31 day befor CCNA Exam

["operational overview, 241 dynamic routing 415 redistribution, 277 Digital Subscriber Line (DSL), 330\u2013331 default VLANs, 84 Dijkstra algorithm, 205\u2013206 dir command, 372\u2013373, 376\u2013377 default-information originate disabling VLANs, 96 command, 277 distance vector protocols, 198\u2013199 denial of service (DoS) attacks, 287, 291 administrative distance, 201\u2013203 IGP comparison summary, 203 denying metrics, 200\u2013201 FTP, 304 distributed denial of service (DDoS) hosts, 302, 305\u2013306 attacks, 291 SSH, 303 distribution layer (hierarchical campus subnets, 303 design), 25 Telnet, 303, 304\u2013305 distribution layer switches, 14 distribution system (DS), 153 DES (Data Encryption Standard), 338 DMVPN (Dynamic Multipoint VPN), 335\u2013336 description command, 210 DNS (Domain Name System), 3 operational overview, 140\u2013142 designated router (DR), 259, 279\u2013281 troubleshooting, 142\u2013143 DoS (denial of service) attacks, 287, 291 device hardening. See security DR (designated router), 259, 279\u2013281 DS (distribution system), 153 devices DSCP (Differentiated Services Code connection guidelines, 22 Point), 345\u2013346 firewalls, 16 DSL (Digital Subscriber Line), 330\u2013331 hubs versus switches, 13 DTP (Dynamic Trunking Protocol), IDS\/IPS, 17 87\u201388 next-generation firewalls, 17\u201318 dual-homed WANs, 325 physical connections, 20 dual-stacking, 80\u201381 routers. See routers dumpster diving, 291 switches. See switches duplex command, 47, 52 wireless access points\/LAN controllers, duplicate IP addresses, troubleshooting, 18\u201320 225 dynamic ARP inspection (DAI), DHCP (Dynamic Host Configuration 191\u2013193 Protocol), 3 Dynamic Host Configuration attacks Protocol. See DHCP (Dynamic Host mitigation, 188\u2013190 Configuration Protocol) types of, 188 Dynamic Multipoint VPN (DMVPN), troubleshooting, 140 335\u2013336 dynamic NAT, 318 DHCPv4 configuring, 320\u2013321 conf ig ur ing dynamic routing as client, 133\u2013134 administrative distance, 201\u2013203 options, 128 classful protocols, 200 to relay requests, 132\u2013133 classless protocols, 200 as server, 128\u2013132 operational overview, 127\u2013128 From the Library of javad mokhtari DHCPv6 stateful, 136 configuring, 139 operational overview, 136\u2013137 stateless, 136 configuring, 137\u2013139 operational overview, 136\u2013137 Differentiated Services Code Point (DSCP), 345\u2013346","416 dynamic routing legacy technologies, 33\u201335 operational overview, 32\u201333 convergence, 206\u2013207 switches. See switches Dijkstra algorithm, 205\u2013206 UTP cabling, 36\u201337 distance vector protocols, 198\u2013199 EUI-64 configuration, 78\u201379, 218 IGP and EGP, 198 exam IGP comparison summary, 203 after completion, 407 link-state protocols, 199, 204\u2013207 certified score report, 407 LSDB, building, 204\u2013205 failed, 410 metrics, 200\u2013201 receiving certificate, 409 protocol types, 198 what to bring, 407 routing loop prevention, 203\u2013204 EXEC sessions, 42 static routing versus, 197 exit-interface parameter, IPv4 static Dynamic Trunking Protocol (DTP), routing, 244\u2013245 87\u201388 Expedited Forwarding (EF), 346\u2013347 exploits, 285 E extended IPv6 ACLs, configuring, 310\u2013311 eavesdropping attacks, 287 extended named IPv4 ACLs edge ports, RSTP, 107 adding comments, 306 editing Cisco IOS commands, 43\u201344 configuring, 306 EF (Expedited Forwarding), 346\u2013347 verifying, 307\u2013308 EGP (exterior gateway protocols), 198 extended numbered IPv4 ACLs EIGRP (Enhanced Interior Gateway adding comments, 306 configuring, 303\u2013305 Routing Protocol), 203 verifying, 307\u2013308 enable secret command, 210 extended service set (ESS), 154 encapsulation, 4\u20135, 12 extended system ID, PVST+, 104\u2013105 encryption exterior gateway protocols (EGP), 198 tools, 287 VPNs, 338 F WLANs, 161\u2013162 endpoint security, 173 fabric, 390 Cisco ESA, 173\u2013174 failed exam, 410 Cisco WSA, 174\u2013175 Fast Ethernet, 35 error recovery, 7\u20138 FHRPs (first-hop redundancy ESP (Encapsulating Security Payload), 341 protocols), 119\u2013120 ESS (extended service set), 154 fiber-optic cable, 20, 21 EtherChannel firewalls, 16 benefits of, 114 configuring, 116\u2013117 next-generation, 17\u201318 operational overview, 113\u2013114 flow control, 8 protocols, 115\u2013116 forensic tools, 287 restrictions, 114 fragment-free mode, 32 troubleshooting, 119 frame forwarding, 31\u201332 verifying, 117\u2013119 framing (Ethernet), 38\u201339 Ethernet, 4 addressing, 37\u201338 From the Library of javad mokhtari current technologies, 35 framing, 38\u201339","FTP (File Transfer Protocol), 3 intrusion detection systems (IDS) 417 denying, 304 hub-and-spoke WANs, 325 full duplex, 47 hubs full mesh WANs, 325 limitations, 29 G switches versus, 13 hybrid clouds, 382 GCMP (Galois\/Counter Mode Protocol), 161 I Gigabit Ethernet, 35 IaaS (Infrastructure as a Service), 382 GLBP (Gateway Load Balancing IBSS (Independent Basic Service Set), Protocol), 120 154 global unicast addresses, 68\u201370 ICMP (Internet Control Message GRE (Generic Routing Encapsulation), Protocol), 4 334 ICMP attacks, 292 icons for networking diagrams, 13 H IDS (intrusion detection systems), 17 IFS (Integrated File System), 371 hacking operating systems, 287 half duplex, 47 commands, 371\u2013373 hashes, 338\u2013340 configuration