CCNA Flash Cards
POSSIBLE CAUSES OF LAN TRAFFIC CONGESTION
· TOO MANY HOSTS IN A BROADCAST DOMAIN
· BROADCAST STORMS (FAULTY ETHERNET DEVICE(S) BROADCASTING OUT OF CONTROL)
· MULTICASTING
· LOW BANDWITH
COLLISION DOMAIN
ON AN ETHERNET NETWORK, IT IS A NETWORK COLLECTION OF DEVICES THAT SHARE THE SAME CSMA/CD REGION. COLLISIONS OCCUR FREQUENTLY AND WHEN THAT HAPPENS, ALL DEVICES STOP TRANSMITTING AND GENERATE A RANDOM WAIT TIME BEFORE TRYING TO SEND THEIR DATA AGAIN
BROADCAST DOMAIN
A SEGMENT OF THE ETHERNET NETWORK IN WHICH ALL DEVICES LISTEN TO BROADCAST TRAFFIC
HUBS
ETHERNET DEVICES THAT ALLOW CONNECTIVITY AMONGST HOSTS IN A NETWORK. ALL HOSTS SHARE THE SAME BROADCAST AND COLLISION DOMAINS. THEY USE LAYER 2 MAC ADDRESSES TO ACHIEVE THIS.
SWITCHES
SWITCHES ARE LAYER 2 DEVICES THAT SEGMENT NETWORKS INTO MULTIPLE COLLISION DOMAINS, ONE ON EACH PORT. GREATLY IMPROVES NETWORK PERFORMANCE BECAUSE COLLISIONS NO LONGER OCCUR AT ALL.
DEVICES CONNECTED TO IT STILL SHARE THE SAME BROADCAST DOMAIN.
ROUTERS
ROUTERS ARE LAYER 3 DEVICES THAT USE LAYER 3 IP ADDRESSES AND BREAK BROADCAST DOMAINS AS WELL AS COLLISION DOMAINS.
ROUTERS PROVIDE PACKET SWITCHING, PACKET FILTERING, INTERNETWORK COMMUNICATION AND PATH SELECTION (BY MEANS OF ROUTING TABLES)
ALSO KNOWN AS “LAYER 3 SWITCHES”
THE OSI MODEL
APPLICATION
PRESENTATION
SESSION
TRANSPORT
NETWORK
DATA LINK
PHYSICAL
APPLICATION LAYER
PROVIDES NETWORK-RELATED SERVICES TO PROGRAMS THAT REQUIRE NETWORK ACCESS AND ARE USED DIRECTLY BY THE USER (IE, FTP, EMAIL CLIENTS, ETC).
INDENTIFIES AND ESTABLISHES THE AVAILABILITY OF THE INTENDED COMMUNICATION PARTNER AND DETERMINES WHETHER SUFFICIENT RESOURCES FOR THE INTENDED COMMUNICATION EXIST.
PRESENTATION LAYER
PRESENTS DATA TO THE APPLICATION LAYER AND IT’S RESPONSIBLE FOR DATA TRANSLATION AND CODE FORMATTING.
IT ENSURES THAT THE APPLICATION LAYER OF ONE SYSTEM UNDERSTANDS THE DATA SENT BY THE APPLICATION LAYER OF ANOTHER SYSTEM.
PROVIDES DATA COMPRESSION, DECOMPRESSION, ENCRYPTION AND DECRYPTION AS WELL.
SESSION LAYER
RESPONSIBLE FOR SETTING UP, MANAGING AND THEN TEARING DOWN SESSIONS BETWEEN PRESENTATION LAYER ENTITIES.
PROVIDES DIALOG CONTROL BETWEEN DEVICES OR NODES.
CORRDINATES COMMUNICATIONS BETWEEN SYSTEMS BY KEEPING DIFFERENT APPLICATION’S DATA SEPARATE.
OFFERS SIMPLEX, HALF DUPLEX AND FULL DUPLEX MODES.
