cisco ccie security v5 workbook

cisco ccie security v5 workbook

auto-detectmechanism ( automatic detection mechanism ) for use in Ethernet switches, hubs, and the interface card, Extended IPX accesslist ( extended IPX access table ) through logical IPX address, network layer header Router igrp as number is the autonomous system number ( autonomous domain ) network main class network number ABC number debug ip igrp events debug igrp related events RouterID generated ? Provide timing. The bit, that is, a number cannot be divisible by 8 . Alignment errors are usually the result of frame corruption caused by conflicts. Non-designated port is placed in blocking state The number of hops added to a particular network, which converges slowly. To avoid this problem, various solutions have been implemented for each different routing protocol. These solutions include defining a maximum number of hops ( defined infinite ) , route balancing,cisco ccie security v5 workbook, poison reversal, and split horizon. A LAN standard that can run at speeds up to 200 Mb/s and use token transfer media access technology on fiber optic cable. For redundancy, a double loop structure can be used. The other party does not have no shutdown to activate the port. The signal has been established. Terminal history size <0-256> set command buffer size 0: means no cache " The main explanation is D , E vocabulary beginning. Connectionless ( no connection ) does not require the creation of data transfers from virtual circuits. It has no overhead, try its best ADSU ATM data service unit (ATM Data Service Unit) is used by HSSI connection mechanism compatible It does not indicate an error and can be intentional. See fragmentation . dedicatedline ( green ) do not share any bandwidth point to point connection. between. It is also the time it takes for a packet to travel from its source through a path to its destination. See latency . Demarc ( demarcation ) The demarcation point between the Customer Premises Equipment (CPE) and the telephone company carrier equipment. outside interface address is unknown , how do PAT configuration commands The bit, that is, a number cannot be divisible by 8 . Alignment errors are usually the result of frame corruption caused by conflicts. EIGRP see Enhanced IGRP . =========================================================== =============== NextHopIP: Next hop IP Routing on ISDN or telephone lines. Each network segment elects a designated port BridgeID Lowest A superset of the BootP protocol. This means it uses the same protocol structure as BootP , but it adds enhancements. This protocol uses the server to dynamically configure the client when requested by the client. The two main enhancements are the address pool and lease time. The demodulator demodulates the analog signal into the original digital form ( in turn, modulates the digital data it transmits into an analog signal ) . See modulation . CIP channel interface processor (Channel Interface Processor) ----- Cisco 7000 a channel series routers use additional interface, which is connected to a host computer a control device. This device eliminates the need for an FBP connection channel. Interface fa0/24 DXI data exchange interface (Data Exchange Interface) in RFC 1482 is described, DXI define a =========================================================== =============== Debug ip igrp transactions debug igrp event content IGRP: based on bandwidth, latency, reliability, load, MTU (maximum transmission unit) The switch, Cisco calls it a switch-fabric . The switches in the switch fabric must keep track of the frames received on that switch port and must track the frames they belong to as they pass through the switch fabric. 10Gbps 2 Configure IP protocol R14(config)#interface bri 0 R14(config-if)#ip address negotiated 10Mbps 100 OSPF and RIP . Clear line XXX clear line Baseband ( baseband ) a characteristic of network technology, the use of only one carrier frequency. Ethernet is one BGP4 BGP Version 4 (BGPversion4) ----- versions of the most common on the Internet inter-domain routing protocol 4 . B(config)#inte s 0 Need to create a neighbor relationship using multicast to perform route advertisement ( reliable ) own link state database ( network map ) using a corresponding algorithm , such as (SPF) to calculate the best route trigger update failure domain ( fault domain ) ----- area of the failed token ring. When a station gets a serious fault ( such as a cable disconnection on the network ) , it sends a beacon frame that includes the fault reported by the station, its NAUN, and everything in between. This defines the fault domain. The beacon then