Muutke küpsiste eelistusi

E-raamat: Enterprise Networking, Security, and Automation Companion Guide (CCNAv7)

3.33/5 (3 hinnangut Goodreads-ist)
  • Formaat: 750 pages
  • Sari: Companion Guide
  • Ilmumisaeg: 08-Jul-2020
  • Kirjastus: Cisco Press
  • Keel: eng
  • ISBN-13: 9780136634294
Teised raamatud teemal:
  • Formaat - PDF+DRM
  • Hind: 59,42 €*
  • * hind on lõplik, st. muud allahindlused enam ei rakendu
  • Lisa ostukorvi
  • Lisa soovinimekirja
  • See e-raamat on mõeldud ainult isiklikuks kasutamiseks. E-raamatuid ei saa tagastada.
Enterprise Networking, Security, and Automation Companion Guide (CCNAv7)Suurem pilt
  • Formaat: 750 pages
  • Sari: Companion Guide
  • Ilmumisaeg: 08-Jul-2020
  • Kirjastus: Cisco Press
  • Keel: eng
  • ISBN-13: 9780136634294
Teised raamatud teemal:

DRM piirangud

  • Kopeerimine (copy/paste):

    ei ole lubatud

  • Printimine:

    ei ole lubatud

  • Kasutamine:

    Digitaalõiguste kaitse (DRM)
    Kirjastus on väljastanud selle e-raamatu krüpteeritud kujul, mis tähendab, et selle lugemiseks peate installeerima spetsiaalse tarkvara. Samuti peate looma endale  Adobe ID Rohkem infot siin. E-raamatut saab lugeda 1 kasutaja ning alla laadida kuni 6'de seadmesse (kõik autoriseeritud sama Adobe ID-ga).

    Vajalik tarkvara
    Mobiilsetes seadmetes (telefon või tahvelarvuti) lugemiseks peate installeerima selle tasuta rakenduse: PocketBook Reader (iOS / Android)

    PC või Mac seadmes lugemiseks peate installima Adobe Digital Editionsi (Seeon tasuta rakendus spetsiaalselt e-raamatute lugemiseks. Seda ei tohi segamini ajada Adober Reader'iga, mis tõenäoliselt on juba teie arvutisse installeeritud )

    Seda e-raamatut ei saa lugeda Amazon Kindle's. 

Enterprise Networking, Security, and Automation Companion Guide is the official supplemental textbook for the Enterprise Networking, Security, and Automation v7 course in the Cisco Networking Academy CCNA curriculum.

This course describes the architectures and considerations related to designing, securing, operating, and troubleshooting enterprise networks. You will implement the OSPF dynamic routing protocol, identify and protect against cybersecurity threats, configure access control lists (ACLs), implement Network Address Translation (NAT), and learn about WANs and IPsec VPNs. You will also learn about QoS mechanisms, network management tools, network virtualization, and network automation.



The Companion Guide is designed as a portable desk reference to use anytime, anywhere to reinforce the material from the course and organize your time.

The books features help you focus on important concepts to succeed in this course:

* Chapter objectives: Review core concepts by answering the focus questions listed at the beginning of each chapter. * Key terms: Refer to the lists of networking vocabulary introduced and highlighted in context in each chapter. * Glossary: Consult the comprehensive Glossary with more than 500 terms. * Summary of Activities and Labs: Maximize your study time with this complete list of all associated practice exercises at the end of each chapter. * Check Your Understanding: Evaluate your readiness with the end-of-chapter questions that match the style of questions you see in the online course quizzes. The answer key explains each answer. How To: Look for this icon to study the steps you need to learn to perform certain tasks. Interactive Activities: Reinforce your understanding of topics with dozens of exercises from the online course identified throughout the book with this icon. Videos: Watch the videos embedded within the online course. Packet Tracer Activities: Explore and visualize networking concepts using Packet Tracer exercises interspersed throughout the chapters and provided in the accompanying Labs & Study Guide book. Hands-on Labs: Work through all the course labs and additional Class Activities that are included in the course and published in the separate Labs & Study Guide. This book is offered exclusively for students enrolled in Cisco Networking Academy courses. It is not designed for independent study or professional certification preparation. Visit netacad.com to learn more about program options and requirements.Related titles: CCNA 200-301 Portable Command Guide Book: 9780135937822 eBook: 9780135937709 31 Days Before Your CCNA Exam Book: 9780135964088 eBook: 9780135964231 CCNA 200-301 Official Cert Guide, Volume 1 Book: 9780135792735 Premium Edition: 9780135792728 CCNA 200-301 Official Cert Guide, Volume 2 Book: 9781587147135 Premium Edition: 9780135262719
Introduction xxxi
Chapter 1 Single-Area OSPFv2 Concepts
1(32)
Objectives
1(1)
Key Terms
1(2)
Introduction (1.0)
3(1)
OSPF Features and Characteristics (1.1)
3(10)
Introduction to OSPF (1.1.1)
3(1)
Components of OSPF (1.1.2)
4(1)
Routing Protocol Messages
4(1)
Data Structures
4(1)
Algorithm
5(1)
Link-State Operation (1.1.3)
6(1)
1 Establish Neighbor Adjacencies
6(1)
2 Exchange Link-State Advertisements
6(1)
3 Build the Link-State Database
7(1)
4 Execute the SPF Algorithm
8(1)
5 Choose the Best Route
8(1)
Single-Area and Multiarea OSPF (1.1.4)
9(1)
Multiarea OSPF (1.1.5)
10(2)
OSPFv3 (1.1.6)
12(1)
OSPF Packets (1.2)
13(4)
Types of OSPF Packets (1.2.2)
13(1)
Link-State Updates (1.2.3)
14(1)
Hello Packet (1.2.4)
15(2)
OSPF Operation (1.3)
17(10)
OSPF Operational States (1.3.2)
17(1)
Establish Neighbor Adjacencies (1.3.3)
18(1)
1 Down State to Init State
18(1)
2 The Init State
19(1)
3 Two-Way State
19(1)
4 Elect the DR and BDR
20(1)
Synchronizing OSPF Databases (1.3.4)
20(1)
1 Decide First Router
21(1)
2 Exchange DBDs
21(1)
3 Send an LSR
22(1)
The Need for a DR (1.3.5)
23(1)
LSA Flooding with a DR (1.3.6)
24(1)
Flooding LSAs
24(1)
LSAs and DR
25(2)
Summary (1.4)
27(2)
OSPF Features and Characteristics
27(1)
OSPF Packets
28(1)
OSPF Operation
28(1)
Practice
29(1)
Check Your Understanding
29(4)
Chapter 2 Single-Area OSPFv2 Configuration
33(60)
Objectives
33(1)
Key Terms
33(1)
Introduction (2.0)
34(1)
OSPF Router ID (2.1)
34(6)
OSPF Reference Topology (2.1.1)
34(1)
Router Configuration Mode for OSPF (2.1.2)
35(1)
Router IDs (2.1.3)
36(1)
Router ID Order of Precedence (2.1.4)
36(1)
Configure a Loopback Interface as the Router ID (2.1.5)
37(1)
Explicitly Configure a Router ID (2.1.6)
38(1)
Modify a Router ID (2.1.7)
39(1)
Point-to-Point OSPF Networks (2.2)
40(9)
The network Command Syntax (2.2.1)
40(1)
The Wildcard Mask (2.2.2)
41(1)
Configure OSPF Using the network Command (2.2.4)
41(2)
Configure OSPF Using the ip ospf Command (2.2.6)
43(1)
Passive Interface (2.2.8)
44(1)
Configure Passive Interfaces (2.2.9)
45(1)
OSPF Point-to-Point Networks (2.2.11)
46(2)
Loopbacks and Point-to-Point Networks (2.2.12)
48(1)
Multiaccess OSPF Networks (2.3)
49(14)
OSPF Network Types (2.3.1)
49(1)
OSPF Designated Router (2.3.2)
49(2)
OSPF Multiaccess Reference Topology (2.3.3)
51(1)
Verify OSPF Router Roles (2.3.4)
52(1)
R1 DROTHER
52(1)
R2 BDR
53(1)
R3 DR
53(1)
Verify DR/BDR Adjacencies (2.3.5)
54(1)
R1 Adjacencies
55(1)
R2 Adjacencies
55(1)
R3 Adjacencies
56(1)
Default DR/BDR Election Process (2.3.6)
56(2)
DR Failure and Recovery (2.3.7)
58(1)
R3 Fails
58(1)
R3 Rejoins Network
59(1)
R4 Joins Network
