CCNA ICND2 Official Exam Certification Guide

CCNA ICND2 Official Exam Certification Guide, Second EditionCCNA ICND2 Official Exam Certification Guide, Second EditionIntroduction\ Congratulations! If you're reading far enough to look at the introduction to this book, you've probably already decided to go for your Cisco certification. If you want to succeed as a technical person in the networking industry, you need to know Cisco. Cisco has a ridiculously high market share in the router and switch marketplace, with more than 80 percent market share in some markets. In many geographies and markets around the world, networking equals Cisco. If you want to be taken seriously as a network engineer, Cisco certification makes perfect sense.\ Historically speaking, the first entry-level Cisco certification has been the Cisco Certified Network Associate (CCNA) certification, first offered in 1998. The first three versions of the CCNA certification (1998, 2000, and 2002) required that you pass a single exam to become certified. However, over time, the exam kept growing, both in the amount of material covered and in the difficulty level of the questions. So, for the fourth major revision of the exams, announced in 2003, Cisco continued with a single certification (CCNA), but offered two options for the exams to get certified: a single-exam option and a two-exam option. The two-exam option allowed people to study roughly half of the material, and take and pass one exam, before moving on to the next.\ Cisco announced changes to the CCNA certification and exams in June 2007. This announcement includes many changes, most notably:\ \ The exams collectively cover a broader range of topics.\ The exams increase the focus on proving the test taker's skills (as compared with just testing knowledge).\ Cisco created a new entry-level certification: the Cisco Certified Entry Network Technician (CCENT) certification.\ \ For the current certifications, announced in June 2007, Cisco created the ICND1 (640-822) and ICND2 (640-816) exams, along with the CCNA (640-802) exam. To become CCNA certified, you can pass both the ICND1 and ICND2 exams, or just pass the CCNA exam. The CCNA exam simply covers all the topics on the ICND1 and ICND2 exams, giving you two options for gaining your CCNA certification. The two-exam path gives those people with less experience a chance to study for a smaller set of topics at a time, whereas the one-exam option provides a more cost-effective certification path for those who want to prepare for all the topics at once.\ Although the two-exam option will be useful for some certification candidates, Cisco designed the ICND1 exam with a much more important goal in mind. The CCNA certification has grown to the point that it tested knowledge and skills beyond what an entry-level network technician would need to have. Cisco needed a certification that was more reflective of the skills required for entry-level networking jobs. So, Cisco designed its Interconnecting Cisco Networking Devices 1 (ICND1) course, and the corresponding ICND1 640-822 exam, to include the knowledge and skills most needed by an entry-level technician in a small enterprise network. And to show that you have the skills required for those entry-level jobs, Cisco created a new certification, CCENT, which is attained by passing the ICND1 exam.\ Figure I-1 shows the basic organization of the certifications and the exams used for getting your CCENT and CCNA certifications. (Note that no separate certification exists for passing the ICND2 exam.)\ Figure I-1\ Cisco Entry-Level Certifications and Exams\ As you can see from the figure, while the CCENT certification is available by taking the ICND1 exam, you do not have to first be CCENT certified before getting your CCNA certification—you can choose to just take the CCNA exam and bypass the CCENT certification.\ The ICND1 and ICND2 exams cover different sets of topics, with a minor amount of overlap. For example, ICND1 covers IP addressing and subnetting, while ICND2 covers a more complicated use of subnetting called variable-length subnet masking (VLSM), so ICND2 must then cover subnetting to some degree. The CCNA exam covers all the topics covered on both the ICND1 and ICND2 exams.\ While the popularity of the CCENT certification cannot be seen until a few years have passed, certainly the Cisco CCNA certification enjoys a position as the most popular entry-level networking certification program. A CCNA certification proves that you have a firm foundation in the most important components of the Cisco product line—namely, routers and switches. It also proves that you have a broad knowledge of protocols and networking technologies.\ Format of the CCNA Exams\ The ICND1, ICND2, and CCNA exams all follow the same general format. When you get to the testing center and check in, the proctor will give you some general instructions and then take you into a quiet room with a PC. When you're at the PC, you have a few things to do before the timer starts on your exam. For example, you can take a sample quiz, just to get accustomed to the PC and to the testing engine. Anyone who has user-level skills in getting around a PC should have no problems with the testing environment. Additionally, Chapter 18, "Final Preparation," points to a Cisco website at which you can see a demo of the Cisco test engine.