file management, 374\u2013375 header (TCP), 6 URL prefixes, 373\u2013374 header format (IPv4), 55 IGP (interior gateway protocols), hello intervals, modifying, 278 198, 203 help facilities in Cisco IOS, 42\u201343 IMAP (Internet Message Access hierarchical campus designs, 25\u201327 Protocol), 3 host ID (IPv4), 55 impersonation, 291 host IP settings, 143 inbound ACLs, 295\u2013296 infrastructure mode, 152\u2013154 on Linux, 146\u2013148 interface ACLs, 295\u2013296 on macOS, 145\u2013146 interface command, 210 on Windows, 143\u2013145 interface IDs, subnetting, 78 host ranges, listing, 60\u201361 interface rance command, 47 hostname command, 210 interface status codes, 52, 213\u2013214 hosts, denying, 302, 305\u2013306 Internet layer (TCP\/IP), 3, 10 hot keys for Cisco IOS commands, Internet Protocol (IP), 4 43\u201344 Internet WAN connections, 330\u2013332 HSRP (Hot Standby Router Protocol), internetworks, 23 120 inter-VLAN routing configuring and verifying, 122\u2013123 Layer 3 routed port configuration, 240 load balancing, 123\u2013125 legacy inter-VLAN routing, 233\u2013234 operational overview, 121 multilayer switching, 235 priority and preemption, 122 troubleshooting, 126 configuring and verifying, 238 versions, 121 router on a stick, 234 HTTP (Hypertext Transfer Protocol), 3 HTTP methods, RESTful APIs and, configuring and verifying, 235\u2013238 400 SVIs, creating, 238\u2013240 types of, 233 intranets, 23 intrusion detection systems (IDS), 17 From the Library of javad mokhtari","418 intrusion prevention systems (IPS) summary routing, configuring, 248\u2013249 troubleshooting, 224\u2013225 intrusion prevention systems (IPS), 17 IPv4 embedded addresses, 72\u201373 IP (Internet Protocol), 4 ipv6 access-list command, 309 ip address command, 210 ipv6 address autoconfig command, 138 IP address spoofing attacks, 287, 292 ipv6 address dhcp command, 139 IP attacks, 291\u2013292 IPv6 addressing ip helper-address command, 132\u2013133 ACLs configuring, 309\u2013311 IP host settings. See host IP settings IPv4 ACLs versus, 308\u2013309 verifying, 311\u2013313 ip ospf cost command, 270 address conventions, 76 address types, 67\u201368 ip ospf priority command, 279 anycast addresses, 75 benefits of, 65\u201366 ip route command, 242 default routing, configuring, 252 EUI-64 configuration, 78\u201379 ipconfig command, 48\u201349 IPv4 addressing versus, 66 migrating to, 80\u201381 IPP (IP Precedence), 345\u2013346 multicast addresses, 73\u201375 assigned, 73\u201374 IPS (intrusion prevention systems), 17 solicited-node, 74\u201375 prefix conventions, 76\u201377 IPSec, 340\u2013341 router configuration, 217\u2013220 command syntax, 217\u2013218 IPv4 addressing EUI-64 configuration, 218 ACLs link-local addresses, 219 adding comments, 306 verifying connectivity, 220\u2013223 extended named configuration, 306 routing table, 230 extended numbered configuration, 303\u2013305 SLAAC, 79\u201380 IPv6 ACLs versus, 308\u2013309 static routing standard named configuration, 305\u2013306 configuring, 251 standard numbered configuration, 301\u2013303 operational overview, 249\u2013250 verifying, 307\u2013308 subnetting, 77\u201378 classes of addresses, 56\u201357 summary routing, configuring, 253 default routing, configuring, 245\u2013248 troubleshooting, 224\u2013225 header format, 55 unicast addresses, 68\u201373 IPv6 addressing versus, 66 global, 68\u201370 JSON format, 399 IPv4 embedded, 72\u201373 migrating to IPv6, 80\u201381 link-local, 71 private\/public addressing, 58 loopback, 71 resolving conf licts, 140 unique local, 72 router configuration, 209\u2013217 unspecified, 71 command syntax, 210 verification, 212\u2013217 ipv6 route command, 251 verifying connectivity, 220\u2013223 routing table, 229\u2013230 J static routing configuring, 242\u2013243 jitter, 343 exit-interface parameter, 244\u2013245 next-hop parameter, 244 JSON (JavaScript Object Notation), subnetting 398\u2013399 addressing scheme, listing, 60\u201361 bits to borrow, determining, 59\u201360 From the Library of javad mokhtari examples, 61\u201362 purpose of subnet masks, 57\u201358 steps in, 58\u201359 subnet masks, determining new, 60 subnet multiplier, determining, 60 VLSM, 62\u201364","L metrics 419 LACP (Link Aggregation Control list logic of ACLs, 296\u2013297 Protocol), 115\u2013116 LLC (Logical Link Control) sublayer, LANs (local-area networks) 32\u201333 components of, 23 LLDP (Link Layer Discovery Protocol) threat mitigation ARP, 190\u2013193 configuring, 357\u2013358 DHCP, 188\u2013190 operational overview, 357 VLANs, 185\u2013187 verifying, 358\u2013360 lldp holdtime command, 357 latency (delay), 343 lldp reinit command, 357 lldp run command, 357 Layer 1 problem indicators, 54 lldp timer command, 357 LLQ (Low Latency Queueing), 347 Layer 2 switching, 32 load balancing HSRP, 123\u2013125 local authentication, 175\u2013176 Layer 3 routed ports, configuring, 240 local-area networks. See LANs (local-area networks) Layer 3 switching, 32 logging into WLC, 163\u2013165 logical topologies, 24\u201325 layers (hierarchical campus design), login command, 210 25\u201327 login local command, 210 longest match, 227\u2013228 layers (OSI) loopback addresses, 71 list of, 2\u20133 loss, 343 PDUs, 4\u20135 LSAs (link-state advertisements), physical, 39\u201340 258\u2013261, 278\u2013279 LSDB (link-state database), 204\u2013205 layers (TCP\/IP) application, 