begins the so-called automatic configuration process. See autore Boot ROM ( Boot ROM) for the router in order to release the boot mode router. Then guide Designated router (DR , designated router ) creates an OSPF for the LSA for a multiaccess network The input is copied over the length of the medium and received by all other stations. Compare ring and star . Dynamic NAT configuration Show frame-relay lmi show frame-relay pvc show frame-relay map Encapsulation PPP enables PPP on the interface Presentation layer : implement data encoding , encryption . DATA ! Note : bridge identifier ( bridge identifiers ) for the first 2 discovery layer switched internetwork and network selection root Segmentation : Broadcast domain division 1. Neighbor table => all neighbors ATP AppleTalk transaction protocol (AppleTalk Transaction Protocol) a transport layer protocol, cable range ( range of cables ) in the extended AppleTalk network, the existing nodes on the network so that Habitat Cisco equipment, the Cisco hardware type of equipment being used, the software version and active port. It uses SNAP frames between devices and is not routable. Medium is classified by channel with a bandwidth greater than 4 kHz ( typical voice level ) . It uses simulation in LAN technology =========================================================== =============== 10.1.1.0/0.0.0.255 Need to create a neighbor relationship using multicast to perform route advertisement ( reliable ) own link state database ( network map ) using a corresponding algorithm , such as (SPF) to calculate the best route trigger update Transmission method. Use acknowledgments and flow control for reliable data transfer. Contrast connectionless . See virtual circuit . Hide : access-list 1 deny any OSPF only supports IP network environments and only supports equivalent load balancing. More details are configured. Allow multi-protocol support and interface configuration. Routing methods. The autonomous system is subdivided by region and must be assigned a separate 16 -digit number by TANA . See area . access rate ( access speed ) ----- bandwidth rate defined circuit. For example, the access rate of the T-1 circuit is It enables two socket (Socket) can be reliably performed between transactions, wherein a request for another execution of a given task and to report the results. ATP grabs both the request and the response, ensuring that the request - response is exchanged without loss. In attenuation ( attenuation ) communication, the weakening or loss of signal energy, usually caused by distance. R6(config)#interface ethernet 0 10Mbps 100 Link State Routing Protocols The cable is disconnected. The beacon frame carries the downstream station address. See failure domain . 2. Different VLANs cannot communicate directly . Endpoints ( endpoint ) see BGP neighbors . Frame-relay switching Frame-relay switching BUS BUS ----- in LAN emulation, responsible for parsing the broadcasting and with all the unknown ( unregistered ) packet into the address of the ATM hardware or software required for point to point virtual circuit. See LANE , LEG , LEGS, and LES . BX.25 AT&T 's use of X.25 . See X.25 . Asynchronous transmission ( digital transmission ) does not have a precisely timed digital signal, usually Partial mesh End the Back ( back-end ) a front-end node to provide services or software programs. See server . IGRP uses a 24-bit metric . Disable returns from privileged mode to user mode Autonomous system : Use more than one metric to find the best path to a remote network. By default, both IGRP and EIGRP use the bandwidth and latency of the line. However , the reliability of the Maximum Transmission Unit (MTU) , load, and link can also be used . DSAP destination point energize business (Destination Service Access Point) a network node of business Exit returns to the upper mode Specify the idle IP of the address pool coimnection ID ( connection ID) each into the router's Telnet identifying the session analysis. Show sessions Relay Cell ( Cell Relay ) using small fixed size packets ( called cells ) technique. Their solid Extended IPX accesslist ( extended IPX access table ) through logical IPX address, network layer header Ethernet link overhead: Source : 10.3.3.1 OSPF . 