TRANSPORT LAYER
SEGMENTS AND REASSEMBLES DATA FROM UPPER LAYER APPLICATIONS INTO A DATA STREAM.
PROVIDES END TO END DATA TRANSPORT SERVICES AND CAN ESTABLISH A LOGICAL CONNECTION BETWEEN THE SENDING AND DESTINATION HOSTS ON AN INTERNETWORK.
PROVIDES FLOW CONTROL.
FLOW CONTROL
PREVENTS A SENDING HOST ON ONE SIDE OF THE CONNECTION FROM OVERFLOWING THE BUFFERS IN THE RECEIVING HOST, AN EVENT THAT COULD RESULT IN LOST DATA.
BY USING FLOW CONTROL, THE RECEIVING SYSTEM CONTROLS THE AMOUNT OF DATA SENT BY THE SENDER.
TYPES OF FLOW CONTROL ARE WINDOWING, BUFFERING AND CONGESTION AVOIDANCE (BY USING AKNOWLEDGEMENTS)
CONNECTION - ORIENTED VS CONNECTIONLESS COMMUNICATION
CONNECTION-ORIENTED COMMUNICATIONS CREATE VIRTUAL LINK SESSIONS BETWEEN DEVICES OR NODES AND THE DATA TRANSMISSION IS CONTROLLED WITH SEQUENCING, AKNOWLEDGEMENTS AND FLOW CONTROL (TCP, HTTP, FTP).
IN CONNECTIONLESS COMMUNICATIONS, THE RECEIVING SYSTEM DOES NOT AKNOWLEDGE RECEIVING THE DATA AND A SESSION IS NOT CREATED BETWEEN NODES (TFTP, UDP, DHCP).
NETWORK LAYER
MANAGES DEVICE ADDRESSING, TRACKS THE LOCATION OF DEVICES ON THE NETWORK, AND DETERMINES THE BEST WAY TO MOVE DATA, EVEN TO DEVICES THAT ARE NOT LOCALLY ATTACHED BY MEANS OF INTERNETWORK ROUTING SERVICES.
ENCAPSULATES LAYER 2 FRAMES INTO LAYER 3 PACKETS THAT ARE ROUTABLE. ROUTERS WORK AT THIS LAYER.
THEY DON’T FORWARD BROADCASTS. THEY USE LOGICAL ADDRESSES. THEY CONTROL SECURITY BY MEANS OF ACCESS LISTS.
DATA LINK
PROVIDES PHYSICAL TRANSMISSION OF THE DATA AND HANDLES ERROR NOTIFICATION, NETWORK TOPOLOGY AND FLOW CONTROL.
USES HARDWARE ADDRESSES (MAC) AND TRANSLATES DATA FROM THE NETWORK LAYER INTO BITS TO BE SENT IN THE PHYSICIAL LAYER.
SWITCHES AND BRIDGES WORK AT THE DATA LINK LAYER.
PHYSICAL LAYER
SPECIFIES THE ELECTRICAL, MECHANICAL, PROCEDURAL, AND FUNCTIONAL REQUIREMENTS FOR ACTIVATING, MAINTAINING AND DEACTIVATING A PHYSICAL LINK BETWEEN END SYSTEMS.
HUBS AND REPEATERS WORK AT THE PHYSICAL LAYER.
THE CISCO THREE-LAYER HIERARCHICAL MODEL
THE CORE LAYER (BACKBONE) SWITCHES TRAFFIC AS FAST AS POSSIBLE.
THE DISTRIBUTION LAYER (ROUTING). ALSO KNOWN AS WORKGROUP LAYER, IS THE COMMUNICATION POINT BETWEEN THE CORE AND ACCESS LAYERS. PROVIDES ROUTING, FILTERING AND WAN ACCESS.
THE ACCESS LAYER (SWITCHING). CONTROLS USER AND WORKGROUP ACCESS TO INTERNETWORK RESOURCES. OFTEN REFERRED TO AS THE DESKTOP LAYER.