5 M encapsulation summary, 12 Internet, 10 MAC (Media Access Control) sublayer, list of, 3 32, 33 network access, 10\u201312 transport, 5\u201310 macOS, verifying host IP settings, 145\u2013146 leased lines, 327\u2013328 malware, 288\u2013289 legacy Ethernet technologies, 33\u201335 management plane, 383\u2013384 management VLANs, 85, 185\u2013186 legacy inter-VLAN routing, 233\u2013234 man-in-the-middle attacks, 288, 290, lightweight AP architecture, 156\u2013157 292 marking, 344\u2013347 line console command, 210 media issues, troubleshooting, 51\u201352 memory buffering, 32 line vty 0 15 command, 210 mesh topology, 154 messages (SNMP), 361\u2013362 Link Aggregation Control Protocol metrics (LACP), 115\u2013116 dynamic routing, 200\u2013201 link-local addresses, 71, 219 single-area OSPF, 268\u2013270 link-state advertisements (LSAs), From the Library of javad mokhtari 258\u2013261, 278\u2013279 link-state database (LSDB), 204\u2013205 link-state protocols, 199, 204\u2013207 convergence, 206\u2013207 Dijkstra algorithm, 205\u2013206 LSDB, building, 204\u2013205 link-state routing process, OSPF, 260\u2013261 Linux, verifying host IP settings, 146\u2013148","420 Metro Ethernet network access layer (TCP\/IP), 3, 10\u201312 Network Address Translation. See NAT Metro Ethernet, 329 MIB (Management Information Base), (Network Address Translation) network attacks, 289 362\u2013363 mitigation. See threat mitigation access attacks, 290 modifying OSPFv2 DoS and DDoS attacks, 291 IP attacks, 291\u2013292 default route redistribution, 277 reconnaissance attacks, 289 DR\/BDR election, 279\u2013281 social engineering attacks, 290\u2013291 hello and dead intervals, 278 transport layer attacks, 292 Moran, Matthew, 409\u2013410 network automation MPLS (Multiprotocol Label Switching), configuration management tools, 402 330 MST (Multiple Spanning Tree), 102 Ansible, 403 MSTP (Multiple Spanning Tree Chef, 405 Protocol), 102 comparison of, 405 multiarea OSPF, 262 Puppet, 403\u2013404 design, 262\u2013264 data formats performance, 264 comparison of, 397\u2013398 multicast addresses, 38, 73\u201375 JSON, 398\u2013399 assigned, 73\u201374 RESTful APIs, 400\u2013402 solicited-node, 74\u201375 network command, 267\u2013268 multilayer switching, 235 network ID (IPv4), 55 configuring and verifying, 238 network layer (OSI), 2 municipal Wi-Fi, 332 network media, 20\u201322 choosing, 21 N copper, 21 fiber-optic, 21 named IPv4 ACLs standards, 22 adding comments, 306 wireless, 21 extended configuration, 306 network scanning\/hacking tools, 286 standard configuration, 305\u2013306 networking icons, 13 verifying, 307\u2013308 networks, permitting, 302 next-hop parameter, IPv4 static NAT (Network Address Translation) routing, 244 benefits of, 319 NGFWs (next-generation firewalls), dynamic, 318 17\u201318 configuring, 320\u2013321 no cdp enable command, 353\u2013354 limitations, 319 no cdp run command, 353 overloading, 318\u2013319 no lldp receive command, 357 configuring, 321\u2013322 no lldp transmit command, 357 process overview, 317 no service dhcp command, 130 static, 318 no shutdown command, 210 configuring, 319\u2013320 NS (Neighbor Solicitation) messages, terminology, 315\u2013317 134 troubleshooting, 323\u2013324 NTP (Network Time Protocol), verifying, 322\u2013323 370\u2013371 ntp server command, 370 native VLANs, 85, 185\u2013186 navigating Cisco IOS commands, 43\u201344 From the Library of javad mokhtari Neighbor Solicitation (NS) messages, 134","numbered IPv4 ACLs port hardening 421 adding comments, 306 extended configuration, 303\u2013305 overlay, 390, 391 standard configuration, 301\u2013303 overloading NAT, 318\u2013319, 321\u2013322 verifying, 307\u2013308 P O PaaS (Platform as a Service), 382 Open Shortest Path First. See OSPF packet crafting tools, 287 (Open Shortest Path First) packet forwarding, 195, 228 open system authentication, 159 longest match, 227\u2013228 path determination and switching OpenDaylight, 385\u2013386 functions, 196\u2013197 packet sniffers, 287 OpenFlow, 385\u2013386 packet-switched WAN connections, 329\u2013330 OpFlex, 386 PAgP (Port Aggregation Protocol), 115 passive interfaces, OSPF, 268 OSI (Open Systems Interconnection) passive-interface command, 268 model, 1\u20132 password command, 210 layers password crackers, 286 list of, 2\u20133 password recovery, 377\u2013378 physical, 39\u201340 password-based attacks, 287, 290 PDUs, 4\u20135 path determination and switching functions, 196\u2013197 OSPF (Open Shortest Path First), 203 PDUs (protocol data units), 4\u20135 multiarea, 262 penetration testing tools, 286\u2013287 design, 262\u2013264 permitting performance, 264 networks, 302 network types, 278\u2013279 SSH, 310 OSPFv2, OSPFv3 versus, 261\u2013262 web traffic, 310\u2013311 single-area, 255 Per-VLAN Spanning Tree Plus. See algorithm, 259\u2013260 PVST+ (Per-VLAN Spanning Tree configuring, 265\u2013270 Plus) DR and BDR, 259 phishing, 290 link-state advertisements, 258\u2013261 physical connections, 20 link-state routing process, 260\u2013261 troubleshooting, 51\u201352 message format, 255\u2013256 physical layer (OSI), 2, 39\u201340 neighbor establishment, 256\u2013258 physical topologies, 24\u201325 packet types, 256 ping command, 48, 49\u201350 verifying, 270\u2013274 successful, 220\u2013221 troubleshooting, 281\u2013283 unsuccessful, 221 Platform as a Service (PaaS), 382 OSPFv2 