...1. Why would you choose one over the other? Access control lists (ACLs) carry out packet filtering to regulate the flow of packets via a network. Packet filtration provides safety by limiting the reach of traffic into a network, limiting user and also device access to a network, and also preventing traffic from exiting a network. IP access lists decrease the possibility of spoofing or even denial-of-service attacks, and permit dynamic, momentary user-access via a firewall. There are several types of ACLs such as standard and extended ACLs and I would prefer named ACLs because among the drawbacks to using IP standard or IP extended ACLs is the fact you reference them by number, which may not very descriptive of its use. With a named ACL, this isn't the case because it is possible...
Words: 754 - Pages: 4
...Method status Protocol FastEthernet0/0 192.168.25.48 YES Manual Up Up FastEthernet0/1 192.168.25.65 YES Manual Up Up Serial0/0 192.168.25.121 YES Manual Up Up Serial0/1 Unassigned YES Unset Up...
Words: 733 - Pages: 3
...CCNA Notes Introduction Cisco offers two options for obtaining the CCNA certification: Pass Exam 640-802 OR Pass Exam 640-822 AND Exam 640-816 While you can use these notes to prepare for either exam, the notes are geared towards passing the single exam. I recommend you study all of the material and take the single exam option rather than taking two exams. Cisco Device Icons The following table lists the specific icons Cisco uses to represent network devices and connections. Represents Icon Hub Bridge Switch Router Access point Network cloud Ethernet connection Serial Line connection Wireless connection Virtual Circuit The OSI Model As you study this section, answer the following questions: What is the OSI model and why is it important in understanding networking? How does the third OSI model layer relate to administering routers? Which OSI model layer is concerned with MAC addresses? What protocols correspond to the Presentation and Session layers? What is the difference between the TCP and UDP protocols? What is the EIA/TIA 232 protocol concerned with? This section covers the following exam objectives: 103. Use the OSI and TCP/IP models and their associated protocols to explain how data flows in a network 105. Describe the purpose and basic operation of the protocols in the OSI and TCP models 110. Identify and correct common network problems at layers 1, 2, 3 and 7 using a layered model approach ...
Words: 73801 - Pages: 296
...proposing that access control lists (ACLs) be installed on routers at the Cleveland office. Security policies and procedures have also been considered in order to handle and maintain the ACLs. Access controls are a sequence of instructions that a router will refer to before either allowing a packet into or out of an interface. This is done by making sure that there are security features in place that control the flow of information as well as how users access the network. An access control list is written as a sequence of one line statements that are processed by the router one line at a time in the order in which the commands were entered. The action will be permitted when the testing criteria in an ACL entry matches that of the incoming or outgoing packet. ACL’s make sure that unauthorized access is not allowed and that unauthorized users cannot make wrong modifications. There are security policies and other tools and techniques that will help keep everything secure. Identification, authentication, and authorization are important components of access control. The user must supply information such as an account number in order to identify itself. This information is authenticated by supplying a password or a pin number in order to verify the identity of the user. The password is then authorized in order to decide what the user can have access to. Authorization is based on access criteria, which is developed by the administrator and enforced through an access control list in order...
Words: 972 - Pages: 4
...Chapter 1 WANs and Routers One major characteristic of a wide-area network (WAN) is that the network operates beyond the local LAN's geographic scope. It uses the services of carriers, such as regional Bell operating companies (RBOCs), Sprint, and MCI. WANs use serial connections of various types to access bandwidth over wide-area geographies. By definition, the WAN connects devices that are separated by wide areas. WAN devices include the following: • • • • • • Routers, which offer many services, including internetworking and WAN interface ports Switches, which connect to WAN bandwidth for voice, data, and video communication Modems, which interface voice-grade services and channel service units/digital service units Channel service units/data service units (CSUs/DSUs) that interface T1/E1 services and Terminal Adapters/Network Termination 1 (TA/NT1s) TA/NT1s that interface Integrated Services Digital Network (ISDN) services Communication servers, which concentrate on dial-in and dial-out user communication Concept Questions 1. A WAN is used to interconnect local-area networks (LANs) that are typically separated by a large geographic area. A WAN operates at the OSI reference model physical and data link layers. The WAN provides for the exchange of data packets/frames between routers/bridges and the LANs that they support. Draw a WAN that includes three LANs. 1 of 116 CCNA 2 Chapter 1 WANs and Routers 2. Compare and contrast WANs and LANs layer by layer. 3. Routers and the modern...