\ When you start the exam, you are asked a series of questions. You answer a question and then move on to the next question. The exam engine does not let you go back and change your answer. Yes, that's true—when you move on to the next question, that's it for the earlier question.\ The exam questions can be in one of the following formats:\ \ Multiple-choice (MC)\ Testlet\ Drag-and-drop (DND)\ Simulated lab (Sim)\ Simlet\ \ The first three types of questions are relatively common in many testing environments. The multiple-choice format simply requires that you point and click a circle beside the correct answer(s). Cisco traditionally tells you how many answers you need to choose, and the testing software prevents you from choosing too many answers. Testlets are questions with one general scenario, with multiple MC questions about the overall scenario. Drag-and-drop questions require you to click and hold the mouse button, move a button or icon to another area, and release the mouse button to place the object somewhere else—typically into a list. So, for some questions, to get the question correct, you might need to put a list of five things into the proper order.\ The last two types both use a network simulator to ask questions. Interestingly, the two types allow Cisco to assess two very different skills. First, Sim questions generally describe a problem, and your task is to configure one or more routers and switches to fix the problem. The exam then grades the question based on the configuration you changed or added. Interestingly, Sim questions are the only questions that Cisco (to date) has openly confirmed that partial credit is given.\ The Simlet questions might well be the most difficult style of question on the exams. Simlet questions also use a network simulator, but instead of answering the question by changing the configuration, the question includes one or more MC questions. The questions require that you use the simulator to examine the current behavior of a network, interpreting the output of any show commands that you can remember to answer the question. While Sim questions require you to troubleshoot problems related to a configuration, Simlets require you to both analyze working networks and networks with problems, correlating show command output with your knowledge of networking theory and configuration commands.\ What's on the CCNA Exam(s)?\ Ever since I was in grade school, whenever the teacher announced that we were having a test soon, someone would always ask, "What's on the test?" Even in college, people would try to get more information about what would be on the exams. At heart, the goal is to know what to study hard, what to study a little, and what not to study.\ Cisco does want the public to know both the variety of topics, and an idea about the kinds of knowledge and skills required for each topic, for every Cisco certification exam. To that end, Cisco publishes a set of exam objectives for each exam. The objectives list the specific topics, like IP addressing, RIP, and VLANs. The objectives also imply the kinds of skills required for that topic. For example, one objective might start with "Describe..." and another might begin with "Describe, configure, and troubleshoot...." The second objective clearly states that you need a thorough and deep understanding of that topic. By listing the topics and skill level, Cisco helps us all prepare for its exams.\ While the exam objectives are helpful, keep in mind that Cisco adds a disclaimer that the posted exam topics for all its certification exams are guidelines. Cisco makes the effort to keep the exam questions within the confines of the stated exam objectives, and I know from talking to those involved that every question is analyzed for whether it fits within the stated exam topics.\ ICND1 Exam Topics\ Table I-1 lists the exam topics for the ICND1 exam, with the ICND2 exam topics following in Table I-2. Although the posted exam topics are not numbered at Cisco.com, Cisco Press does number the exam topics for easier reference. The table also notes the book parts in which each exam topic is covered. Because the exam topics might change over time, double-check the exam topics as listed on Cisco.com (specifically, http://www.cisco.com/go/ccna). If Cisco does happen to add exam topics at a later date, note that Appendix C of this book describes how to go to http://www.ciscopress.com and download additional information about those newly added topics.\ NOTE - The table includes gray highlights that will be explained in the upcoming section "CCNA Exam Topics."\ Table I-1 ICND1 Exam Topics\ \ \ \ \ \ \ \ \ Reference Number\ \ \ ICND1 Book Part(s) Where Topic Is Covered\ \ \ Exam Topic\ \ \ \ \ \ \ Describe the operation of data networks\ \ \ \ \ 1\ \ \ I\ \ \ Describe the purpose and functions of various network devices\ \ \ \ \ 2\ \ \ I\ \ \ Select the components required to meet a given network specification\ \ \ \ \ 3\ \ \ I, II, III\ \ \ Use the OSI and TCP/IP models and their associated protocols to explain how data flows in a network\ \ \ \ \ 4\ \ \ I\ \ \ Describe common networking applications including web applications\ \ \ \ \ 5\ \ \ I\ \ \ Describe the purpose and basic operation of the protocols in the OSI and TCP models\ \ \ \ \ 6\ \ \ I\ \ \ Describe the impact of applications (Voice Over IP and Video Over IP) on a network\ \ \ \ \ 7\ \ \ I–IV\ \ \ Interpret network diagrams\ \ \ \ \ 