to the work Use of this work is subject to these terms Except as permitted under the Copyright Act of 1976 and the right to store and retrieve one copy of the work, you may not decompile, disassemble, reverse engineer, reproduce, modify, create derivative works based upon, transmit, distribute, disseminate, sell, publish or sublicense the work or any part of it without McGraw-Hill’s prior consent You may use the work for your own noncommercial and personal use; any other use of the work is strictly prohibited Your right to use the work may be terminated if you fail to comply with these terms THE WORK IS PROVIDED “AS IS.” McGRAW-HILL AND ITS LICENSORS MAKE NO GUARANTEES OR WARRANTIES AS TO THE ACCURACY, ADEQUACY OR COMPLETENESS OF OR RESULTS TO BE OBTAINED FROM USING THE WORK, INCLUDING ANY INFORMATION THAT CAN BE ACCESSED THROUGH THE WORK VIA HYPERLINK OR OTHERWISE, AND EXPRESSLY DISCLAIM ANY WARRANTY, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE McGraw-Hill and its licensors not warrant or guarantee that the functions contained in the work will meet your requirements or that its operation will be uninterrupted or error free Neither McGraw-Hill nor its licensors shall be liable to you or anyone else for any inaccuracy, error or omission, regardless of cause, in the work or for any damages resulting therefrom McGraw-Hill has no responsibility for the content of any information accessed through the work Under no circumstances shall McGraw-Hill and/or its licensors be liable for any indirect, incidental, special, punitive, consequential or similar damages that result from the use of or inability to use the work, even if any of them has been advised of the possibility of such damages This limitation of liability shall apply to any claim or cause whatsoever whether such claim or cause arises in contract, tort or otherwise DOI: 10.1036/0071591141 This book is dedicated to my father, Ronald Walker (1947–2008) We miss you, Dad This page intentionally left blank ABOUT THE AUTHORS Matthew Walker is the IA Training Instructor Supervisor and a Sr IA Analyst at Dynetics, Inc., in Huntsville, Alabama An IT education professional for over 15 years, Matt served as the Director of the Network Training Center and the Curriculum Lead and Senior Instructor for the local Cisco Networking Academy on Ramstein AB, Germany After leaving the US Air Force, Matt served as a Network Engineer for NASA’s Secure Network Systems, designing and maintaining secured data, voice, and video networking for the agency He has written and contributed to numerous technical training books for Air Education and Training Command, United States Air Force, and continues to train, and write, certification and college-level IT and IA Security courses Matt holds numerous commercial certifications, including Cisco Certified Network Professional (CCNP), Microsoft Certified System Engineer (MCSE), CEH (Certified Ethical Hacker), CNDA (Certified Network Defense Architect), and Certified Pen Test Specialist (CPTS) Angie Walker is currently the Chief Information Security Officer for the University of North Alabama, located in beautiful Florence, Alabama Among the many positions she has filled over the course of her 20-plus years in Information Technology and Information Assurance are Manager of the Information Systems Security (ISS) Office for the Missile Defense Agency (MDA) South, as well as the lead for the MDA Alternate Computer Emergency Response Team (ACERT) She served as Superintendent of the United States Air Forces in Europe (USAFE) Communications and Information Training Center, Superintendent of the 386 Communications Squadron on Ali Al Saleem AB, Kuwait, and Senior Information Security Analyst for Army Aviation Unmanned Aircraft Systems Angie holds several industry certifications, including CISSP, Network+ and Security+, and a master’s degree in Information Systems Management With over nine years of IT and IA educational experience, she has developed and taught courseware worldwide for the US Air Force, as well as several computer science courses as an instructor for the University of Alabama in Huntsville, and Kaplan University in Fort Lauderdale, Florida Copyright © 2008 by The McGraw-Hill Companies Click here for terms of use About the Tech Editor Bobby E Rogers is a Senior Information Assurance Analyst for Dynetics, Inc., in Huntsville, Alabama In addition to working in the Certification and Accreditation process for the U.S government, Bobby also leads penetration testing teams for Dynetics Bobby recently retired from the United States Air Force after almost 21 years, serving as a computer networking and security specialist, and has designed and managed networks all over the world He has held several positions of responsibility