point-to-point WANs, 325 configuration example, 275\u2013277 policing, 347\u2013349 modifying POP3 (Post Office Protocol), 3 default route redistribution, 277 Port Aggregation Protocol (PAgP), 115 DR\/BDR election, 279\u2013281 port hardening, 178 hello and dead intervals, 278 OSPFv3 versus, 261\u2013262 From the Library of javad mokhtari single-area configuring, 265\u2013270 verifying, 270\u2013274 OSPFv3, OSPFv2 versus, 261\u2013262 outbound ACLs, 295\u2013296","422 port numbers R port numbers, 7 RA (Router Advertisement) messages, port redirection, 290 134 port roles, RSTP, 106\u2013107 port security, 181 radio frequencies. See RF spectrum RADIUS (Remote Authentication aging, 183\u2013184 configuring, 181\u2013183 Dial-In User Service), 178\u2013179 restoration, 184\u2013185 RADIUS server, configuring, 166 port speed, 47 ransomware, 288 port states Rapid PVST+, 102 PVST+, 104 RSTP, 105\u2013106 configuring, 111 port-based memory, 32 edge ports, 107 PortFast, configuring, 110\u2013111 interface behavior, 105 positive acknowledgment, 7 operational overview, 105 positive acknowledgment with port roles, 106\u2013107 retransmission, 8 port states, 105\u2013106 Post Office Protocol (POP3), 3 Rapid STP. See RSTP (Rapid STP) preemption, HSRP, 122 receiving certificate, 409 prefixes (IPv6), 76\u201377 reconnaissance attacks, 289 presentation layer (OSI), 2 redundancy, 99\u2013100 pretexting, 290 reference bandwidth, 268\u2013269 PRI (Primary Rate Interface), 328 relaying requests, DHCPv4, 132\u2013133 priority, HSRP, 122 reliability, 7\u20138 private clouds, 382 remote access with SSH, 222\u2013223 private IP addressing, 58 remote-access VPNs, 334 protocol data units (PDUs), 4\u20135 RESTful APIs, 400\u2013402 protocols (TCP\/IP), list of, 3\u20134 restoring public clouds, 382 Cisco IOS images, 376\u2013377 public IP addressing, 58 ports, 184\u2013185 Puppet, 403\u2013404 resum\u00e9, certifications on, 409\u2013410 PVST+ (Per-VLAN Spanning Tree RF spectrum, 149\u2013150 Plus), 102 channels, 150\u2013151 extended system ID, 104\u2013105 RIPv2 (Routing Information Protocol operational overview, 103\u2013104 version 2), 203 port states, 104 risk, 285 Rivest, Shamir, and Adleman (RSA), Q 338 rootkit detectors, 287 QoS (quality of service) rootkits, 289 classification and marking, 344\u2013347 Router Advertisement (RA) messages, congestion management, 347 134 policing and shaping, 347\u2013349 router ID, 266\u2013267 TCP discards, 349 router on a stick, 234 tools, 344 configuring and verifying, 235\u2013238 traffic types, 343\u2013344 router ospf command, 266 Router Solicitation (RS) messages, 134 quid pro quo attacks, 291 From the Library of javad mokhtari","router-id command, 266\u2013267 security 423 routers, 15 routing tables conf ig ur ing components of, 228\u2013231 command syntax, 210, 217\u2013218 entry structure, 232 EUI-64 configuration, 218 longest match, 227\u2013228 with IPv4, 209\u2013217 principles, 231 with IPv6, 217\u2013220 link-local addresses, 219 RS (Router Solicitation) messages, 134 verification, 212\u2013217 RSA (Rivest, Shamir, and Adleman), default routing IPv4 configuration, 245\u2013248 338 IPv6 configuration, 252 RSTP (Rapid STP), 102 operational overview, 241 redistribution, 277 configuring, 111 dynamic routing edge ports, 107 administrative distance, 201\u2013203 interface behavior, 105 classful protocols, 200 operational overview, 105 classless protocols, 200 port roles, 106\u2013107 convergence, 206\u2013207 port states, 105\u2013106 Dijkstra algorithm, 205\u2013206 distance vector protocols, 198\u2013199 S IGP and EGP, 198 IGP comparison summary, 203 SaaS (Software as a Service), 382 link-state protocols, 199, 204\u2013207 satellite Internet, 332 LSDB, building, 204\u2013205 SDA (Software-Defined Access) metrics, 200\u2013201 protocol types, 198 architecture, 389 routing loop prevention, 203\u2013204 Cisco DNA Center and, 392\u2013393 static routing versus, 197 fabric, 390 packet forwarding, 195, 228 overlay, 391 longest match, 227\u2013228 underlay, 390\u2013391 path determination and switching functions, SDN (software-defined networking), 196\u2013197 383 password recovery, 377\u2013378 ACI, 386 purpose of, 227 APIC-EM, 387\u2013388 SOHO, 24, 223\u2013224 controllers, 384\u2013385 static routing data, control, management planes, exit-interface parameter, 244\u2013245 383\u2013384 IPv4 configuration, 242\u2013243 OpenFlow, 385\u2013386 IPv6 configuration, 249\u2013251 spine and leaf design, 387 next-hop parameter, 244 Secure Shell. See SSH (Secure Shell) operational overview, 241 Secure Socket Layer (SSL), IPSec summary routing versus, 340 IPv4 configuration, 248\u2013249 security IPv6 configuration, 253 access control, 175 verifying connectivity, 220\u2013223 802.1X, 179\u2013181 Routing Information Protocol AAA, 178\u2013179 version 2 (RIPv2), 203 local authentication, 175\u2013176 SSH configuration, 176\u2013177 routing loop prevention, 203\u2013204 switch port hardening, 178 attack types, 287\u2013288 attack vectors, 286 data exfiltration, 286 From the Library of javad mokhtari","424 security show cdp neighbors detail command, 354\u2013356 endpoint security, 173 Cisco ESA, 173\u2013174 show cdp traffic command, 356 Cisco WSA, 174\u2013175 show commands (Cisco IOS), 44\u201345 show etherchannel summary command, IPSec, 340\u2013341 malware types, 288\u2013289 117\u2013118 network