8\ \ \ I–IV\ \ \ Determine the path between two hosts across a network\ \ \ \ \ 9\ \ \ I, III, IV\ \ \ Describe the components required for network and Internet communications\ \ \ \ \ 10\ \ \ I–IV\ \ \ Identify and correct common network problems at layers 1, 2, 3 and 7 using a layered model approach\ \ \ \ \ 11\ \ \ II, III\ \ \ Differentiate between LAN/WAN operation and features\ \ \ \ \ \ \ Implement a small switched network\ \ \ \ \ 12\ \ \ II\ \ \ Select the appropriate media, cables, ports, and connectors to connect switches to other network devices and hosts\ \ \ \ \ 13\ \ \ II\ \ \ Explain the technology and media access control method for Ethernet technologies\ \ \ \ \ 14\ \ \ II\ \ \ Explain network segmentation and basic traffic management concepts\ \ \ \ \ 15\ \ \ II\ \ \ Explain the operation of Cisco switches and basic switching concepts\ \ \ \ \ 16\ \ \ II\ \ \ Perform, save and verify initial switch configuration tasks including remote access management\ \ \ \ \ 17\ \ \ II\ \ \ Verify network status and switch operation using basic utilities (including: ping, traceroute, telnet, SSH, arp, ipconfig), SHOW & DEBUG commands\ \ \ \ \ 18\ \ \ II\ \ \ Implement and verify basic security for a switch (port security, deactivate ports)\ \ \ \ \ 19\ \ \ II\ \ \ Identify, prescribe, and resolve common switched network media issues, configuration issues, autonegotiation, and switch hardware failures\ \ \ \ \ \ \ Implement an IP addressing scheme and IP services to meet network requirements for a small branch office\ \ \ \ \ 20\ \ \ I, III\ \ \ Describe the need and role of addressing in a network\ \ \ \ \ 21\ \ \ I, III\ \ \ Create and apply an addressing scheme to a network\ \ \ \ \ 22\ \ \ III\ \ \ Assign and verify valid IP addresses to hosts, servers, and networking devices in a LAN environment\ \ \ \ \ 23\ \ \ IV\ \ \ Explain the basic uses and operation of NAT in a small network connecting to one ISP\ \ \ \ \ 24\ \ \ I, III\ \ \ Describe and verify DNS operation\ \ \ \ \ 25\ \ \ III, IV\ \ \ Describe the operation and benefits of using private and public IP addressing\ \ \ \ \ 26\ \ \ III, IV\ \ \ Enable NAT for a small network with a single ISP and connection using SDM and verify operation using CLI and ping\ \ \ \ \ 27\ \ \ III\ \ \ Configure, verify and troubleshoot DHCP and DNS operation on a router. (including: CLI/SDM)\ \ \ \ \ 28\ \ \ III\ \ \ Implement static and dynamic addressing services for hosts in a LAN environment\ \ \ \ \ 29\ \ \ III\ \ \ Identify and correct IP addressing issues\ \ \ \ \ \ \ Implement a small routed network\ \ \ \ \ 30\ \ \ I, III\ \ \ Describe basic routing concepts (including: packet forwarding, router lookup process)\ \ \ \ \ 31\ \ \ III\ \ \ Describe the operation of Cisco routers (including: router bootup process, POST, router components)\ \ \ \ \ 32\ \ \ I, III\ \ \ Select the appropriate media, cables, ports, and connectors to connect routers to other network devices and hosts\ \ \ \ \ 33\ \ \ III\ \ \ Configure, verify, and troubleshoot RIPv2\ \ \ \ \ 34\ \ \ III\ \ \ Access and utilize the router CLI to set basic parameters\ \ \ \ \ 35\ \ \ III\ \ \ Connect, configure, and verify operation status of a device interface\ \ \ \ \ 36\ \ \ III\ \ \ Verify device configuration and network connectivity using ping, traceroute, telnet, SSH or other utilities\ \ \ \ \ 37\ \ \ III\ \ \ Perform and verify routing configuration tasks for a static or default route given specific routing requirements\ \ \ \ \ 38\ \ \ III\ \ \ Manage IOS configuration files (including: save, edit, upgrade, restore)\ \ \ \ \ 39\ \ \ III\ \ \ Manage Cisco IOS\ \ \ \ \ 40\ \ \ III\ \ \ Implement password and physical security\ \ \ \ \ 41\ \ \ III\ \ \ Verify network status and router operation using basic utilities (including: ping, traceroute, telnet, SSH, arp, ipconfig), SHOW & DEBUG commands\ \ \ \ \ \ \ Explain and select the appropriate administrative tasks required for a WLAN\ \ \ \ \ 42\ \ \ II\ \ \ Describe standards associated with wireless media (including: IEEE, WI-FI Alliance, ITU/FCC)\ \ \ \ \ 43\ \ \ II\ \ \ Identify and describe the purpose of the components in a small wireless network. (including: SSID, BSS, ESS)\ \ \ \ \ 44\ \ \ II\ \ \ Identify the basic parameters to configure on a wireless network to ensure that devices connect to the correct access point\ \ \ \ \ 45\ \ \ II\ \ \ Compare and contrast wireless security features and capabilities of WPA security (including: open, WEP, WPA-1/2)\ \ \ \ \ 46\ \ \ II\ \ \ Identify common issues with implementing wireless networks\ \ \ \ \ \ \ Identify security threats to a network and describe general methods to mitigate those threats\ \ \ \ \ 47\ \ \ I\ \ \ Explain today's increasing network security threats and the need to implement a comprehensive security policy to mitigate the threats\ \ \ \ \ 48\ \ \ I\ \ \ Explain general methods to mitigate common security threats to network devices, hosts, and applications\ \ \ \ \ 49\ \ \ I\ \ \ Describe the functions of common security appliances and applications\ \ \ \ \ 50\ \ \ I, II, III\ \ \ Describe security recommended practices including initial steps to secure network devices\ \ \ \ \ \ \ Implement and verify WAN links\ \ \ \ \ 51\ \ \ IV\ \ \ Describe different methods for connecting to a WAN\ \ \ \ \ 52\ \ \ IV\ \ \ Configure and verify a basic WAN serial connection\ \ \ \ ICND2 Exam Topics\ Table I-2 lists the exam topics for the ICND2 (640-816) exam, along with the book parts in CCNA ICND2 Official Exam Certification Guide in which each topic is covered.