THE DoD TCP/IP MODEL
PROCESS / APPLICATION
HOST-TO-HOST
INTERNET
NETWORK ACCESS
TELNET
PROCESS/APPLICATION LAYER PROTOCOL THAT PROVIDES TERMINAL EMULATION.
ALLOWS A USER ON A REMOTE CLIENT MACHINE (TELNET CLIENT) TO ACCESS THE RESOURCES OF ANOTHER MACHINE (TELNET SERVER)
FTP
FILE TRANSFER PROTOCOL IS A PROCESS/APPLICATION LAYER PROTOCOL THAT ALLOWS THE TRANSFER OF FILES BETWEEN ANY TWO MACHINES USING IT.
LIMITED TO THE MANAGEMENT OF FOLDERS AND FILES, IT CANNOT EXECUTE REMOTE FILES AS PROGRAMS.
TFTP
TRIVIAL FILE TRANSFER PROTOCOL IS A CONNECTIONLESS APPLICATION/PROCESS LAYER PROTOCOL THAT WORKS AS THE STRIPPED-DOWN VERSION OF FTP.
IT DOES NOT HAVE THE FULL CAPABILITIES OF FTP BUT IT WORKS MUCH FASTER, PROVIDES NO AUTHENTICATION, USES SMALLER BLOCKS OF DATA THAN FTP AND IT’S NOT SECURED.
RARELY USED DUE TO THE SECURITY RISKS.
NFS
NETWORK FILE SYSTEM IS A PROCESS/APPLICATION LAYER PROTOCOL THAT SPECIALIZES IN FILE SHARING BETWEEN USERS EVEN IF THEY ARE WORKING IN DIFFERENT ENVIRONMENTS.
FOR EXAMPLE, THIS PROTOCOL CAN STORE WINDOWS FILES IN RAM AND ALLOW UNIX USERS TO ACCESS THEM TRANSPARENTLY.
SMTP
SIMPLE MAIL TRANSFER PROTOCOL IS AN APPLICATION/PROCESS PROTOCOL THAT SPOOLS EMAIL MESSAGES IN AN EMAIL SERVER AND THEN SENDS THE MESSAGES TO EMAIL CLIENTS.
SMTP IS USED TO SEND MAIL, WHILE POP3 IS USED TO RECEIVE IT.
LPD
LINE PRINTER DAEMON IS AN APPLICATION/PROCESS PROTOCOL DESIGNED FOR PRINTER SHARING.
IT ALLOWS PRINT JOBS TO BE SPOOLED AND SENT TO TCP/IP CAPABLE PRINTERS.
SNMP
THE SIMPLE NETWORK MANAGEMENT PROTOCOL IS AN APPLICATION/PROCESS PROTOCOL THAT COLLECTS AND MANAGES NETWORK INFORMATION.
IT GATHERS DATA BY POLLING THE DEVICES ON THE NETWORK FROM A MANAGEMENT STATION AT FIXED RANDOM INTERVALS.
WHEN ALL IS WELL, SNMP RECEIVES A “BASELINE”. WHEN ABERRATIONS OCCUR, “AGENTS” REPORT THEM AS “TRAPS” TO THE MANAGEMENT STATION.
DNS
DOMAIN NAME SERVICE RESOLVES HOST NAMES (OR FULLY QUALIFIED DOMAIN NAMES) TO IP ADDRESSES.
COMMON INDICATORS OF DNS PROBLEMS MANIFEST WHEN A HOST CAN BE REACHED BY IP ADDRESS BUT NOT BY HOST NAME.
DHCP / BootP
DYNAMIC HOST CONTROL PROTOCOL ASSIGNS IP ADDRESSES TO HOSTS. BootP DOES THE SAME BUT IT REQUIRES IP ADDRESSES TO BE ENTERED MANUALLY.
DHCP SERVERS PROVIDE HOSTS WITH IP ADDRESSES, SUBNET MASKS, DOMAIN NAMES, DEFAULT GATEWAYS, DNS AND WINS INFORMATION.
