Chapter 1 Single-Area OSPFv2 Concepts
OSPF Features and Characteristics (1.1)
1. Establish Neighbor Adjacencies
2. Exchange Link-State Advertisements
3. Build the Link-State Database
Single-Area and Multiarea OSPF (1.1.4)
OSPF Operational States (1.3.2)
Establish Neighbor Adjacencies (1.3.3)
Synchronizing OSPF Databases (1.3.4)
LSA Flooding with a DR (1.3.6)
OSPF Features and Characteristics
Chapter 2 Single-Area OSPFv2 Configuration
OSPF Reference Topology (2.1.1)
Router Configuration Mode for OSPF (2.1.2)
Router ID Order of Precedence (2.1.4)
Configure a Loopback Interface as the Router ID (2.1.5)
Explicitly Configure a Router ID (2.1.6)
Point-to-Point OSPF Networks (2.2)
The network Command Syntax (2.2.1)
Configure OSPF Using the network Command (2.2.4)
Configure OSPF Using the ip ospf Command (2.2.6)
Configure Passive Interfaces (2.2.9)
OSPF Point-to-Point Networks (2.2.11)
Loopbacks and Point-to-Point Networks (2.2.12)
Multiaccess OSPF Networks (2.3)
OSPF Designated Router (2.3.2)
OSPF Multiaccess Reference Topology (2.3.3)
Verify OSPF Router Roles (2.3.4)
Verify DR/BDR Adjacencies (2.3.5)
Default DR/BDR Election Process (2.3.6)
DR Failure and Recovery (2.3.7)
The ip ospf priority Command (2.3.8)
Configure OSPF Priority (2.3.9)
Modify Single-Area OSPFv2 (2.4)
Cisco OSPF Cost Metric (2.4.1)
Adjust the Reference Bandwidth (2.4.2)
OSPF Accumulates Costs (2.4.3)
Manually Set OSPF Cost Value (2.4.4)
Test Failover to Backup Route (2.4.5)
Hello Packet Intervals (2.4.7)
Verify Hello and Dead Intervals (2.4.8)
Modify OSPFv2 Intervals (2.4.9)
Default Route Propagation (2.5)
Propagate a Default Static Route in OSPFv2 (2.5.1)
Verify the Propagated Default Route (2.5.2)
Verify Single-Area OSPFv2 (2.6)
Verify OSPF Protocol Settings (2.6.2)
Verify OSPF Process Information (2.6.3)
Verify OSPF Interface Settings (2.6.4)
Chapter 3 Network Security Concepts
Ethical Hacking Statement (3.0.3)
Current State of Cybersecurity (3.1)
Current State of Affairs (3.1.1)
Vectors of Network Attacks (3.1.2)
State-Sponsored Hackers (3.2.5)
Introduction to Attack Tools (3.3.2)
Evolution of Security Tools (3.3.3)
Viruses and Trojan Horses (3.4.2)
Other Types of Malware (3.4.3)
Overview of Network Attacks (3.5.1)
Reconnaissance Attacks (3.5.3)
Man-in-the-Middle Attack Example
Social Engineering Attacks (3.5.6)
IP Vulnerabilities and Threats (3.6)
Amplification and Reflection Attacks (3.6.5)
Address Spoofing Attacks (3.6.6)
TCP and UDP Vulnerabilities (3.7)
UDP Segment Header and Operation (3.7.4)
Spoofed Gratuitous ARP Replies
1. Client Broadcasts DHCP Discovery Messages
2. DHCP Servers Respond with Offers
3. Client Accepts Rogue DHCP Request
4. Rogue DHCP Acknowledges the Request
Network Security Best Practices (3.9)
Confidentiality, Integrity, and Availability (3.9.1)
The Defense-in-Depth Approach (3.9.2)
Content Security Appliances (3.9.5)
Cisco Email Security Appliance (ESA)
Cisco Web Security Appliance (WSA)
Securing Communications (3.10.2)
Origin Authentication (3.10.5)
Asymmetric Encryption (3.10.8)
Current State of Cybersecurity
IP Vulnerabilities and Threats
Network Security Best Practices
Wildcard Mask Overview (4.2.1)
Wildcard Mask to Match an IPv4 Subnet
Wildcard Mask to Match an IPv4 Address Range
Wildcard Mask Calculation (4.2.3)
Wildcard Mask Keywords (4.2.4)
Guidelines for ACL Creation (4.3)
Limited Number of ACLs per Interface (4.3.1)
Standard and Extended ACLs (4.4.1)
Numbered and Named ACLs (4.4.2)
Standard ACL Placement Example (4.4.4)
Extended ACL Placement Example (4.4.5)
Check Your Understanding Questions
Chapter 5 ACLs for IPv4 Configuration
Configure Standard IPv4 ACLs (5.1)
Numbered Standard IPv4 ACL Syntax (5.1.2)
Named Standard IPv4 ACL Syntax (5.1.3)
Apply a Standard IPv4 ACL (5.1.4)
Numbered Standard IPv4 ACL Example (5.1.5)
Named Standard IPv4 ACL Example (5.1.6)
Two Methods to Modify an ACL (5.2.1)
Sequence Numbers Method (5.2.3)
Modify a Named ACL Example (5.2.4)