\ Table I-2 ICND2 Exam Topics\ \ \ \ \ \ \ \ \ Reference Number\ \ \ ICND2 Book Part(s) Where Topic Is Covered\ \ \ Exam Topic\ \ \ \ \ \ \ Configure, verify and troubleshoot a switch with VLANs and interswitch communications\ \ \ \ \ 101\ \ \ I\ \ \ Describe enhanced switching technologies (including: VTP, RSTP, VLAN, PVSTP, 802.1q)\ \ \ \ \ 102\ \ \ I\ \ \ Describe how VLANs create logically separate networks and the need for routing between them\ \ \ \ \ 103\ \ \ I\ \ \ Configure, verify, and troubleshoot VLANs\ \ \ \ \ 104\ \ \ I\ \ \ Configure, verify, and troubleshoot trunking on Cisco switches\ \ \ \ \ 105\ \ \ II\ \ \ Configure, verify, and troubleshoot interVLAN routing\ \ \ \ \ 106\ \ \ I\ \ \ Configure, verify, and troubleshoot VTP\ \ \ \ \ 107\ \ \ I\ \ \ Configure, verify, and troubleshoot RSTP operation\ \ \ \ \ 108\ \ \ I\ \ \ Interpret the output of various show and debug commands to verify the operational status of a Cisco switched network\ \ \ \ \ 109\ \ \ I\ \ \ Implement basic switch security (including: port security, unassigned ports, trunk access, etc.)\ \ \ \ \ \ \ Implement an IP addressing scheme and IP Services to meet network requirements in a medium-size Enterprise branch office network\ \ \ \ \ 110\ \ \ II\ \ \ Calculate and apply a VLSM IP addressing design to a network\ \ \ \ \ 111\ \ \ II\ \ \ Determine the appropriate classless addressing scheme using VLSM and summarization to satisfy addressing requirements in a LAN/WAN environment\ \ \ \ \ 112\ \ \ V\ \ \ Describe the technological requirements for running IPv6 (including: protocols, dual stack, tunneling, etc)\ \ \ \ \ 113\ \ \ V\ \ \ Describe IPv6 addresses\ \ \ \ \ 114\ \ \ II, III\ \ \ Identify and correct common problems associated with IP addressing and host configurations\ \ \ \ \ \ \ Configure and troubleshoot basic operation and routing on Cisco devices\ \ \ \ \ 115\ \ \ III\ \ \ Compare and contrast methods of routing and routing protocols\ \ \ \ \ 116\ \ \ III\ \ \ Configure, verify and troubleshoot OSPF\ \ \ \ \ 117\ \ \ III\ \ \ Configure, verify and troubleshoot EIGRP\ \ \ \ \ 118\ \ \ II, III\ \ \ Verify configuration and connectivity using ping, traceroute, and telnet or SSH\ \ \ \ \ 119\ \ \ II, III\ \ \ Troubleshoot routing implementation issues\ \ \ \ \ 120\ \ \ II, III, IV\ \ \ Verify router hardware and software operation using SHOW & DEBUG commands\ \ \ \ \ 121\ \ \ II\ \ \ Implement basic router security\ \ \ \ \ \ \ Implement, verify, and troubleshoot NAT and ACLs in a medium-size Enterprise branch office network.\ \ \ \ \ 122\ \ \ II\ \ \ Describe the purpose and types of access control lists\ \ \ \ \ 123\ \ \ II\ \ \ Configure and apply access control lists based on network filtering requirements\ \ \ \ \ 124\ \ \ II\ \ \ Configure and apply an access control list to limit telnet and SSH access to the router\ \ \ \ \ 125\ \ \ II\ \ \ Verify and monitor ACLs in a network environment\ \ \ \ \ 126\ \ \ II\ \ \ Troubleshoot ACL implementation issues\ \ \ \ \ 127\ \ \ V\ \ \ Explain the basic operation of NAT\ \ \ \ \ 128\ \ \ V\ \ \ Configure Network Address Translation for given network requirements using CLI\ \ \ \ \ 129\ \ \ V\ \ \ Troubleshoot NAT implementation issues\ \ \ \ \ \ \ Implement and verify WAN links\ \ \ \ \ 130\ \ \ IV\ \ \ Configure and verify Frame Relay on Cisco routers\ \ \ \ \ 131\ \ \ IV\ \ \ Troubleshoot WAN implementation issues\ \ \ \ \ 132\ \ \ IV\ \ \ Describe VPN technology (including: importance, benefits, role, impact, components)\ \ \ \ \ 133\ \ \ IV\ \ \ Configure and verify PPP connection between Cisco routers\ \ \ \ CCNA Exam Topics\ In the previous version of the exams, the CCNA exam covered a lot of what was in the ICND (640-811) exam, plus some coverage of topics in the INTRO (640-821) exam. The new CCNA exam (640-802) covers all the topics on both the ICND1 (640-822) and ICND2 (640-816) exams. One of the reasons for a more balanced coverage in the exams is that some of the topics that used to be in the second exam have been moved to the first exam.\ The new CCNA (640-802) exam covers all topics in both the ICND1 and ICND2 exams. The official CCNA 640-802 exam topics, posted at http://www.cisco.com, include all the topics listed in Table I-2 for the ICND2 exam, plus most of the exam topics for the ICND1 exam listed in Table I-1. The only exam topics from these two tables that are not listed as CCNA exam topics are the topics highlighted in gray in Table I-1. However, note that the gray topics are still covered on the CCNA 640-802 exam. Those topics are just not listed in the CCNA exam topics because one of the ICND2 exam topics refers to the same concepts.\ ICND1 and ICND2 Course Outlines\ Another way to get some direction about the topics on the exams is to look at the course outlines for the related courses. Cisco offers two authorized CCNA-related courses: Interconnecting Cisco Network Devices 1 (ICND1) and Interconnecting Cisco Network Devices 2 (ICND2). Cisco authorizes Certified Learning Solutions Providers (CLSP) and Certified Learning Partners (CLP) to deliver these classes. These authorized companies can also create unique custom course books using this material, in some cases to teach classes geared toward passing the CCNA exam.