CCNA - CISCO - Exam Tips - Discovery - Exploration: June 2009

Monday, June 29, 2009

CCNA Discovery 3 - FINAL Exam Answers V.4 #11-15

11.

What is the term for the value 2172416 that is highlighted in the output of the show ip eigrp topology command?
• feasible distance of the successor
• reported distance of the successor
• feasible distance of the feasible successor
• reported distance of the feasible successor

12.

Refer to the exhibit. RIPv2 is configured in the network shown. Hosts in the network have access to all internal networks but do not have Internet access. On which router should the commands, shown in the exhibit, be added to provide Internet access for all hosts in the network?
• R1
• R2
• R3
• ISP

13. What do companies gain from the services performed at the enterprise edge?
• faster communication with server farms
• stronger security against malicious attacks
• faster communication with Internet destinations
• enhanced performance and reliability through VLANs and redundant trunk links

14.

Refer to the exhibit. A network administrator wishes to deny Internet access to all R2 LAN hosts, while allowing these hosts to reach all other devices on the company networks. Where the ACL shown in the exhibit should be placed to meet these requirements?
• R2: Fa0/0 inbound
• R1: S0/1/0 outbound
• R1: S0/0/1 inbound
• R2: S0/0/1 outbound
• R2: Fa0/0 outbound

15.

Refer to the exhibit. In what sequence (from first to last) does an OSPF router check the parameters listed when selecting the DR?
• C, B, A, D
• D, C, B, A
• A, B, C, D
• A, C, B, D
• B, C, A, D

Friday, June 26, 2009

Frame Relay - Intro

Frame Relay is a high-performance WAN protocol that operates at the physical and data link layers of the OSI reference model. Frame Relay originally was designed for use across Integrated Services Digital Network (ISDN) interfaces. Today, it is used over a variety of other network interfaces as well. This chapter focuses on Frame Relay's specifications and applications in the context of WAN services.

Frame Relay is an example of a packet-switched technology. Packet-switched networks enable end stations to dynamically share the network medium and the available bandwidth. The following two techniques are used in packet-switching technology:

•Variable-length packets

•Statistical multiplexing

Variable-length packets are used for more efficient and flexible data transfers. These packets are switched between the various segments in the network until the destination is reached.

Statistical multiplexing techniques control network access in a packet-switched network. The advantage of this technique is that it accommodates more flexibility and more efficient use of bandwidth. Most of today's popular LANs, such as Ethernet and Token Ring, are packet-switched networks.

Frame Relay often is described as a streamlined version of X.25, offering fewer of the robust capabilities, such as windowing and retransmission of last data that are offered in X.25. This is because Frame Relay typically operates over WAN facilities that offer more reliable connection services and a higher degree of reliability than the facilities available during the late 1970s and early 1980s that served as the common platforms for X.25 WANs. As mentioned earlier, Frame Relay is strictly a Layer 2 protocol suite, whereas X.25 provides services at Layer 3 (the network layer) as well. This enables Frame Relay to offer higher performance and greater transmission efficiency than X.25, and makes Frame Relay suitable for current WAN applications, such as LAN interconnection.

Sunday, June 21, 2009

FINAL Exam Answers V.4- CCNA Discovery 3 - #6-10

6. A sales representative is preparing to send sensitive information to corporate headquarters from a hotel room using the Internet. Prior to the trip, the IT staff made the necessary provisions to allow secure Internet access. What solution was implemented for the sales representative?
• VPN
• Frame Relay
• PPP with CHAP authentication
• PPP with PAP authentication

7.

Refer to the exhibit. A network administrator noticed that the VLAN configuration changes at SW2 did not propagate to SW3. On the basis of the partial output of the show vtp status command, what is the possible cause of the problem?
• VTP V2 mode is disabled.
• SW3 is configured as transparent mode.
• The number of existing VLANs does not match.
• The configuration revision number does not match.

8.

Refer to the exhibit. Because of continuing instability of one of the serial links in the OSPF network, a network administrator configures router ASBR as shown. Which two statements will be a result of this configuration? (Choose two.)
• Traffic intended for destinations across unstable serial links will be forwarded by ASBR even when the links are down
• A summary route of 192.168.0.0/22 will be advertised to the ISP router.
• Serial links in range 192.168.0.0 255.255.252.0 will be forced into a passive state.
• Networks connected to the unstable serial links will be placed in an unreachable state.
• Negative effects of route flapping will be reduced.

9. Which two criteria are used by STP to select a root bridge? (Choose two.)
• memory size
• bridge priority
• number of ports
• switch location
• switching speed
• base MAC address

10. A company is using a Class B IP addressing scheme and expects to need as many as 150 networks. What is the correct subnet mask to use with the network configuration?
• 255.255.0.0
• 255.255.240.0
• 255.255.254.0
• 255.255.255.0
• 255.255.255.128
• 255.255.255.192

Thursday, June 18, 2009

CCNA Discovery 3 - FINAL Exam Answers V.4 #1-5

1. In which VTP mode can a switch create VLANs, ignore VTP messages, and not pass local VLAN information to other VTP domain members?
• client
• server
• pruning
• transparent

2. What are two characteristics of an extended ACL? (Choose two.)
• IP is used to specify TCP traffic only.
• IP is used to specify TCP and UDP traffic only.
• IP is used to specify all TCP/IP protocols including TCP, UDP, ICMP and routing protocols.
• Traffic can be filtered on source address only.
• Traffic can be filtered on source and destination address only.
• Traffic can be filtered on source and destination address, protocol, and specific port number.

3. Which two statements are true regarding a PPP connection between two Cisco routers? (Choose two.)
• LCP tests the quality of the link.
• LCP manages compression on the link
• Only a single NCP is allowed between the two routers.
• NCP terminates the link when data exchange is complete.
• With CHAP authentication, the routers exchange plain text passwords.

4. Assuming VLSM is not being used, what impact will adding the command ip route 172.16.64.0 255.255.240.0 serial0/0 have on a router that is already operational in a network?
• All packets with a destination address between 172.16.64.1 and 172.16.80.254 will be forwarded out serial0/0.
• All packets with a destination address between 172.16.64.1 and 172.16.255.254 will be forwarded out serial0/0.
• All packets with a destination address between 172.16.64.1 and 172.16.79.254 will be forwarded out serial0/0.
• All packets with a destination address between 172.16.0.1 and 172.16.64.254 will be forwarded out serial0/0.

5.

Refer to the exhibit. The network is using OSPF as the routing protocol. A network administrator issues the show ip ospf neighbor command to check the status of operation. Which statement is true?
• RB has the lowest priority value.
• RC and RD have the lowest router IDs on the network.
• RA has established adjacencies with all neighbor routers.
• RA and RB cannot form an adjacency because they are stuck in the 2-way state.

Thursday, June 11, 2009

CCNA Practice Certification Exam # 2- CCNA Exploration: Accessing the WAN (Version 4.0)

1. Refer to the exhibit. The exhibit shows simplified protocol data units from different OSI model layers. Which three statements are true about the PDUs and the encapsulation process? (Choose three.)

	PDU #1 is a frame.
	PDU #2 is an application layer PDU
	PDU #3 is a segment.
	PDU #4 is a transport layer PDU.
	The order in which these PDUs are created during the encapsulation process is 3, 4, 1, 2.
	The order in which these PDUs are created during the encapsulation process is 2, 1, 4, 3.

2. Which three application layer protocols use TCP? (Choose three.)

3. Which two application layer protocols use the UDP protocol? (Choose two.)

4. What are two functions that occur at the Internet layer of the TCP/IP model? (Choose two.)

	establishment of logical connections between source and destination hosts
	end-to-end flow control
	determination of best paths through the network
	definition of the procedures used to interface with the network hardware
	packet switching
	Layer 5 and Layer 6 OSI model functions

5. Refer to the exhibit. All ports on switch A are in the sales VLAN and all ports on switch B are in the accounting VLAN. How many broadcast domains and how many collision domains exist in the exhibited network? (Choose two.)

	3 collision domains
	3 broadcast domains
	5 broadcast domains
	9 collision domains
	10 collision domains
	13 collision domains

6. A high-end Catalyst switch that supports both ISL and 802.1Q is to be connected by a link that will carry all VLAN traffic to a Catalyst 2960 LAN switch. What two commands are required to configure an interface on the high-end Catalyst switch to carry traffic from all VLANs to the Catalyst 2960 switch? (Choose two.)