overseeing network security in both the Department of Defense and private company networks His duties have included perimeter security, client-side security, security policy development, security training, penetration testing, and computer crime investigation As a trainer, he has taught a wide variety of IT-related subjects in both makeshift classrooms in tents in the desert and formal training centers He also has taught a wide variety of courses as a part-time contractor for several nationally known training centers and a major university Bobby is an accomplished author, having written numerous IT articles in various publications and training materials for the U.S Air Force, and has authored several training videos on a wide variety of IT security topics He is also a regular security article contributor for several online IT sites He has a Bachelor of Science degree in Computer Information Systems from Excelsior College, and two Associates in Applied Science degrees from the Community College of the Air Force Bobby’s professional IT certifications include: A+, Security+, ACP, CCNA, CCAI, CIW, CIWSA, MCP+I, MCSA (Windows 2000 & 2003), MCSE (Windows NT4, 2000, & 2003), MCSE: Security (Windows 2000 & 2003), CISSP, CHFI, CIFI, CPTS, and CEH Copyright © 2008 by The McGraw-Hill Companies Click here for terms of use CONTENTS AT A GLANCE Networking 101 TCP/IP 31 Network Media and Devices Ethernet Fundamentals Switching: Moving Data Inside Your Network Routing Essentials and IP Addressing 69 101 129 155 IP Address Subnetting 191 Interfacing with Cisco Devices 229 Cisco Switch Configuration 271 10 Cisco Router Configuration 315 11 WANs and WLANs 363 12 Applications, Security, and Troubleshooting A About the CD Glossary Index 403 455 461 495 ix 502 CCENT Cisco Certified Entry Networking Technician Study Guide hosts defined, 2, 472 troubleshooting, 423–426 HTML (Hyper Text Markup Language), 42 HTTP (Hyper Text Transport Protocol), 42 HTTPS (Hyper Text Transport Protocol over SSL), 42 hubs defined, 473 media devices, 81 overview, 17 Hybrid protocol type, 168 hybrid topology, Hyper Text Markup Language (HTML), 42 Hyper Text Transport Protocol (HTTP), 42 Hyper Text Transport Protocol over SSL (HTTPS), 42 HyperTerminal program, 242–243, 260 I IANA (Internet Assigned Number Authority), 474 ICANN (Internet Corporation for Assigned Names and Numbers), 335, 474 ICMP (Internet Control Message Protocol), 54–56, 474 IDSs (intrusion detection systems), 88, 387, 475 IEEE (Institute of Electrical and Electronics Engineers), 103, 473 IEEE 802 series, 116, 456–457 IETF (Internet Engineering Task Force), 474 IGP (Interior Gateway Protocol), 335, 336, 473 IMAP4 (Internet Message Access Protocol), 41 inactivity timers, 473 Industrial, Scientific, Mechanical (ISM) frequency range, 382 information, defined, Infrastructure mode, 473 initialization functions, 133–136 inside global, 379, 473 inside local, 379, 473 installing switches, 139–140 wireless LANs, 384–385 Institute of Electrical and Electronics Engineers (IEEE), 103, 473 Integrated Services Digital Network (ISDN), 9, 473 interface configuration commands, 294 Interface Configuration mode, 250–251 Interface configuration prompt, 291 interface ethernet # command, 317 interface fastethernet #/# command, 317 interface fastEthernet0/0 command, 250 interface gigabitethernet #/# command, 317 interface mapping, 134 Interface mode, 250 interface numbers, 274 interface range commands, 293–294 interface status, 431–433 interface type number command, 250 interfaces, defined, 473 interfacing See device interfacing Interior Gateway Protocol (IGP), 335, 336, 473 internal physical network addresses, 18 International Organization for Standardization (ISO), 11, 473 International Telecommunications Union (ITU), 369, 474 Internet access router, 342–350 Internet address classes, 171–173, 217, 474 Internet Assigned Number Authority (IANA), 474 Internet Control Message Protocol (ICMP), 54–56, 474 Internet Corporation for Assigned Names and Numbers (ICANN), 335, 474 Internet, defined, 474 Internet Engineering Task Force (IETF), 474 Internet Message Access Protocol (IMAP4), 41 Internet Protocol (IP) See also IP addresses; Transmission Control Protocol/Internet Protocol defined, 474 headers, 158 Index host portion, 180, 200 network portion, 180, 200 overview, 54–56 versions, 169 Internet service providers (ISPs), 366–367, 475 Internetwork Operating System (IOS) boot process, 230–234 versus CLI, 259 defined, 475 overview, 234–238 switch initialization, 133 Inter-Switch Link (ISL) protocol, 475 intranets, 415, 475 intrusion detection systems (IDSs), 88, 387, 475 intrusion prevention systems (IPSs), 88, 387, 475 IOS See Internetwork Operating System IP See Internet Protocol ip address IP_Address Subnet_Mask