59(1)
R2 Fails
59(2)
The ip ospf priority Command (2.3.8)
61(1)
Configure OSPF Priority (2.3.9)
61(2)
Modify Single-Area 0SPFv2 (2.4)
63(14)
Cisco OSPF Cost Metric (2.4.1)
63(1)
Adjust the Reference Bandwidth (2.4.2)
64(2)
OSPF Accumulates Costs (2.4.3)
66(1)
Manually Set OSPF Cost Value (2.4.4)
67(2)
Test Failover to Backup Route (2.4.5)
69(1)
Hello Packet Intervals (2.4.7)
69(1)
Verify Hello and Dead Intervals (2.4.8)
70(1)
Modify OSPFv2 Intervals (2.4.9)
71(3)
Default Route Propagation (2.5)
73(1)
Propagate a Default Static Route in OSPFv2 (2.5.1)
74(1)
Verify the Propagated Default Route (2.5.2)
75(2)
Verify Single-Area OSPFv2 (2.6)
77(6)
Verify OSPF Neighbors (2.6.1)
77(2)
Verify OSPF Protocol Settings (2.6.2)
79(1)
Verify OSPF Process Information (2.6.3)
80(1)
Verify OSPF Interface Settings (2.6.4)
81(2)
Summary (2.7)
83(4)
OSPF Router ID
83(1)
Point-to-Point OSPF Networks
83(1)
OSPF Network Types
84(1)
Modify Single-Area OSPFv2
85(1)
Default Route Propagation
86(1)
Verify Single-Area OSPFv2
86(1)
Practice
87(1)
Check Your Understanding
88(5)
Chapter 3 Network Security Concepts
93(1)
Objectives
93(1)
Key Terms
93(2)
Introduction
95(1)
Ethical Hacking Statement (3.0.3)
95(1)
Current State of Cybersecurity (3.1)
95(3)
Current State of Affairs (3.1.1)
95(1)
Vectors of Network Attacks (3.1.2)
96(1)
Data Loss (3.1.3)
97(1)
Threat Actors (3.2)
98(3)
The Hacker (3.2.1)
98(1)
Evolution of Hackers (3.2.2)
99(1)
Cyber Criminals (3.2.3)
100(1)
Hacktivists (3.2.4)
100(1)
State-Sponsored Hackers (3.2.5)
100(1)
Threat Actor Tools (3.3)
101(5)
Introduction to Attack Tools (3.3.2)
101(1)
Evolution of Security Tools (3.3.3)
102(2)
Attack Types (3.3.4)
104(2)
Malware (3.4)
106(3)
Overview of Malware (3.4.1)
106(1)
Viruses and Trojan Horses (3.4.2)
106(2)
Other Types of Malware (3.4.3)
108(1)
Common Network Attacks (3.5)
109(8)
Overview of Network Attacks (3.5.1)
109(1)
Reconnaissance Attacks (3.5.3)
109(1)
Access Attacks (3.5.5)
110(1)
Trust Exploitation Example
111(1)
Port Redirection Example
112(1)
Man-in-the-Middle Attack Example
112(1)
Buffer Overflow Attack
112(2)
Social Engineering Attacks (3.5.6)
114(1)
DoS and DDoS Attacks (3.5.9)
115(1)
DoS Attack
116(1)
DDoS Attack
116(1)
IP Vulnerabilities and Threats (3.6)
117(5)
IPv4 and IPv6 (3.6.2)
118(1)
ICMP Attacks (3.6.3)
118(1)
Amplification and Reflection Attacks (3.6.5)
119(1)
Address Spoofing Attacks (3.6.6)
120(2)
TCP and UDP Vulnerabilities (3.7)
122(5)
TCP Segment Header (3.7.1)
122(1)
TCP Services (3.7.2)
123(1)
TCP Attacks (3.7.3)
124(1)
TCP SYN Flood Attack
124(1)
TCP Reset Attack
125(1)
TCP Session Hijacking
126(1)
UDP Segment Header and Operation (3.7.4)
126(1)
UDP Attacks (3.7.5)
127(1)
UDP Flood Attacks
127(1)
IP Services
127(1)
ARP Vulnerabilities (3.8.1)
127(1)
ARP Cache Poisoning (3.8.2)
128(1)
ARP Request
128(1)
ARP Reply
129(1)
Spoofed Gratuitous ARP Replies
130(1)
DNS Attacks (3.8.4)
131(1)
DNS Open Resolver Attacks
131(1)
DNS Stealth Attacks
132(1)
DNS Domain Shadowing Attacks
132(1)
DNS Tunneling (3.8.5)
132(1)
DHCP (3.8.6)
133(1)
DHCP Attacks (3.8.7)
134(1)
1 Client Broadcasts DHCP Discovery Messages
134(1)
2 DHCP Servers Respond with Offers
134(2)
3 Client Accepts Rogue DHCP Request
136(1)
4 Rogue DHCP Acknowledges the Request
136(1)
Network Security Best Practices (3.9)
137(6)
Confidentiality, Integrity, and Availability (3.9.1)
137(1)
The Defense-in-Depth Approach (3.9.2)
138(1)
Firewalls (3.9.3)
139(1)
IPS (3.9.4)
140(1)
Content Security Appliances (3.9.5)
141(1)
Cisco Email Security Appliance (ESA)
142(1)
Cisco Web Security Appliance (WSA)
142(1)
Cryptography (3.10)
143(14)
Securing Communications (3.10.2)
143(1)
Data Integrity (3.10.3)
144(1)
Hash Functions (3.10.4)
145(1)
MD5 with 128-Bit Digest
145(1)
SHA Hashing Algorithm
146(1)
SHA-2
146(1)
SHA-3
146(1)
Origin Authentication (3.10.5)
147(1)
HMAC Hashing Algorithm
147(1)
Creating the HMAC Value
148(1)
Verifying the HMAC Value
149(1)
Cisco Router HMAC Example
149(1)
Data Confidentiality (3.10.6)
150(1)
Symmetric Encryption (3.10.7)
151(1)
Asymmetric Encryption (3.10.8)
152(3)
Diffie-Hellman (3.10.9)
155(2)
Summary (3.11)
157(2)
Current State of Cybersecurity
157(1)
Threat Actors
157(1)
Threat Actor Tools
157(1)
Malware
157(1)
Common Network Attacks
158(1)
IP Vulnerabilities and Threats
158(1)
TCP and UDP Vulnerabilities
158(1)
IP Services
158(1)
Network Security Best Practices
159(1)
Cryptography
159(1)
Practice
159(1)
Check Your Understanding
160(3)
Chapter 4 ACL Concepts
163(1)
Objectives
163(1)
Key Terms
163(1)