	Switch(config-if)# vlan all
	Switch(config-if)# switchport access vlan 30
	Switch(config-if)# switchport access vlan all
	Switch(config-if)# switchport mode trunk
	Switch(config-if)# switchport trunk encapsulation dot1q
	Switch(config-if)# switchport trunk encapsulation isl

7. Refer to the exhibit. Based on the exhibited configuration and output, what would be the result of this command:
Sw1# telnet 192.168.1.10

	All packets will be dropped.
	The Telnet session will succeed.
	An error message that says “Session terminated” will appear.
	An error message that says “Password required, but none set” will appear.

8. Refer to the partial device configuration that is exhibited. For which network topology is the configuration appropriate?
RtrA(config)# interface fastethernet 0/0
RtrA(config-if)# no shutdown
RtrA(config-if)# interface fastethernet 0/0.18
RtrA(config-subif)# encapsulation dot1q 18
RtrA(config-subif)# ip address 10.1.18.1 255.255.255.0
RtrA(config-subif)# interface fastethernet 0/0.44
RtrA(config-subif)# encapsulation dot1q 44
RtrA(config-subif)# ip address 10.1.44.1 255.255.255.0
RtrA(config-subif)# interface fastethernet 0/0.22
RtrA(config-subif)# encapsulation dot1q 22
RtrA(config-subif)# ip address 10.1.22.1 255.255.255.0

9. Refer to the exhibit and the following error message from the SwA switch.
00:22:43: %SPANTREE-7-RECV_1Q_NON_TRUNK: Received 802.1Q BPDU on non trunk FastEthernet0/1 VLAN1.
00:22:43: %SPANTREE-7-BLOCK_PORT_TYPE: Blocking FastEthernet0/1 on VLAN0001. Inconsistent port type.
Considering that the link between the two switches is good and the correct type, what could cause this error message?

	The Spanning Tree Protocol has been disabled on one switch.
	The Spanning Tree Protocol has been disabled on both switches.
	The IEEE 802.1Q trunking port has a speed mismatch on one of the switches.
	The SwA port is configured as a trunk port and the SwB port is configured as an access port.
	The SwA port has IEEE 802.1Q trunking enabled and the SwB port has ISL trunking enabled.

10. A network administrator is configuring a switch when an error message appears. The configuration commands and error message appear as follows:
Switch(config)# interface fastethernet 0/1
Switch(config-if)# switchport mode trunk
Command rejected: An interface whose trunk encapsulation is "Auto" can not be configured to "trunk" mode.
What is the problem?

	The switch port is configured as an access mode port.
	The switch port does not support trunking on this port.
	The encapsulation type must be changed to a compatible protocol before the port can be placed in trunk mode.
	The no switchport trunk encapsulation auto command needs to be applied to the switch port before trunking can be enabled.

11. Of the protocols that are listed, which one needs to be functioning on a link in order for VTP to operate?

	802.1Q
	CDP
	RIP
	RSTP

12. Refer to the exhibit. RT_1 is configured correctly with IP addresses and passwords but none of the computers can ping or telnet to RT_1. Which series of commands would correct the problem?

	RT_1(config)# interface fa0/1 RT_1(config-if)# no shutdown
	SW_1(config)# interface fa0/24 SW_1(config-if)# switchport mode client
	RT_1(config)# interface fa0/1 RT_1(config-if)# encapsulation trunk dot1q 24
	SW_1(config)# interface fa0/24 SW_1(config-if)# switchport mode trunk
	SW_1(config)# interface fa0/24 SW_1(config-if)# switchport access vlan 1

13. Refer to the exhibit. Which commands are needed to complete the switch configuration so that SSH can be used to telnet from host A to SW_1? (Choose two.)

	SW_1(config)# username david password class
	SW_1(config)# line vty 0 15 SW_1(config-line)# login SW_1(config-line)# password cisco
	SW_1(config)# line vty 0 15 SW_1(config-line)# login local SW_1(config-line)# transport input ssh
	SW_1(config)# login ssh SW_1(config)# password class
	SW_1(config)# login key rsa SW_1(config)# password cisco
	SW_1(config)# password encrypted cisco

14. What three factors contribute to congestion on an Ethernet LAN? (Choose three.)

	improper placement of enterprise level servers
	addition of hosts to a physical segment
	replacement of hubs with workgroup switches
	increasing use of bandwidth intensive network applications
	creation of new collision domains without first adding network hosts
	migration to full-duplex Ethernet within the LAN

15. Refer to the exhibit. What protocol should be configured on SW-A Port 0/1 if it is to send traffic from multiple VLANs to switch SW-B?

	Spanning Tree
	RIP v2
	IEEE 802.1Q
	ARP
	Rapid Spanning Tree

16. Which three STP states were replaced with the RSTP discarding state? (Choose three.)

	listening
	learning
	blocking
	disabled
	forwarding

17. Refer to the exhibit. What is the role of the SW3 switch?

	designated switch
	edge switch
	root bridge
	enabled bridge
	local bridge

18. Refer to the exhibit. A switch can be configured for three different forwarding modes based on how much of a frame is received before the forwarding process begins. Each of the numbered arrows in the accompanying graphic signifies the point in a frame where a particular forwarding mode will begin. Which group of labels reflects the sequence of forwarding modes signified by the numbered arrows?

	1) fast forward 2) fragment free 3) store-and-forward
	1) store-and-forward 2) fragment free 3) fast forward
	1) fragment free 2) fast forward 3) store-and-forward
	1) fast forward 2) store-and-forward 3) fragment free

19. What eliminates switching loops?

	hold-down timers
	poison reverse
	spanning tree protocol
	time to live
	VTP

20.

21. Refer to the exhibit. Using the most efficient IP addressing scheme and VLSM, which address can be configured on one of the serial interfaces?

	192.168.16.63/27
	192.168.16.158/27
	192.168.16.192/27
	192.168.16.113/30
	192.168.16.145/30
	192.168.16.193/30

22. Consider this router output:
Router# confug
Translating "confug"...domain server (255.255.255.255)
Translating "confug"...domain server (255.255.255.255)
(255.255.255.255)% Unknown command or computer name, or unable to find computer address
What command could help with this situation?

	ip dhcp server
	no ip domain-lookup
	no logging synchronous
	no show ip nat translations

23. Refer to the exhibit. With VLSM, which bit mask should be used to most efficiently provide for the number of host addresses that are required on router B?

24. What are the three ranges of IP addresses that are reserved for internal private use? (Choose three.)

	10.0.0.0/8
	64.100.0.0/14
	127.16.0.0/12
	172.16.0.0/12
	192.31.7.0/24
	192.168.0.0/16

25. Refer to the exhibit. The network administrator is unable to access the TFTP server attached to the Memphis router. What are two causes of this problem? (Choose two.)

	The default gateway configured on the network administrator's workstation is not a valid host address.
	The default gateway configured on the TFTP server in incorrect.
	The IP address of the TFTP server is a subnetwork address.
	The IP address of the S0/0/0 interface of the Heliopolis router is a broadcast address.
	The IP addresses for the Memphis S0/0/1 interface and the Heliopolis S0/0/0 interface are not in the same subnet.

26. The ISP of the XYZ Company is moving to IPv6 but XYZ wants to continue to use only IPv4 for another year. Which IPv4-to-IPv6 transition method would allow the company to continue using only IPv4 addresses?

	dual stack
	6to4 tunnel
	manual tunneling
	NAT-PT

27. Given the IP address and subnet mask of 172.16.134.56 255.255.255.224, on which subnetwork does this address reside?

	172.16.0.0
	172.16.134.0
	172.16.134.32
	172.16.134.48
	172.16.134.47
	172.16.134.63

28. What is associated with link-state routing protocols?

	low processor overhead
	poison reverse
	routing loops
	split horizon
	shortest-path first calculations

29. Refer to the exhibit. Which sequence of commands should be used to configure router A for OSPF?

	router ospf 1 network 192.168.10.0
	router ospf 1 network 192.168.10.64 0.0.0.63 area 0 network 192.168.10.192 0.0.0.3 area 0
	router ospf 1 network 192.168.10.64 255.255.255.192 network 192.168.10.192 255.255.255.252
	router ospf 1 network 192.168.10.0 area 0

30. What is one reason to use the ip ospf priority command when the OSPF routing protocol is in use?

	to activate the OSPF neighboring process
	to influence the DR/BDR election process
	to provide a backdoor for connectivity during the convergence process
	to streamline and speed up the convergence process

31. The output of the show ip interface brief command indicates that Serial0 is up but the line protocol is down. What are two possible causes for the line protocol being in the down state? (Choose two.)

	The clock rate is not set on the DTE.
	An incorrect default gateway is set on the router.
	A network is missing from the routing protocol configuration.
	The encapsulation on the Serial0 interface is incorrect.
	Keepalives are not being sent by the remote device.