command, 327 IP addresses See also subnets classes, 171–173, 217, 474 constructing, 168–171 defined, 475 host troubleshooting, 424 overview, 168 switch, 291 technologies, 174–180 ip commands, 38, 288, 292 ip route 0.0.0.0 0.0.0.0 next_hop_address command, 333, 349 ip route 172.16.1.0 255.255.255.0 172.18.1.1 command, 330 ip route 192.168.1.0 255.255.255.0 172.16.1.1 150 command, 332 ip route command, 334 ip route network_address subnet_mask Next_hop_ address command, 330 ip route network_id subnet_mask next_hop 200 command, 332 ipconfig commands, 419, 425 IPSs (intrusion prevention systems), 88, 387, 475 ISDN (Integrated Services Digital Network), 9, 473 ISL (Inter-Switch Link) protocol, 475 503 ISM (Industrial, Scientific, Mechanical) frequency range, 382 ISO (International Organization for Standardization), 11, 473 ISPs (Internet service providers), 366–367, 475 ITU (International Telecommunications Union), 369, 474 J jabber, 432 jam signals, 109 jitter, 405, 440, 476 K keepalive, 476 keyboard shortcuts, 256 Keylogger software, 414 L L2TP Network Servers (LNS), 476 LAC (Layer Tunneling Protocol Access Concentrator), 476 LANs See local area networks Layer Tunneling Protocol Access Concentrator (LAC), 476 layers, see names of specific layers LDAP (Lightweight Directory Access Protocol), 476 leased lines, 37, 322, 372, 476 LEDs (light-emitting diodes), 132, 274, 302, 476 Length/Type field, 105, 119 light-emitting diodes (LEDs), 132, 274, 302, 476 Lightweight Directory Access Protocol (LDAP), 476 line aux command, 317 line commands, 250, 281 Line Configuration mode, 250, 281 line status, 431 link state, 166–168, 476 link state advertisements (LSAs), 166 504 CCENT Cisco Certified Entry Networking Technician Study Guide Linksys switches, 130, 272–274, 302 LLC (Logical Link Control) header, 105 LNK light, 318 LNS (L2TP Network Servers), 476 local area networks (LANs) defined, 476 devices, 156 networking, 116 overview, local interfaces, 426 local loops, 476 location terminology, 10 logging commands, 280–281 logic flow, 157–162 logical addresses, 18, 86, 162 Logical Link Control (LLC) header, 105 logical topologies, 7, 21 Login banner, 278 login commands, 282–283, 287 long haul lines, 367 long wavelength (LX), 119 loopback addresses, 174 loopback interfaces, 476 looping, 140–141 loss, 405, 407, 440 LSAs (link state advertisements), 166 LX (long wavelength), 119 M MAC (Media Access Control), 477 MAC addresses bridges, 83 defined, 477 Ethernet, 106 host troubleshooting, 425 LAN devices, 156 network data flow, 114 port security, 299–300 routed protocols, 162 router troubleshooting, 437 routing logic, 158 switch initialization, 134 magic number, 213 Mail Exchanger (MX) record type, 36 malware, 414 Management Information Base (MIB), 41, 477 MANs (Metropolitan Area Networks), manual summarization, 335 Maximum Transmission Unit (MTU), 105 MD5 hash, 284 Media Access Control (MAC), 477 media, transmission See transmission media mesh topology, 6, 477 Message of The Day (MOTD) banners, 278 metric, defined, 477 Metropolitan Area Networks (MANs), MIB (Management Information Base), 41, 477 MIMO (multiple-input multiple-output), 382 MMF (multi mode fiber) cables, 78 mnemonics, 13, 20 modal dispersion, 78 modems analog, 374–375 cable, 377 defined, 477 modulation, 375 modulator/demodulators See modems MOTD (Message of The Day) banners, 278 MSAUs (Multistation Access Units), 7, 478 MTU (Maximum Transmission Unit), 105 multi mode fiber (MMF) cables, 78 multicast addresses, 477 multicast, defined, 477 multicast messages, 106–107 multicast traffic, 85 multicast updates, 166 multimode, defined, 477 multiple-input multiple-output (MIMO), 382 multiplexing, 51–55, 477 Multistation Access Units (MSAUs), 7, 478 MX (Mail Exchanger) record type, 36 Index N Name server (NS) record type, 36 name vlan-name command, 294–295 NAT See Network Address Translation National Institute for Standards and Technology (NIST), 478 NetSim simulator, 341 netstat commands, 425 Network Access layer, 56–57, 158 Network Access Servers, 478 Network Address Translation (NAT) defined, 478 dynamic, 177–178 overview, 378–380 static, 177 network addresses, defined, 478 network bits, 169–170, 205 Network Control Protocol, 478 network devices bridges, 81–85 configuring, 88–90 hubs, 81 NICs, 79–80 overview, 79 repeaters, 80–81 routers, 85–86 security, 87–88 switches, 81–85 transceivers, 80 network diagrams, overview of, 89 network interface cards (NICs), 79–80, 136–137, 478 Network layer firewalls, 87 overview, 13, 16 private addresses, 378 network media See media, transmission network network_id command, 337, 349 network security mitigations, 414–417 threats and attacks, 410–414 network segments, 478 505 network/host boundary, 174 networks, see also names of