Introduction (4.0)
164(1)
Purpose of ACLs (4.1)
164(4)
What Is an ACL? (4.1.1)
164(1)
Packet Filtering (4.1.2)
165(1)
ACL Operation (4.1.3)
166(2)
Wildcard Masks in ACLs (4.2)
168(5)
Wildcard Mask Overview (4.2.1)
168(1)
Wildcard Mask Types (4.2.2)
169(1)
Wildcard to Match a Host
169(1)
Wildcard Mask to Match an IPv4 Subnet
169(1)
Wildcard Mask to Match an IPv4 Address Range
170(1)
Wildcard Mask Calculation (4.2.3)
170(1)
Example 1
171(1)
Example 2
171(1)
Example 3
171(1)
Example 4
172(1)
Wildcard Mask Keywords (4.2.4)
172(1)
Guidelines for ACL Creation (4.3)
173(2)
Limited Number of ACLs per Interface (4.3.1)
173(1)
ACL Best Practices (4.3.2)
174(1)
Types of IPv4 ACLs (4.4)
175(7)
Standard and Extended ACLs (4.4.1)
175(1)
Numbered and Named ACLs (4.4.2)
176(1)
Numbered ACLs
176(1)
Named ACLs
177(1)
Where to Place ACLs (4.4.3)
177(2)
Standard ACL Placement Example (4.4.4)
179(1)
Extended ACL Placement Example (4.4.5)
180(2)
Summary (4.5)
182(2)
Purpose of ACLs
182(1)
Wildcard Masks
182(1)
Guidelines for ACL Creation
183(1)
Types of IPv4 ACLs
183(1)
Practice
184(1)
Check Your Understanding Questions
184(3)
Chapter 5 ACLs for IPv4 Configuration
187(1)
Objectives
187(1)
Key Term
187(1)
Introduction (5.0)
188(1)
Configure Standard IPv4 ACLs (5.1)
188(7)
Create an ACL (5.1.1)
188(1)
Numbered Standard IPv4 ACL Syntax (5.1.2)
188(1)
Named Standard IPv4 ACL Syntax (5.1.3)
189(1)
Apply a Standard IPv4 ACL (5.1.4)
190(1)
Numbered Standard IPv4 ACL Example (5.1.5)
191(2)
Named Standard IPv4 ACL Example (5.1.6)
193(2)
Modify IPv4 ACLs (5.2)
195(5)
Two Methods to Modify an ACL (5.2.1)
196(1)
Text Editor Method (5.2.2)
196(1)
Sequence Numbers Method (5.2.3)
197(1)
Modify a Named ACL Example (5.2.4)
198(1)
ACL Statistics (5.2.5)
199(1)
Secure VTY Ports with a Standard IPv4 ACL (5.3)
200(3)
The access-class Command (5.3.1)
200(1)
Secure VTY Access Example (5.3.2)
200(2)
Verify the VTY Port Is Secured (5.3.3)
202(1)
Configure Extended IPv4 ACLs (5.4)
203(16)
Extended ACLs (5.4.1)
203(1)
Numbered Extended IPv4 ACL Syntax (5.4.2)
204(2)
Protocols and Ports (5.4.3)
206(1)
Protocol Options
206(1)
Port Keyword Options
207(1)
Protocols and Port Numbers Configuration Examples (5.4.4)
208(1)
Apply a Numbered Extended IPv4 ACL (5.4.5)
209(1)
TCP Established Extended ACL (5.4.6)
210(2)
Named Extended IPv4 ACL Syntax (5.4.7)
212(1)
Named Extended IPv4 ACL Example (5.4.8)
212(1)
Edit Extended ACLs (5.4.9)
213(1)
Another Named Extended IPv4 ACL Example (5.4.10)
214(2)
Verify Extended ACLs (5.4.11)
216(1)
Show ip interface
216(1)
Show access-lists
217(1)
Show running-config
218(1)
Summary (5.5)
219(2)
Configure Standard IPv4 ACLs
219(1)
Modify IPv4 ACLs
219(1)
Secure VTY Ports with a Standard IPv4 ACL
220(1)
Configure Extended IPv4 ACLs
220(1)
Practice
221(1)
Check Your Understanding Questions
222(3)
Chapter 6 NAT for IPv4
225(44)
Objectives
225(1)
Key Terms
225(1)
Introduction (6.0)
226(1)
NAT Characteristics (6.1)
226(5)
IPv4 Private Address Space (6.1.1)
226(1)
What Is NAT? (6.1.2)
227(1)
How NAT Works (6.1.3)
228(1)
NAT Terminology (6.1.4)
229(1)
Inside Local
230(1)
Inside Global
230(1)
Outside Global
231(1)
Outside Local
231(1)
Types of NAT (6.2)
231(7)
Static NAT (6.2.1)
231(1)
Dynamic NAT (6.2.2)
232(1)
Port Address Translation (6.2.3)
233(2)
Next Available Port (6.2.4)
235(1)
NAT and PAT Comparison (6.2.5)
236(1)
NAT
236(1)
PAT
237(1)
Packets Without a Layer 4 Segment (6.2.6)
237(1)
NAT Advantages and Disadvantages (6.3)
238(1)
Advantages of NAT (6.3.1)
238(1)
Disadvantages of NAT (6.3.2)
238(1)
Static NAT (6.4)
239(5)
Static NAT Scenario (6.4.1)
240(1)
Configure Static NAT (6.4.2)
240(1)
Analyze Static NAT (6.4.3)
241(1)
Verify Static NAT (6.4.4)
242(2)
Dynamic NAT (6.5)
244(7)
Dynamic NAT Scenario (6.5.1)
244(1)
Configure Dynamic NAT (6.5.2)
245(2)
Analyze Dynamic NAT---Inside to Outside (6.5.3)
247(1)
Analyze Dynamic NAT---Outside to Inside (6.5.4)
248(1)
Verify Dynamic NAT (6.5.5)
249(2)
PAT (6.6)
251(7)
PAT Scenario (6.6.1)
251(1)
Configure PAT to Use a Single IPv4 Address (6.6.2)
252(1)
Configure PAT to Use an Address Pool (6.6.3)
253(1)
Analyze PAT---PC to Server (6.6.4)
254(1)
Analyze PAT---Server to PC (6.6.5)
255(1)
Verify PAT (6.6.6)
256(2)
NAT64 (6.7)
258(2)
NAT for IPv6? (6.7.1)
258(1)
NAT64 (6.7.2)
258(2)
Summary (6.8)
260(4)
NAT Characteristics
260(1)
Types of NAT
260(1)
NAT Advantages and Disadvantages
261(1)
Static NAT
261(1)
Dynamic NAT
262(1)
PAT
262(1)
NAT64
263(1)
Practice
264(1)
Check Your Understanding Questions
264(5)
Chapter 7 WAN Concepts