Words: 23437 - Pages: 94
...implemented features of Cisco router and switches by using a simple, small office scenario as a case study. Typical of a small organization is there are departments for financial matters, marketing and sales and one or more managers. The personnel in each of these areas has specific computer functions and data needs with some being in common such as Internet access and others being necessarily limited to certain workers such as access to financial data. Let’s assume we’re a consulting firm that’s been hired to design this network and as the the first step we have met with the key managers to develop a list of criteria for each department in regards to computer resources, security and performance. In our meeting we agreed to the following goals. Network Design Goals and Numbers Overall: A reasonable level of network security. This particular business isn’t subject to any set of specific regulations such as HIPAA but management well understands that good security practices are both a sound investment in protecting the company’s IT assets, the company image and as a deterrent against legal proceedings. It was agreed that the following basic security procedures are to be implemented. - Centralized anti-virus on a server that can “push-out” anti-virus software to all client machines on the network and can monitor and update those clients as needed. - Only those services that are required in general will be permitted to pass through the various router interfaces and all others will...
Words: 1674 - Pages: 7
...to protect your Cisco router Daniel B. Cid daniel@underlinux.com.br Network security is a completely changing area; new devices like IDS (Intrusion Detection systems), IPS (Intrusion Prevention systems), and Honeypots are modifying the way people think about security. Companies are spending thousand of dollars on new security devices, but forgetting the basic, the first line of defense: the border router. Although a lot of people may think that routers don’t need to be protect, they are completely wrong. A lot of secure problems appear all time against this kind of device and most of them are vulnerable. Some information about some common security problems found on Cisco Routers, can be read on the text “Exploiting Cisco Routers”, available at: http://www.securityfocus.com/infocus/1734 In this article I will give you 8 steps, easy to follow, to minimize your Cisco router exposure by turning off some unused services, applying some access control and applying some security options available on that. 12345678- Control Access to your router; Restrict telnet access to it; Block Spoof/Malicious packets; Restrict SNMP; Encrypt all passwords; Disable all unused services; Add some security options; Log everything; 1- Control Access to your router The first thing to do is apply some rules to restrict all external access to some ports of the router. You can block all ports, but it is not always necessary. These commands bellow will protect your router against some reconnaissance...
Words: 1100 - Pages: 5
...1. Give basic explanation of what router do -A hardware device designed to take incoming packets, analyzing the packets and then directing them to the appropriate locations, moving the packets to another network, converting the packets to be moved across a different type of network interface, dropping the packets, or performing any other number of other types of actions 2. know the differece between crossover, straight through, and rollover cable Straight through- pins are the same on both sides Use a straight-through cable when: -. Connecting a router to a hub -. Connecting a computer to a swtich -. Connecting a LAN port to a switch, hub, or computer This allows for two devices to communicate at the same time. Unlike straight-through cables, we use crossover cables to connect like devices. -. Connecting a computer to a router -. Connecting a computer to a computer -. Connecting a router to a router -. Connecting a switch to a switch -. Connecting a hub to a hub Rollover cables essentially have one end of the cable wired exactly opposite from the other. -Rollover cables, also called Yost cables, usually connect a device to a router or switch’s console port. This allows a programmer to make a connection to the router or switch, and program it as needed. 3. Know what the backbone network is in relation to frame relay -Frame Relay often serves to connect local area networks (LANs) with major backbones as well as on public wide-area networks (WANs) and...