specific networks categories of, 8–10 definitions, 2–4 local area, OSI reference model components, 17–19 functions, 11–12 overview, 11 PDUs, 19–21 overview, 2–10 topologies, 5–7 wide area, 8–10 NICs (network interface cards), 79–80, 136–137, 478 NIST (National Institute for Standards and Technology), 478 N(N–1)/2 formula, no cdp commands, 429 no debug parameter command, 341 no enable commands, 283 no ip commands, 37, 204, 217, 439 no service password-encryption command, 284 no shutdown command, 291–292, 299, 370 nodes, defined, 478 noise immunity, 71 non-volatile read access memory (NVRAM), 231, 240, 260, 478 noshutdown command, 329 NS (Name server) record type, 36 nslookup name command, 425 NVRAM (non-volatile read access memory), 231, 240, 260, 478 nvram commands, 241 O octets, 169, 202, 212–213, 479 ODBC (Open Database Connectivity), 479 OFDM (Orthogonal Frequency-Division Multiplexing), 383, 479 Open Database Connectivity (ODBC), 479 506 CCENT Cisco Certified Entry Networking Technician Study Guide Open System Interconnection (OSI) Reference Model defined, 479 functions, 11–12 layers, 13–17 network components, 17–19 overview, 11 protocol data units, 19–21 versus TCP/IP, 32–34 ordered data transfers, 48 Organizationally Unique Identifiers (OUIs), 106 Orthogonal Frequency-Division Multiplexing (OFDM), 383, 479 OSI Reference Model, Open System Interconnection Reference Model OSPF routing protocol, 320 OUIs (Organizationally Unique Identifiers), 106 out-of-band signaling, 479 outside interfaces, 379 P packet filtering, 479 Packet Internet Groper (PING), 479 packet switching technologies ATM, 372–374 flooding and filtering, 79 frame relay, 371–372 overview, 9, 366 packets, 479 padding, 105 PAP (Password Authentication Protocol), 480 passive-interface command, 338 passive-interface interfacetype_# command, 337, 349 Password Authentication Protocol (PAP), 480 password command, 282 passwords defined, 479 switch configuration, 282–284 PAT (Port Address Translation), 178–179, 343, 378–380, 480 payloads, 480 PCI boards, 79 PCM (pulse code modulation), 481 PCMCIA cards, 79 PDUs (protocol data units), 19–21, 481 permanent virtual circuits (PVCs), 372 phishing, 412 Physical layer devices, 13, 17 Ethernet standards, 116, 119 functions, 369 line status, 431 overview, 13, 16 troubleshooting, 419 physical media See media, transmission physical topologies, 5–6, 21 PING (Packet Internet Groper), 479 ping command line tool, 54 pinouts, 74–75 pins, 74 place values, 217 plain old telephone system (POTS), Point-to-Point Protocol (PPP), 56, 369, 389, 480 Point-to-Point Tunneling Protocol (PPTP), 480 point-to-point WAN technologies, 368–370 POP3 (Post Office Protocol version 3), 40 Port Address Translation (PAT), 178–179, 343, 378–380, 480 port addresses, 134, 144 port numbers, 47, 51–53 port security, 299–302, 435 port shutdown, 300 ports auxiliary, 460 blocked, 461 defined, 480 dynamic, 51 registered, 51 POST (power on self test), 133, 231 Post Office Protocol version (POP3), 40 POTS (plain old telephone system), Index power on self test (POST), 133, 231 PPP (Point-to-Point Protocol), 56, 369, 389, 480 PPTP (Point-to-Point Tunneling Protocol), 480 preamble notification, 104 prefix notation, 160, 210, 212, 218, 480 Presentation layer, 13–14, 480 primary rate interface (PRI), 480 private keys, 288 private network addresses, 176, 480 Privileged EXEC mode, 249 Privileged mode, 239, 251–252, 277, 282 Protect option, 300 protocol data units (PDUs), 19–21, 481 protocol stacks, 4, 481 protocol status, 431 protocol suites, protocols, see also names of specific protocols, 3–4, 481 proxies, 18 proxy ARP, 481 PSTNs (public switched telephone networks), 374–375, 389, 481 public addresses, 378 public keys, 288 public switched telephone networks (PSTNs), 374–375, 389, 481 pulse code modulation (PCM), 481 Putty application, 289 PVCs (permanent virtual circuits), 372 Q Quality of Service (QoS), 9, 405–406, 481 question mark (?), 252–253, 287, 419 queues, defined, 481 R radio frequency (RF), 3, 380 radio frequency interference (RFI), 71 random access memory (RAM), 230, 260 read-only memory (ROM), 133, 230–231, 234, 260 507 Ready To Send (RTS) signal, 109, 383 redundancy, 140–141 Redundant Power Supply (RPS) indicator lamp, 131 registered ports, 51 reload command, 239, 260, 278 remote access WAN technologies cable modems, 377 DSL, 375–377 PSTN, 374–375 remote procedure call (RPC) protocol, 481 repeaters, 17, 80–81, 481 Reply from ping response, 55 Request for Comments (RFC) documents, 33, 171, 482 Request Timed Out ping response, 55 resolvers, 36 Restore Defaults button, 242 Restrict option, 300 resume commands, 407–408, 440 retransmission requests, 138 reverse lookup, 482 RF (radio frequency), 3, 380 RFC (Request for Comments) documents, 33, 171, 482 RFI (radio frequency interference), 71 RG6 coax cable, 376 ring topology, 6, 482 RIP (Routing Information Protocol), 439, 482 RIPv2, 337–342 RJ45 connectors, 322 RJ48 connectors, 322 rollover cables, 76, 242 ROM (read-only memory), 133, 230–231, 234, 260 ROMMON operating system, 232, 234, 260 root bridge, 141 round-trip time (RTT), 109 route summarization, 335 route tables, 86, 160, 162 route updates, 334 routed protocol, 53, 163, 482 router rip command, 337, 349 508 CCENT Cisco Certified Entry Networking Technician Study Guide routers See also Cisco router configuration defined, 18, 482 media devices, 85–86 troubleshooting CDP, 426–430 interface status, 431–433 overview, 436–438 routing defined, 482 logic and data flow, 157–162 overview, 155–156 protocols distance vector, 165–166 link state, 166–168 overview, 162–165 Routing Information Protocol (RIP), 439, 482 routing protocol, 53, 164–165, 482 RPC (remote procedure call) protocol, 481 RPS (Redundant Power Supply) indicator lamp, 131 RTS (Ready To Send) signal, 109, 383 RTT (round-trip time), 109 running config file, 238–239, 241, 260 RxBoot, 482 S same layer interaction, 20 SAR (segmentation and reassembly), 374 SC (stick and click) connectors, 78 scalable architecture, 482 scanning, 412–413 SCSI (Small Computer System Interface), 484 SDM (Security Device Manager), 243, 343–346 secure channels, 483 Secure Multipurpose Internet Mail Extensions (S/MIME), 483 Secure Sockets Layer (SSL), 42, 483 security devices for, 87–88 network mitigations, 414–417 threats, 410–414 switch settings descriptions, 292–294 duplex, 292–294 exec-timeout, 285–287 IP addresses, 290–292 overview, 281 passwords, 282–284 port security, 299–302 speed, 292–294 SSH, 287–290 VLAN, 294–298 wireless LAN encryption standards, 388–389 options, 389–390 threats and mitigations, 386–388 Security Device Manager (SDM), 243, 343–346 security in depth concept, 414 segmentation, 15 segmentation and reassembly (SAR), 374 segments, 483 sequence numbering system, 15, 47–49 serial interfaces, 318–319, 370 Serial Line Internet Protocol (SLIP), 56, 483 server-based networks, defined, 483 servers, defined, 483 service password-encryption command, 284 service providers, 366–367, 475 service set identifiers (SSIDs), 384, 389, 483 session hijacking, 483 Session layer, 13–15 setup, 232, 276–278 setup command, 239, 321 setup file, 233 Setup mode, 239, 260, 276 short wavelength (SX), 119 shortcut keys, 252 show cdp commands, 426–427, 429, 440 show controllers command, 320 show crypto key mypubkey rsa command, 289 show dhcp binding command, 347, 349 show dhcp lease command, 292 show flash command, 237 Index show history command, 280–281 show interfaces commands, 292–294, 431–433, 435 show ip commands, 259, 432, 436–437 show ip nat translations command, 347, 349 show ip protocols command, 340 show ip route command, 338, 348, 349 show ip route network_id command, 339, 349 show ip route rip command, 339, 349 show mac address-table command, 259, 422, 434 show port-security commands, 301, 422 show protocols interface command, 432 show running-config command, 280, 292, 295, 297, 301 show sessions command, 407–408, 440 show version command, 235–236, 260 show vlan brief command, 295, 297 shutdown command, 291, 327 Shutdown option, 300 Simple Mail Transfer Protocol (SMTP), 40–41, 483 Simple Network Management Protocol (SNMP), 41 simplex transmission, single mode fiber (SMF) cables, 78, 483 slash notation, 484 SLIP (Serial Line Internet Protocol), 56, 483 Small Computer System Interface (SCSI), 484 small offices/home offices (SOHOs), 10 SMF (single mode fiber) cables, 78, 483 S/MIME (Secure Multipurpose Internet Mail Extensions), 483 SMTP (Simple Mail Transfer Protocol), 40–41, 483 SNA (System Network Architecture) model, 32 SNAP (Subnetwork Access Protocol) headers, 105 sniffers, 413 SNMP (Simple Network Management Protocol), 41 SOA (Start of Authority) record type, 36 SOCKS, 484 SOHOs (small offices/home offices), 10 spam, 484 Spanning Tree Protocol (STP), 140–141, 484 speed {10 | 100 | 1000 | auto} command, 293 SPEED LED mode, 132 speed, switch, 136–137 509 spoofing, 484 spyware, 414 SSH, 287–290 SSIDs (service set identifiers), 384, 389, 483 SSL (Secure Sockets Layer), 42, 483 star topology, 6, 484 Start of Authority (SOA) record type, 36 startup-config file, 233, 238–239, 241, 260, 277–278 STAT LED mode, 132 stateful packet filtering, 484 STATIC entry, 434 static IP addresses, 37, 291 static NAT, 484 static routing, 86, 163 backup static routes, 332 Cisco router configuration, 329–332 stick and click (SC) connectors, 78 store-and-forward switching, 138, 484 STP (Spanning Tree Protocol), 140–141, 484 straight-through (568B) cables, 75–77 Structured Wireless-Aware Networks (SWANs), 387 sub-card numbers, 