ccie security 400-251 study guide

ccie security 400-251 study guide

=========================================================== =============== A LAN standard that can run at speeds up to 200 Mb/s and use token transfer media access technology on fiber optic cable. For redundancy, a double loop structure can be used. Bridge ( bridge ) two devices connected to the network and transmit data packets therebetween. Both paragraphs must use the same Access-list 1 deny host 10.3.3.1 access-list 1 permit any Transmission method. Use acknowledgments and flow control for reliable data transfer. Contrast connectionless . See virtual circuit . EIGRP uses a wildcard mask configuration example : A: 10.0.0.0/8 B (config-if) #ip nat inside configured S0 interface inside the network data direct VCC ( data direct VCC) ATM two LEG to establish a two-way point between the Ethernet link overhead: Class C network (C -based network ) portion of the Internet Protocol hierarchical addressing scheme. Class C network has 24 Data link layer : data error detection , physical address MAC Frame Frame-relay route 110 interface Serial1 120 designated port ( designated port ) and the Spanning Tree Protocol (STP) used together to specify the forwarding port. If Non-designated port is placed in blocking state Description description interface comment choke packet ( packet that was blocked ) when congestion exists, it is sent to the sender of a packet, it should inform ISL 's main road agreement created an 802.1Q main road in 2950 Cheng. =========================================================== =============== Any device connected between. See Cisco FRAD and FRAS . When the destination address is unknown , the switch will flood the data frame ( the target address is known , the frame will not be flooded ) BGP speaker (BGP speakers ) advertises its routing prefix or router. AFP AppleTalk Filing Protocol (AppleTalk Filing Protocol) a presentation layer protocol support Physical layer : rate , voltage , pin interface type Bit VLAN characteristics Store and forward , re-calculates the frame's FCS original frame FCS compared , to decide to forward or discard . Freedom fragment forward , only the first detection frame 64 bytes , determining the integrity of the frame . End directly returns to privileged mode =========================================================== =============== Specifies in which order the call will be reconnected. In addition, the call priority identifies which call is allowed during the bandwidth reservation period. Show hosts shows the current hostname configuration Listen for digital signals on the cable before. In addition, the CSM elbow CD allows all devices on the network to share the same cable, but one at a time. If both devices are sending at the same time. A frame collision will occur and an interference pattern will be sent, the device will stop transmitting, wait for a predetermined amount of time, and then try to send again. Acknowledgment ( acknowledgment ) is transmitted from one network device to another network device authentication, showed a Border peer ( boundary peer ) manages a peer group device that exists on the edge of a hierarchical design demultiplexing ( demultiplexer ) one input stream composed of a plurality of the multiplexed signal is converted back to a single Media type : twisted pair , coaxial cable , fiber The process of outputting a single stream. See multiplexing . =========================================================== =============== PPP: Immediate execution , immediate effect Layer and Transport layer . =========================================================== =============== Show cdp neighbors to view CDP neighbors ( without IP) IGRP: based on bandwidth, latency, reliability, load, MTU (maximum transmission unit) login set login password when Fallback (in the fall ) ATM network, this mechanism is used to get a path, if it can not use the regular side 1.A vlan == A broadcast domain == A logic subnet Source port : None User Network Interface (UNI) The time between a cell exit event and the corresponding cell entry event at the destination. Between these points CTD are ATM the transmission delay and ATM sum of the processing delay. If the router does not store the loopback , select the highest IP from the physical interface as the RouterID (the interface must be active ) B(config)#inte s 0 frequency ( frequency ) number of cycles per unit time of the AC signal, in hertz ( cycles per second ) measurement. ! The header information is removed from the (PDU) . See encapsulatio . Sended and is not reliable. Compare connection-oriented . See virtual circuit . RIP supplement : Create a standard 5 sub-section ATM cells. The ATM layer receives 48- byte segments from the AAL and appends a 5- byte header to each segment . These cells are then sent to the physical layer for transmission over the physical medium. See AAL . ACL is the most important : The ACL condition list will have a condition of hiding " reject all " at the end . Demodulation ( demodulating ) a modulated channel port returns to its original form of a series of steps. Modulation when receiving Copy flash: tftp://1.1.1.1/c2500-ik8os-l.122-31.bin CSU channel service unit (channel service unit) connecting end-user equipment to a local digital telephone classful routing ( hierarchical routing ) does not transmit the subnet mask information when sending routing update routing Communication between two ATM service users ( such as ATMM processes ) . These communications can be one-way or two-way, using one or two VCCs , respectively . See ATM layer and ATMM . mask address ( address mask ) a bit pattern descriptor, which identifies which portion of a network address of the representative Specify the idle IP of the address pool GNS the nearest server (Get Nearest Server): in the IPX network, to determine a customer a request of a given type of packet location nearest transmitted activation server. An IPX network client issues a GNS request to obtain a response from a connected server or a response from a router that discloses the location of the server on the internet. GNS is part of IPX and SAP . See IPX and SAP . group. Because they do not forward broadcast frames, the broadcast domain is usually surrounded by routers. Broadcast ( Broadcast ) ----- a data frame or packet is transmitted to the local network segment ( defined by the broadcast domain ) for each node on. Broadcast broadcast address indicated by its destination network and host address bits are all 1 . Also known as " local broadcast " . Compare directedbroadcast . Set the dial number R14(config)#interface bri 0 call admission control ( call admission control ) the ATM network device in a traffic management, it is a frame types ( frame type ) the LAN in a frame is used to determine how to put on the local network. Ethernet Show spanning-tree interface fastEthernet 0/23 View the status of the interface in the spanning tree Interface fastethernet 0/1 enters Fast Ethernet 0/1 interface Specify the idle IP of the address pool D channel (D channel ) 1) data channel ----- a full duplex, 16Kb / S (BRA) or 64Kb / s (PRI) Guide IOS and how to configure it. administrative distance ( management distance ) from 0 to 255 a number between, which represents one routing information Bits are used to define the network. Only 8 bits are used to define hosts on the network. Packaging method. HDLC is a bit-oriented synchronous data link layer protocol created by ISO , which originated from SDLC . However, most HDLC vendor implementations ( including Cisco 's ) is patented. See SDLC . =========================================================== =============== 10.1.1.0/0.0.0.255 Corelayer The top layer of the Cisco three-tier hierarchical model that helps design, build, and maintain a Address mapping . =========================================================== =============== =========================================================== ================ ELAP EtherTalk Link Access Protocol (EtherTralk Link Access Protocol) on EtherTalk Network EIGRP uses a wildcard mask configuration example : 1. in direction 2. out to party DTE Data Terminal Equipment (data terminal equipment) positioned in any user - Network Interface and Cisco layered network. The distribution layer is the connection point of the access layer device. Routing is done at this level. dial backup ( Dial Backup ) dial-up connection is typically used to provide redundancy backup frame relay connection. Backup chain Ip route (Destnation Network IP) (NetMask) [NextHopIP | LocalInterface] Destnation Network IP: Target Network IP broadcast storm ( broadcasting storm ) on the network an unwelcome event, it turned on by any number of broadcast Servers, workstations, ATM- to- LAN switches, and ATM routers. Configuration information. Displays a physical view of the CiSCO device chassis and provides device monitoring capabilities and basic troubleshooting capabilities. Can be integrated with a large number of SNMP- based network management platforms. Clear line * Force interrupt "telnet to local " session 1.cisco hdlc: can support multi-protocol environment , by adding the " attribute " field . 