32. Which router command will verify that the router has a path to a destination network?

	Router# show ip interfaces brief
	Router# show ip route
	Router# show cdp neighbors
	Router# show running-config
	Router# show protocols

33. Refer to the exhibit. When troubleshooting a network, it is important to interpret the output of various router commands. On the basis of the exhibit, which three statements are true? (Choose three.)

	The missing information for Blank 1 is the command show ip route.
	The missing information for Blank 1 is the command debug ip route.
	The missing information for Blank 2 is the number 100.
	The missing information for Blank 2 is the number 120.
	The missing information for Blank 3 is the letter R.
	The missing information for Blank 3 is the letter C.

34. Refer to the exhibit. From the command prompt on the host, the command telnet 192.168.1.10 is typed. The response that is given is this:
Trying 192.168.1.10….Open
Password required, but none set
What is the most likely problem?

	The router has been configured as a firewall.
	The Telnet server process must be activated on the router.
	The switch has not been configured to pass Telnet traffic.
	The enable secret command has not been entered on RtrA.
	The password command has not been entered in line configuration mode on RtrA.
	The password and login commands need to be configured on the console port of RtrA.

35. Refer to the exhibit. If router B is to be configured for EIGRP AS 100, which configuration must be entered?

	B(config-router)# network 192.168.10.4 0.0.0.3 B(config-router)# network 192.168.10.8 0.0.0.3
	B(config-router)# network 192.168.10.4 0.0.0.3 B(config-router)# network 192.168.10.8 0.0.0.3 B(config-router)#network 192.168.10.128 0.0.0.63
	B(config-router)# network 192.168.10.4 0.0.0.3 area 0 B(config-router)# network 192.168.10.8 0.0.0.3 area 0 B(config-router)#network 192.168.10.128 0.0.0.63 area 0
	B(config-router)# network 192.168.10.4 0.0.0.3 as 100 B(config-router)# network 192.168.10.8 0.0.0.3 as 100 B(config-router)#network 192.168.10.128 0.0.0.63 as 100
	B(config-router)# network 192.168.10.4 0.0.0.3 B(config-router)# network 192.168.10.8 0.0.0.3 B(config-router)# network 192.168.10.64 0.0.0.63 B(config-router)# network 192.168.10.128 0.0.0.63 B(config-router)# network 192.168.10.192 0.0.0.63
	B(config-router)# network 192.168.10.4 0.0.0.3 as 100 B(config-router)# network 192.168.10.8 0.0.0.3 as 100 B(config-router)# network 192.168.10.64 0.0.0.63 as 100 B(config-router)# network 192.168.10.128 0.0.0.63 as 100 B(config-router)# network 192.168.10.192 0.0.0.63 as 100
	B(config-router)# network 192.168.10.4 0.0.0.3 area 100 B(config-router)# network 192.168.10.8 0.0.0.3 area 100 B(config-router)# network 192.168.10.64 0.0.0.63 area 100 B(config-router)# network 192.168.10.128 0.0.0.63 area 100 B(config-router)# network 192.168.10.192 0.0.0.63 area 100

36. After several configuration changes are made to a router, the copy running-configuration startup-configuration command is issued. Where will the changes be stored?

	flash
	ROM
	NVRAM
	RAM
	the configuration register
	a TFTP server

37. Refer to the exhibit. Two routers have been configured to use EIGRP. Packets are not being forwarded between the two routers. What could be the problem?

	EIGRP does not support VLSM.
	The routers were not configured to monitor neighbor adjacency changes.
	The default bandwidth was used on the routers.
	An incorrect IP address was configured on a router interface.

38. What are two features of a link-state routing protocol? (Choose two.)

	Routers send periodic updates only to neighboring routers.
	Routers send triggered updates in response to a change.
	Routers create a topology of the network by using information from other routers.
	The database information for each router is obtained from the same source.
	Paths are chosen based on the lowest number of hops to the designated router.

39. Refer to the exhibit. Routers A and B have EIGRP configured and automatic summarization has been disabled on both routers. Which router command is used to summarize the attached routes, and to which interface is this command applied? (Choose two.)

	ip summary-address eigrp 1 192.168.10.64 255.255.255.192
	ip area-range eigrp 1 192.168.10.80 255.255.255.224
	summary-address 192.168.10.80 0.0.0.31
	ip summary-address eigrp 1 192.168.10.64 0.0.0.63
	serial interface on router A
	serial interface on router B

40. A router has learned about network 192.168.168.0 through static and dynamic routing processes. Which route will appear in the routing table for this network if the router has learned multiple routes?

	D 192.168.168.0/24 [90/2195456] via 192.168.200.1, 00:00:09, FastEthernet0/0
	O 192.168.168.0/24 [110/1012] via 192.168.200.1, 00:00:22, FastEthernet0/0
	R 192.168.168.0/24 [120/1] via 192.168.200.1, 00:00:17, FastEthernet0/0
	S 192.168.168.0/24 [1/0] via 192.168.200.1

41. Which sequence of commands is used to configure a loopback address on a router?

	Router1(config)# interface loopback 1 Router1(config-if)# ip address 192.168.1.1
	Router1(config)# interface serial 0/0 Router1(config-if)# loopback 1 Router1(config-if)# ip address 192.168.1.1
	Router1(config)# interface serial 0/0 Router1(config-if)# loopback 1 Router1(config-if)# ip address 192.168.1.1 255.255.255.0
	Router1(config)# interface loopback 1 Router1(config-if)# ip address 192.168.1.1 255.255.255.255

42.

43. Which encryption standard would most likely be used in an 802.11 standards-based wireless network environment?

	ACDP, which has more bits that are used for encryption than CDP has
	WPA2, which can use the more advanced AES for encryption
	VTP, which is compatible with all 802.11-type wireless networks
	RSA, which has a different algorithm than any of the older standards
	802.1X EAP, which is the most powerful type of encryption used for both wired and wireless networks

44.

45.

46. Which two commands can be used to verify the content and placement of access control lists? (Choose two.)

	show ip route
	show processes
	show running-config
	show cdp neighbor
	show access-lists

47. Which two keywords can be used in an access control list to replace a wildcard mask or address and wildcard mask pair? (Choose two.)

48. Refer to the exhibit. NAT with overload is configured on router R1 and uses the NAT pool of addresses 209.165.201.9 through 209.165.201.10. What type of route would the ISP need in order for communication to occur between hosts in Company ABC and the Internet?

	Because the ISP has knowledge of the directly connected 200.0.0.1 network, no route is needed.
	A static route from the ISP is needed that uses the network number 172.16.0.0 and the mask 255.255.0.0.
	A default route from the ISP is needed that uses either the exit interface of S0/0/0 or the 200.0.0.1 IP address.
	A default route from the ISP is needed that uses either the exit interface of S0/0/1 or the 200.0.0.2 IP address.
	A static route from the ISP is needed that uses the network number 209.165.201.8 and the mask 255.255.255.252.

49. What is the effect of the access control list wildcard mask 0.0.0.15? (Choose two.)

	The first 28 bits of a supplied IP address will be ignored.
	The last four bits of a supplied IP address will be ignored.
	The first 32 bits of a supplied IP address will be matched.
	The first 28 bits of a supplied IP address will be matched.
	The last five bits of a supplied IP address will be ignored.
	The last four bits of a supplied IP address will be matched.

50. Which three values or sets of values are included when creating an extended access control list statement? (Choose three.)

	access list number between 1 and 99
	access list number between 100 and 199
	default gateway address and wildcard mask
	destination address and wildcard mask
	source address and wildcard mask
	source subnet mask and wildcard mask
	destination subnet mask and wildcard mask

51. Refer to the exhibit. Which statement describes the status of the PPP connection?

	Only the link-establishment phase completed successfully.
	Only the network-layer phase completed successfully.
	Neither the link-establishment phase nor the network-layer phase completed successfully.
	Both the link-establishment and network-layer phase completed successfully.

52. Which three statements are true regarding the Frame Relay LMI? (Choose three.)

	The LMI provides a virtual circuit (VC) status mechanism.
	The LMI type must always be manually configured.
	The available LMI types are CHAP and PAP.
	The LMI types supported by Cisco routers are CISCO and IETF.
	The LMI type configured on the router must match the one used on the Frame Relay switch.
	The LMI uses reserved DLCIs to exchange messages between the DTE and DCE.