274 subnet bits, 197, 200, 208 subnet octets, 218 subnets binary math, 192–197 Boolean AND operations, 197–199 constructing, 200–202 decoding information, 206–208 defined, 485 masks applying, 208–210 creating, 202–206 defined, 485 overview, 174–176, 191 tips, 210–218 Subnetwork Access Protocol (SNAP) headers, 105 summarization, route, 335 SVCs (switched virtual circuits), 372 SWANs (Structured Wireless-Aware Networks), 387 switch interfaces, 137 switch IP addresses, 290–292 510 CCENT Cisco Certified Entry Networking Technician Study Guide switched virtual circuits (SVCs), 372 switches versus bridges, 133 configuring characteristics, 274–275 initial steps, 275–281 models, 272–274 overview, 271 defined, 485 designing, 139–141 duplex, 136–137 initialization functions, 133–136 media devices, 81–85 modes, 137–138 overview, 129–130 physical features, 130–132 securing descriptions, 292–294 duplex, 292–294 exec-timeout, 285–287 overview, 281 passwords, 282–284 port security, 299–302 speed, 292–294 SSH, 287–290 switch IP addresses, 290–292 VLAN, 294–298 troubleshooting CDP, 426–430 interface status, 431–433 overview, 433–435 switchport commands, 294 SX (short wavelength), 119 symmetric DSL, 376 SYN (synchronization request) segments, 47 SYN flood attacks, 485 SYN/ACK (synchronization/acknowledgment) segments, 47 synchronization request (SYN) segments, 47 synchronization/acknowledgment (SYN/ACK) segments, 47 syslog, 485 system (SYST) indicator lamps, 131 system boot procedure, 235–236 System Configuration dialog See Setup mode System Network Architecture (SNA) model, 32 system:running-config command, 241 T T connectors, 9, 72, 106 TAB functions, 255 TCP (Transmission Control Protocol), 486 TCP/IP See Transmission Control Protocol/Internet Protocol telco, 367 Telecommunications Industry Association, the Electronic Industries Alliance (TIA/EIA), 73 telecommuters, 412 telnet, 287, 407–410, 485 telnet ipaddress command, 407 telnet parameter, 287, 288 Temporal Key Integrity Protocol (TKIP), 387 terminal emulation program, 242 terminal history size 20 command, 280 terminal history size command, 281 terminal history size x command, 280 terminal monitor command, 281 terminators, Terra Term, 242 TFTP (Trivial File Transfer Protocol), 39, 40, 237 thicknet (10BASE5) cables, 72 thinnet (10BASE2) cables, 72, 74 throughput, Thunderbird e-mail application, 14 TIA/EIA (Telecommunications Industry Association, the Electronic Industries Alliance), 73 timestamping, 485 TKIP (Temporal Key Integrity Protocol), 387 TLS (Transport Layer Security), 486 token passing logical topology, 7, 83 token ring networks, 83 Index top-level domains, 35 topologies, see also names of specific topologies, 5–7, 485 traceroute command, 54 transceivers, 17, 80 translational bridges, 83 Transmission Control Protocol (TCP), 486 Transmission Control Protocol/Internet Protocol (TCP/IP) Application layer DHCP, 37–39 DNS, 34–37 e-mail, 40–41 FTP, 39–40 overview, 34 SNMP, 41 Web surfing, 42–46 defined, 486 Network Access layer IP and ICMP, 54–56 Network Access layer, 56–57 overview, 53 versus OSI reference model, 32–34 overview, 31–34 Transport layer multiplexing, 51–53 port numbers, 51–53 TCP, 47–50 UDP, 50–51 transmission media copper cabling, 71–77 defined, 3, 477 fiber cabling, 77–78 overview, 70 shared access, 107–112 terminology, 70–71 transmit pins, 75 transport input commands, 287–288, 302 Transport layer multiplexing, 51–53 overview, 13, 15, 46 port numbers, 51–53 511 QoS, 405 security devices, 87 TCP, 47–50 User Datagram, 50–51 Transport Layer Security (TLS), 486 Trivial File Transfer Protocol (TFTP), 39, 40, 237 troubleshooting commands, 419–423 host, 423–426 overview, 417–419 router, 426–433, 436–438 switch, 426–435 tips for, 438–441 trunk interfaces, 486 trust, defined, 486 trusted interfaces, 486 tunnels, defined, 486 twist ratio, 73 twisted pair cables, 73–74, 487 Type field, 104 type parameter, 278–279 U UDP (User Datagram Protocol), 46, 50–51, 487 undebug all command, 341 unicast messages, 106 Uniform Resource Locators (URLs), 42 U-NII (Unlicensed National Information Infrastructure), 382 Unlicensed National Information Infrastructure (U-NII), 382 unshielded twisted pair (UTP) cables, 487 uplink interfaces, 274 uplink ports, 132 URLs (Uniform Resource Locators), 42 User Datagram Protocol (UDP), 46, 50–51, 487 User EXEC mode, 249 user mode, 283, 487 username name password password command, 283 UTP (unshielded twisted pair) cables, 487 512 CCENT Cisco Certified Entry Networking Technician Study Guide V validation, defined, 487 variable-length subnet masking (VLSM), 204, 487 VCIs (virtual channel identifiers), 373 VCs (virtual circuits), 372, 487 verification, defined, 487 version command, 337, 341, 349 virtual channel identifiers (VCIs), 