269(50)
Objectives
269(1)
Key Terms
269(3)
Introduction (7.0)
272(1)
Purpose of WANs (7.1)
272(11)
LANs and WANs (7.1.1)
272(1)
Private and Public WANs (7.1.2)
273(1)
WAN Topologies (7.1.3)
274(1)
Point-to-Point Topology
274(1)
Hub-and-Spoke Topology
275(1)
Dual-homed Topology
276(1)
Fully Meshed Topology
276(1)
Partially Meshed Topology
277(1)
Carrier Connections (7.1.4)
278(1)
Single-Carrier WAN Connection
278(1)
Dual-Carrier WAN Connection
278(1)
Evolving Networks (7.1.5)
279(1)
Small Network
279(1)
Campus Network
280(1)
Branch Network
281(1)
Distributed Network
282(1)
WAN Operations (7.2)
283(9)
WAN Standards (7.2.1)
283(1)
WANs in the OSI Model (7.2.2)
284(1)
Layer 1 Protocols
284(1)
Layer 2 Protocols
284(1)
Common WAN Terminology (7.2.3)
285(2)
WAN Devices (7.2.4)
287(2)
Serial Communication (7.2.5)
289(1)
Circuit-Switched Communication (7.2.6)
290(1)
Packet-Switched Communications (7.2.7)
290(1)
SDH, SONET, and DWDM (7.2.8)
291(1)
Traditional WAN Connectivity (7.3)
292(4)
Traditional WAN Connectivity Options (7.3.1)
293(1)
Common WAN Terminology (7.3.2)
293(2)
Circuit-Switched Options (7.3.3)
295(1)
Public Service Telephone Network (PSTN)
295(1)
Integrated Services Digital Network (ISDN)
295(1)
Packet-Switched Options (7.3.4)
295(1)
Frame Relay
295(1)
Asynchronous Transfer Mode (ATM)
296(1)
Modern WAN Connectivity (7.4)
296(5)
Modern WANs (7.4.1)
296(1)
Modern WAN Connectivity Options (7.4.2)
297(1)
Dedicated Broadband
297(1)
Packet-Switched
298(1)
Internet-Based Broadband
298(1)
Ethernet WAN (7.4.3)
298(2)
MPLS (7.4.4)
300(1)
Internet-Based Connectivity (7.5)
301(11)
Internet-Based Connectivity Options (7.5.1)
301(1)
Wired Options
302(1)
Wireless Options
302(1)
DSL Technology (7.5.2)
302(1)
DSL Connections (7.5.3)
303(1)
DSL and PPP (7.5.4)
303(1)
Host with PPPoE Client
304(1)
Router PPPoE Client
304(1)
Cable Technology (7.5.5)
305(1)
Optical Fiber (7.5.6)
305(1)
Wireless Internet-Based Broadband (7.5.7)
306(1)
Municipal Wi-Fi
306(1)
Cellular
306(1)
Satellite Internet
307(1)
WiMAX
307(1)
VPN Technology (7.5.8)
308(1)
ISP Connectivity Options (7.5.9)
309(1)
Single-Homed
309(1)
Dual-Homed
309(1)
Multihomed
309(1)
Dual-Multihomed
310(1)
Broadband Solution Comparison (7.5.10)
311(1)
Summary (7.6)
312(3)
Purpose of WANs
312(1)
WAN Operations
312(1)
Traditional WAN Connectivity
313(1)
Modern WAN Connectivity
314(1)
Internet-Based Connectivity
314(1)
Practice
315(1)
Check Your Understanding Questions
316(3)
Chapter 8 VPN and IPsec Concepts
319(32)
Objectives
319(1)
Key Terms
319(2)
Introduction (8.0)
321(1)
VPN Technology (8.1)
321(4)
Virtual Private Networks (8.1.1)
321(1)
VPN Benefits (8.1.2)
322(1)
Site-to-Site and Remote-Access VPNs (8.1.3)
323(1)
Site-to-Site VPN
323(1)
Remote-Access VPN
324(1)
Enterprise and Service Provider VPNs (8.1.4)
324(1)
Types of VPNs (8.2)
325(8)
Remote-Access VPNs (8.2.1)
325(1)
SSL VPNs (8.2.2)
326(1)
Site-to-Site IPsec VPNs (8.2.3)
327(1)
GRE over IPsec (8.2.4)
328(2)
Dynamic Multipoint VPNs (8.2.5)
330(1)
IPsec Virtual Tunnel Interface (8.2.6)
331(1)
Service Provider MPLS VPNs (8.2.7)
332(1)
IPsec (8.3)
333(11)
IPsec Technologies (8.3.2)
333(3)
IPsec Protocol Encapsulation (8.3.3)
336(1)
Confidentiality (8.3.4)
336(2)
Integrity (8.3.5)
338(1)
Authentication (8.3.6)
339(3)
Secure Key Exchange with Diffie-Hellman (8.3.7)
342(2)
Summary (8.4)
344(1)
VPN Technology
344(1)
Types of VPNs
344(1)
IPsec
344(1)
Practice
345(1)
Check Your Understanding Questions
345(6)
Chapter 9 QoS Concepts
351(38)
Objectives
351(1)
Key Terms
351(2)
Introduction (9.0)
353(1)
Network Transmission Quality (9.1)
353(4)
Prioritizing Traffic (9.1.2)
353(1)
Bandwidth, Congestion, Delay, and Jitter (9.1.3)
354(1)
Packet Loss (9.1.4)
355(2)
Traffic Characteristics (9.2)
357(4)
Network Traffic Trends (9.2.2)
357(1)
Voice (9.2.3)
358(1)
Video (9.2.4)
358(2)
Data (9.2.5)
360(1)
Queuing Algorithms (9.3)
361(5)
Queuing Overview (9.3.2)
361(1)
First-In, First Out (9.3.3)
362(1)
Weighted Fair Queuing (WFQ) (9.3.4)
362(1)
Limitations of WFQ
363(1)
Class-Based Weighted Fair Queuing (CBWFQ) (9.3.5)
364(1)
Low Latency Queuing (LLQ) (9.3.6)
365(1)
QoS Models (9.4)
366(4)
Selecting an Appropriate QoS Policy Model (9.4.2)
366(1)
Best Effort (9.4.3)
366(1)
Integrated Services (9.4.4)
367(2)
Differentiated Services (9.4.5)
369(1)
QoS Implementation Techniques (9.5)
370(12)
Avoiding Packet Loss (9.5.2)
371(1)
QoS Tools (9.5.3)
371(1)
Classification and Marking (9.5.4)
372(1)
Marking at Layer 2 (9.5.5)
373(1)
Marking at Layer 3 (9.5.6)
374(1)