53. A network administrator is evaluating authentication protocols for a PPP link. Which three factors might lead to the selection of CHAP over PAP as the authentication protocol? (Choose three.)

	establishes identities with a two-way handshake
	uses a three-way authentication periodically during the session to reconfirm identities
	control by the remote host of the frequency and timing of login events
	transmits login information in encrypted format
	uses an unpredictable variable challenge value to prevent playback attacks
	makes authorized network administrator intervention a requirement to establish each session

54. Which three statements are true about PPP? (Choose three.)

	PPP can use synchronous and asynchronous circuits.
	PPP can only be used between two Cisco devices.
	PPP carries packets from several network layer protocols in LCPs.
	PPP uses LCPs to establish, configure, and test the data link connection.
	PPP uses LCPs to agree on format options such as authentication, compression, and error detection.

Monday, June 8, 2009

Voice over ATM - signaling, addressing, routing, delay

Voice over ATM

The ATM Forum and the ITU have specified different classes of services to represent different possible traffic types for VoATM.

Designed primarily for voice communications, constant bit rate (CBR) and variable bit rate (VBR) classes have provisions for passing real-time traffic and are suitable for guaranteeing a certain level of service. CBR, in particular, allows the amount of bandwidth, end-to-end delay, and delay variation to be specified during the call setup.

Designed principally for bursty traffic, unspecified bit rate (UBR) and available bit rate (ABR) are more suitable for data applications. UBR, in particular, makes no guarantees about the delivery of the data traffic.

The method of transporting voice channels through an ATM network depends on the nature of the traffic. Different ATM adaptation types have been developed for different traffic types, each with its benefits and detriments. ATM adaptation layer 1 (AAL1) is the most common adaptation layer used with CBR services.

Unstructured AAL1 takes a continuous bit stream and places it within ATM cells. This is a common method of supporting a full E1 byte stream from end to end. The problem with this approach is that a full E1 may be sent, regardless of the actual number of voice channels in use. (An EI is a wide-area digital transmission scheme used predominantly in Europe that carries data at a rate of 2.048 Mbps.)

Structured AAL1 contains a pointer in the payload that allows the digital signal level 0 (DS0) structure to be maintained in subsequent cells. This allows network efficiencies to be gained by not using bandwidth for unused DS0s. (A DS0 is a framing specification used in transmitting digital signals over a single channel at 64 kbps on a T1 facility.)

The remapping option allows the ATM network to terminate structured AAL1 cells and remap DS0s to the proper destinations. This eliminates the need for permanent virtual circuits (PVCs) between every possible source/destination combination. The major difference from the previous approach is that a PVC is not built across the network from edge to edge.

VoATM Signaling

Figure 19-2 describes the transport method, in which voice signaling is carried through the network transparently. PVCs are created for both signaling and voice transport. First, a signaling message is carried transparently over the signaling PVC from end station to end station. Second, coordination between the end systems allows the selection of a PVC to carry the voice communication between end stations.

Figure 19-2 The VoATM Signaling Transport Model Describes the Transport Method, in Which Voice Signaling Is Carried Through the Network Transparently

At no time is the ATM network participating in the interpretation of the signaling that takes place between end stations. However, as a value-added feature, some products are capable of understanding channel associated signaling (CAS) and can prevent the sending of empty voice cells when the end stations are on-hook.

Figure 19-3 shows the translate model. In this model, the ATM network interprets the signaling from both non-ATM and ATM network devices. PVCs are created between the end stations and the ATM network. This contrasts with the previous model, in which the PVCs are carried transparently across the network.

Figure 19-3 In the VoATM Signaling Translate Model, the ATM Network Interprets the Signaling from Both Non-ATM and ATM Network Devices

A signaling request from an end station causes the ATM network to create an SVC with the appropriate QoS to the desired end station. The creation of an SVC versus the prior establishment of PVCs is clearly more advantageous for three reasons:

•SVCs are more efficient users of bandwidth than PVCs.

•QoS for connections do not need to be constant, as with PVCs.

•The capability to switch calls within the network can lead to the elimination of the tandem private branch exchange (PBX) and potentially the edge PBX. (A PBX is a digital or analog telephone switchboard located on the subscriber premises and used to connect private and public telephone networks.)

VoATM Addressing

ATM standards support both private and public addressing schemes. Both schemes involve addresses that are 20 bytes in length (shown in Figure 19-4).

Figure 19-4 ATM Supports a 20-Byte Addressing Format

The Authority and Format Identifier (AFI) identifies the particular addressing format employed. Three identifiers are currently specified: data country code (DCC), international code designator (ICD), and E.164. Each is administered by a standards body. The second part of the address is the initial domain identifier (IDI). This address uniquely identifies the customer's network. The E.164 scheme has a longer IDI that corresponds to the 15-digit ISDN network number. The final portion, the domain-specific part (DSP), identifies logical groupings and ATM end stations.

In a transport model, you don't need to be aware of the underlying addressing used by the voice network. However, in the translate model, the capability to communicate from a non-ATM network device to an ATM network device implies a level of address mapping. Fortunately, ATM supports the E.164 addressing scheme, which is employed by telephone networks throughout the world.

VoATM Routing

ATM uses a private network-to-network interface (PNNI), a hierarchical link-state routing protocol that is scalable for global usage. In addition to determining reachability and routing within an ATM network, it is also capable of call setup.

A virtual circuit (VC) call request causes a connection with certain QoS requirements to be requested through the ATM network. The route through the network is determined by the source ATM switch based on what it determines is the best path through the network, based on the PNNI protocol and the QoS request. Each switch along the path is checked to determine whether it has the appropriate resources for the connection.

When the connection is established, voice traffic flows between end stations as if a leased line existed between the two. This specification spells out routing in private networks. Within carrier networks, the switch-to-switch protocol is B-ICI. Current research and development of integrated non-ATM and ATM routing will yield new capabilities to build translate-level voice and ATM networks.

VoATM and Delay

ATM has several mechanisms for controlling delay and delay variation. The QoS capabilities of ATM allow the specific request of constant bit rate traffic with bandwidth and delay variation guarantees. The use of VC queues allows each traffic stream to be treated uniquely. Priority can be given for the transmission of voice traffic. The use of small, fixed-size cells reduces queuing delay and the delay variation associated with variable-sized packets.

Voice over ATM

Voice over ATM (VoATM) can be supported as standard pulse code modulated (PCM) voice via circuit emulation (AAL1, described later) or as variable bit rate voice in ATM cells as AAL2 (also described later). ATM offers many advantages for transport and switching of voice. First, quality of service (QoS) guarantees can be specified by service provisioning or on a per-call basis. In addition, call setup signaling for ATM switched virtual circuits (SVCs), Q.2931, is based on call setup signaling for voice ISDN, Q.931. Administration is similar to circuit-based voice networks.

However, VoATM suffers from the burden of additional complexity and incomplete support and interoperability among vendors. It also tends to be more expensive because it is oriented toward all optical networks. Most importantly, ATM is typically deployed
as a WAN Layer 2 protocol and therefore does not extend all the way to the desktop. Nevertheless, ATM is quite effective for providing trunking and tandem switching services between existing voice switches and PBXs.

Voice over Frame Relay (VoFR) has become widely deployed across many networks. Like VoATM, it is typically employed as a tie trunk or tandem-switching function between remote PBXs. It benefits from much simpler administration and relatively lower cost than VoATM, especially when deployed over a private WAN network. It also scales more economically than VoATM, supporting links from T1 down to 56 kbps. When deployed over a carefully engineered Frame Relay network, VoFR works very well and provides good quality. However, voice quality over Frame Relay can suffer depending on network latency and jitter. Although minimal bandwidth and burstiness are routinely contracted, latency and jitter are often not included in service level agreements (SLAs) with service providers. As a result, voice performance can vary. Even if quality is good at first, voice quality can degrade over time as a service provider's network becomes saturated with more traffic. For this reason, many large enterprise customers are beginning to specify latency and jitter, as well as overall packet throughput from carriers. In these situations, voice over Frame Relay can provide excellent service.

Voice over IP (VoIP) has begun to be deployed in recent years as well. Unlike voice over Frame Relay and Voice over ATM, Voice over IP is a Layer 3 solution, and it offers much more value and utility because IP goes all the way to the desktop. This means that in addition to providing basic tie trunk and tandem-switching functions to PBXs, VoIP can actually begin to replace those PBXs as an application. As a Layer 3 solution, VoIP is routable and can be carried transparently over any type of network infrastructure, including both Frame Relay and ATM. Of all the packet voice technologies, VoIP has perhaps the most difficult time supporting voice quality because QoS cannot be guaranteed. Normal applications such as TCP running on IP are insensitive to latency but must retransmit lost packets due to collisions or congestion. Voice is much more sensitive to packet delay than packet loss. In addition to normal traffic congestion, QoS for VoIP is often dependent on lower layers that are ignorant of the voice traffic mingled with the data traffic.