Words: 1838 - Pages: 8
...THEORY The correct answer(s): D What is the default IPX Ethernet encapsulation? A.) SNAP B.) Arpa C.) 802.2 D.) Novell-Ether E.) SAP Novell-ether is the default LAN encapsulation. Novell-ether is 802.3. The correct answer(s): A What must be true for two Routers running IGRP to communicate their routes? A.) Same autonomous system number B.) Connected using Ethernet only C.) Use composite metric D.) Configured for PPP For two routers to exchange IGRP routes they must be configured with the same autonomous system number. The correct answer(s): C The following is partial output from a routing table, identify the 2 numbers in the square brackets; '192.168.10.0 [100/1300] via 10.1.0.1, 00:00:23, Ethernet1' A.) 100 = metric, 1300 = administrative distance B.) 100 = administrative distance, 1300 = hop count C.) 100 = administrative distance, 1300 = metric D.) 100 = hop count, 1300 = metric The first number is the Administrative distance and the seconds number is the metric. In this case it is an IGRP metric. The correct answer(s): A B C Identify 3 methods used to prevent routing loops? A.) Split horizon B.) Holddown timers C.) Poison reverse D.) SPF algorithm E.) LSP's Routing loops can be prevented by split horizon, poison reverse and holddown times. The other two choices relate to Link State. The correct answer(s): A Which statement is true regarding full duplex? A.) Allows for transmission and receiving...
Words: 23850 - Pages: 96
...Reference Model * 1-4 TCP/IP Model * 1-5 Ethernet Technologies and Cabling * 1-6 Cisco 3 Layer Model * 1-7 Summary * Chapter 2 – IP Addressing and Subnets * 2-1 IP Addresses – Composition, Types and Classes * 2-2 Private and Public IP addresses * 2-3 Subnetting * 2-4 Variable Length Subnet Masks (VLSM) * 2-5 Route Summarization * 2-6 Troubleshooting IP Addressing * Chapter 3 Introduction to Cisco Routers, Switches and IOS * 3-1 Introduction to Cisco Routers, Switches, IOS & the Boot Process * 3-2 Using the Command-Line Interface (CLI) * 3-3 Basic Configuration of Router and Switches * 3-4 Configuring Router Interfaces * 3-5 Gathering Information and Verifying Configuration * 3-6 Configuring DNS & DHCP * 3-7 Saving, Erasing, Restoring and Backing up Configuration & IOS File * 3-8 Password Recovery on a Cisco Router * 3-9 Cisco Discovery Protocol (CDP) * 3-10 Using Telnet on IOS * 3-11 CCNA Lab #1 * Chapter 4 Introduction to IP Routing * 4-1 Understanding IP Routing * 4-2 Static, Default and Dynamic Routing * 4-3 Administrative Distance and Routing Metrics * 4-4 Classes of Routing Protocols * 4-5 Routing Loops * 4-6 Route Redistribution * 4-7 Static and Default Route Lab * Chapter 5 Routing Protocols ...
Words: 95744 - Pages: 383
...224 router ospf 1 network 10.1.1.0. 0.0.0.3 area 0 network 10.2.2.0 0.0.0.3 area 0 network 192.168.20.0. 0.0.0.255 area 0 network 209.165.200.224. 0.0.0.31 area line con 0 logging synchronous password cisco login line vty 0 4 password cisco login exit S2- configs int vlan 1 ip address 192.168.11.2 255.255.255.0 no shutdown ip default- gateway 192.168.11.1 S1 S1(config)#enable secret class S1(config)#no ip domain-lookup S1(config)#line console % Incomplete command. S1(config)#line console 0 S1(config-line)#line vty 0 4 S1(config-line)#exit S1(config)#enable secret cisco S1(config)#line console 0 S1(config-line)#password cisco S1(config-line)#login S1(config-line)#line vty 0 4 S1(config-line)#password cisco S1(config-line)#login S1(config-line)#exit S1(config)#banner motd "message of the day" S1(config)#int vlan1 S1(config-if)#ip add 192.168.10.2 255.255.255.0 S1(config-if)#no shut S1(config-if)# *Mar 1 01:02:15.086: %LINK-3-UPDOWN: Interface Vlan1, changed state to up *Mar 1 01:02:15.094: %LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan1, cha nged state to up interface Vlan1 ip address 192.168.10.2 255.255.255.0 no ip route-cache S1(config)#ip default-gateway 192.168.10.1 S1(config)# interface Vlan1 ip address 192.168.30.2 255.255.255.0 no ip route-cache ! interface Vlan99 ip address 172.17.99.11 255.255.255.0 no ip route-cache ! ip default-gateway 192.168.30.1 ip http server ! control-plane ...