\ About the CCENT/CCNA ICND1 Official Exam Certification Guide and CCNA ICND2 Official Exam Certification Guide\ As mentioned earlier, Cisco has separated the content covered by the CCNA exam into two parts: topics typically used by engineers who work in a small enterprise network (ICND1), with the additional topics commonly used by engineers in medium-sized enterprises being covered by the ICND2 exam. Likewise, the Cisco Press CCNA Exam Certification Guide series includes two books for CCNA—CCENT/CCNA ICND1 Official Exam Certification Guide and CCNA ICND2 Official Exam Certification Guide. These two books cover the breadth of topics on each exam, typically to a little more depth than is required for the exams, just to ensure that the books prepare you for the more difficult exam questions.\ The following sections list the variety of features in both this book and CCENT/CCNA ICND1 Official Exam Certification Guide. Both books have the same basic features, so if you are reading both this book and the ICND1 book, you don't need to read the introduction to both books. Also, for those of you who are using both books to prepare for the CCNA 640-802 exam (rather than taking the two-exam option), the end of this introduction lists a suggested reading plan.\ Objectives and Methods\ The most important and somewhat obvious objective of this book is to help you pass the ICND2 exam or the CCNA exam. In fact, if the primary objective of this book were different, the book's title would be misleading! However, the methods used in this book to help you pass the exams are also designed to make you much more knowledgeable about how to do your job.\ This book uses several key methodologies to help you discover the exam topics on which you need more review, to help you fully understand and remember those details, and to help you prove to yourself that you have retained your knowledge of those topics. So, this book does not try to help you pass the exams only by memorization, but by truly learning and understanding the topics. The CCNA certification is the foundation for many of the Cisco professional certifications, and it would be a disservice to you if this book did not help you truly learn the material. Therefore, this book helps you pass the CCNA exam by using the following methods:\ \ Helping you discover which exam topics you have not mastered\ Providing explanations and information to fill in your knowledge gaps\ Supplying exercises that enhance your ability to recall and deduce the answers to test questions\ Providing practice exercises on the topics and the testing process through test questions on the CD\ \ Book Features\ To help you customize your study time using these books, the core chapters have several features that help you make the best use of your time:\ \ "Do I Know This Already?" Quizzes: Each chapter begins with a quiz that helps you determine the amount of time you need to spend studying that chapter.\ Foundation Topics: These are the core sections of each chapter. They explain the protocols, concepts, and configuration for the topics in that chapter.\ Exam Preparation Tasks: At the end of the Foundation Topics section of each chapter, the Exam Preparation Tasks section lists a series of study activities that should be done at the end of the chapter. Each chapter includes the activities that make the most sense for studying the topics in that chapter. The activities include the following:\ \ — Key Topics Review: The Key Topics icon is shown next to the most important items in the Foundation Topics section of the chapter. The Key Topics Review activity lists the key topics from the chapter, and the page number. While the contents of the entire chapter could be on the exam, you should definitely know the information listed in each key topic, so these should be reviewed.\ — Complete Tables and Lists from Memory: To help you exercise your memory and memorize some lists of facts, many of the more important lists and tables from the chapter are included in Appendix J on the CD. This document lists only partial information, allowing you to complete the table or list. Appendix K lists the same tables and lists, completed, for easy comparison.\ — Definition of Key Terms: While the exams are unlikely to ask a question like "Define this term," the CCNA exams do require that you learn and know a lot of networking terminology. This section lists the most important terms from the chapter, asking you to write a short definition and compare your answer to the glossary at the end of the book.\ — Command Reference Tables: Some book chapters cover a large amount of configuration and EXEC commands. These tables list the commands introduced in the chapter, along with an explanation. For exam preparation, use them for reference, but also read the tables once when performing the Exam Preparation Tasks to make sure that you remember what all the commands do.