Voice Networking

Basic voice technology has been available for more than 100 years. During that time, the technology has matured to the point at which it has become ubiquitous and largely invisible to most users. This legacy of slow evolution continues to affect today's advanced voice networks in many ways, so it is important to understand the fundamentals of traditional voice technology before emulating it on data networks.

Traditional analog telephone instruments used for plain old telephone service (POTS) use a simple two-wire interface to the network. They rely on an internal two-wire/four-wire hybrid circuit to combine both transmit and receive signals. This economical approach has been effective but requires special engineering regarding echo.

Basic Telephony

Three types of signaling are required for traditional telephony: supervision, alerting, and addressing. Supervision monitors the state of the instrument—for example, allowing the central office or PBX to know when the receiver has been picked up to make a call, or when a call is terminated. Alerting concerns the notification of a user that a call is present (ringing) or simple call progress tones during a call (such as busy, ringback, and so on). Finally, addressing enables the user to dial a specific extension.

In addition to signaling, telephony services also provide secure media transport for the voice itself, analog-to-digital conversion, bonding and grounding for safety, power, and a variety of other functions when needed.

Analog voice interfaces have evolved over the years to provide for these basic functions while addressing specific applications. Because basic POTS two-wire analog interfaces operate in a master/slave model, two basic types of analog interfaces are necessary for data equipment to emulate: the user side and the network side. The user side (telephone) expects to receive power from the network as well as supervision.

A foreign exchange service (FXS) interface is used to connect an analog telephone, fax machine, modem, or any other device that would be connected to a phone line. It outputs 48 vdc power, ringing, and so on, and it accepts dialed digits. The opposite of an FXS interface is a foreign exchange office (FXO) interface. It is used to connect to a switching system providing services and supervision, and it expects the switch to provide supervision and other elements. (Why "foreign"? The terms FXS and FXO were originally used within telephone company networks to describe provision of telephone service from a central office other than normally assigned.)

Within FXS and FXO interfaces, it is also necessary to emulate variants in supervision. Typical telephones operate in a loop start mode. The telephone normally presents a high impedance between the two wires. When the receiver goes off-hook, a low-impedance closed circuit is created between the two wires. The switch, sensing current flow, then knows that the receiver is off-hook and applies a dial tone. The switch also checks to be sure that the receiver is on-hook before sending a ringing signal. This system works well for simple telephones, but it can cause problems on trunks between PBXs and COs with high activity. In that situation, the remote end and the CO switch can both try to seize the line at the same time. This situation, called glare, can freeze the trunk until one side releases it. The solution is to short tip or ring to ground as a signal for line seizure rather than looping it. This is called ground start.

After the line is seized, it is necessary to dial the number. Normal human fingers cannot outrun the dial receivers in a modern switch, but digits dialed by a PBX can. In that case, many analog trunks use a delay start or wink start method to notify the calling device when the switch is ready to accept digits.

Another analog interface often used for trunking is E&M. This is a four- or six-wire interface that includes separate wires for supervision in addition to the voice pair. E&M stands for "ear and mouth" or "Earth and magneto" and is derived from the early telephony days. The E&M leads are used to signal on-hook and off-hook states.

Analog voice works well for basic trunk connections between switches or PBXs, but it is uneconomical when the number of connections exceeds six to eight circuits. At that point, it is usually more efficient to use digital trunks. In North America, the T1 (1.544 Mbps) trunk speed is used, consisting of 24 digitized analog voice conversations. In other parts of the world, E1 (2.048 Mbps) is used to carry 30 voice channels. (Engineers refer to the adoption of E1 and T1 internationally as "the baseball rule"—there is a strong correlation of countries that play baseball to the use of T1. Therefore, the United States, Canada, and Japan have the largest T1 networks, while other countries use E1.)

The first step in conversion to digital is sampling. The Nyquist theorem states that the sampling frequency should be twice the rate of the highest desired frequency. Early telephony engineers decided that a range of 4000 hertz would be sufficient to capture human voices (which matches the performance of long analog loops). Therefore, voice channels are sampled at a rate of 8000 times per second, or once every 125 ms. Each of these samples consists of an 8-bit measurement, for a total of 64000 bits per second to be transmitted. As a final step, companding is used to provide greater accuracy of low-amplitude components. In North America, this is u-law (mu-law), while elsewhere it is typically A-law. For international interworking purposes, it is agreed that the North American side will make the conversion.

To construct a T1, 24 channels are assembled for a total of 1.536 Mbps, and an additional 8 bits are added every 125 ms for framing, resulting in a rate of 1.544 Mbps. Often, T1 frames are combined into larger structures called SuperFrames (12 frames) and Extended-SuperFrames (24 frames). Additional signaling can then be transmitted by "robbing bits" from the interior frames.

Basic T1 and E1 interfaces emulate a collection of analog voice trunks and use robbed bit signaling to transfer supervisory information similar to the E&M analog model. As such, each channel carries its own signaling, and the interface is called channel associated signaling (CAS). A more efficient method uses a common signaling channel for all the voice channels. Primary Rate Interface for ISDN is the most common example of this common channel signaling (CCS).

If voice/data integration is to be successful, all of these voice interfaces must be supported to provide the widest possible range of applications. Over the years, users have grown to expect a certain level of performance, reliability, and behavior of a telecommunications system, which must be supported going forward. All these issues have been solved by various packet voice systems today so that users can enjoy the same level of support to which they have become accustomed.

Sunday, June 7, 2009

Voice/Data Integration Technologies - Advances in Applications

Advances in Applications

Real cost savings are sufficient for deployment of voice/data integration technologies. However, there are added benefits, which will become more evident in the future. As applications evolve, organizations will gain increased user productivity from the integration of voice and computer applications. Computer telephony integration (CTI) was begun by PBX vendors in the 1980s to integrate computers with PBXs to provide applications such as advanced call center features (for example, "screen pops" for agents).

However, as voice/data integration continues, the line between voice and data applications will continue to blur. For example, Unified Messaging systems are now available that combine voice mail, e-mail, and fax messaging into a single, convenient system. With these advanced systems, users can have e-mail read to them over the phone or can add document attachments to voice mail. At the enterprise level, new applications such as virtual call centers allow call center agents to be distributed anywhere within reach of the data network, while still receiving the full suite of call center functions and features. They can even receive calls over their computers rather than using a traditional telephone instrument, and they can provide "blended contact center" support to answer Web user questions with electronic chat capability and e-mail between voice calls. These capabilities go far beyond simple cost savings and will ultimately make organizations much more effective and profitable.

The strong pressures driving the integration of voice and data networks have resulted in various solutions to the problem, each with its own strengths and weaknesses. Three general approaches exist:

•Voice over ATM

•Voice over Frame Relay

•Voice over IP

There are also mixed solutions, including voice over IP, over Frame Relay, and so on. These are illustrated in Figure 19-1 The figure shows that voice over ATM and voice over Frame Relay are primarily transport mechanisms between PBXs, while voice over IP can connect all the way to the desktop. More details are available later in this chapter.

Figure 19-1 Mixed Solutions Including Voice over IP, Voice over Frame Relay, and so on.

Saturday, June 6, 2009

Voice/Data Integration Technologies - Introduction

Introduction

Voice/data integration is important to network designers of both service providers and enterprise. Service providers are attracted by the lower-cost model—the cost of packet voice is currently estimated to be only 20 to 50 percent of the cost of a traditional circuit-based voice network. Likewise, enterprise network designers are interested in direct cost savings associated with toll-bypass and tandem switching. Both are also interested in so-called "soft savings" associated with reduced maintenance costs and more efficient network control and management. Finally, packet-based voice systems offer access to newly enhanced services such as Unified Messaging and application control. These, in turn, promise to increase the productivity of users and differentiate services.

Integration of voice and data technologies has accelerated rapidly in recent years because of both supply- and demand-side interactions. On the demand side, customers are leveraging investment in network infrastructure to take advantage of integrated applications such as voice applications. On the supply side, vendors have been able to take advantage of breakthroughs in many areas, including standards, technology, and network performance.

Standards

Many standards for interoperability for voice signaling have finally been ratified and matured to the point of reasonable interoperability. This reduces the risk and costs faced by vendors offering components of a voice/data system, and it also reduces the risk to consumers. Standards such as H.323 (approved by the ITU in June 1996), are now evolving through their third and fourth iterations, while products based on initial standards still enjoy strong capabilities and interoperability. The general maturity of standards has in turn generated robust protocol stacks that can be purchased "off the shelf" by vendors, further ensuring interoperability.