Type of Service and Traffic Class Field (9.5.7)
375(1)
DSCP Values (9.5.8)
376(1)
Class Selector Bits (9.5.9)
377(1)
Trust Boundaries (9.5.10)
378(1)
Congestion Avoidance (9.5.11)
379(1)
Shaping and Policing (9.5.12)
380(1)
QoS Policy Guidelines (9.5.13)
381(1)
Summary (9.6)
382(3)
Network Transmission Quality
382(1)
Traffic Characteristics
382(1)
Queuing Algorithms
383(1)
QoS Models
383(1)
QoS Implementation Techniques
384(1)
Practice
385(1)
Check Your Understanding Questions
385(4)
Chapter 10 Network Management
389(64)
Objectives
389(1)
Key Terms
389(1)
Introduction (10.0)
390(1)
Device Discovery with CDP (10.1)
390(6)
CDP Overview (10.1.1)
390(1)
Configure and Verify CDP (10.1.2)
391(2)
Discover Devices by Using CDP (10.1.3)
393(3)
Device Discovery with LLDP (10.2)
396(4)
LLDP Overview (10.2.1)
396(1)
Configure and Verify LLDP (10.2.2)
397(1)
Discover Devices by Using LLDP (10.2.3)
397(3)
NTP(10.3)
400(5)
Time and Calendar Services (10.3.1)
400(1)
NTP Operation (10.3.2)
401(1)
Stratum 0
402(1)
Stratum 1
402(1)
Stratum 2 and Lower
402(1)
Configure and Verify NTP (10.3.3)
402(3)
SNMP
405(13)
Introduction to SNMP (10.4.1)
405(1)
SNMP Operation (10.4.2)
406(2)
SNMP Agent Traps (10.4.3)
408(1)
SNMP Versions (10.4.4)
409(3)
Community Strings (10.4.6)
412(3)
MIB Object ID (10.4.7)
415(1)
SNMP Polling Scenario (10.4.8)
415(2)
SNMP Object Navigator (10.4.9)
417(1)
Syslog (10.5)
418(5)
Introduction to Syslog (10.5.1)
418(2)
Syslog Operation (10.5.2)
420(1)
Syslog Message Format (10.5.3)
421(1)
Syslog Facilities (10.5.4)
422(1)
Configure Syslog Timestamp (10.5.5)
422(1)
Router and Switch File Maintenance (10.6)
423(14)
Router File Systems (10.6.1)
424(1)
The Flash File System
425(1)
The NVRAM File System
425(1)
Switch File Systems (10.6.2)
426(1)
Use a Text File to Back Up a Configuration (10.6.3)
427(1)
Use a Text File to Restore a Configuration (10.6.4)
428(1)
Use TFTP to Back Up and Restore a Configuration (10.6.5)
428(2)
USB Ports on a Cisco Router (10.6.6)
430(1)
Use USB to Back Up and Restore a Configuration (10.6.7)
430(2)
Restore Configurations with a USB Flash Drive
432(1)
Password Recovery Procedures (10.6.8)
433(1)
Password Recovery Example (10.6.9)
433(1)
Step 1 Enter the ROMMON mode
433(1)
Step 2 Change the configuration register
434(1)
Step 3 Copy the startup-config to the running-config
434(1)
Step 4 Change the password
435(1)
Step 5 Save the running-config as the new startup-config
435(1)
Step 6 Reload the device
435(2)
IOS Image Management
437(6)
TFTP Servers as a Backup Location (10.7.2)
437(1)
Backup IOS Image to TFTP Server Example (10.7.3)
438(1)
Step 1 Ping the TFTP server
438(1)
Step 2 Verify image size in flash
439(1)
Step 3 Copy the image to the TFTP server
439(1)
Copy an IOS Image to a Device Example (10.7.4)
439(1)
Step 1 Ping the TFTP server
440(1)
Step 2 Verify the amount of free flash
440(1)
Step 3 Copy the new IOS image to flash
441(1)
The boot system Command (10.7.5)
441(2)
Summary (10.8)
443(3)
Device Discovery with CDP
443(1)
Device Discovery with LLDP
443(1)
NTP
443(1)
SNMP
444(1)
Syslog
444(1)
Router and Switch File Maintenance
445(1)
IOS Image Management
446(1)
Practice
446(1)
Check Your Understanding Questions
447(6)
Chapter 11 Network Design
453(48)
Objectives
453(1)
Key Terms
453(2)
Introduction (11.0)
455(1)
Hierarchical Networks (11.1)
455(10)
The Need to Scale the Network (11.1.2)
455(3)
Borderless Switched Networks (11.1.3)
458(1)
Hierarchy in the Borderless Switched Network (11.1.4)
459(1)
Three-Tier Model
460(1)
Two-Tier Model
461(1)
Access, Distribution, and Core Layer Functions (11.1.5)
462(1)
Access Layer
462(1)
Distribution Layer
462(1)
Core Layer
462(1)
Three-Tier and Two-Tier Examples (11.1.6)
462(1)
Three-Tier Example
463(1)
Two-Tier Example
464(1)
Role of Switched Networks (11.1.7)
464(1)
Scalable Networks (11.2)
465(12)
Design for Scalability (11.2.1)
465(1)
Redundant Links
466(1)
Multiple Links
466(1)
Scalable Routing Protocol
467(1)
Wireless Connectivity
468(1)
Plan for Redundancy (11.2.2)
469(1)
Reduce Failure Domain Size (11.2.3)
470(1)
Edge Router
470(1)
API
471(1)
S1
472(1)
S2
472(1)
S3
473(1)
Limiting the Size of Failure Domains
474(1)
Switch Block Deployment
474(1)
Increase Bandwidth (11.2.4)
474(1)
Expand the Access Layer (11.2.5)
475(1)
Tune Routing Protocols (11.2.6)
476(1)
Switch Hardware (11.3)
477(10)
Switch Platforms (11.3.1)
477(1)
Campus LAN Switches
477(1)
Cloud-Managed Switches
478(1)
Data Center Switches
478(1)
Service Provider Switches
479(1)
Virtual Networking
479(1)
Switch Form Factors (11.3.2)