Words: 804 - Pages: 4
...User Guide YML864 Rev1 www.netcomm.com.a� ����4 ��e�� ����e 54Mbps Wireless Router 1 NB504 CoNteNts Package Contents .........................................................................................................................................4 Chapter 1: About this Guide ..........................................................................................................................5 1.1 Purposes ...........................................................................................................................................5 1.2 Conventions .......................................................................................................................................5 1.3 Overview of this User Guide ................................................................................................................5 Chapter 2: Introduction .................................................................................................................................6 2.1 Overview of the Router........................................................................................................................6 2.2 Features ............................................................................................................................................7 2.3 Panel Layout ......................................................................................................................................8 2.3.1 The Front...
Words: 19282 - Pages: 78
...in the development of BSCI, and has seperately developed training material for ICND, BSCI, BCMSN, BCRAN, and CIT. Brent lives in Hickory, NC, with his wife, Karen and children, Benjamin, Kaitlyn, Madelyn, and William. Denise Donohue, CCIE No. 9566, is a Design Engineer with AT&T. She is responsible for designing and implementing data and VoIP networks for SBC and AT&T customers. Prior to that, she was a Cisco instructor and course director for Global Knowledge. Her CCIE is in Routing and Switching. © 2007 Cisco Systems Inc. All rights reserved. This publication is protected by copyright. Please see page 73 for more details. [3] ICONS USED IN THIS BOOK CCNP BSCI Quick Reference Sheets Icons Used in This Book Si Router 7507 Router Multilayer Switch with Text Multilayer Switch Communication Server Switch I DC Internal Firewall IDS Web Browser Database App Server © 2007 Cisco Systems Inc. All rights reserved. This publication is protected by copyright. Please see page 73 for more details. [4] CHAPTER 1 CCNP BSCI Quick Reference Sheets The Evolving Network Model The Hierarchical Design Model Cisco used the three-level Hierarchical Design Model for years. This older model provided a high-level idea of how a reliable network might be conceived, but it was largely conceptual because it didn’t provide specific guidance. Figure 1-1 shows the Hierarchical Design Model. FIGURE 1-1 Core Si This...
Words: 24928 - Pages: 100
...customized plastic parts. China plant manufactures the plastic fan parts. The company’s Research and Development is carried out at the corporation head office in San Jose. The main clients are automobile parts producers, aircraft manufacturers, the Department of Defense, beverage producers and bottlers, and appliance producers (UOPX, 2004). Current Systems Each factory is currently using various telecommunication systems. The head office in San Jose has 35 IP telephones. Additionally they use a VOIP/Data router; two 24 port switches Cisco 5950, 24 Port Hub Linksys EF2H24, Ethernet 100 base T as well as a WIN network Server. The Albany factory using a Kentrox Datasmart 658 CSU/DSU links to the head office. They are also using a Cisco Router 1750, two 24 port 100 Mbps Nortel Baystack 45024T Enet Switch, as well as a 48 port Patch Panels which links the 20 Compaq Presario computer systems. The Pontiac factory links to head office using a Blackblox CSU/DSU V35 Mt 100A-35 R2. The router is a Cisco 2500. The factory has in use...
Words: 2515 - Pages: 11
...Local Area Networks – The Basics Chapter 7 Learning Objectives After reading this chapter, you should be able to: • • • • • • • • State the definition of a local area network List the primary function, activities, and application areas of a local area network Cite the advantages and disadvantages of local area networks Identify the physical and logical local area networks Cite the characteristics of wireless local area networks and their medium access control protocols Specify the different medium access control techniques Recognize the different IEEE 802 frame formats Describe the common local area network systems Chapter Outline 1. Introduction 2. Primary Function of Local Area Networks 3. Advantages and Disadvantages of Local Area Networks 4. The First Local Area Network – The Bus/Tree 5. Star-Wired Bus LANs 6. Medium Access Control Protocols a. Contention-based protocols 7. Bridges a. Transparent bridge 8. Switches a. Virtual LANs b. Isolating traffic patterns and providing multiple access c. Full-duplex switches 9. Popular Local Area Networks a. Wired Ethernet b. Wireless Ethernet 10. IEEE 802 a. IEEE 802.3 and 802.5 frame formats 11. LANs In Action: A Small Office Solution 12. LANs In Action: A Home Office Solution 13. Summary Lecture Notes Introduction A local area network (LAN) is a communication network that interconnects a variety of data communicating devices within a small geographic area and broadcasts data at high data transfer rates with very...
Words: 4358 - Pages: 18