attacks, 289 show file systems command, 371 show flash: command, 372, 376\u2013377 access attacks, 290 show history command, 44 DoS and DDoS attacks, 291 show interface command output, IP attacks, 291\u2013292 reconnaissance attacks, 289 215\u2013217 social engineering attacks, 290\u2013291 show interface gigabitethernet 0\/0 transport layer attacks, 292 password recovery, 377\u2013378 command, 214\u2013215 penetration testing tools, 286\u2013287 show interface GigabitEthernet0\/0\/0 port security, 181 aging, 183\u2013184 command, 398 configuring, 181\u2013183 show interface status command, 95 restoration, 184\u2013185 show interface switchport command, programs, 293 terminology, 285 118\u2013119 VPN connections, 337\u2013340 show interfaces command, 210 WLANs, 158 authentication, 158\u2013161 duplex and speed mismatches, 52\u201354 encryption, 161\u2013162 interface status codes, 52 selecting. See choosing interface VLAN assignment, 91\u201392 server virtualization, 379\u2013381 show interfaces status command, 52\u201354 servers (DHCPv4), configuring, show interfaces switchport command, 128\u2013132 95, 98 servers (DHCPv6), configuring show interfaces trunk command, stateless, 137\u2013139 93\u201394, 97 service sequence-numbers command, show ip dhcp binding command, 130 367 show ip dhcp conflict command, 140 service set identifier (SSID), 153 show ip dhcp server statistics service timestamps command, 367 command, 130 service-password encryption command, show ip interface brief command, 210, 211 213, 237\u2013238, 270\u2013272 session hijacking, 292 show ip interface command, 307 session layer (OSI), 2 show ip nat statistics command, 323 shaping, 347\u2013349 show ip nat translations command, 322 shared key authentication, 159\u2013160 show ip ospf command, 266, 273\u2013274, shared memory, 32 283 shortcut keys for Cisco IOS show ip ospf interface brief command, commands, 43\u201344 274 shoulder surfing, 291 show ip ospf interface command, 283 show access-lists command, 307, 312 show ip ospf interfaces command, 266 show cdp command, 353 show ip ospf neighbor command, 272, show cdp interface command, 352, 354 282 show cdp neighbors command, 353 show ip protocols command, 202, 266, 270\u2013272, 282 From the Library of javad mokhtari","show ip route command, 200\u2013201, 210, solicited-node multicast addresses 425 212\u2013213, 237\u2013238, 270\u2013272 show vlans command, 237\u2013238 show ip route ospf command, 283 Simple Mail Transfer Protocol show ipv6 access-list command, 312 show ipv6 interface command, 138, 313 (SMTP), 3 show ipv6 interface gigabitethernet 0\/0 Simple Network Management command, 220 Protocol. See SNMP (Simple Network show ipv6 route command, 251 Management Protocol) show lldp command, 358\u2013360 single-area OSPF, 255 show lldp interface command, 358\u2013360 algorithm, 259\u2013260 show lldp neighbors command, configuring, 265\u2013270 358\u2013360 metrics, 268\u2013270 show lldp neighbors detail command, network command, 267\u2013268 passive interfaces, 268 358\u2013360 router ID, 266\u2013267 show lldp traffic command, 358\u2013360 router ospf command, 266 show logging command, 367\u2013369 DR and BDR, 259 show mac address-table command, 95 link-state advertisements, 258\u2013261 show ntp associations command, link-state routing process, 260\u2013261 message format, 255\u2013256 370\u2013371 neighbor establishment, 256\u2013258 show ntp status command, 370\u2013371 packet types, 256 show port-security command, 182\u2013183 verifying, 270\u2013274 show port-security interface command, site-to-site VPNs, 333 SLAAC (stateless address 184 autoconfiguration), 79\u201380, 134\u2013135 show run command, 117, 311\u2013312, 323 SMTP (Simple Mail Transfer show running-config command, 210, Protocol), 3 sniffer attacks, 288 212, 307\u2013308 SNMP (Simple Network Management show snmp command, 364\u2013365 Protocol), 3, 361 show snmp community command, 365 components of, 361 show spanning-tree active command, configuring, 364 messages, 361\u2013362 111 MIB, 362\u2013363 show spanning-tree bridge command, verifying, 364\u2013365 versions, 362 111 snmp-server community command, show spanning-tree command, 110, 111 364 show spanning-tree detail command, snooping (DHCP), 188\u2013190 social engineering attacks, 290\u2013291 111 Software as a Service (SaaS), 382 show spanning-tree interface Software-Defined Access. See SDA (Software-Defined Access) command, 111 software-defined networking. See SDN show spanning-tree summary (software-defined networking) SOHO (small office\/home office), command, 111 23\u201324, 223\u2013224 show spanning-tree vlan command, 111 solicited-node multicast addresses, show standby command, 122\u2013123 74\u201375 show version command, 375 show vlan brief command, 88\u201389, 90, From the Library of javad mokhtari 91, 95 show vlan command, 95, 96 show vlan id command, 95","426 something for something attacks exit-interface parameter, 244\u2013245 next-hop parameter, 244 something for something attacks, 291 IPv6 spam, 290 configuring, 251 Spanning Tree Protocol. See STP operational overview, 249\u2013250 operational overview, 241 (Spanning Tree Protocol) spanning-tree mode rapid-pvst store-and-forward switching, 31 command, 111 STP (Spanning Tree Protocol) spear phishing, 290 algorithm, 100\u2013101 speed command, 47, 52 benefits of, 99\u2013100 spine and leaf