ForewordIntroductionPart I: LAN SwitchingChapter 1 Virtual LANs"Do I Know This Already?" Quiz 5Foundation Topics 9Virtual LAN ConceptsTrunking with ISL and 802.1QISLIEEE 802.1QISL and 802.1Q ComparedIP Subnets and VLANsVLAN Trunking Protocol (VTP)Normal VTP Operation Using VTP Server and Client ModesThree Requirements for VTP to Work Between Two SwitchesAvoiding VTP by Using VTP Transparent ModeStoring VLAN ConfigurationVTP VersionsVTP PruningSummary of VTP FeaturesVLAN and VLAN Trunking Configuration and VerificationCreating VLANs and Assigning Access VLANs to an InterfaceVLAN Configuration Example 1: Full VLAN ConfigurationVLAN Configuration Example 2: Shorter VLAN ConfigurationVLAN Trunking ConfigurationControlling Which VLANs Can Be Supported on a TrunkTrunking to Cisco IP PhonesSecuring VLANs and TrunkingVTP Configuration and VerificationUsing VTP: Configuring Servers and ClientsCaveats When Moving Away from Default VTP ConfigurationAvoiding VTP: Configuring Transparent ModeTroubleshooting VTPDetermining Why VTP Is Not Currently WorkingProblems When Connecting New Switches and Bringing Up TrunksAvoiding VTP Problems Through Best PracticesExam Preparation TasksReview All the Key TopicsComplete the Tables and Lists from MemoryDefinitions of Key TermsCommand Reference to Check Your MemoryChapter 2 Spanning Tree Protocol"Do I Know This Already?" QuizFoundation TopicsSpanning Tree Protocol (IEEE 802.1d)The Need for Spanning TreeWhat IEEE 802.1d Spanning Tree DoesHow Spanning Tree WorksThe STP Bridge ID and Hello BPDUElecting the Root SwitchChoosing Each Switch's Root PortChoosing the Designated Port on Each LAN SegmentReacting to Changes in the NetworkOptional STP FeaturesEtherChannelPortFastSTP SecurityRapid STP (IEEE 802.1w)RSTP Link and Edge TypesRSTP Port StatesRSTP Port RolesRSTP ConvergenceEdge-Type Behavior and PortFastLink-Type SharedLink-Type Point-to-PointAn Example of Speedy RSTP ConvergenceSTP Configuration and VerificationMultiple Instances of STPConfiguration Options That Influence the Spanning Tree TopologyThe Bridge ID and System ID ExtensionPer-VLAN Port CostsSTP Configuration Option SummaryVerifying Default STP OperationConfiguring STP Port Costs and Switch PriorityConfiguring PortFast and BPDU GuardConfiguring EtherChannelConfiguring RSTPSTP TroubleshootingDetermining the Root SwitchDetermining the Root Port on Nonroot SwitchesDetermining the Designated Port on Each LAN SegmentSTP ConvergenceExam Preparation TasksReview All the Key TopicsComplete the Tables and Lists from MemoryDefinitions of Key TermsCommand Reference to Check Your MemoryChapter 3 Troubleshooting LAN Switching"Do I Know This Already?" QuizFoundation TopicsGeneralized Troubleshooting MethodologiesAnalyzing and Predicting Normal Network OperationData Plane AnalysisControl Plane AnalysisPredicting Normal Operations: Summary of the ProcessProblem IsolationRoot Cause AnalysisReal World Versus the ExamsTroubleshooting the LAN Switching Data PlaneAn Overview of the Normal LAN Switch Forwarding ProcessStep 1: Confirm the Network Diagrams Using CDPStep 2: Isolate Interface ProblemsInterface Status Codes and Reasons for Nonworking StatesThe notconnect State and Cabling PinoutsInterface Speed and Duplex IssuesStep 3: Isolate Filtering and Port Security ProblemsStep 4: Isolate VLAN and Trunking ProblemsEnsuring That the Right Access Interfaces Are in the Right VLANsAccess VLANs Not Being Defined or Being ActiveIdentify Trunks and VLANs Forwarded on Those TrunksExample: Troubleshooting the Data PlaneStep 1: Verify the Accuracy of the Diagram Using CDPStep 2: Check for Interface ProblemsStep 3: Check for Port Security ProblemsStep 4: Check for VLAN and VLAN Trunk ProblemsPredicting Normal Operation of the LAN Switching Data PlanePC1 Broadcast in VLAN 1Forwarding Path: Unicast from R1 to PC1Exam Preparation TasksReview All the Key TopicsComplete the Tables and Lists from MemoryPart II: IP RoutingChapter 4 IP Routing: Static and Connected Routes"Do I Know This Already?" QuizFoundation TopicsIP Routing and AddressingIP RoutingIP Addressing and SubnettingIP Forwarding by Matching the Most Specific RouteDNS, DHCP, ARP, and ICMPFragmentation and MTURoutes to Directly Connected SubnetsSecondary IP AddressingSupporting Connected Routes to Subnet ZeroISL and 802.1Q Configuration on RoutersStatic RoutesConfiguring Static RoutesThe Extended ping CommandStatic Default RoutesDefault Routes Using the ip route CommandDefault Routes Using the ip default-network CommandDefault Route SummaryClassful and Classless RoutingSummary of the Use of the Terms Classless and ClassfulClassless and Classful Routing ComparedExam Preparation TasksReview All the Key TopicsComplete the Tables and Lists from MemoryDefinitions of Key TermsCommand Reference to Check Your MemoryChapter 5 VLSM and Route Summarization"Do I Know This Already?" QuizFoundation TopicsVLSMClassless and Classful Routing ProtocolsOverlapping VLSM SubnetsDesigning a Subnetting Scheme Using VLSMAdding a New Subnet to an Existing DesignVLSM ConfigurationManual Route SummarizationRoute Summarization ConceptsRoute Summarization StrategiesSample "Best" Summary on SevilleSample "Best" Summary on YosemiteAutosummarization and Discontiguous Classful NetworksAn Example of AutosummarizationDiscontiguous Classful NetworksAutosummarization Support and ConfigurationExam Preparation TasksReview All the Key TopicsComplete the Tables and Lists from MemoryDefinitions of Key TermsRead Appendix F ScenariosCommand Reference to Check Your MemoryChapter 6 IP Access Control Lists"Do I Know This Already?" QuizFoundation TopicsStandard IP Access Control ListsIP Standard ACL ConceptsWildcard MasksA Quicker Alternative for Interpreting Wildcard MasksStandard IP Access List ConfigurationStandard IP ACL: Example 1Standard IP ACL: Example 2Extended IP Access Control ListsExtended IP ACL ConceptsMatching TCP and UDP