Technology

Recent advances in technology have also enabled voice integration with data. For example, new Digital Signal Processor (DSP) technology has allowed analog signals to be processed in the digital domain, which was difficult or impossible only a few years earlier. These powerful new chips offer tremendous processing speeds, allowing voice to be sampled, digitized, and compressed in real time. Further breakthroughs in the technology allow as many as four voice conversations to be managed at the same time on a single chip, with even greater performance in development. These technologies greatly reduce the cost and complexity of developing products and deploying voice over data solutions.

In other areas, the industry has also enjoyed breakthroughs in voice codec (coder/decoder) technology. Previously, it was assumed that voice quality would suffer as bandwidth was decreased in a relatively linear fashion. However, new, sophisticated algorithms employed in new codecs have changed that view. It is now possible to obtain reasonably good-sounding voice at a fraction of the bandwidth once required. More importantly, these new algorithms have been incorporated into the standards to allow interoperability of highly compressed voice.

Network Performance

Finally, data-networking technology has improved to the point that voice can be carried reliably. Over the last few years, growth in voice traffic has been relatively small, while data traffic has grown exponentially. The result is that data traffic is now greater than voice traffic in many networks. In addition, the relative importance of data traffic has grown, as businesses and organizations come to base more business practices and policies on the ubiquity of data networks. This increase in importance of data networks has forced a fundamental change in the way data networks are engineered, built, and managed. Typical "best-effort" data modeling has given way to advanced policy-based networking with managed quality of service to support an even greater range of applications. Voice traffic, as an application on a data network, has benefited greatly from these technologies. For example, support of delay-sensitive SNA traffic over IP networks resulted in breakthroughs in latency management and queuing prioritization, which was then applied to voice traffic.

As stated previously, deployment of new technologies and applications must also be driven by greater demand from users. Breakthroughs in technology don't necessarily result in increased deployment unless they fill a real user need at a reasonable cost. For example, digital audio tape (DAT) technologies never enjoyed widespread use outside the audiophile community because of the high cost and only marginally better perceived performance than analog tapes. Voice/data integration, however, provides users with very real benefits, both now and in the future. Most users of voice/data integration technologies gain in two ways: Packet voice technologies are less expensive, and, in the future, they will offer much greater capabilities compared to today's circuit-based voice systems.

Economic Advantages

It has been estimated that packet voice networking costs only 20 to 30 percent of an equivalent circuit-based voice network. This is true for both carriers (service providers) and enterprise (private) users. Logically, this implies that enterprise users can operate long-distance voice services between facilities at less cost than purchasing long-distance voice services from a carrier, and it's often true. For example, many enterprise users have deployed integrated voice/data technologies to transport voice over data wide-area networks (WANs) between traditional PBXs across different geographical locations. The resulting savings in long-distance toll charges often provide payback in as little as six months (especially if international calls are avoided). Using data systems to carry voice as "virtual tie lines" between switches is also useful to service providers. In fact, many new carriers have started to embrace packet-based voice technologies as their primary network infrastructure strategy going forward.

However, savings associated with packet voice technologies don't stop with simple transport. It is also possible to switch voice calls in the data domain more economically than traditional circuit-based voice switches. For large, multisite enterprises, the savings result from using the data network to act as a "tandem switch" to route voice calls between PBXs on a call-by-call basis. The resulting voice network structure is simpler to administer and uses a robust, nonblocking switching fabric made up of data systems at its core.

Friday, June 5, 2009

IPv6

One of the newest major standards on the horizon is IPv6. Although IPv6 has not officially become a standard, it is worth some overview. It is very possible that this information will change as we move closer to IPv6 as a standard, so you should use this as a guide into IPv6, not the definitive information.

A number of books are now being published that cover in detail this emerging standard; if you are looking for more details you should refer to these books. All the RFCs available on the Internet have the raw details on how this standard is developing. However, these documents are difficult to interpret at first glance and require some commitment to going through any number of RFCs pertaining to many subjects all related to IPv6 development.

Internet Protocol Version 4 is the most popular protocol in use today (see Chapter 31, "Internet Protocols"), although there are some questions about its capability to serve the Internet community much longer. IPv4 was finished in the 1970s and has started to show its age. The main issue surrounding IPv6 is addressing—or, the lack of addressing—because many experts believe that we are nearly out of the four billion addresses available in IPv4. Although this seems like a very large number of addresses, multiple large blocks are given to government agencies and large organizations. IPv6 could be the solution to many problems, but it is still not fully developed and is not a standard—yet!

Many of the finest developers and engineering minds have been working on IPv6 since the early 1990s. Hundreds of RFCs have been written and have detailed some major areas, including expanded addressing, simplified header format, flow labeling, authentication, and privacy.

Expanded addressing moves us from 32-bit address to a 128-bit addressing method. It also provides newer unicast and broadcasting methods, injects hexadecimal into the IP address, and moves from using "." to using ":" as delimiters. Figure 32-1 shows the IPv6 packet header format.

Figure 32-1 IPv6 Packet Header Format

Description of IPv6 Packet Header

The simplified header is 40 bits long and the format consists of Version, Class, Flow Label, Payload Length, Next Header, Hop Limit, Source Address, Destination Address, Data, and Payload fields.

Hexadecimal "Hex"

At its simplest, hex numbers are base 16. Decimal is base 10, counting from 0 to 9, as we do in decimal, and then adding a column to make 10. Counting in hex goes from 0 to F before adding a column. The characters A through F represent the decimal values of 10 through 15, as illustrated in Figure 32-2.

Figure 32-2 Hex Characters A Through F Represent the Numbers 10 Through 15

Counting in hex goes as follows: 0 1 2 3 4 5 6 7 8 9 A B C D E F 10 11 12 13 14 15 16 17 18 19 1A 1B 1C 1D 1E 1F 20 21 and up, as far as you want to go.

Addressing Description

Let's look at an example of IPv6 address. The address is an eight-part hex address separated by colons (" :"). Each part n can equal a 16-bit number and is eight parts long, providing a 128-bit address length (16 ¥ 8 = 128),

Addresses are n:n:n:n:n:n:n:n n = 4 digit hexadecimal integer, 16 ¥ 8 = 128 address.

1080:0:0:0:8:800:200C:417A Unicast address

FF01:0:0:0:0:0:0:101 Multicast address

Broadcasting Methods

Included in IPv6 are a number of new broadcasting methods:

•Unicast

•Multicast

•Anycast

Unicast

Unicast is a communication between a single host and a single receiver. Packets sent to
a unicast address are delivered to the interface identified by that address, as seen in
Figure 32-3.

Figure 32-3 Unicast Sends Packets to a Specified Interface

Multicast

Multicast is communication between a single host and multiple receivers. Packets are sent to all interfaces identified by that address, as seen in Figure 32-4.

Figure 32-4 Multicast Sends Packets to a Subnet, and Defined Devices Listen for Multicast Packets

Anycast

Packets sent to an anycast address or list of addresses are delivered to the nearest interface identified by that address. Anycast is a communication between a single sender and a list of addresses, as shown in Figure 32-5.

Figure 32-5 Anycast Sends Packets to Specified Interface List and Can Contain End Nodes and Routers

Summary

Some of the benefits of IPv6 seem obvious: greater addressing space, built-in QoS, and better routing performance and services. However, a number of barriers must be overcome before the implementation of IPv6. The biggest question for most of us will be what the business need is for moving from current IPv4 to IPv6. The killer app has not appeared yet, but it may be closer than we think. The second consideration is the cost—it may not have much to do with hardware replacement cost. All the larger routers have upgradable OSs IOS; the only necessity is the commitment to upgrading IOS. More likely to do with training and support of minor IP devices such as printers and network faxes, they will support the new address space. IPv6 has schemes to support old and new, however, so this may not even be a barrier. The last issue to consider is training: This will need to happen sooner or later because we all need to start thinking about 128-bit addressing based on MAC addresses in HEX. This involves all new ways of addressing and will be an uncomfortable change for many people.

This conclusion may seem negative, but the greater good will overpower all the up-front issues. The issue is not whether you will have to move to IPv6, but when! We all need IPv6; the increased address space is needed for the growth of IP appliances that we are starting to hear about weekly. IP-ready cars are already shipping today. This requires mobility, which is addressed in IPv6.

Of course, a number of very important features have not been discussed in this section, including QoS, mobile IP, autoconfiguration, and security. All these areas are extremely important, and until IPv6 is finished, you should keep referring to the IETF Web site for the most current information. Several new books on IPv6 also are starting to show up on bookstore shelves and should provide the deeper technical detail on address headers and full packet details.

Review Questions

Q—What is the current standard?

A—IPv4.

Q—What is the main reason for IPv6 being developed?

A—The main issue surrounding IPv6 is addressing, or the lack of addressing. Many people believe that we are nearly out of the four billion addresses available in IPv4. IPv6 could be the solution to many problems, but IPv6 is still not fully developed and is not yet a standard.