design, 387 configuring, 108 split-MAC architecture, 157\u2013158 bridge ID (BID), 108\u2013110 spoofing attacks (DHCP), 188, 290 PortFast and BPDU Guard, 110\u2013111 spyware, 289 convergence, 101\u2013102 SSH (Secure Shell) varieties, 102\u2013103 verifying, 111 configuring, 176\u2013177 denying, 303 subconfiguration modes (Cisco IOS), permitting, 310 45 remote access with, 222\u2013223 SSID (service set identifier), 153 subnet addresses, listing, 60\u201361 SSL (Secure Socket Layer), IPSec versus, 340 subnet IDs, subnetting, 78 standard IPv6 ACLs, configuring, 310 standard named IPv4 ACLs subnet masks adding comments, 306 determining new, 60 configuring, 305\u2013306 purpose of, 57\u201358 verifying, 307\u2013308 standard numbered IPv4 ACLs subnets, denying, 303 adding comments, 306 configuring, 301\u2013303 subnetting verifying, 307\u2013308 examples, 61\u201362 starvation attacks (DHCP), 188 in IPv6 addressing, 77\u201378 stateful DHCPv6, 136 steps in, 58\u201359 configuring, 139 addressing scheme, listing, 60\u201361 operational overview, 136\u2013137 bits to borrow, determining, 59\u201360 stateless address autoconfiguration subnet masks, determining new, 60 (SLAAC), 79\u201380, 134\u2013135 subnet multiplier, determining, 60 stateless DHCPv6, 136 VLSM, 62\u201364 configuring, 137\u2013139 operational overview, 136\u2013137 summary routing static IP addresses, testing IPv4, configuring, 248\u2013249 connectivity, 140 IPv6, configuring, 253 static NAT, 318 configuring, 319\u2013320 SVIs (switch virtual interfaces), static routing. See also default routing; creating, 238\u2013240 summary routing dynamic routing versus, 197 switches IPv4 access layer, 14 benefits of, 37 configuring, 242\u2013243 choosing, 14 collision\/broadcast domains, 31 configuring, 41 auto-MDIX, 47\u201348 basic configuration commands, 45\u201347 command history, 44 EXEC sessions, 42 half duplex, full duplex, port speed, 47 From the Library of javad mokhtari","help facilities, 42\u201343 troubleshooting 427 navigating and editing commands, TCP\/IP (Transmission Control 43\u201344 Protocol\/Internet Protocol) model, 1\u20132 show commands, 44\u201345 layers subconfiguration modes, 45 application, 5 verifying connectivity, 48\u201351 encapsulation summary, 12 connecting to, 41\u201342 Internet, 10 core layer, 14\u201315 list of, 3 distribution layer, 14 network access, 10\u201312 evolution to, 29 transport, 5\u201310 frame forwarding, 31\u201332 protocols, list of, 3\u20134 hubs versus, 13 Layer 2\/Layer 3, 32 Telnet, 3 memory buffering, 32 denying, 303, 304\u2013305 operational overview, 30\u201331 password recovery, 377\u2013378 terminal history command, 44 port hardening, 178 terminal history size 50 command, 44 symmetric\/asymmetric, 32 terminal no history command, 44 troubleshooting, 51\u201354 terminal no history size command, 44 duplex and speed mismatches, 52\u201354 threat mitigation, 285 interface status codes, 52 Layer 1 problem indicators, 54 ARP, 190\u2013193 media issues, 51\u201352 DHCP, 188\u2013190 verifying port configuration, 140 VLANs, 185\u2013187 threats, 285 switchport port-security aging TKIP (Temporal Key Integrity command, 183 Protocol), 161 topologies, 24\u201325 switchport port-security violation WANs, 325 command, 181 traceroute command successful, 221 symmetric switching, 32 unsuccessful, 222 tracert command, 50\u201351 syslog traffic types, 84 configuring and verifying, 367\u2013369 Transmission Control Protocol. See message format, 367 TCP (Transmission Control Protocol) operational overview, 365\u2013367 transport input ssh command, 210 severity levels, 366 transport layer attacks, 292 transport layer (OSI), 2 T transport layer (TCP\/IP), 3, 5\u201310 Triple DES (3DES), 338 TACACS+ (Terminal Access Controller Trojan horses, 288 Access Control System Plus), 178\u2013179 troubleshooting ACLs, 313\u2013314 tailgating, 291 DHCP, 140 DNS, 142\u2013143 TCP (Transmission Control EtherChannel, 119 Protocol), 3 HSRP, 126 attacks, 292 IP addressing, 224\u2013225 connection establishment\/termination, 9 NAT, 323\u2013324 error recovery, 7\u20138 OSPF, 281\u2013283 f low control, 8 header, 6 From the Library of javad mokhtari port numbers, 7 QoS and, 349","428 troubleshooting DHCP snooping, 189\u2013190 EtherChannel, 117\u2013119 switches, 51\u201354 host IP settings duplex and speed mismatches, 52\u201354 interface status codes, 52 on Linux, 146\u2013148 Layer 1 problem indicators, 54 on macOS, 145\u2013146 media issues, 51\u201352 on Windows, 143\u2013145 HSRP, 122\u2013123 trunking, 96\u201398 IPv4 ACLs, 307\u2013308 VLANs, 94\u201395 IPv6 ACLs, 311\u2013313 trunking LLDP, 358\u2013360 configuring, 92\u201394 multilayer switching, 238 DTP, 87\u201388 NAT, 322\u2013323 troubleshooting, 96\u201398 network connectivity, 220\u2013223 verifying, 92\u201394 NTP, 370\u2013371 VLANs, 86\u201387 router configuration with IPv4, 212\u2013217 trust exploitation, 290 router on a stick, 235\u2013238 tunneling, 80\u201381 single-area OSPF, 270\u2013274 VPNs, 337\u2013338 SNMP, 364\u2013365 STP, 111 U switch connectivity, 48\u201351 switch port configuration, 140 UDP (User Datagram Protocol), 4 syslog, 367\u2013369 attacks, 292 trunking, 92\u201394 as connectionless, 9\u201310 VLANs, 88\u201392 port numbers, 7 virtual local-area networks. See VLANs ULAs (unique local addresses), 72 (virtual local-area networks) underlay, 