479(1)
Fixed Configuration Switches
480(1)
Modular Configuration Switches
480(1)
Stackable Configuration Switches
481(1)
Thickness
481(1)
Port Density (11.3.3)
482(1)
Forwarding Rates (11.3.4)
483(1)
Power over Ethernet (11.3.5)
484(1)
Switch
484(1)
IP Phone
484(1)
WAP
485(1)
Cisco Catalyst 2960-C
485(1)
Multilayer Switching (11.3.6)
485(1)
Business Considerations for Switch Selection (11.3.7)
486(1)
Router Hardware (11.4)
487(6)
Router Requirements (11.4.1)
487(1)
Cisco Routers (11.4.2)
488(1)
Branch Routers
488(1)
Network Edge Routers
488(1)
Service Provider Routers
489(1)
Industrial
490(1)
Router Form Factors (11.4.3)
490(1)
Cisco 900 Series
490(1)
ASR 9000 and 1000 Series
490(1)
5500 Series
491(1)
Cisco 800
492(1)
Fixed Configuration or Modular
492(1)
Summary (11.5)
493(2)
Hierarchical Networks
493(1)
Scalable Networks
493(1)
Switch Hardware
494(1)
Router Hardware
494(1)
Practice
495(1)
Check Your Understanding Questions
496(5)
Chapter 12 Network Troubleshooting
501(80)
Objectives
501(1)
Key Terms
501(1)
Introduction (12.0)
502(1)
Network Documentation (12.1)
502(10)
Documentation Overview (12.1.1)
502(1)
Network Topology Diagrams (12.1.2)
503(1)
Physical Topology
503(1)
Logical IPv4 Topology
504(1)
Logical IPv6 Topology
505(1)
Network Device Documentation (12.1.3)
505(1)
Router Device Documentation
505(1)
LAN Switch Device Documentation
506(1)
End-System Documentation Files
506(1)
Establish a Network Baseline (12.1.4)
507(1)
Step 1 Determine What Types of Data to Collect (12.1.5)
508(1)
Step 2 Identify Devices and Ports of Interest (12.1.6)
508(1)
Step 3 Determine the Baseline Duration (12.1.7)
509(1)
Data Measurement (12.1.8)
510(2)
Troubleshooting Process (12.2)
512(12)
General Troubleshooting Procedures (12.2.1)
512(1)
Seven-Step Troubleshooting Process (12.2.2)
513(1)
Define the Problem
514(1)
Gather Information
514(1)
Analyze Information
514(1)
Eliminate Possible Causes
514(1)
Propose Hypothesis
514(1)
Test Hypothesis
515(1)
Solve the Problem
515(1)
Question End Users (12.2.3)
515(1)
Gather Information (12.2.4)
516(1)
Troubleshooting with Layered Models (12.2.5)
517(1)
Structured Troubleshooting Methods (12.2.6)
518(1)
Bottom-Up
518(1)
Top-Down
519(1)
Divide-and-Conquer
520(1)
Follow-the-Path
521(1)
Substitution
522(1)
Comparison
522(1)
Educated Guess
522(1)
Guidelines for Selecting a Troubleshooting Method (12.2.7)
523(1)
Troubleshooting Tools (12.3)
524(7)
Software Troubleshooting Tools (12.3.1)
524(1)
Network Management System Tools
524(1)
Knowledge Bases
524(1)
Baselining Tools
524(1)
Protocol Analyzers (12.3.2)
525(1)
Hardware Troubleshooting Tools (12.3.3)
525(1)
Digital Multimeters
525(1)
Cable Testers
526(1)
Cable Analyzers
527(1)
Portable Network Analyzers
528(1)
Cisco Prime NAM
528(1)
Syslog Server as a Troubleshooting Tool (12.3.4)
529(2)
Symptoms and Causes of Network Problems (12.4)
531(14)
Physical Layer Troubleshooting (12.4.1)
531(3)
Data Link Layer Troubleshooting (12.4.2)
534(3)
Network Layer Troubleshooting (12.4.3)
537(2)
Transport Layer Troubleshooting---ACLs (12.4.4)
539(3)
Transport Layer Troubleshooting---NAT for IPv4 (12.4.5)
542(1)
Application Layer Troubleshooting (12.4.6)
543(2)
Troubleshooting IP Connectivity (12.5)
545(27)
Components of Troubleshooting End-to-End Connectivity (12.5.1)
545(2)
End-to-End Connectivity Problem Initiates Troubleshooting (12.5.2)
547(1)
IPv4 ping
547(1)
IPv4 traceroute
548(1)
IPv6 ping and traceroute
548(1)
Step 1 Verify the Physical Layer (12.5.3)
549(1)
Input Queue Drops
550(1)
Output Queue Drops
550(1)
Input Errors
551(1)
Output Errors
551(1)
Step 2 Check for Duplex Mismatches (12.5.4)
551(1)
Troubleshooting Example
552(1)
Step 3 Verify Addressing on the Local Network (12.5.5)
553(1)
Windows IPv4 ARP Table
553(1)
Windows IPv6 Neighbor Table
554(1)
IOS IPv6 Neighbor Table
555(1)
Switch MAC Address Table
555(1)
Troubleshoot VLAN Assignment Example (12.5.6)
556(1)
Check the ARP Table
557(1)
Check the Switch MAC Table
557(1)
Correct the VLAN Assignment
557(1)
Step 4 Verify Default Gateway (12.5.7)
558(1)
Troubleshooting IPv4 Default Gateway Example
559(1)
R1 Routing Table
559(1)
PCI Routing Table
559(1)
Troubleshoot IPv6 Default Gateway Example (12.5.8)
560(1)
R1 Routing Table
560(1)
PCI Addressing
560(1)
Check R1 Interface Settings
561(1)
Correct R1 IPv6 Routing
561(1)
Verify PCI Has an IPv6 Default Gateway
562(1)
Step 5 Verify Correct Path (12.5.9)
562(4)
Troubleshooting Example
566(1)
Step 6 Verify the Transport Layer (12.5.10)
566(1)
Troubleshooting Example