Secure VTY Ports with a Standard IPv4 ACL (5.3)
The access-class Command (5.3.1)
Secure VTY Access Example (5.3.2)
Verify the VTY Port Is Secured (5.3.3)
Configure Extended IPv4 ACLs (5.4)
Numbered Extended IPv4 ACL Syntax (5.4.2)
Protocols and Port Numbers Configuration Examples (5.4.4)
Apply a Numbered Extended IPv4 ACL (5.4.5)
TCP Established Extended ACL (5.4.6)
Named Extended IPv4 ACL Syntax (5.4.7)
Named Extended IPv4 ACL Example (5.4.8)
Another Named Extended IPv4 ACL Example (5.4.10)
Secure VTY Ports with a Standard IPv4 ACL
Check Your Understanding Questions
IPv4 Private Address Space (6.1.1)
Port Address Translation (6.2.3)
NAT and PAT Comparison (6.2.5)
Packets Without a Layer 4 Segment (6.2.6)
NAT Advantages and Disadvantages (6.3)
Analyze Dynamic NAT—Inside to Outside (6.5.3)
Analyze Dynamic NAT—Outside to Inside (6.5.4)
Configure PAT to Use a Single IPv4 Address (6.6.2)
Configure PAT to Use an Address Pool (6.6.3)
Analyze PAT—PC to Server (6.6.4)
Analyze PAT—Server to PC (6.6.5)
NAT Advantages and Disadvantages
Check Your Understanding Questions
Private and Public WANs (7.1.2)
Common WAN Terminology (7.2.3)
Circuit-Switched Communication (7.2.6)
Packet-Switched Communications (7.2.7)
Traditional WAN Connectivity (7.3)
Traditional WAN Connectivity Options (7.3.1)
Common WAN Terminology (7.3.2)
Circuit-Switched Options (7.3.3)
Public Service Telephone Network (PSTN)
Integrated Services Digital Network (ISDN)
Packet-Switched Options (7.3.4)
Asynchronous Transfer Mode (ATM)
Modern WAN Connectivity Options (7.4.2)
Internet-Based Connectivity (7.5)
Internet-Based Connectivity Options (7.5.1)
Wireless Internet-Based Broadband (7.5.7)
ISP Connectivity Options (7.5.9)
Broadband Solution Comparison (7.5.10)
Check Your Understanding Questions
Chapter 8 VPN and IPsec Concepts
Virtual Private Networks (8.1.1)
Site-to-Site and Remote-Access VPNs (8.1.3)
Enterprise and Service Provider VPNs (8.1.4)
Site-to-Site IPsec VPNs (8.2.3)
Dynamic Multipoint VPNs (8.2.5)
IPsec Virtual Tunnel Interface (8.2.6)
Service Provider MPLS VPNs (8.2.7)
IPsec Protocol Encapsulation (8.3.3)
Secure Key Exchange with Diffie-Hellman (8.3.7)
Check Your Understanding Questions
Network Transmission Quality (9.1)
Bandwidth, Congestion, Delay, and Jitter (9.1.3)
Network Traffic Trends (9.2.2)
Weighted Fair Queuing (WFQ) (9.3.4)
Class-Based Weighted Fair Queuing (CBWFQ) (9.3.5)
Low Latency Queuing (LLQ) (9.3.6)
Selecting an Appropriate QoS Policy Model (9.4.2)
Differentiated Services (9.4.5)
QoS Implementation Techniques (9.5)
Classification and Marking (9.5.4)
Type of Service and Traffic Class Field (9.5.7)
QoS Policy Guidelines (9.5.13)
Check Your Understanding Questions
Device Discovery with CDP (10.1)
Configure and Verify CDP (10.1.2)
Discover Devices by Using CDP (10.1.3)
Device Discovery with LLDP (10.2)
Configure and Verify LLDP (10.2.2)
Discover Devices by Using LLDP (10.2.3)
Time and Calendar Services (10.3.1)
Configure and Verify NTP (10.3.3)
SNMP Polling Scenario (10.4.8)
SNMP Object Navigator (10.4.9)
Introduction to Syslog (10.5.1)
Syslog Message Format (10.5.3)
Configure Syslog Timestamp (10.5.5)
Router and Switch File Maintenance (10.6)
Use a Text File to Back Up a Configuration (10.6.3)
Use a Text File to Restore a Configuration (10.6.4)
Use TFTP to Back Up and Restore a Configuration (10.6.5)
USB Ports on a Cisco Router (10.6.6)
Use USB to Back Up and Restore a Configuration (10.6.7)
Restore Configurations with a USB Flash Drive
Password Recovery Procedures (10.6.8)
Password Recovery Example (10.6.9)
Step 2. Change the configuration register
Step 3. Copy the startup-config to the running-config
Step 5. Save the running-config as the new startup-config
TFTP Servers as a Backup Location (10.7.2)
Backup IOS Image to TFTP Server Example (10.7.3)
Step 2. Verify image size in flash
Step 3. Copy the image to the TFTP server
Copy an IOS Image to a Device Example (10.7.4)
Step 2. Verify the amount of free flash