390\u2013391 unicast addresses, 68\u201373 virtual machines (VMs), 380\u2013381 global, 68\u201370 virtual network infrastructure, 382\u2013383 IPv4 embedded, 72\u201373 link-local, 71 virtual private networks. See VPNs loopback, 71 (virtual private networks) unique local, 72 unspecified, 71 Virtual Router Redundancy Protocol unspecified unicast addresses, 71 (VRRP), 120 URIs (uniform resource identifiers), 400\u2013401 virtualization, 379\u2013381 User Datagram Protocol. See UDP (User Datagram Protocol) viruses, 288 username password command, 210 username secret command, 175\u2013176 VLANs (virtual local-area networks). UTP (unshielded twisted pair) cabling, See also inter-VLAN routing 36\u201337 attacks mitigation, 187 V types of, 186 benefits of, 83\u201384 variable-length subnet masking configuring, 88\u201392, 185\u2013186 (VLSM), 62\u201364 disabling, 96 traffic types, 84 verifying troubleshooting, 94\u201395 bridge ID (BID), 108\u2013110 trunking, 86\u201387 CDP, 354\u2013356 types of, 84\u201385 verifying, 88\u201392 VLSM (variable-length subnet mask- ing), 62\u201364 VMs (virtual machines), 380\u2013381 From the Library of javad mokhtari","voice VLANs, 85 zombies 429 VPNs (virtual private networks), 333 wireless protocols, 4 benefits of, 333 wireless standards components of, 336\u2013337 secure connections, 337\u2013340 802.11 standards, 151\u2013152 types of access, 333\u2013336 channels, 150\u2013151 VRRP (Virtual Router Redundancy RF spectrum, 149\u2013150 Protocol), 120 wireless topologies vulnerability, 285 AP architectures, 155\u2013157 vulnerability explotation tools, 287 CAPWAP, 157\u2013158 vulnerability scanners, 287 IBSS, 154 infrastructure mode, 152\u2013154 W mesh, 154 wireless WAN connections, 332 WANs (wide-area networks) WLANs (wireless LANs), 18\u201320 connections, 23, 326\u2013327 conf ig ur ing choosing, 332 circuit-switched, 328\u2013329 RADIUS server, 166 dedicated, 327\u2013328 virtual interface, 166\u2013168 Internet, 330\u2013332 WPA2 Enterprise, 168\u2013171 packet-switched, 329\u2013330 security, 158 topologies, 325 authentication, 158\u2013161 encryption, 161\u2013162 web traffic, permitting, 310\u2013311 WLC (wireless LAN controller) WEP (Wired Equivalent Privacy), 159 configuring with WLAN, 165 Wi-Fi Protected Access (WPA), 159, 160 RADIUS server, 166 WiMAX, 332 virtual interface, 166\u2013168 windowing, 8 WPA2 Enterprise, 168\u2013171 Windows, verifying host IP settings, logging into, 163\u2013165 worms, 288 143\u2013145 WPA (Wi-Fi Protected Access), 159, 160 wireless access points (APs), 18\u201320 WPA2, 160 wireless hacking tools, 286 WPA2 Enterprise WLANs, configuring, wireless LAN controller. See WLC 168\u2013171 WPA3, 160\u2013161 (wireless LAN controller) wireless LANs. See WLANs (wireless Z LANs) zombies, 291 wireless network media, 20, 21 From the Library of javad mokhtari","This page intentionally left blank From the Library of javad mokhtari","Exclusive Offer \u2013 40% OFF Cisco Press Video Training ciscopress.com\/video Use coupon code CPVIDEO40 during checkout. Video Instruction from Technology Experts Advance Your Skills Train Anywhere Learn Get started with Train anywhere, Learn from trusted fundamentals, become an at your own pace, author trainers published expert, or get certified. on any device. by Cisco Press. Try Our Popular Video Training for FREE! ciscopress.com\/video Explore hundreds of FREE video lessons from our growing library of Complete Video Courses, LiveLessons, networking talks, and workshops. ciscopress.com\/video From the Library of javad mokhtari","Exam Checklist CCNA Checklist Days 31\u201321 P Objective Schedule to take the CCNA 200-301 exam at http:\/\/www.vue.com. Take at least one practice CCNA exam. Create a diagram of the layered models. Describe the details of sending an email from source to destination. Use a topology with several routers and switches. Describe the CSMA\/CD process to someone who knows nothing about networking. Design a set of requirements to configure a basic switched network, including SSH for remote access. Implement your design and verify the configurations. Show someone the MAC address on his or her Smartphone or other connected device. Explain the purpose of the MAC address and the meaning of each part. Describe the structure and operation of IPv4. List and describe the uses for the various types of IPv4 addresses. Develop several VLSM addressing schemes with various host requirements and implement them in a lab or simulator. Describe the structure and operation of IPv6. List and describe the uses for the various types of IPv6 addresses. Design a set of requirements to configure a two-switch network with VLANs and trunking. List and describe the uses for various types of VLANs. Describe how trunking works and the impact of Dynamic Trunking Protocol. Design a set of requirements to configure a three-switch network with trunking and VLANs. Implement your design and verify the configurations. Describe the process of STP convergence. Compare the varieties of STP. Explain the difference between PVST+ and Rapid PVST+. Describe the benefits of EtherChannel. Compare the two EtherChannel protocols. Design a set of requirements to implement a two-switch topology with EtherChannel. Review implementation issues by changing the configuration parameters. Describe how HSPR provides default gateway redundancy. Explain