Port NumbersExtended IP ACL ConfigurationExtended IP Access Lists: Example 1Extended IP Access Lists: Example 2Advances in Managing ACL ConfigurationNamed IP Access ListsEditing ACLs Using Sequence NumbersMiscellaneous ACL TopicsControlling Telnet and SSH Access with ACLsACL Implementation ConsiderationsReflexive Access ListsDynamic ACLsTime-Based ACLsExam Preparation TasksReview All the Key TopicsComplete the Tables and Lists from MemoryRead the Appendix F ScenariosDefinitions of Key TermsCommand Reference to Check Your MemoryChapter 7 Troubleshooting IP Routing"Do I Know This Already?" QuizFoundation TopicsThe ping and traceroute CommandsInternet Control Message Protocol (ICMP)The ping Command and the ICMP Echo Request and Echo ReplyThe Destination Unreachable ICMP MessageThe Redirect ICMP MessageThe ICMP Time Exceeded MessageThe traceroute CommandTroubleshooting the Packet Forwarding ProcessIsolating IP Routing Problems Related to HostsIsolating IP Routing Problems Related to RoutersTroubleshooting Scenario 1: Forward Route ProblemTroubleshooting Scenario 2: Reverse Route ProblemAn Alternative Problem Isolation Process for Steps 3, 4, and 5Troubleshooting Tools and TipsHost Routing Tools and PerspectivesHost Troubleshooting TipsLAN Switch IP Supportshow ip route ReferenceInterface StatusVLSM IssuesRecognizing When VLSM Is UsedConfiguring Overlapping VLSM SubnetsSymptoms with Overlapping SubnetsVLSM Troubleshooting SummaryDiscontiguous Networks and AutosummaryAccess List Troubleshooting TipsExam Preparation TasksReview All the Key TopicsComplete the Tables and Lists from MemoryDefinitions of Key TermsPart III: Routing Protocols Configuration and TroubleshootingChapter 8 Routing Protocol Theory"Do I Know This Already?" QuizFoundation TopicsDynamic Routing Protocol OverviewRouting Protocol FunctionsInterior and Exterior Routing ProtocolsComparing IGPsIGP Routing Protocol AlgorithmsMetricsIGP Comparisons: SummaryAdministrative DistanceDistance Vector Routing Protocol FeaturesThe Concept of a Distance and a VectorDistance Vector Operation in a Stable NetworkDistance Vector Loop PreventionRoute PoisoningProblem: Counting to Infinity over a Single LinkSplit HorizonPoison Reverse and Triggered UpdatesProblem: Counting to Infinity in a Redundant NetworkThe Holddown Process and Holddown TimerDistance Vector SummaryLink-State Routing Protocol FeaturesBuilding the Same LSDB on Every RouterApplying Dijkstra SPF Math to Find the Best RoutesConvergence with Link-State ProtocolsSummary and Comparisons to Distance Vector ProtocolsExam Preparation TasksReview All the Key TopicsComplete the Tables and Lists from MemoryDefinitions of Key TermsCommand Reference to Check Your MemoryChapter 9 OSPF"Do I Know This Already?" QuizFoundation TopicsOSPF Protocols and OperationOSPF NeighborsIdentifying OSPF Routers with a Router IDMeeting Neighbors by Saying HelloPotential Problems in Becoming a NeighborNeighbor StatesOSPF Topology Database ExchangeOverview of the OSPF Database Exchange ProcessChoosing a Designated RouterDatabase ExchangeMaintaining the LSDB While Being Fully AdjacentSummary of Neighbor StatesBuilding the IP Routing TableScaling OSPF Through Hierarchical DesignOSPF AreasOSPF Area Design AdvantagesOSPF ConfigurationOSPF Single-Area ConfigurationOSPF Configuration with Multiple AreasConfiguring the OSPF Router IDOSPF Hello and Dead TimersOSPF Metrics (Cost)OSPF AuthenticationOSPF Load BalancingExam Preparation TasksReview All the Key TopicsComplete the Tables and Lists from MemoryDefinitions of Key TermsCommand Reference to Check Your MemoryChapter 10 EIGRP"Do I Know This Already?" QuizFoundation TopicsEIGRP Concepts and OperationEIGRP NeighborsExchanging EIGRP Topology InformationCalculating the Best Routes for the Routing TableFeasible Distance and Reported DistanceCaveats with Bandwidth on Serial LinksEIGRP ConvergenceEIGRP Successors and Feasible SuccessorsThe Query and Reply ProcessEIGRP Summary and Comparisons with OSPFEIGRP Configuration and VerificationBasic EIGRP ConfigurationEIGRP Metrics, Successors, and Feasible SuccessorsCreating and Viewing a Feasible Successor RouteConvergence Using the Feasible Successor RouteEIGRP AuthenticationEIGRP Maximum Paths and VarianceTuning the EIGRP Metric CalculationExam Preparation TasksReview All the Key TopicsComplete the Tables and Lists from MemoryDefinitions of Key TermsCommand Reference to Check Your MemoryChapter 11 Troubleshooting Routing Protocols"Do I Know This Already?" QuizFoundation TopicsPerspectives on Troubleshooting Routing Protocol ProblemsInterfaces Enabled with a Routing ProtocolEIGRP Interface Troubleshooting ExampleOSPF Interface Troubleshooting ExampleNeighbor RelationshipsEIGRP Neighbor RequirementsOSPF Neighbor RequirementsOSPF Neighbor Example 1OSPF Neighbor Example 2The MTU Matching RequirementExam Preparation TasksReview All the Key TopicsComplete the Tables and Lists from MemoryCommand Reference to Check Your MemoryPart IV: Wide-Area NetworksChapter 12 Point-to-Point WANs"Do I Know This Already?" QuizFoundation TopicsPPP ConceptsThe PPP Protocol FieldPPP Link Control Protocol (LCP)Looped Link DetectionEnhanced Error DetectionPPP MultilinkPPP AuthenticationPPP ConfigurationBasic PPP ConfigurationCHAP Configuration and VerificationPAP ConfigurationTroubleshooting Serial LinksTroubleshooting Layer 1 ProblemsTroubleshooting Layer 2 ProblemsKeepalive FailurePAP and CHAP