373 virtual circuits (VCs), 372, 487 virtual local area networks (VLANs), 142–144, 294–299, 487 virtual path identifiers (VPIs), 373 virtual private networks (VPNs), 10, 375, 389, 415, 488 VLAN trunking, 294, 299–300 vlan vlan-id command, 294 VLAN1 interface, 290–292 VLANs (virtual local area networks), 142–144, 294–299, 487 VLSM (variable-length subnet masking), 204, 487 Voice over Internet Protocol (VoIP), 51, 406–407, 488 VoIP (Voice over Internet Protocol), 51, 406–407, 488 VPIs (virtual path identifiers), 373 VPNs (virtual private networks), 10, 375, 389, 415, 488 W WAN interface card (WIC), 317 WANs See wide area networks WAPs (wireless access points), 380, 384 war driving, 386 web surfing protocols, 42–46 well-known port numbers, 51 WEP (Wired Equivalent Privacy), 388–389, 488 WIC (WAN interface card), 317 wide area networks (WANs) defined, 488 NAT, 378–380 overview, 8–10, 364–368 packet switched technologies ATM, 372–374 frame relay, 371–372 PAT, 378–380 point-to-point technologies, 368–370 remote access technologies cable modems, 377 DSL, 375–377 PSTN, 374–375 Wi-Fi Protected Access (WPA), 389, 488 Windows Internet Name Service (WINS), 158 Wired Equivalent Privacy (WEP), 388–389, 488 wireless access points (WAPs), 380, 384 wireless encryption standards, 388–389, 488 wireless LANs (WLANs) defined, 488 installing, 384–385 overview, 380–384 security encryption standards, 388–389 options, 389–390 threats and mitigations, 386–388 WLANs See wireless LANs World Wide Web (WWW), 42 WPA (Wi-Fi Protected Access), 389, 488 write commands, 239, 241 WWW (World Wide Web), 42 X X.509v3 standard, 488 XOR (exclusive-or), 488 Z Zero Configuration Utility, 385 zero subnets, 204, 210, 217, 488 zones, defined, 36 [ THE BEST ] in Microsoft Certification Prep VISIT MHPROFESSIONAL.COM TO READ SAMPLE CHAPTERS AND LEARN MORE THE BEST IN SECURITY CERTIFICATION PREP CISSP Certification All-in-One Exam Guide, 4th Ed Shon Harris CISA Certified Information Systems Auditor All-in-One Exam Guide Shon Harris Mike Meyers’ CompTIA Security+ Certification Passport, 2nd Ed T.J Samuelle CompTIA® Security+ All-in-One Exam Guide, 2nd Ed Greg White, Art Conklin, et al To learn more about McGraw-Hill’s broad certification publishing program, visit mhprofessional.com/certification MHPROFESSIONAL.COM LICENSE AGREEMENT THIS PRODUCT (THE “PRODUCT”) CONTAINS PROPRIETARY SOFTWARE, DATA AND INFORMATION (INCLUDING DOCUMENTATION) OWNED BY THE McGRAW-HILL COMPANIES, INC (“McGRAW-HILL”) AND ITS LICENSORS YOUR RIGHT TO USE THE PRODUCT IS GOVERNED BY THE TERMS AND CONDITIONS OF THIS AGREEMENT AND IS FURTHER SUBJECT TO THE TERMS AND CONDITIONS CONTAINED IN EACH OF APPLICABLE LICENSOR’S LICENSE AGREEMENT (each an “LLA”) INCLUDED AS PART OF THE PRODUCT LICENSE: Throughout this License Agreement, “you” shall mean either the individual or the entity whose agent opens this package You are granted a non-exclusive and non-transferable license to use the Product subject to the following terms: (i) If you have licensed a single user version of the Product, the Product may only be used on a single computer (i.e., a single CPU) If you licensed and paid the fee applicable to a local area network or wide area network version of the Product, you are subject to the terms of the following subparagraph (ii) (ii) If you have licensed a local area network version, you may use the Product on unlimited workstations located in one single building selected by you that is served by such local area network If you have licensed a wide area network version, you may use the Product on unlimited workstations located in multiple buildings on the same site selected by you that is served by such wide area network; provided, however, that any building will not be considered located in the same site if it is more than five (5) miles away from any building included in such site In addition, you may only use a local area or wide area network version of the Product on one single server If you wish to use the Product on more than one server, you must obtain written authorization from McGraw-Hill and pay additional fees (iii) You may make one copy of the Product for back-up purposes only and you must maintain an accurate record as to the location of the back-up at all times COPYRIGHT; RESTRICTIONS ON USE AND TRANSFER: All rights (including copyright) in and to the Product are owned by McGraw-Hill and its licensors You are the owner of the enclosed disc on which the Product is recorded You may not use, copy, decompile, disassemble, reverse engineer, modify, reproduce, create derivative works, transmit, distribute, sublicense, store in a database or retrieval system of any kind, rent or transfer the Product, or any portion thereof, in any form or by any means (including electronically or