Q—How many bits does the new expanded addressing provide?

A—The expanded addressing moves us from 32-bit address to a 128-bit addressing method.

Q—What other benefits does expanded addressing provide?

A—It provides newer unicast and broadcasting methods. Expanded addressing also injects hexadecimal into the IP address and moves from using "." to using ":" as delimiters.

Q—What are the new broadcast methods included in IPv6?

A—Unicast, multicast, and anycast.

Q—What is unicast?

A— Unicast is a communication between a single host and a single receiver.

Q—What is multicast?

A—Multicast is communication between a single host and multiple receivers.

Q—What is anycast?

A— Anycast is a communication between a single sender and a list of addresses.

For More Information

http://www-6bone.lbl.gov/6bone

www.cisco.com/ipv6

http://www.ietf.org/html.charters/ipngwg-charter.html

http://playground.Sun.COM:80/pub/ipng/html

Thursday, June 4, 2009

CCNA Discovery 3 - Module 1 Exam Answers Version 4.0

1. What can be found at the enterprise edge?
• Internet, VPN, and WAN modules
• Internet, PSTN, and WAN services
• server farms and network management
• campus infrastructure, including access layer devices

2. In which functional area of the Cisco Enterprise Architecture should IDS and IPS be located to detect
• and prevent services from accessing hosts?
• Enterprise Campus
• Edge Distribution
• Enterprise Edge
• Service Provider Edge

3. A business consultant must use Internet websites to research a report on the e-business strategies of several firms and then electronically deliver the report to a group of clients in cities throughout the world. Which two teleworker tools can the consultant use to accomplish this project? (Choose two.)
• VoIP
• VPN
• HTTP
• Telnet
• email

4. Which two measures help ensure that a hardware problem does not cause an outage in an enterprise LAN that supports mission critical services? (Choose two.)
• providing failover capability
• installing redundant power supplies
• purchasing more bandwidth from the ISP
• implementing broadcast containment with VLANs
• installing routers that can handle a greater amount of throughput

5. Which task would typically only require services located at the access layer of the hierarchical design model?
• connecting to the corporate web server to update sales figures
• using a VPN from home to send data to the main office servers
• printing a meeting agenda on a local departmental network printer
• placing a VoIP call to a business associate in another country
• responding to an e-mail from a co-worker in another department

6. How does a VPN work to support remote user productivity?
• It uses SSL to encrypt remote user logins to the corporate intranet.
• It uses secure Telnet for remote user connections to internal network devices.
• It creates a virtual circuit that allows real-time communications between any two Internet endpoints.
• It uses encapsulation to create a secure tunnel for transmission of data across non-secure networks.****

7. A remote user needs to access a networking device on the internal network of the company. The transactions between the remote user and the device must be secure. Which protocol enables this to happen securely?
• HTTP
• SSH
• Telnet
• FTP

8. What does VoIP provide to telecommuters?
• high-quality, live-video presentations
• real-time voice communications over the Internet
• ability to share desktop applications simultaneously
• secure, encrypted data transmissions through the Internet

9. Which functional component of the Cisco Enterprise Architecture is responsible for hosting internal servers?
• enterprise campus
• enterprise edge
• service provider edge
• building distribution

10. What is the purpose of the Cisco Enterprise Architecture?
• remove the three-layer hierarchical model and use a flat network approach
• divide the network into functional components while still maintaining the concept of Core, Distribution, and Access Layers
• provide services and functionality to the core layer by grouping various components into a single
• component located in the access layer
• reduce overall network traffic by grouping server farms, the management server, corporate intranet, and e-commerce routers in the same layer

11. Which two solutions would an enterprise IT department use to facilitate secure intranet access for remote workers? (Choose two.)
• VPN
• NAT
• user authentication
• client firewall software
• packet sniffing

12. Which statement describes the difference between an enterprise WAN and an enterprise extranet?
• An enterprise WAN is designed to interconnect local LANs, while an enterprise extranet is designed to interconnect remote branch offices.
• An enterprise WAN is designed to interconnect branch offices, while an enterprise extranet is designed to give access to external business partners.
• An enterprise WAN is designed to provide remote access for its teleworkers, while an enterprise extranet is designed to provide Internet connectivity for the enterprise.
• An enterprise WAN is designed to provide Internet connectivity for the enterprise, while an enterprise extranet is designed to provide remote access to the enterprise network for teleworkers.

13. Why would a network administrator want to limit the size of failure domains when designing a network?
• reduces the effect of Ethernet collisions
• reduces the impact of a key device or service failure
• reduces the impact of Internet congestion on critical traffic
• reduces the impact of blocking broadcast packets at the edge of the local network

14. What is the main purpose of the Access Layer in a hierarchically designed network?
• performs routing and packet manipulation
• supplies redundancy and failover protection
• provides a high-speed, low-latency backbone
• serves as a network connection point for end-user devices

15. Which three functions are performed at the Distribution Layer of the hierarchical network model? (Choose three.)
• forwards traffic that is destined for other networks
• isolates network problems to prevent them from affecting the Core Layer
• allows end users to access the local network
• provides a connection point for separate local networks
• transports large amounts of data between different geographic sites
• forwards traffic to other hosts on the same logical network

16. What is a benefit of having an extranet?
• It provides web-like access to company information for employees only.
• It limits access to corporate information to secure VPN or remote access connections only.
• It allows customers and partners to access company information by connecting to a public web server.
• It allows suppliers and contractors to access confidential internal information using controlled external connections.

17. What are two important characteristics or functions of devices at the Enterprise Edge? (Choose two.)
• providing Internet, telephone, and WAN services to the enterprise network
• providing a connection point for end-user devices to the enterprise network
• providing high-speed backbone connectivity with redundant connections
• providing intrusion detection and intrusion prevention to protect the network against malicious activity
• providing packet inspection to determine if incoming packets should be allowed on the enterprise network

18. Why is TCP the preferred Layer 4 protocol for transmitting data files?
• TCP is more reliable than UDP because it requires lost packets to be retransmitted.
• TCP requires less processing by the source and destination hosts than UDP.
• UDP introduces delays that degrade the quality of the data applications.
• TCP ensures fast delivery because it does not require sequencing or acknowlegements.

19. The ABC Corporation implements the network for its new headquarters using the Cisco Enterprise Architecture. The network administrator wants to filter the traffic from and to the outside world. Where should the administrator deploy a firewall device?
• server farm
• enterprise edge
• enterprise campus
• service provider edge

20. Which two statements are reasons why UDP is used for voice and video traffic instead of TCP?(Choose two.)
• TCP requires all data packets to be delivered for the data to be usable.
• The acknowledgment process of TCP introduces delays that break the streams of data.
• UDP does not have mechanisms for retransmitting lost packets.
• UDP tolerates delays and compensates for them.
• TCP is a connectionless protocol that provides end-to-end reliability.
• UDP is a connection-oriented protocol that provides end-to-end reliability.

Tuesday, June 2, 2009

Protecting Against an IP Spoofing Attack

The following approaches can be used to mitigate IP spoofing attacks:

¦ Use access control lists (ACL) on router interfaces. As traffic comes into a router from an outside network, an ACL could be used to deny any outside traffic claiming to be addressed with IP addressing used internally on the local network. Conversely, ACLs should be used to prevent traffic leaving the local network from participating in a DDoS attack. Therefore, an ACL could deny any traffic leaving the local network that claimed to have a source address that was different from the internal network’s IP address space.

¦ Encrypt traffic between devices (for example, between two routers, or between an end system and a router) via an IPsec tunnel. In Figure 1-7, notice that the topology is now protected with an IPsec tunnel. Even though the attacker can still capture packets via his rogue hub, the captured packets are unreadable, because the traffic is encrypted inside the IPsec tunnel.

Figure 1-7 Protecting Traffic in a Tunnel

Use cryptographic authentication. If the parties involved in a conversation are authenticated, potential man-in-the-middle attackers can be thwarted. Potential attackers will not be successfully authenticated by the other party in the conversation.

Protecting Against an IP Spoofing Attack

The following approaches can be used to mitigate IP spoofing attacks:

¦ Use access control lists (ACL) on router interfaces. As traffic comes into a router from

an outside network, an ACL could be used to deny any outside traffic claiming to be

addressed with IP addressing used internally on the local network. Conversely, ACLs

should be used to prevent traffic leaving the local network from participating in a

DDoS attack. Therefore, an ACL could deny any traffic leaving the local network that

claimed to have a source address that was different from the internal network’s IP

address space.