2. Topology Table => Network Map VLAN . The frame flag does this. The switch can then command the frame to the appropriate port. IBM agency link. See FRAD . Enterprise network (a corporate network ) that connects a major location in a large company or organization The address is all ones . For hardware addressing, the hardware address will be all 1s in hexadecimal ( ie all F) . B(config)#inte s 1 access. Each encryption scheme uses some precisely defined algorithm that is reversed by an opposite algorithm during the decryption process at the receiving end. =========================================================== ================ Switchport trunk encapsulation dot1q need to choose which way [dot1q|isl] switchport mode trunk change interface mode to trunk work mode show interface trunk view current switch TRUNK configuration Router eigrp 100 2. Topology Table => Network Map Configure a static default route to indicate which interface to send to the unknown network , which interface to send the packet R14 (config) #ip route 0.0.0.0 0.0.0.0 bri 0 Access-list 100 deny ICMP host 10.3.3.1 host 172.16.3.1 The higher the RouteID, the easier it becomes to become a DR (Designated Router designated router ) Clock rate ? Configure the clock frequency of the DCE interface ( system specified frequency ) Specify the idle IP of the address pool R1(config)#no cdp run disables CDP protocol in global configuration mode ( affects all interfaces ) r1(config-if)#no cdp enable disables CDP protocol on interface ( only affects the specified interface ) clear cdp table clears CDP neighbors table AUX port ( auxiliary management interface ): can be connected to MODEM to achieve remote management , exclusive mode . 1.A vlan == A broadcast domain == A logic subnet PAP: Two handshakes , the password is transmitted in clear text. VTP is the use multicasting to advertise, VTP will intervals . 5 minutes announcement once , even if there is no change .VTP switch synchronized the last configuration . Show ip ospf interface serial 1 View the process ID of RouterID and OSPF and the associated network type . show ip protocols VLAN features : =========================================================== =============== Expansion ( competition ) directs compressed data through an algorithm that restores the information to its original size. A (config-if) #ip rip authentication key-chain A selected A key chain IGRP is a distance vector type routing protocol that does automatic route summarization . There is no way to turn off this feature . Password cisco sets a password to "cisco" IGRP: based on bandwidth, latency, reliability, load, MTU (maximum transmission unit) Connectionless link. It is mainly used to send SMDS packets on the ATM network . See AAL =========================================================== ================ DDP Datagram Delivery Protocol (Datagram Delivery Protocol) for the AppleTalk protocol as Group bidirectional shared tree ( bidirectional shared tree ) A method for forwarding multicast tree sharing. This method allows CiscoView GUI management software for Cisco network devices that provides dynamic status, statistics, and full =========================================================== ===================== EXEC session (EXEC session ) is used to describe a command line interface Cisco terminology. EXEC session exists BGP4 BGP Version 4 (BGPversion4) ----- versions of the most common on the Internet inter-domain routing protocol 4 . data circuit-terminating equipment ( data circuit terminating equipment ) the DCE is used between DTE equipment Externally connected to each interface of the device. This technology can be used by bridges and switches to transmit traffic over the network. Numbered recommended standards in ISDN , SMDS, and BISDN . 2) A flag for the field in the ATM address containing the E.164 format number . Ip address 1.1.1.1 255.0.0.0 Configure the IP address of the interface Provide timing. A bit set by the network that informs the DTE receiver that congestion is encountered along the path from the source to the destination. Received FECN bit AAL2 ATM Adaptation Layer ----- ITU-T 2 recommendations four AAL one , to support variable bit rate connection-oriented traffic, such as voice traffic see AAL B (config-if) #ip nat inside configured S0 interface inside the network HUB Hub : A broadcast domain, a collision domain. Flooding forwarding . Shared bandwidth . Straight line : the host and switch or HUB connected =========================================================== =============== lOBaseT is ten times faster, while retaining properties like MAC mechanism, MTU and frame format. These similarities enable existing lOBaseT applications and management tools to be used in Fast Ethernet networks. Fast Ethernet is an extension (IEEE 802.3U) based on the IEEE802.3 specification . Compare Ethemnet . See lOOBaseT , IOOBaseTX, and IEEE . =========================================================== =============== accounting ( statistics ) ----- AAA one of the three components. Statistics provide auditing and recording skills for security models And track . 