to a friend how wireless networks operate. Practice configuring a wireless router. Use a simulator like Packet Tracer to practice configuring a WLC. Read and review Days 31\u201321 in this book. CCNA Checklist Days 20\u201314 P Objective Take at least two practice CCNA exams. Describe the various methods that a router can use to learn about and share knowledge of remote networks. Design a set of requirements to configure a three-router network with both IPv4 and IPv6 addressing, using only static and default routes. Implement your design and verify the configurations. Describe how a router uses the routing table to determine the best path to the destination. Design and configure a one-router, two-switch topology for router-on-a-stick inter-VLAN routing. Describe the types of OSPF packets and how they are used to reach the full state of OSPF convergence. Describe the ways to modify OSPFv2, including redistributing a default route, modifying timers, and controlling the DR\/BDR election. Read and review Days 20\u201314 in this book. From the Library of javad mokhtari","CCNA Checklist Days 13\u20137 P Objective Take an additional CCNA practice exam. Design a set of requirements to configure a three-router network with IPv4 addressing and OSPFv2. Implement your design and verify the configurations. Design a set of requirements to configure a two-router, two-switch network with IPv4 addressing and inter- VLAN routing. Include default routing and OSPFv2. Implement your design and verify the configurations. Describe basic security threats and the methods used to mitigate them. Describe how access control lists work and the various types used by Cisco IOS Software. Search the Internet for various scenarios to practice designing and implementing ACLs. Most of the study resources have excellent examples. Design a set of requirements to implement a routed network that includes basic device security, IPv4 and IPv6 addressing, VLANs, DHCP, NAT, ACLs, and routing. Implement your design and verify the configurations. Design a set of requirements to implement DHCP service on a router. Dual-stack the design to include IPv4 and IPv6. Implement your design and verify the configurations. Design a set of requirements to implement NAT on a router. Include static, dynamic, and PAT considerations. Implement your design and verify the configurations. Define common WAN terminology. Compare various WAN connection options. Describe the characteristics of GRE. Read and review Days 13\u20137 in this book. CCNA Checklist Days 6\u20131 P Objective Describe to a friend how QoS prioritizes Netflix streaming data over web browsing data. Compare and contrast the implementations of CDP and LLDP. Describe the Cisco IOS file system and the process for backing up and restoring files. Explain the basics of SNMP, NTP, and syslog operation. Design a set of requirements to implement SNMP, NTP, and syslog in a two-router, one-server topology. Describe to a friend the concept of cloud computing. Include a discussion of virtualization. Describe software-defined networking. Describe the fabric of the network infrastructure and the difference between overlay and underlay. Describe how Cisco DNA Center helps network administrators automate network configuration and monitoring tasks. Describe to a friend how data formats are used to store and exchange information between systems. Describe the JSON data format, including how brackets, braces, and commas are used to distinguish key\/value pairs, arrays, and objects. Describe the structure of a properly formatted RESTful API request. Compare the configuration management tools Ansible, Puppet, and Chef. Read and review Days 6\u20131 in this book. Visit the testing center and talk with the proctor at least 2 days before the exam. Eat a decent meal, watch a good movie, and get a good night's rest before the exam. From the Library of javad mokhtari","REGISTER YOUR PRODUCT at CiscoPress.com\/register Access Additional Benefits and SAVE 35% on Your Next Purchase \u2022 Download available product updates. \u2022 Access bonus material when applicable. \u2022 Receive exclusive offers on new editions and related products. (Just check the box to hear from us when setting up your account.) \u2022 Get a coupon for 35% for your next purchase, valid for 30 days. Your code will be available in your Cisco Press cart. (You will also find it in the Manage Codes section of your account page.) Registration benefits vary by product. Benefits will be listed on your account page under Registered Products. CiscoPress.com \u2013 Learning Solutions for Self-Paced Study, Enterprise, and the Classroom Cisco Press is the Cisco Systems authorized book publisher of Cisco networking technology, Cisco certification self-study, and Cisco Networking Academy Program materials. At CiscoPress.com you can \u2022 Shop our books, eBooks, software, and video training. \u2022 Take advantage of our special offers and promotions (ciscopress.com\/promotions). \u2022 Sign up for special offers and content newsletters (ciscopress.com\/newsletters). \u2022 Read free articles, exam profiles, and blogs by information technology experts. \u2022 Access thousands of free chapters and video lessons. Connect with Cisco Press \u2013 Visit CiscoPress.com\/community Learn about Cisco Press community events and programs. From the Library of javad mokhtari"]