Authentication FailureTroubleshooting Layer 3 ProblemsExam Preparation TasksReview All the Key TopicsComplete the Tables and Lists from MemoryDefinitions of Key TermsCommand Reference to Check Your MemoryChapter 13 Frame Relay Concepts"Do I Know This Already?" QuizFoundation TopicsFrame Relay OverviewFrame Relay StandardsVirtual CircuitsLMI and Encapsulation TypesFrame Relay AddressingFrame Relay Local AddressingFrame Relay Global AddressingNetwork Layer Concerns with Frame RelayFrame Relay Layer 3 Addressing: One Subnet Containing All Frame Relay DTEsFrame Relay Layer 3 Addressing: One Subnet Per VCFrame Relay Layer 3 Addressing: Hybrid ApproachLayer 3 Broadcast HandlingControlling Speed and Discards in the Frame Relay CloudFECN and BECNThe Discard Eligibility (DE) BitExam Preparation TasksReview All the Key TopicsComplete the Tables and Lists from MemoryDefinitions of Key TermsChapter 14 Frame Relay Configuration and Troubleshooting"Do I Know This Already?" QuizFoundation TopicsFrame Relay Configuration and VerificationPlanning a Frame Relay ConfigurationA Fully Meshed Network with One IP SubnetConfiguring the Encapsulation and LMIFrame Relay Address MappingInverse ARPStatic Frame Relay MappingA Partially Meshed Network with One IP Subnet Per VCAssigning a DLCI to a Particular SubinterfaceComments About Global and Local AddressingFrame Relay VerificationA Partially Meshed Network with Some Fully Meshed PartsFrame Relay TroubleshootingA Suggested Frame Relay Troubleshooting ProcessLayer 1 Issues on the Access Link (Step 1)Layer 2 Issues on the Access Link (Step 2)PVC Problems and Status (Step 3)Find the Connected Subnet and Outgoing Interface (Steps 3a and 3b)Find the PVCs Assigned to That Interface (Step 3c)Determine Which PVC Is Used to Reach a Particular Neighbor (Step 3d)PVC StatusSubinterface StatusFrame Relay Mapping Issues (Step 4)End-to-End Encapsulation (Step 5)Mismatched Subnet Numbers (Step 6)Exam Preparation TasksReview All the Key TopicsComplete the Tables and Lists from MemoryRead the Appendix F ScenariosCommand Reference to Check Your MemoryChapter 15 Virtual Private Networks"Do I Know This Already?" QuizFoundation TopicsVPN FundamentalsIPsec VPNsIPsec EncryptionIPsec Key ExchangeIPsec Authentication and Message IntegrityThe ESP and AH Security ProtocolsIPsec Implementation ConsiderationsSSL VPNsExam Preparation TasksReview All the Key TopicsComplete the Tables and Lists from MemoryDefinitions of Key TermsPart V: Scaling the IP Address SpaceChapter 16 Network Address Translation"Do I Know This Already?" QuizFoundation TopicsPerspectives on IPv4 Address ScalabilityCIDRRoute Aggregation for Shorter Routing TablesIPv4 Address ConservationPrivate AddressingNetwork Address Translation ConceptsStatic NATDynamic NATOverloading NAT with Port Address Translation (PAT)Translating Overlapping AddressesNAT Configuration and TroubleshootingStatic NAT ConfigurationDynamic NAT ConfigurationNAT Overload (PAT) ConfigurationNAT TroubleshootingExam Preparation TasksReview All the Key TopicsComplete the Tables and Lists from MemoryDefinitions of Key TermsCommand Reference to Check Your MemoryChapter 17 IP Version 6"Do I Know This Already?" QuizFoundation TopicsGlobal Unicast Addressing, Routing, and SubnettingGlobal Route Aggregation for Efficient RoutingConventions for Representing IPv6 AddressesConventions for Writing IPv6 PrefixesGlobal Unicast Prefix Assignment ExampleSubnetting Global Unicast IPv6 Addresses Inside an EnterprisePrefix TerminologyIPv6 Protocols and AddressingDHCP for IPv6IPv6 Host Address AssignmentThe IPv6 Interface ID and EUI-64 FormatStatic IPv6 Address ConfigurationStateless Autoconfiguration and Router AdvertisementsIPv6 Address Configuration SummaryDiscovering the Default Router with NDPLearning the IP Address(es) of DNS ServersIPv6 AddressesUnicast IPv6 AddressesMulticast and Other Special IPv6 AddressesSummary of IP Protocols and AddressingConfiguring IPv6 Routing and Routing ProtocolsIPv6 Routing ProtocolsIPv6 ConfigurationIPv6 Transition OptionsIPv4/IPv6 Dual StacksTunnelingTranslating Between IPv4 and IPv6 with NAT-PTTransition SummaryExam Preparation TasksReview All the Key TopicsComplete the Tables and Lists from MemoryDefinitions of Key TermsCommand Reference to Check Your MemoryPart VI: Final PreparationChapter 18 Final PreparationTools for Final PreparationExam Engine and Questions on the CDInstall the Software from the CDActivate and Download the Practice ExamActivating Other ExamsThe Cisco CCNA Prep CenterSubnetting Videos, Reference Pages, and Practice ProblemsScenariosStudy PlanRecall the FactsPractice SubnettingBuild Troubleshooting Skills Using ScenariosUse the Exam EngineChoosing Study or Simulation ModeChoosing the Right Exam OptionSummaryPart VII: AppendixesAppendix A Answers to the "Do I Know This Already?" QuizzesChapter 1Chapter 2Chapter 4Chapter 5Chapter 6Chapter 8Chapter 9Chapter 10Chapter 12Chapter 13Chapter 14Chapter 15Chapter 16Chapter 17Appendix B Decimal to Binary Conversion TableAppendix C ICND2 Exam Updates: Version 1.0GlossaryIndexPart VIII: CD-OnlyAppendix D Subnetting PracticeAppendix E Subnetting Reference PagesAppendix F Additional ScenariosAppendix G Video Scenario ReferenceAppendix H ICND1 Chapter 12: IP Addressing and SubnettingAppendix I ICND1 Chapter 17: WAN ConfigurationAppendix J Memory TablesAppendix K Memory Tables Answer KeyAppendix L ICND2 Open-Ended Questions