Step 3. Copy the new IOS image to flash
The boot system Command (10.7.5)
Router and Switch File Maintenance
Check Your Understanding Questions
The Need to Scale the Network (11.1.2)
Borderless Switched Networks (11.1.3)
Hierarchy in the Borderless Switched Network (11.1.4)
Access, Distribution, and Core Layer Functions (11.1.5)
Three-Tier and Two-Tier Examples (11.1.6)
Role of Switched Networks (11.1.7)
Design for Scalability (11.2.1)
Reduce Failure Domain Size (11.2.3)
Limiting the Size of Failure Domains
Expand the Access Layer (11.2.5)
Tune Routing Protocols (11.2.6)
Modular Configuration Switches
Stackable Configuration Switches
Business Considerations for Switch Selection (11.3.7)
Fixed Configuration or Modular
Check Your Understanding Questions
Chapter 12 Network Troubleshooting
Documentation Overview (12.1.1)
Network Topology Diagrams (12.1.2)
Network Device Documentation (12.1.3)
LAN Switch Device Documentation
End-System Documentation Files
Establish a Network Baseline (12.1.4)
Step 1—Determine What Types of Data to Collect (12.1.5)
Step 2—Identify Devices and Ports of Interest (12.1.6)
Step 3—Determine the Baseline Duration (12.1.7)
Troubleshooting Process (12.2)
General Troubleshooting Procedures (12.2.1)
Seven-Step Troubleshooting Process (12.2.2)
Troubleshooting with Layered Models (12.2.5)
Structured Troubleshooting Methods (12.2.6)
Guidelines for Selecting a Troubleshooting Method (12.2.7)
Software Troubleshooting Tools (12.3.1)
Network Management System Tools
Hardware Troubleshooting Tools (12.3.3)
Syslog Server as a Troubleshooting Tool (12.3.4)
Symptoms and Causes of Network Problems (12.4)
Physical Layer Troubleshooting (12.4.1)
Data Link Layer Troubleshooting (12.4.2)
Network Layer Troubleshooting (12.4.3)
Transport Layer Troubleshooting—ACLs (12.4.4)
Transport Layer Troubleshooting—NAT for IPv4 (12.4.5)
Application Layer Troubleshooting (12.4.6)
Troubleshooting IP Connectivity (12.5)
Components of Troubleshooting End-to-End Connectivity (12.5.1)
End-to-End Connectivity Problem Initiates Troubleshooting (12.5.2)
Step 1—Verify the Physical Layer (12.5.3)
Step 2—Check for Duplex Mismatches (12.5.4)
Step 3—Verify Addressing on the Local Network (12.5.5)
Troubleshoot VLAN Assignment Example (12.5.6)
Step 4—Verify Default Gateway (12.5.7)
Troubleshooting IPv4 Default Gateway Example
Troubleshoot IPv6 Default Gateway Example (12.5.8)
Verify PC1 Has an IPv6 Default Gateway
Step 5—Verify Correct Path (12.5.9)
Step 6—Verify the Transport Layer (12.5.10)
Symptoms and Causes of Network Problems
Troubleshooting IP Connectivity
Check Your Understanding Questions
Chapter 13 Network Virtualization
Cloud Computing Versus Data Center (13.1.5)
Cloud Computing and Virtualization (13.2.1)
Server Virtualization (13.2.3)
Advantages of Virtualization (13.2.4)
Virtual Network Infrastructure (13.3)
Installing a VM on a Hypervisor (13.3.2)
The Complexity of Network Virtualization (13.3.3)
Software-Defined Networking (13.4)
Control Plane and Data Plane (13.4.2)
Network Virtualization Technologies (13.4.3)
Traditional and SDN Architectures (13.4.4)
SDN Controller and Operations (13.5.1)
Core Components of ACI (13.5.3)
Virtual Network Infrastructure
Check Your Understanding Questions
The Increase in Automation (14.1.2)
The Data Formats Concept (14.2.2)
Open, Internal, and Partner APIs (14.3.4)
Types of Web Service APIs (14.3.5)
RESTful Implementation (14.4.3)
Anatomy of a RESTful Request (14.4.5)
RESTful API Applications (14.4.6)
Configuration Management Tools (14.5)
Traditional Network Configuration (14.5.2)
Configuration Management Tools (14.5.4)
Compare Ansible, Chef, Puppet, and SaltStack (14.5.5)
IBN and Cisco DNA Center (14.6)
Intent-Based Networking Overview (14.6.2)
Network Infrastructure as Fabric (14.6.3)
Cisco Digital Network Architecture (DNA) (14.6.4)
Check Your Understanding Questions
Appendix A Answers to the “Check Your Understanding” Questions
3.145.50.206