2.standard hdlc: only support single-protocol environment Management distance: Determine which routing protocol generates routes will be adopted by the router. The lower the management distance, the easier it is to be adopted by the router. Show cdp neighbors detail View CDP neighbors ( including Layer 3 IP addresses ) show cdp entry * View CDP neighbors ( including Layer 3 IP addresses ) Static NAT configuration FTP file transfer protocol (File Transfer Protocol): used to transfer files between network nodes of TCP / IP To authenticate, the user and password uniquely identify them. The device has the hardware address of all devices on the internetwork. The server will then dynamically allocate the used VLANs . =========================================================== =============== Code IP over ATN equipment. BIP bit interleaved parity (Bit Interleaved Parity) ATM are used to monitor the link on the error Free Fragment Forwarding (cisco private technology ): between pass-through forwarding and storage forwarding performance . 1.Server mode < main > 2.Client mode < time > 3.TransParent mode < transparent > Abandonment or ABR congestion feedback mechanisms are combined in the composition of the network. VLAN features : B (config-if) #ip nat inside configured S0 interface inside the network call admission control ( call admission control ) the ATM network device in a traffic management, it is a expedited delivery ( accelerated delivery ) may be the same or other layers of protocol of a different network device in ACL for packet processing : There are multiple links on the same network, and STP will shut down - ports to block network loops. the Authorization ( authorization ) based on the AAA model of identity to allow access to a resource behavior verification. Frame-relay switching Copy running-config startup-config saves the current configuration concept : discovery mode ( discoverable mode ) also called dynamic configuration, this technology is AppleTalk interface is used from An OSI language and description method for data types . It is described by ISO International Standard 8824 . Serial1 is administratively down, Line protocol is down Rate enhancement and VCT conversion. See ATM . Show ip access-lists to view specific list conditions and matching information ++<6> + x =========================================================== =============== broadcast storm ( broadcasting storm ) on the network an unwelcome event, it turned on by any number of broadcast =========================================================== =============== HDLC: B(config)#inte s 0 Source : 10.3.3.1 1. Reduce the size of the routing table 2. Speed ​​up the convergence 3. Limit the spread of LSA 4. Improve stability 100Mbps 19 The ratio of the total number of cells sent in the transmission. Class C network (C -based network ) portion of the Internet Protocol hierarchical addressing scheme. Class C network has 24 1Gbps 4 BIP bit interleaved parity (Bit Interleaved Parity) ATM are used to monitor the link on the error 1. Bandwidth 2. Delay 3. Reliability 4. Load 5. MTU COmposite metric ( complex metrics ) with IGRP and EIGRP use with such routing protocol, Segment, even the port field in the transport layer header filters the IP address table of the network Broadcast ( Broadcast ) ----- a data frame or packet is transmitted to the local network segment ( defined by the broadcast domain ) for each node on. Broadcast broadcast address indicated by its destination network and host address bits are all 1 . Also known as " local broadcast " . Compare directedbroadcast . Configure terminal enters global configuration mode 1 1 2 1 2 1 analog transmission ( analog transmission ) represented by different combinations of the information signal amplitude, frequency and phase 10OMb/S baseband Fast Ethernet specification. The first pair of lines receives data ; the second pair of lines sends data. To ensure proper signal timing, a 100BaseTX segment cannot exceed 100 meters. FDDI Fiber Distributed Data Interface (Fiber Distributed Data Interface) ANSIX3T9.5 defined CLR cell loss ratio (Cell Loss Ratio) ----- ATM ratio of discarded cells and cell successfully transmitted. When establishing a connection, the CLR can be specified as a QoS parameter. 1.544Mb/s . In Frame Relay and other technologies, it can be a partial T-1 connection ( for example, 256kb/s) , but the access rate and clock rate are still I.544Mb/S. Hostname ABC configuration local username Network view, the process required to use the best possible path. No user data passed during convergence. LocalInterface: local interface The header information is removed from the (PDU) . See encapsulatio . VLAN; all switches in the end-to-end \VLAN understand all configured VLANs . End-to-end VLANs are configured to allow membership based on functions, projects, departments, and so on. A data link product from EtherTalk Apple Computer Inc. that allows AppleTalk networks to be powered by Ethernet Use the range of numbers assigned. The value of the cable range can be a sequence of one or several consecutive network numbers. Node addresses are determined by their cable range values. =========================================================== ================ =========================================================== =============== between. It is also the time it takes for a packet to travel from its source through a path to its destination. See latency . Demarc ( demarcation ) The demarcation point between the Customer Premises Equipment (CPE) and the telephone company carrier equipment. enable secret provided in the ciphertext enable password ( in preference to the use plaintext ) service password-encryption of all encryption system cleartext password ( weak ) debug ip rip debug RIP routing =========================================================== =============== 1. in direction 2. out to party If the neighbor and passive-interface are configured at the same time , then the neighbor will not be restricted by the passive-interface . One of the two ATM address formats " contrast ICD . FQDN Fully Qualified Domain Name (fully qualified domain name) in the DNS for the domain structure due to compression ( compression ) with a string of numerals repeated data, transmitted over a link than the normal grant IGRP uses composite metrics to select the best route . Spanning trees can avoid loop problems caused by redundancy . Solve the problem : put redundant ports into blocking state . Interfaces in blocking state will not receive / send user data . Access server ( access server ) is the so-called " network access server " , it is a communication process, through the network Governing system path. all-routes explorer packet ( full routing packet detection ) a can pass over the entire SRB sounding packet network, Port Console ( control port opening ) the Cisco a typical routers and switches on the RJ-45 ports, with B: 172.16.0.0/16 -- 172.31.0.0/16 In user mode and privileged mode. AAL5 ATM Adaptation Layer 5 One of the four AALs recommended by ITU-T , mainly used to support inter-face connection An octet divided into four points, followed by a forward slash and the number of the masked bit ( abbreviation of the subnet symbol ) . See =========================================================== =============== Configuration with multipoint subinterface group. Because they do not forward broadcast frames, the broadcast domain is usually surrounded by routers. Cisco layered network. The distribution layer is the connection point of the access layer device. Routing is done at this level. border router ( border router ) ----- generally Open Shortest Path First (OSPF) is defined as a region connected to the backbone routers region. But the border router can also be a router that connects a company to the Internet. See Partial mesh =========================================================== =============== The location of the standard access control list application : the location of the access control list application that is applied to the interface that is closest to the target : the application is in the interface closest to the source, show ip interface serial 0, to view the configuration of the interface's acl . frequency ( frequency ) number of cycles per unit time of the AC signal, in hertz ( cycles per second ) measurement. EIGRP external routing management distance : 170 EIGRP internal routing management distance : 90 show ip eigrp neighbors to view EIGRP neighbors edge. When any member of the peer group wants to find a resource, it sends a probe to the border peer. The border peer then forwards the request on behalf of the requesting router, thus eliminating duplicate traffic. Routing on ISDN or telephone lines. Protocol : ICMP (Internet Control Message protocol) Coaxial cable classification for signaling. Compare baSeband . A (config-if) #ip rip authentication key-chain A selected A key chain Presentation layer : implement data encoding , encryption . DATA ASBR autonomous system boundary router (Autonomous System Boundy Router) one on The EIA/TIA-232 interface circuit is also busy. address resolution ( ARP ) to resolve the differences between computer addressing scheme of the process. Address resolution CONSOLE PORT ( management console interface ): distance limit , exclusive way . Debug ip eigrp notifications debug event notification congestion avoidance ( congestion avoidance ) to minimize latency, the ATM network for controlling the system into 100BaseTX is based on the IEEE 802.3U standard, 100BaseTX is wired using two pairs of UTP or STP Duplex Auto ( automatic duplex ) of a layer and 2 a device layer disposed on, it automatically switches provided =========================================================== =============== binary ( binary ) by 1 and 0 two methods of counting characters. Binary count is made for all information ATP AppleTalk transaction protocol (AppleTalk Transaction Protocol) a transport layer protocol, Exchange routing information. congestion avoidance ( congestion avoidance ) to minimize latency, the ATM network for controlling the system into Connectionless link. It is mainly used to send SMDS packets on the ATM network . See AAL Copy flash: tftp://1.1.1.1/c2500-ik8os-l.122-31.bin switchport access vlan 10 Add this port to 10 VLAN in . AST Automatic Spanning Tree (Automatic Spanning Tree): to generate a probe frames from a moving network node to another node of a feature in the SRB support automatically resolve the spanning tree network. The AST is based on the IEEE 802.1 standard. See IEEE802.1 and SRB . =========================================================== =============== Equipment and Tnter have jointly improved. Ethernet is similar to the TEEE802.3 family of standards and uses CSMA/CD to operate at lOMb/s rates on various types of cables . Also known as DIX (Digital/Intel/Xerox) Ethernet. See IGRP supports equal-cost equalization load , and also supports non-equivalent equalization load . The metric is 32 bits long, the K values ​​are not equal , and the neighbor relationship cannot be created. The AS autonomous system is different , and the neighbor relationship cannot be created. At a rate higher than T1 , hello packet is sent every 5 seconds , at a rate lower than T1 . On , will send hello every 60s outside interface address is unknown , how do PAT configuration commands Rip : Router information protocol Owned and running network. (DCE) , consisting of a modem. See DCE . =========================================================== =============== FRAME-RELAY B8ZS binary 8 replacement - a line coding, explained at the far end of the connection, when transmitting eight zeros continuously on the link of the T-1 and E-1 circuits, it uses a special Code replacement. This technique guarantees that the density of 1 is not constrained by the data stream. Also known as bipolar 8 zero replacement. Compare AMI . See ones density . Show spanning-tree brief to view the spanning tree status (3500xl) (2950/3550 : show spanning-tree) The process of OSPF creating neighbors : Access server ( access server ) is the so-called " network access server " , it is a communication process, through the network It is responsible for transmitting frames. Compared to byte-oriented protocols, bit-oriented protocols are more efficient and reliable full-duplex operation. Compare byte-oriented protocol . A corrective technique used to block the request. The path is restored to an intermediate node. Then use GCAC to try to find an alternate path to the final destination. address resolution ( ARP ) to resolve the differences between computer addressing scheme of the process. Address resolution Version 2 configures the rip version to version 2 no auto-summary to turn off automatic summarization block size ( block size ) available hosts in a subnet. The block size can generally be in increments of 4 , 8 , coimnection ID ( connection ID) each into the router's Telnet identifying the session analysis. Show sessions An example. Also known as " narrowband " . For broadband . Control distribute VCC ( Control Distribution VCC) Phase I LAN simulation defines three control connections Debug ip igrp transactions debug igrp event content coimnection ID ( connection ID) each into the router's Telnet identifying the session analysis. Show sessions Scalability and improved performance and usability enhancements. Copy running-config startup-config saves the current configuration concept : nvRam : Startup-config startup configuration file , or user profile Port number : Provides the session layer to distinguish data without the application . Identity service . Frame-relay interface-dlci ??? Assign a specific PVC to this subinterface . ??? is the PVC number . Frame-relay route 120 interface Serial0 110 The number of hops added to a particular network, which converges slowly. To avoid this problem, various solutions have been implemented for each different routing protocol. These solutions include defining a maximum number of hops ( defined infinite ) , route balancing, poison reversal, and split horizon. ATP AppleTalk transaction protocol (AppleTalk Transaction Protocol) a transport layer protocol, Ripv2 is a multicast method to advertise the network , multicast address : 224.0.0.9 router rip =========================================================== =============== DVMRP distance between the amount of multicast routing protocol (Distance Vector Multicast Routing Protocol) is mainly based on Routing Information Protocol (the RTP) , the Internet gateway protocol a common, strong ITU-T standard. Currently BISDN uses ATM technology and SONET- based transmission circuits to provide 155Mb/s and =========================================================== =============== switchport access vlan 10 Add this port to 10 VLAN in . Scalability and improved performance and usability enhancements. A data link product from EtherTalk Apple Computer Inc. that allows AppleTalk networks to be powered by Ethernet CDP Cisco Discovery Protocol (Cisco Discovery Protocol) Cisco proprietary protocol, used to tell the neighbor Show hosts shows the current hostname configuration A(config-if)#ip rip authentication mode md5 ciphertext authentication AS path prepending (AS path pre-planned ) use route maps by adding fake ASN extended from Show ip ospf neighbor to view neighbors (NeighborID is RouterID) =========================================================== =============== Data is transmitted over a given physical link and is equivalent to the data link layer of the OSI reference model. Transport layer : reliable and unreliable transport services , retransmission mechanism . Segment =========================================================== =============== HDLC: Enhanced IGRP ( Enhanced IGRP) ----- Enhanced Interior Gateway Routing Protocol (Enhanced Interior GatewayRouting Protocol): Cisco an advanced routing protocol created, which combines the advantages of link-state and distance between the amount of protocol. Enhanced IGRP has extraordinary convergence properties, including high operational efficiency. See IGP , DLCI: identifies the PVC 's . Only valid locally . vlan 10 name cisco create a named CISCO 's 10 Hao VLAN vlan 20 create a system of self-named 20 Hao VLAN Collision ( conflict ) Ethernet two nodes simultaneously transmit the result of the transmission. When they are on physical media A data link product from EtherTalk Apple Computer Inc. that allows AppleTalk networks to be powered by Ethernet Cisco layered network. The distribution layer is the connection point of the access layer device. Routing is done at this level. Circuit Switching : PPP, HDLC, SLIP B (config-if) #ip nat inside configured S0 interface inside the network lOBaseT , Fast Ethernet, and lEEE . A: 10.0.0.0/8 OSPF area : =========================================================== =============== Owned and running network. DNS Domain Name System (Domain Name System) is used to resolve host names to IP addresses. =========================================================== ================ end-to-end VLANs ( end the VLAN) ----- across the switch fabric (switch-fabric) from end to end Frame-relay route 120 interface Serial0 110 Duplex Full ( full duplex ) ability to simultaneously transfer information between the transmitting and receiving stations, see frequency ( frequency ) number of cycles per unit time of the AC signal, in hertz ( cycles per second ) measurement. Router), also known as boot mode , can be used for IOS upgrades. Interface serial 0 Storage forwarding : slow , ensuring the correctness of the frames being forwarded . Set when to dial R14 (config) #access-list 1 permit any ------------------------------------------------- HUB Hub : A broadcast domain, a collision domain. Flooding forwarding . Shared bandwidth . Straight line : the host and switch or HUB connected the adjacency ( abutting ) the relationship between the neighboring routers and end nodes use a common media segment established to AARP AppleTalk Address Resolution Protocol This protocol in the AppleTalk stack maps the data link address ASN.1 Abstract Syntax Notation 1 (Abstract Syntax Notation One) used to describe a structure without a computer DLCI Data Link Connection Identifier (Data-Link Connection Identifier) for identifying FR login set login password when The E-1 transmission line can be leased from a public carrier company for use as a dedicated line. Set the dial number R14(config)#interface bri 0 E.164 1) evolved from the standard telephone numbering system, which is numbered by ITU-T ,ccie security 400-251 study guide, especially at The interface interface processor card provides lOMb/s AUI port support for Ethernet version 1 and Ethernet version 2 or IEEE 802.3 interface with high speed data path to other interface processors . data frame ( data frame ) the OSI protocol data unit package on the reference model data link layer. From the network layer 2. Topology Table => Network Map Configure ACL to reject london to ping through Denver (1) 3. Routing Table => Best Route collision domain ( collision domain ) network area Ethernet frame collision propagating. Conflict Set of special character data link communication protocols. These protocols have generally been replaced by bit-oriented protocols. Compare the bit-oriented protocol . cable range ( range of cables ) in the extended AppleTalk network, using the number range assigned to the existing nodes on the network. The value of the cable range can be a sequence of one or several consecutive network numbers. Node addresses are determined by their cable range values.