otherwise) except as expressly provided for in this License Agreement and each LLA You must reproduce the copyright notices, trademark notices, legends and logos of McGraw-Hill and its licensors that appear on the Product on the back-up copy of the Product which you are permitted to make hereunder All rights in the Product not expressly granted herein are reserved by McGraw-Hill and its licensors TERM: This License Agreement is effective until terminated It will terminate if you fail to comply with any term or condition of this License Agreement and each LLA Upon termination, you are obligated to return to McGraw-Hill the Product together with all copies thereof and to purge all copies of the Product included in any and all servers and computer facilities DISCLAIMER OF WARRANTY: THE PRODUCT AND THE BACK-UP COPY ARE LICENSED “AS IS.” McGRAW-HILL, ITS LICENSORS AND THE AUTHORS MAKE NO WARRANTIES, EXPRESS OR IMPLIED, AS TO THE RESULTS TO BE OBTAINED BY ANY PERSON OR ENTITY FROM USE OF THE PRODUCT, ANY INFORMATION OR DATA INCLUDED THEREIN AND/OR ANY TECHNICAL SUPPORT SERVICES PROVIDED HEREUNDER, IF ANY (“TECHNICAL SUPPORT SERVICES”) McGRAW-HILL, ITS LICENSORS AND THE AUTHORS MAKE NO EXPRESSOR IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE OR USE WITH RESPECT TO THE PRODUCT McGRAW-HILL, ITS LICENSORS, AND THE AUTHORS MAKE NO GUARANTEE THAT YOU WILL PASS ANY CERTIFICATION EXAM WHATSOEVER BY USING THIS PRODUCT NEITHER McGRAW-HILL, ANY OF ITS LICENSORS NOR THE AUTHORS WARRANT THAT THE FUNCTIONS CONTAINED IN THE PRODUCT WILL MEET YOUR REQUIREMENTS OR THAT THE OPERATION OF THE PRODUCT WILL BE UNINTERRUPTED OR ERROR FREE YOU ASSUME THE ENTIRE RISK WITH RESPECT TO THE QUALITY AND PERFORMANCE OF THE PRODUCT LIMITED WARRANTY FOR DISC: To the original licensee only, McGraw-Hill warrants that the enclosed disc on which the Product is recorded is free from defects in materials and workmanship under normal use and service for a period of ninety (90) days from the date of purchase In the event of a defect in the disc covered by the foregoing warranty, McGraw-Hill will replace the disc LIMITATION OF LIABILITY: NEITHER McGRAW-HILL, ITS LICENSORS NOR THE AUTHORS SHALL BE LIABLE FOR ANY INDIRECT, SPECIAL OR CONSEQUENTIAL DAMAGES, SUCH AS BUT NOT LIMITED TO, LOSS OF ANTICIPATED PROFITS OR BENEFITS, RESULTING FROM THE USE OR INABILITY TO USE THE PRODUCT EVEN IF ANY OF THEM HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES THIS LIMITATION OF LIABILITY SHALL APPLY TO ANY CLAIM OR CAUSE WHATSOEVER WHETHER SUCH CLAIM OR CAUSE ARISES IN CONTRACT, TORT, OR OTHERWISE Some states not allow the exclusion or limitation of indirect, special or consequential damages, so the above limitation may not apply to you U.S GOVERNMENT RESTRICTED RIGHTS: Any software included in the Product is provided with restricted rights subject to subparagraphs (c), (1) and (2) of the Commercial Computer Software-Restricted Rights clause at 48 C.F.R 52.227-19 The terms of this Agreement applicable to the use of the data in the Product are those under which the data are generally made available to the general public by McGraw-Hill Except as provided herein, no reproduction, use, or disclosure rights are granted with respect to the data included in the Product and no right to modify or create derivative works from any such data is hereby granted GENERAL: This License Agreement and each LLA constitute the entire agreement between the parties relating to the Product The terms of any Purchase Order shall have no effect on the terms of this License Agreement or any LLA In the event of any conflict between the terms of this License Agreement and any LLA, the terms of the applicable LLA shall govern Failure of McGraw-Hill to insist at any time on strict compliance with this License Agreement shall not constitute a waiver of any rights under this License Agreement This License Agreement shall be construed and governed in accordance with the laws of the State of New York If any provision of this License Agreement is held to be contrary to law, that provision will be enforced to the maximum extent permissible and the remaining provisions will remain in full force and effect .. .CCENT? ?? ® Cisco Certified Entry Networking Technician Study Guide (Exam 640-822) This page intentionally left blank ® CCENT? ?? Cisco Certified Entry Networking Technician Study Guide (Exam. .. Wireless Networking 3 10 10 11 Implement a small routed network Beginner Exam Readiness Checklist Advanced CCENT Cisco Certified Entry Networking Technician Study Guide Intermediate xl Study Guide. .. on all questions, much like the exam itself, or target your study by focusing on a single category xxii CCENT Cisco Certified Entry Networking Technician Study Guide Categories roughly match