¦ Encrypt traffic between devices (for example, between two routers, or between an end

system and a router) via an IPsec tunnel. In Figure 1-7, notice that the topology is now

protected with an IPsec tunnel. Even though the attacker can still capture packets via

his rogue hub, the captured packets are unreadable, because the traffic is encrypted

inside the IPsec tunnel.

Figure 1-7 Protecting Traffic in a Tunnel

Monday, June 1, 2009

CCNA Discovery 4 - Module 7 Exam Answers V.4

1. A network engineer has decided to pilot test a portion of a new network design rather than rely on a prototype for proof-of-concept. What are two advantages of pilot testing a design concept?(Choose two.)
• The test network experiences real-world network traffic.
• Users within the enterprise are not affected by the test.
• Network response can be tested in unplanned and unpredictable situations.
• Unlikely failure conditions can be conveniently tested.
• Network response can be tested in a highly controlled simulated environment.

2. While preparing a network test plan document, a network designer records all initial and modified device configurations. Which section of the document typically contains this information?
• Appendix
• Test Procedures
• Test Description
• Actual Results and Conclusions
• Anticipated Results and Success Criteria

3. Refer to the exhibit. A network designer creates a test plan that includes the specification shown. In which section of the test plan would this specification be found?
• Test Description
• Test Procedures
• Design and Topology Diagram
• Actual Results and Conclusions
• Anticipated Results and Success Criteria

4. What OSI model Layer 2 security measure can a network engineer implement when prototyping network security?
• a firewall at the network edge
• port security at the access design layer
• port security at the distribution design layer
• IP access control lists at the access design layer

5. How do designers decide which network functions need to be included in the prototype test?
• They select the functions that align with the business goals.
• They select the functions that occur at the network core.
• They select the functions that do not exist in the existing network.
• They select the functions from a list of generic network operations.

6. Refer to the exhibit. During prototype testing of the Cisco network shown, connectivity must be verified. Assuming all connections are working and CDP is enabled on all devices and interfaces, on which device was the command issued?
• R1
• S1
• R3
• S2
• R5
• S3

7. Refer to the exhibit. During prototyping, Layer 2 functionality is being tested. Based on the output shown, which two pieces of information can be determined? (Choose two.)
• Switch1 is the root bridge.
• Interface Fa0/2 on Switch1 has no role in the operation of spanning tree.
• Interface Fa0/2 on Switch1 is the alternate port used to reach the root bridge.
• Based on the entries in the "Role" column, it can be concluded that RSTP has been implemented.
• Interface Fa0/1 on Switch1 is the forwarding port selected for the entire spanning-tree topology.

8. What Rapid Spanning Tree Protocol (RSTP) state is given to the forwarding port elected for every switched Ethernet LAN segment?
• root
• backup
• alternate
• designated

9. Refer to the exhibit. During prototype testing, verification of VLAN connectivity is being performed. Based on the information shown, what command produced the output?
• show spanning-tree
• show interfaces trunk
• show cdp neighbors
• show interfaces
• show ip interface brief

10. Switch port Fa0/24 was previously configured as a trunk, but now it is to be used to connect a host to the network. How should the network administrator reconfigure switch port Fa0/24?
• Use the switchport mode access command from interface configuration mode.
• Enter the switchport nonegotiate command from interface configuration mode.
• Administratively shut down and re-enable the interface to return it to the default.
• Enter the no switchport mode trunk command in interface configuration mode.
• Use the switchport access vlan vlan number command from interface configuration mode
• to remove the port from the trunk and add it to a specific VLAN.

11. Refer to the exhibit. The redundant paths are of equal bandwidth and EIGRP is the routing protocol in use. Which statement describes the data flow from Server to PC2?
• EIGRP load balances across the R3 to R1 and R3 to R2 links.
• EIGRP load balances across the R1 to Switch3 and R2 to Switch3 paths.
• EIGRP load balances across the Switch1 to Switch3 and Switch1 to Switch2 paths.
• EIGRP does not load balance in this topology.

12. A network designer needs to determine if a proposed IP addressing scheme allows efficient route summarization and provides the appropriate amount of scalability to a design. What is useful for validating a proposed hierarchical IP addressing scheme?
• NBAR
• a pilot network
• a route summary
• a network simulator
• a physical topology ma

13. In the router command encapsulation dot1q 10, what does the number 10 represent?
• the metric used for a particular route
• the number of the VLAN associated with the encapsulated subinterface
• the priority number given to the device for the election process
• the number that must match the Fast Ethernet subinterface number
• the number used to program the router for unequal cost path load balancing

14. Refer to the exhibit. The users on the 192.168.10.192 network are not allowed Internet access. The network design calls for an extended ACL to be developed and tested. Where should the ACL be placed for the least effect on other network traffic?
• inbound on Fa0/0 of R3
• outbound on Fa0/0 of R3
• inbound on Fa0/1 of R3
• outbound on Fa0/1 of R3
• inbound on Fa0/1 of R2
• outbound on S0/0 of R2

15. Refer to the exhibit. What two measures can be taken to address the areas of weakness circled in the network design? (Choose two.)
• Provide redundant connections to all end users.
• Add another core switch to increase redundancy.
• Add a switch in the server block connecting the server farm to each core switch.
• Add an additional switch to the DMZ and direct links from the new switch to the core switches.
• Provide a redundant firewall router connecting to a second ISP, the core switches, and the DMZ.

16. Why is it important to record baseline measurements of a prototype network?
• Test results show security weaknesses after the baseline tests are run.
• The baseline is the point at which the network is operating at its fullest potential.
• Baseline measurements define a point at which network traffic has exceeded the designed capabilities of the network.
• Test results are compared to the baseline to see how the test conditions increase processor use or decrease available bandwidth.

17. Refer to the exhibit. A network administrator has been given the task of creating a design for a temporary classroom building that is to be set up outside an overcrowded school. In testing the prototype, it is found that the student PC cannot ping the teacher PC. All the switch interfaces are active and connected properly, as is interface Fa0/0 of the router. Given that only the commands shown have bee added to the router configuration, what is the source of the problem?
• The IP settings on the student PC are incorrect.
• The default gateway on the teacher PC is misconfigured.
• The router Fa0/0 interface has not been configured as a VLAN trunk.
• The Fa0/0 physical interface has not been configured with an IP address and subnet mask.
• The administrator forgot to configure a routing protocol to allow the ping packets to reach the teacher PC subnet.

18. Refer to the exhibit. Why are interfaces Fa0/11, Fa0/23, and Fa0/24 not shown in this switch output?
• Interfaces Fa0/11, Fa0/23, and Fa0/24 are trunks.
• Interfaces Fa0/11, Fa0/23, and Fa0/24 are shutdown.
• Interfaces Fa0/11, Fa0/23, and Fa0/24 are blocking.
• Interfaces Fa0/11, Fa0/23, and Fa0/24 failed diagnostics

19. Refer to the exhibit. A network technician is performing an initial installation of a new switch in the east wing. The technician removes the switch from the box, makes the connections to the network, and adds the configuration shown. The technician notifies the network administrator that the switch has been installed. When the network administrator at the home office attempts to telnet to the switch from host 192.168.0.1, the connection fails. What action should the network technician take?
• Add an enable password to the switch.
• Add a default gateway to the switch configuration.
• Configure the switch with an IP access list to permit the host connection.
• Enable the physical interfaces of the switch with the no shutdown command.

20. Refer to the exhibit. After all the interfaces have stabilized, what is the spanning-tree state of all the enabled interfaces of SW11?
• discarding
• forwarding
• learning
• listening

	SMTP
	FTP
	SNMP
	HTTP
	TFTP
	DHCP

	Telnet
	SNMP
	SMTP
	SQL
	TFTP

	/26
	/27
	/28
	/29
	/30

Monday, June 29, 2009

Friday, June 26, 2009

Sunday, June 21, 2009

Thursday, June 18, 2009

Thursday, June 11, 2009

Monday, June 8, 2009

Voice over ATM

VoATM Signaling

VoATM Addressing

VoATM Routing

VoATM and Delay

Voice Networking

Basic Telephony

Sunday, June 7, 2009

Advances in Applications

Saturday, June 6, 2009

Introduction

Standards

Technology

Network Performance

Economic Advantages

Friday, June 5, 2009

Description of IPv6 Packet Header

Hexadecimal "Hex"

Addressing Description

Broadcasting Methods

Unicast

Multicast

Anycast

Summary

Review Questions

For More Information

Thursday, June 4, 2009

Tuesday, June 2, 2009

Monday, June 1, 2009

Loker's Fan Box

BlogCatalog

Subscribe via email

Labels

Subscribe Now

Subscribe To

whos.amung.us

Followers

Amazon

Blog Archive

FEEDJIT Live Traffic Feed