TCP
TRANSMISSION CONTROL PROTOCOL IS A HOST-TO-HOST PROTOCOL THAT TAKES LARGE BLOCKS OF INFORMATION FROM AN APPLICATION AND BREAKS THEM INTO SEGMENTS. IT NUMBERS AND SEQUENCES EACH SEGMENT SO THE DESTINATION TCP/IP STACK CAN PUT THEM BACK TOGHETER.
TCP IS A FULL-DUPLEX, CONNECTION ORIENTED, RELIABLE AND ACCURATE PROTOCOL. COSTLY IN TERMS OF NETWORK OVERHEAD.
UDP
USER DATAGRAM PROTOCOL IS A HOST-TO-HOST PROTOCOL SIMILAR TO TCP BUT AS A THIN VERSION OF IT. DOESN’T TAKE AS MUCH BANDWITH AS TCP BUT DOES SO AT THE COST OF BEING CONNECTIONLESS AND UNRELIABLE.
COMMON TCP AND UPD PORTS
TCP | UDP |
TELNET 23 | SNMP 161 |
SMTP 25 | TFTP 69 |
HTTP 80 | DNS 53 |
FTP 21 | |
DNS 53 | |
HTTPS 443 |
ARP
ADDRESS RESOLUTION PROTOCOL
FINDS THE MAC ADDRESS OF A HOST FROM A KNOWN IP ADDRESS BY SENDING OUT A BROADCAST.
RARP
REVERSE ADDRESS RESOLUTION PROTOCOL
DISKLESS NODES USE RARP TO RESOLVE IP ADDRESS FROM A KNOWN MAC ADDRESS. THE CLIENT SENDS A REQUEST TO A RARP SERVER, WHICH RESPONDS WITH THE IP.
Proxy ARP
PROXY ADDRESS RESOLUTION PROTOCOL
ALLOWS HOSTS TO REACH REMOTE SUBNETS IF THE DEFAULT GATEWAY GOES DOWN. THE DOWNSIDE IS THAT IT SIGNIFICANTLY INCREASES NETWORK TRAFFIC
CLASS A NETWORK RANGE
00000000 = 0
01111111 = 127
CLASS B NETWORK RANGE
10000000 = 128
10111111 = 191
CLASS C NETWORK RANGE
11000000 = 192
11011111 = 223
PRIVATE IP RANGES
CLASS A 10.0.0.0 THROUGH 10.255.255.255
CLASS B 172.16.0.0 THROUGH 172.31.255.255
CLASS C 192.168.0.0 THROUGH 192.168.255.255
COMMAND THAT ACTIVATES PRIVILEGED EXEC MODE
Router>enable
Router#
(the # means you are in privileged mode)
ACTIVATES ROUTER GLOBAL CONFIGURATION MODE
Router>enable
Router#config
Router(config)#
ACCESS ROUTER INTERFACE CONFIGURATION MODE
Router>enable
Router#config
Router(config)#interface fastEthernet 0/0
Router(config-if)#
CONFIGURES ROUTING PROTOCOLS
Router>enable
Router#config
Router(config)#router rip
Router(config-router)#version 2
Router(config-router)#
User EXEC mode
CLI MODE LIMITED TO BASIC MONITORING COMMANDS
Privileged EXEC mode
CLI MODE THAT PROVIDES ACCESS TO ALL OTHER ROUTER COMMANDS
GLOBAL CONFIGURATION MODE
COMMANDS THAT AFFECT THE ENTIRE SYSTEM
Router(config)#
SPECIFIC CONFIGURATION MODES
COMMANDS THAT AFFECT INTERFACES OR PROCESSES ONLY
Router(config-if)#
SETUP MODE
INTERACTIVE CONFIGURATION DIALOG INTENDED FOR NON-CISCO TRAINED USERS
EDITS ROUTER LOCAL HOSTNAME
Router>enable
Router#config
Router(config)#hostname Atlanta
Atlanta(config)#
SETS ENABLE PASSWORDS
(PROTECTED EXEC MODE)
Router(config)#enable password password
Types of passwords available:
last-resort
password
secret
use-tacacs
SETS AUXILIARY PORT PASSWORD
Router(config)#
Router(config)#line aux 0
Router(config-line)#password aux
Router(config-line)#login
LEASED LINES
Otherwise known as point to point or dedicated connections. It is a pre-established WAN path provided by the ISP and uses synchronous serial lines up to 45 Mbps.
HDLC and PPP encapsulation is used on leased lines.
CIRCUIT SWITCHING
Cost effective WAN solution that only allows the transmission of data once a end-to-end connection is established. Uses dial-up modems or ISDN and it’s used for low bandwidth transfers. Uses asynchronous serial connections.
PACKET SWITCHING
WAN switching method that allows the sharing of bandwidth with other companies to save money. It is designed to look like a leased line but costs more like circuit switching. Will only work when data is transmitted in bursts, not good for continuous connections.
Frame Relay and X.25 are packet switching technologies with speeds that range from 56Kbps to T3 (45Mbps).
HDLC
High Level Data-Link Control
Data-link layer protocol that provides encapsulation for data over synchronous serial links using frame characters and checksums.
Point-to-point protocol used for leased lines, provides no authentication.
CISCO proprietary protocol, will only work on CISCO equipment, if non-CISCO equipment is used, configure PPP or Frame Relay.
PPP
Point to Point Protocol
Data Link layer protocol that can be used either over asynchronous (dial-up) or synchronous (ISDN) serial media.
Provides authentication, dynamic addressing and callback.
Open standard, can be used on both CISCO and non-CISCO equipment.
FRAME RELAY
Packet switched technology that is low-cost and provides some degree of fault tolerance. The cost of switching is spread to many customers but this means it can only be used for burst-type transmissions.
Operates by using VIRTUAL CIRCUITS that appear to be a constant connection between two remote sites but in reality, the frames are “dumped” in the ISP’s “cloud.” The virtual route between the two sites is maintained as long as the customer pays the ISP for it.
ROUTING PROTOCOLS
Used by routers to dynamically find all the networks in the internetwork and to ensure that all routers have the same routing table.
Routing protocols determine the path of a packet thru an internetwork.
Examples are RIP, RIPv2, EIGRP and OSPF.
ROUTED PROTOCOLS
Once all routers reach convergence, a ROUTED protocol then can be used to send user data (packets) thru the established enterprise.
Routed protocols are assigned to an interface and determine the method of data delivery.
Examples are IP and IPv6.
STATIC ROUTING
During normal operations, directly connected routers do not need to be configured, they are detected immediately by their neighbors. However, remote routers have to be specified by an administrator. This is static routing. The admin configures the IP, subnet mask and next-hop address.
DEFAULT ROUTING
Default routing sends packets with a remote destination network not in the routing table to the next-hop router. Should only be used on stub networks, those with only one exit path out of it. In other words, only networks that do not share any other network interfaces with other networks in any given router. Doing otherwise would create routing loops.
To configure a default route, use the 0.0.0.0 wildcard for the network ip and the subnet mask:
Router(config)#ip route 0.0.0.0 0.0.0.0 10.1.11.1
DYNAMIC ROUTING
In dynamic routing, protocols are used to find networks and update routing tables on routers.
Requires little administration but increases CPU and bandwidth demand.
Three classes of dynamic routing protocols exist: Distance Vector, Link Sate and Hybrid.
DISTANCE-VECTOR
Distance-vector protocols find the best path to a remote network by judging distance. Each time a packet goes thru a router, it’s called a HOP. The route with the least number of hops to the network is determined to be the best route.
The vector indicates the direction to the remote network.
RIP and EIGRP are distance-vector routing protocols; they work by sending their entire routing table to directly connected networks.
LINK-STATE
Distance-vector protocols, also called SHORTEST-PATH-FIRST, keep three separate routing tables in every router. One keeps track of directly attached neighbors, one determines the topology of the entire internetwork and the last one is used as the routing table.
OSPF is a link-state protocol. It works by sending updates containing the status of its own links to all other routers in the network.
HYBRID
(ROUTING PROTOCOLS)
Hybrid protocols use aspects of both distance-vector and link-state, for example, EIGRP.
LAYER 2 SWITCH FUNCTIONS
ADDRESS LEARNING
FORWARD/FILTER DECISIONS
LOOP AVOIDANCE
LAYER 2 ADDRESS LEARNING
Layer 2 switches and bridges remember the source hardware address of each frame received on an interface, and they enter this information into a MAC database called a forward/filter table
LAYER 2 FORWARD/FILTER DECISIONS
When a frame is received on an interface, the switch looks at the destination hardware address and finds the exit interface in the MAC database. The frame is only forwarded out the specified destination port.
LAYER 2 LOOP AVOIDANCE
If multiple connections between switches are created for redundancy purposes, network loops can occur. Spanning Tree Protocol (STP) is used to stop network loops while still permitting redundancy.
APPLICATION-LAYER ATTACKS
These security attacks zero-in on well-known security vulnerabilities found on server software.
All the attacker needs to succeed is a user account with high enough privileges.
AUTOROOTERS
Hacker automatons called “rootkits” designed to probe, scan and then capture data on strategically positioned computers. The hacker then gains access to sensitive data.
BACKDOORS
These are paths leading to a computer network. Thru simple invasions or more elaborate “Trojan horse” code, hackers use their implanted inroads into a specific host or network until detected and stopped.
DoS AND DDoS
Denial of Service attacks are relatively easy to accomplish and work by flooding a server with TCP SYN-ACK requests.
Distributed Denial of Service attacks use several independent “zombified” computers to flood the target server until traffic is reduced to a crawl.
IP SPOOFING
A hacker gains access to a network by posing as a trusted user logging in with a trusted IP from the pool of valid network addresses or external addresses.
MAN-IN-THE-MIDDLE ATTACKS
A hacker uses a “sniffer” to scan network traffic and capture data packets at will.
NETWORK RECONNAISANCE
Before breaking into a network, hackers gather all the information they can about it, because the more they know about a network the better they can compromise it. Tools used are port scans, DNS queries and ping sweeps.
PACKET SNIFFERS
Software tool that scans and sorts all network traffic passing thru the computer’s segment. Passwords and usernames can be obtained this way.
PASSWORD ATTACKS
A hacker uses a specific method such as IP spoofing, packet sniffing, Trojan horses, etc. to acquire valid passwords and then pose as trusted users.
BRUTE FORCE ATTACKS
Software-oriented attack that employs a program installed on a targeted network that tries to log in to some type of shared resource until it succeeds and relays the found password to the hacker.
PORT REDIRECTION ATTACKS
The hacker uses a compromised machine to get unauthorized traffic to pass thru a firewall.
STATIC NAT
Designed to allow one-to-one mapping between local and global addresses. Static NAT requires one public Internet IP address for every host in the network.
DYNAMIC NAT
Dynamic Network Address Translation gives you the ability to map an unregistered IP address to a registered IP address from a pool of registered IP addresses.
Similar to STATIC NAT because you still need one public Internet IP address for every host in your network, however, the addresses are assigned dynamically.
NAT OVERLOAD
The most popular type of NAT configuration. “Overloading” is a form of dynamic NAT that maps multiple unregistered IP addresses to a single registered IP address by using different ports.
Also known as PORT ADDRESS TRANSLATION (PAT), you can connect thousands of private users to the internet using only one public IP address.
IEEE 802.11a
· Wireless standard
· Runs in the 5 GHz spectrum
· 23 non-overlapping channels
· Up to 54 Mbps
· 50 feet range
IEEE 802.11b
· Wireless standard
· 2.4 GHz spectrum
· 3 non-overlapping channels
· Long distances
· Up to 11 Mbps
IEEE 802.11g
· Wireless standard
· 2.4 GHz spectrum range
· Up to 54 Mbps
· 100 feet range from WAP
0 Response to "CCNA Flash Cards"
Post a Comment