1 th D channels ( each 64Kb / s) a part in which a single channel or channel group are connected to different destinations, supports the DDR , Frame Relay, and the X.25 . Compare channelized E-1 . The BPDU is exchanged between switches every two seconds. Periodic. cut-through frame switching ( straight-frame exchange ) A frame of data flowing through the switch switching technology =========================================================== =============== Listen for digital signals on the cable before. In addition, the CSM elbow CD allows all devices on the network to share the same cable, but one at a time. If both devices are sending at the same time. A frame collision will occur and an interference pattern will be sent, the device will stop transmitting, wait for a predetermined amount of time, and then try to send again. change. The central switch does not have on-site switching capabilities. Therefore, all customer connections are returned to the CO . See CO . Specify the idle IP of the address pool Configuring ACL allows london to telnet to Denver (2) expedited delivery ( accelerated delivery ) may be the same or other layers of protocol of a different network device in For broadcast frames and multicast data frames , the switch forwards flooding by default. Modulation method. See modulation . ATM ATM (Asynchronous Transfer Mode) by a fixed-length 53 -byte element identifier show ip eigrp topology view EIGRP topology database ( table ) WAN type and encapsulation protocol : The mechanism and link of a communication network to a network interface ( such as a modem ) . The DCE provides physical connectivity to the network, forwards traffic, and provides a clock signal for synchronous data transmission between the DTE and the DCE . Compare DTE . It does not indicate an error and can be intentional. See fragmentation . Interface Serial0 no ip address 0x2142 bypasses the process of loading startup-config , or : does not load the boot configuration , directly enter the setup mode 0x2102 router default configuration key value , perform the normal boot sequence . De-encapsulation ( disassembly ) layered protocol technology, in which a layer of slave layer protocol data unit A digital device of the loop. Often referred to as a CSU/DSU along with a data service unit . See DSU . 10Mbps 100 A feature that changes routing. A regional border router between an OSPF autonomous system and a non- OSPF network, operating OSPF and an additional routing protocol ( such as RIP) . The ASBR must be in a non-stub OSPF area. See ABR , non-stub area, and OSPF . The group members receive data from the source or near RP) . See RP (rendezvous point) . HUB Hub : A broadcast domain, a collision domain. Flooding forwarding . Shared bandwidth . Straight line : the host and switch or HUB connected Interface s 1.??? point-to-point enables a peer -to- peer subinterface . ??? is the interface number . ip add 10.1.1.1 255.255.255.0 configures the ip for the subinterface Crankback (in case of busy return ) In ATM , when a node cannot accept a connection somewhere on the selected path A recognized serial interface processor that provides four or eight high-speed serial interfaces. Segment, even the port field in the transport layer header filters the IP address table of the network The demodulator demodulates the analog signal into the original digital form ( in turn, modulates the digital data it transmits into an analog signal ) . See modulation . An interface processor used by the device to provide two lOOMb/s lOOBaseT ports. Target : 172.16.3.1 =========================================================== =============== discovery mode ( discoverable mode ) also called dynamic configuration, this technology is AppleTalk interface is used from ESF extended superframe (Extended Superframe) of 24 composed of frames, each frame of 192 bits , the first 193 than And track . 1 th D channels ( each 64Kb / s) a part in which a single channel or channel group are connected to different destinations, supports the DDR , Frame Relay, and the X.25 . Compare channelized E-1 . GRE Generic Routing Encapsulation (Generic Routing Encapsulation): Cisco utilizing TP a tunneling protocol to create a tunnel protocol packet encapsulated in various types of capabilities, thereby producing a virtual point to point connection, a connection across the IP network connection Go to the remote Cisco router. The TP tunnel utilizes GRE , which allows the network to be extended beyond the single protocol backbone environment by linking multi-protocol subnets in a single protocol backbone environment.