566(2)
Step 7 Verify ACLs (12.5.11)
568(1)
Troubleshooting Example
568(1)
Show ip access-lists
569(1)
Show ip interfaces
569(1)
Correct the Issue
570(1)
Step 8 Verify DNS (12.5.12)
570(2)
Summary (12.6)
572(5)
Network Documentation
572(1)
Troubleshooting Process
572(1)
Troubleshooting Tools
573(1)
Symptoms and Causes of Network Problems
573(1)
Troubleshooting IP Connectivity
574(3)
Practice
577(1)
Check Your Understanding Questions
577(4)
Chapter 13 Network Virtualization
581(36)
Objectives
581(1)
Key Terms
581(2)
Introduction (13.0)
583(1)
Cloud Computing (13.1)
583(2)
Cloud Overview (13.1.2)
583(1)
Cloud Services (13.1.3)
584(1)
Cloud Models (13.1.4)
584(1)
Cloud Computing Versus Data Center (13.1.5)
585(1)
Virtualization (13.2)
585(7)
Cloud Computing and Virtualization (13.2.1)
585(1)
Dedicated Servers (13.2.2)
586(1)
Server Virtualization (13.2.3)
587(2)
Advantages of Virtualization (13.2.4)
589(1)
Abstraction Layers (13.2.5)
589(2)
Type 2 Hypervisors (13.2.6)
591(1)
Virtual Network Infrastructure (13.3)
592(3)
Type 1 Hypervisors (13.3.1)
592(1)
Installing a VM on a Hypervisor (13.3.2)
592(2)
The Complexity of Network Virtualization (13.3.3)
594(1)
Software-Defined Networking (13.4)
595(5)
Control Plane and Data Plane (13.4.2)
595(1)
Layer 3 Switch and CEF
596(1)
SDN and Central Controller
597(1)
Management Plane
598(1)
Network Virtualization Technologies (13.4.3)
598(1)
Traditional and SDN Architectures (13.4.4)
599(1)
Controllers (13.5)
600(9)
SDN Controller and Operations (13.5.1)
600(2)
Core Components of ACI (13.5.3)
602(1)
Spine-Leaf Topology (13.5.4)
603(1)
SDN Types (13.5.5)
604(1)
Device-Based SDN
604(1)
Controller-Based SDN
605(1)
Policy-Based SDN
605(1)
APIC-EM Features (13.5.6)
606(1)
APIC-EM Path Trace (13.5.7)
606(3)
Summary (13.6)
609(3)
Cloud Computing
609(1)
Virtualization
609(1)
Virtual Network Infrastructure
610(1)
Software-Defined Networking
610(1)
Controllers
611(1)
Practice
612(1)
Check Your Understanding Questions
613(4)
Chapter 14 Network Automation
617(40)
Objectives
617(1)
Key Terms
617(2)
Introduction (14.0)
619(1)
Automation Overview (14.1)
619(1)
The Increase in Automation (14.1.2)
619(1)
Thinking Devices (14.1.3)
620(1)
Data Formats (14.2)
620(8)
The Data Formats Concept (14.2.2)
620(2)
Data Format Rules (14.2.3)
622(1)
Compare Data Formats (14.2.4)
623(1)
JSON Data Format (14.2.5)
624(1)
JSON Syntax Rules (14.2.6)
624(2)
YAML Data Format (14.2.7)
626(1)
XML Data Format (14.2.8)
627(1)
APIs (14.3)
628(5)
The API Concept (14.3.2)
628(1)
An API Example (14.3.3)
629(2)
Open, Internal, and Partner APIs (14.3.4)
631(1)
Types of Web Service APIs (14.3.5)
632(1)
REST (14.4)
633(6)
REST and RESTful API (14.4.2)
633(1)
RESTful Implementation (14.4.3)
634(1)
URI, URN, and URL (14.4.4)
635(1)
Anatomy of a RESTful Request (14.4.5)
636(2)
RESTful API Applications (14.4.6)
638(1)
Developer Website
638(1)
Postman
638(1)
Python
638(1)
Network Operating Systems
638(1)
Configuration Management Tools (14.5)
639(5)
Traditional Network Configuration (14.5.2)
639(2)
Network Automation (14.5.3)
641(1)
Configuration Management Tools (14.5.4)
642(1)
Compare Ansible, Chef, Puppet, and SaltStack (14.5.5)
642(2)
IBN and Cisco DNA Center (14.6)
644(7)
Intent-Based Networking Overview (14.6.2)
644(1)
Network Infrastructure as Fabric (14.6.3)
644(3)
Cisco Digital Network Architecture (DNA) (14.6.4)
647(1)
Cisco DNA Center (14.6.5)
648(3)
Summary (14.7)
651(1)
Automation Overview
651(1)
Data Formats
651(1)
APIs
651(1)
REST
651(1)
Configuration and Management
652(1)
IBN and Cisco DNA Center
652(1)
Practice
652(1)
Check Your Understanding Questions
653(4)
Appendix A Answers to the "Check Your Understanding" Questions 657(20)
Glossary 677(38)
Index 715
Cisco Networking Academy teaches hundreds of thousands of students annually the skills needed to build, design, and maintain networks, improving their career prospects while filling the global demand for networking professionals. With 10,000 academies in 165 countries, it helps individuals prepare for industry-recognized certifications and entry-level information and communication technology careers in virtually every industrydeveloping foundational technical skills while acquiring vital 21st-century career skills in problem solving, collaboration, and critical thinking. Cisco Networking Academy uses a public-private partnership model to create the "world's largest classroom."
Lisainfo e-raamatute kohta Lisainfo e-raamatute kohta
Püsilink: https://www.kriso.ee/db/97801366342942e.html
Märksõnad: