800 East 96th Street
Indianapolis, Indiana 46240 USA
Cisco Press
CCENT/CCNA ICND1
Official Exam Certification Guide,
Second Edition
Wendell Odom,
CCIE No. 1624
1828xbook.fm Page i Thursday, July 26, 2007 3:10 PM
ii
CCENT/CCNA ICND1 Official Exam Certification Guide, Second Edition
Wendell Odom
Copyright© 2008 Cisco Systems, Inc.
Published by:
Cisco Press
800 East 96th Street
Indianapolis, IN 46240 USA
All rights reserved. No part of this book may be reproduced or transmitted in any form or by any means, electronic or
mechanical, including photocopying, recording, or by any information storage and retrieval system, without written
permission from the publisher, except for the inclusion of brief quotations in a review.
Printed in the United States of America
First Printing August 2007
Library of Congress Cataloging-in-Publication Data.
Odom, Wendell.
CCENT/CCNA ICND1 official exam certification guide / Wendell Odom.
p. cm.
ISBN 978-1-58720-182-0 (hardback w/cd) 1. Electronic data processing personnel--Certification. 2. Computer net-
works--Examinations--Study guides. I. Title.
QA76.3.O358 2007
004.6--dc22
2007029241
ISBN-13: 978-1-58720-182-0
ISBN-10: 1-58720-182-8
Warning and Disclaimer
This book is designed to provide information about the Cisco ICND1 (640-822), ICND2 (640-816), and CCNA
(640-802) exams. Every effort has been made to make this book as complete and accurate as possible, but no warranty
or fitness is implied.
The information is provided on an “as is” basis. The author, Cisco Press, and Cisco Systems, Inc. shall have neither
liability nor responsibility to any person or entity with respect to any loss or damages arising from the information
contained in this book or from the use of the discs or programs that may accompany it.
The opinions expressed in this book belong to the author and are not necessarily those of Cisco Systems, Inc.
1828xbook.fm Page ii Thursday, July 26, 2007 3:10 PM
iii
Trademark Acknowledgments
All terms mentioned in this book that are known to be trademarks or service marks have been appropriately
capitalized. Cisco Press or Cisco Systems, Inc. cannot attest to the accuracy of this information. Use of a term in this
book should not be regarded as affecting the validity of any trademark or service mark.
Corporate and Government Sales
The publisher offers excellent discounts on this book when ordered in quantity for bulk purchases or special sales,
which may include electronic versions and/or custom covers and content particular to your business, training goals,
marketing focus, and branding interests. For more information, please contact:
U.S. Corporate and Government Sales
1-800-382-3419
For sales outside the United States please contact:
International Sales
Feedback Information
At Cisco Press, our goal is to create in-depth technical books of the highest quality and value. Each book is crafted
with care and precision, undergoing rigorous development that involves the unique expertise of members of the
professional technical community.
Reader feedback is a natural continuation of this process. If you have any comments about how we could improve
the quality of this book, or otherwise alter it to better suit your needs, you can contact us through e-mail at
Please be sure to include the book title and ISBN in your message.
We greatly appreciate your assistance.
Publisher:
Paul Boger
Copy Editor:
Gayle Johnson and Bill McManus
Associate Publisher:
Dave Dusthimer
Technical Editors:
Teri Cook, Brian D’Andrea,
and Steve Kalman
Cisco Representative:
Anthony Wolfenden
Editorial Assistant:
Vanessa Evans
Cisco Press Program Manager:
Jeff Brady
Book and Cover Designer:
Louisa Adair
Executive Editor:
Brett Bartow
Composition:
ICC Macmillan Inc.
Managing Editor:
Patrick Kanouse
Indexer:
Tim Wright
Senior Development Editor:
Christopher Cleveland
Proofreader:
Suzanne Thomas
Senior Project Editor:
San Dee Phillips and Meg Shaw
1828xbook.fm Page iii Thursday, July 26, 2007 3:10 PM
iv
About the Author
Wendell Odom
, CCIE No. 1624, has been in the networking industry since 1981. He
currently teaches QoS, MPLS, and CCNA courses for Skyline Advanced Technology
Services (). He has also worked as a network engineer,
consultant, systems engineer, instructor, and course developer. He is the author of all
previous editions of the
CCNA Exam Certification Guide
, as well as the
Cisco QOS Exam
Certification Guide
, Second Edition,
Computer Networking First-Step
,
CCIE Routing and
Switching Official Exam Certification Guide
, Second Edition, and
CCNA Video Mentor
—
all from Cisco Press.
1828xbook.fm Page iv Thursday, July 26, 2007 3:10 PM
v
About the Technical Reviewers
Teri Cook
(CCSI, CCDP, CCNP, CCDA, CCNA, MCT, and MCSE 2000/2003: Security)
has more than ten years of experience in the IT industry. She has worked with different
types of organizations in the private business and DoD sectors, providing senior-level
network and security technical skills in the design and implementation of complex
computing environments. Since obtaining her certifications, Teri has been committed to
bringing quality IT training to IT professionals as an instructor. She is an outstanding
instructor who uses real-world experience to present complex networking technologies. As
an IT instructor, Teri has been teaching Cisco classes for more than five years.
Brian D’Andrea
(CCNA, CCDA, MCSE, A+, and Net+) has 11 years of IT experience in
both medical and financial environments, where planning and supporting critical
networking technologies were his primary responsibilities. For the last five years he has
dedicated himself to technical training. Brian spends most of his time with The Training
Camp, an IT boot camp provider. Using his real-world experience and his ability to break
difficult concepts into a language that students can understand, Brian has successfully
trained hundreds of students for both work and certification endeavors.
Stephen Kalman
is a data security trainer. He is the author or tech editor of more than
20 books, courses, and CBT titles. His most recent book is
Web Security Field Guide
,
published by Cisco Press. In addition to those responsibilities he runs a consulting
company, Esquire Micro Consultants, which specializes in network security assessments
and forensics.
Mr. Kalman holds SSCP, CISSP, ISSMP, CEH, CHFI, CCNA, CCSA (Checkpoint), A+,
Network+ and Security+ certifications and is a member of the New York State Bar.
1828xbook.fm Page v Thursday, July 26, 2007 3:10 PM
vi
Dedication
For Brett Bartow. Thanks for being such a steady, insightful, and incredibly trustworthy
guide through the publishing maze.
1828xbook.fm Page vi Thursday, July 26, 2007 3:10 PM
vii
Acknowledgments
The team who helped produce this book has been simply awesome. Everyone who touched
this book has made it better, and they’ve been particularly great at helping catch the errors
that always creep into the manuscript.
Brian, Teri, and Steve all did a great job TEing the book. Besides helping a lot with
technical accuracy, Brian made a lot of good suggestions about traps that he sees when
teaching CCNA classes, helping the book avoid those same pitfalls. Teri’s ability to see
each phrase in the context of an entire chapter, or the whole book, was awesome, helping
catch things that no one would otherwise catch. Steve spent most of his TE time on the
ICND2 book, but he did lend great help with this one, particularly with his reviews of the
security-oriented topics, an area in which he’s an expert. And more so than any other book
I’ve written, the TEs really sunk their teeth into the specifics of every example, helping
catch errors. Thanks so much!
Another (ho-hum) all-star performance from Chris Cleveland, who developed the book.
Now I empathize with sports writers who have to write about the local team’s star who bats
.300, hits 40 homers, and drives in 100 runs, every year, for his whole career. How many
ways can you say he does a great job? I’ll keep it simple: Thanks, Chris.
The wonderful and mostly hidden production folks did their usual great job. When every
time I see how they reworded something, and think, “Wow; why didn’t I write that?”, it
makes me appreciate the kind of team we have at Cisco Press. The final copy edit, figure
review, and pages review process required a fair amount of juggling and effort as well –
thanks to Patrick’s team, especially San Dee, Meg, Tonya, for working so well with all the
extra quality initiatives we’ve implemented. Thanks to you all!
Additionally, several folks who didn’t have any direct stake in the book also helped it along.
Thanks to Frank Knox for the discussions on the exams, why they’re so difficult, and about
troubleshooting. Thanks to Rus Healy for the help with wireless. Thanks to the Mikes at
Skyline for making my schedule work to get this book (and the ICND2 book) out the door.
And thanks to the course and exam teams at Cisco for the great early communications and
interactions about the changes to the courses and exams.
Finally, thanks to my wife Kris for all her support with my writing efforts, her prayers,
and her understanding when the deadline didn’t quite match with our vacation plans this
summer. And thanks to Jesus Christ—all this effort is just striving after the wind without
Him.
1828xbook.fm Page vii Thursday, July 26, 2007 3:10 PM
viii
This Book Is Safari Enabled
The Safari
®
Enabled icon on the cover of your favorite technol-
ogy book means that the book is available through Safari Book-
shelf. When you buy this book, you get free access to the online
edition for 45 days.
Safari Bookshelf is an electronic reference library that lets you
easily search thousands of technical books, find code samples,
download chapters, and access technical information whenever
and wherever you need it.
To gain 45-day Safari Enabled access to this book:
■
Go to />
■
Complete the brief registration form.
■
Enter the coupon code 6EM9-WNXL-7Z1E-9UL2-KAEC.
If you have difficulty registering on Safari Bookshelf or access-
ing the online edition, please e-mail customer-service@safari-
booksonline.com.
1828xbook.fm Page viii Thursday, July 26, 2007 3:10 PM
ix
Contents at a Glance
Foreword xxvi
Introduction xxvii
Part I Networking Fundamentals 3
Chapter 1 Introduction to Computer Networking Concepts 5
Chapter 2 The TCP/IP and OSI Networking Models 17
Chapter 3 Fundamentals of LANs 41
Chapter 4 Fundamentals of WANs 71
Chapter 5 Fundamentals of IP Addressing and Routing 93
Chapter 6 Fundamentals of TCP/IP Transport, Applications,
and Security 129
Part II LAN Switching 165
Chapter 7 Ethernet LAN Switching Concepts 167
Chapter 8 Operating Cisco LAN Switches 197
Chapter 9 Ethernet Switch Configuration 231
Chapter 10 Ethernet Switch Troubleshooting 267
Chapter 11 Wireless LANs 299
Part III IP Routing 329
Chapter 12 IP Addressing and Subnetting 331
Chapter 13 Operating Cisco Routers 399
Chapter 14 Routing Protocol Concepts and Configuration 435
Chapter 15 Troubleshooting IP Routing 471
Part IV Wide-Area Networks 509
Chapter 16 WAN Concepts 511
Chapter 17 WAN Configuration 539
1828xbook.fm Page ix Thursday, July 26, 2007 3:10 PM
x
Part V Final Preparation 563
Chapter 18 Final Preparation 565
Part VI Appendixes 575
Appendix A Answers to the “Do I Know This Already?” Quizzes 577
Appendix B Decimal to Binary Conversion Table 591
Appendix C ICND1 Exam Updates: Version 1.0 595
Glossary 599
Index 624
Part VII CD-Only
Appendix C ICND1 Exam Updates: Version 1.0
Appendix D Subnetting Practice
Appendix E Subnetting Reference Pages
Appendix F Additional Scenarios
Appendix G Subnetting Video Reference
Appendix H Memory Tables
Appendix I Memory Tables Answer Key
Appendix J ICND1 Open-Ended Questions
1828xbook.fm Page x Thursday, July 26, 2007 3:10 PM
xi
Contents
Foreword xxvi
Introduction xxvii
Part I Networking Fundamentals 3
Chapter 1 Introduction to Computer Networking Concepts 5
Perspectives on Networking 5
The Flintstones Network: The First Computer Network? 8
Chapter 2 The TCP/IP and OSI Networking Models 17
“Do I Know This Already?” Quiz 18
Foundation Topics 21
The TCP/IP Protocol Architecture 22
The TCP/IP Application Layer 23
The TCP/IP Transport Layer 25
The TCP/IP Internet Layer 27
The TCP/IP Network Access Layer 28
Data Encapsulation Terminology 30
The OSI Reference Model 32
Comparing OSI and TCP/IP 32
OSI Layers and Their Functions 34
OSI Layering Concepts and Benefits 35
OSI Encapsulation Terminology 36
Exam Preparation Tasks 38
Review all the Key Topics 38
Complete the Tables and Lists from Memory 38
Definitions of Key Terms 38
OSI Reference 39
Chapter 3 Fundamentals of LANs 41
“Do I Know This Already?” Quiz 41
Foundation Topics 45
An Overview of Modern Ethernet LANs 45
A Brief History of Ethernet 48
The Original Ethernet Standards: 10BASE2 and 10BASE5 48
Repeaters 50
Building 10BASE-T Networks with Hubs 51
Ethernet UTP Cabling 52
UTP Cables and RJ-45 Connectors 52
Transmitting Data Using Twisted Pairs 54
UTP Cabling Pinouts for 10BASE-T and 100BASE-TX 55
1000BASE-T Cabling 58
1828xbook.fm Page xi Thursday, July 26, 2007 3:10 PM
xii
Improving Performance by Using Switches Instead of Hubs 58
Increasing Available Bandwidth Using Switches 61
Doubling Performance by Using Full-Duplex Ethernet 62
Ethernet Layer 1 Summary 63
Ethernet Data-Link Protocols 63
Ethernet Addressing 64
Ethernet Framing 65
Identifying the Data Inside an Ethernet Frame 67
Error Detection 68
Exam Preparation Tasks 69
Review All the Key Topics 69
Complete the Tables and Lists from Memory 69
Definitions of Key Terms 69
Chapter 4 Fundamentals of WANs 71
“Do I Know This Already?” Quiz 71
Foundation Topics 74
OSI Layer 1 for Point-to-Point WANs 74
WAN Connections from the Customer Viewpoint 77
WAN Cabling Standards 78
Clock Rates, Synchronization, DCE, and DTE 80
Building a WAN Link in a Lab 81
Link Speeds Offered by Telcos 82
OSI Layer 2 for Point-to-Point WANs 83
HDLC 83
Point-to-Point Protocol 85
Point-to-Point WAN Summary 85
Frame Relay and Packet-Switching Services 86
The Scaling Benefits of Packet Switching 86
Frame Relay Basics 87
Exam Preparation Tasks 91
Review All the Key Topics 91
Complete the Tables and Lists from Memory 91
Definitions of Key Terms 91
Chapter 5 Fundamentals of IP Addressing and Routing 93
“Do I Know This Already?” Quiz 93
Foundation Topics 98
Overview of Network Layer Functions 98
Routing (Forwarding) 99
PC1’s Logic: Sending Data to a Nearby Router 100
R1 and R2’s Logic: Routing Data Across the Network 100
R3’s Logic: Delivering Data to the End Destination 100
1828xbook.fm Page xii Thursday, July 26, 2007 3:10 PM
xiii
Network Layer Interaction with the Data Link Layer 101
IP Packets and the IP Header 102
Network Layer (Layer 3) Addressing 103
Routing Protocols 104
IP Addressing 105
IP Addressing Definitions 105
How IP Addresses Are Grouped 106
Classes of Networks 107
The Actual Class A, B, and C Network Numbers 109
IP Subnetting 110
IP Routing 114
Host Routing 114
Router Forwarding Decisions and the IP Routing Table 115
IP Routing Protocols 118
Network Layer Utilities 121
Address Resolution Protocol and the Domain Name System 121
DNS Name Resolution 122
The ARP Process 122
Address Assignment and DHCP 123
ICMP Echo and the ping Command 125
Exam Preparation Tasks 126
Review All the Key Topics 126
Complete the Tables and Lists from Memory 127
Definitions of Key Terms 127
Chapter 6 Fundamentals of TCP/IP Transport, Applications, and Security 129
“Do I Know This Already?” Quiz 129
Foundation Topics 133
TCP/IP Layer 4 Protocols: TCP and UDP 133
Transmission Control Protocol 134
Multiplexing Using TCP Port Numbers 135
Popular TCP/IP Applications 138
Error Recovery (Reliability) 140
Flow Control Using Windowing 141
Connection Establishment and Termination 142
Data Segmentation and Ordered Data Transfer 144
User Datagram Protocol 145
TCP/IP Applications 146
QoS Needs and the Impact of TCP/IP Applications 146
The World Wide Web, HTTP, and SSL 149
Universal Resource Locators 150
Finding the Web Server Using DNS 150
Transferring Files with HTTP 152
1828xbook.fm Page xiii Thursday, July 26, 2007 3:10 PM
xiv
Network Security 153
Perspectives on the Sources and Types of Threats 154
Firewalls and the Cisco Adaptive Security Appliance (ASA) 158
Anti-x 160
Intrusion Detection and Prevention 160
Virtual Private Networks (VPN) 161
Exam Preparation Tasks 163
Review All the Key Topics 163
Complete the Tables and Lists from Memory 163
Definitions of Key Terms 163
Part II LAN Switching 165
Chapter 7 Ethernet LAN Switching Concepts 167
“Do I Know This Already?” Quiz 167
Foundation Topics 171
LAN Switching Concepts 171
Historical Progression: Hubs, Bridges, and Switches 171
Switching Logic 174
The Forward Versus Filter Decision 175
How Switches Learn MAC Addresses 177
Flooding Frames 178
Avoiding Loops Using Spanning Tree Protocol 179
Internal Processing on Cisco Switches 180
LAN Switching Summary 182
LAN Design Considerations 183
Collision Domains and Broadcast Domains 183
Collision Domains 183
Broadcast Domains 184
The Impact of Collision and Broadcast Domains on LAN Design 185
Virtual LANs (VLAN) 187
Campus LAN Design Terminology 188
Ethernet LAN Media and Cable Lengths 191
Exam Preparation Tasks 194
Review All the Key Topics 194
Complete the Tables and Lists from Memory 194
Definitions of Key Terms 195
Chapter 8 Operating Cisco LAN Switches 197
“Do I Know This Already?” Quiz 197
Foundation Topics 200
Accessing the Cisco Catalyst 2960 Switch CLI 200
Cisco Catalyst Switches and the 2960 Switch 201
1828xbook.fm Page xiv Thursday, July 26, 2007 3:10 PM
xv
Switch Status from LEDs 202
Accessing the Cisco IOS CLI 205
CLI Access from the Console 206
Accessing the CLI with Telnet and SSH 208
Password Security for CLI Access 208
User and Enable (Privileged) Modes 210
CLI Help Features 211
The debug and show Commands 213
Configuring Cisco IOS Software 214
Configuration Submodes and Contexts 215
Storing Switch Configuration Files 217
Copying and Erasing Configuration Files 220
Initial Configuration (Setup Mode) 221
Exam Preparation Tasks 226
Review All the Key Topics 226
Complete the Tables and Lists from Memory 226
Definitions of Key Terms 226
Command References 226
Chapter 9 Ethernet Switch Configuration 231
“Do I Know This Already?” Quiz 231
Foundation Topics 235
Configuration of Features in Common with Routers 235
Securing the Switch CLI 235
Configuring Simple Password Security 236
Configuring Usernames and Secure Shell (SSH) 239
Password Encryption 242
The Two Enable Mode Passwords 244
Console and vty Settings 245
Banners 245
History Buffer Commands 246
The logging synchronous and exec-timeout Commands 247
LAN Switch Configuration and Operation 248
Configuring the Switch IP Address 248
Configuring Switch Interfaces 251
Port Security 253
VLAN Configuration 256
Securing Unused Switch Interfaces 259
Exam Preparation Tasks 261
Review All the Key Topics 261
Complete the Tables and Lists from Memory 261
Definitions of Key Terms 262
Command References 262
1828xbook.fm Page xv Thursday, July 26, 2007 3:10 PM
xvi
Chapter 10 Ethernet Switch Troubleshooting 267
“Do I Know This Already?” Quiz 267
Foundation Topics 271
Perspectives on Network Verification and Troubleshooting 271
Attacking Sim Questions 271
Simlet Questions 272
Multiple-Choice Questions 273
Approaching Questions with an Organized Troubleshooting Process 273
Isolating Problems at Layer 3, and Then at Layers 1 and 2 275
Troubleshooting as Covered in This Book 276
Verifying the Network Topology with Cisco Discovery Protocol 277
Analyzing Layer 1 and 2 Interface Status 282
Interface Status Codes and Reasons for Nonworking States 282
Interface Speed and Duplex Issues 284
Common Layer 1 Problems on Working Interfaces 287
Analyzing the Layer 2 Forwarding Path with the MAC Address Table 289
Analyzing the Forwarding Path 292
Port Security and Filtering 293
Exam Preparation Tasks 295
Review All the Key Topics 295
Complete the Tables and Lists from Memory 295
Definitions of Key Terms 295
Command References 295
Chapter 11 Wireless LANs 299
“Do I Know This Already?” Quiz 299
Foundation Topics 302
Wireless LAN Concepts 302
Comparisons with Ethernet LANs 302
Wireless LAN Standards 304
Modes of 802.11 Wireless LANs 305
Wireless Transmissions (Layer 1) 307
Wireless Encoding and Nonoverlapping DSSS Channels 309
Wireless Interference 311
Coverage Area, Speed, and Capacity 311
Media Access (Layer 2) 314
Deploying WLANs 315
Wireless LAN Implementation Checklist 315
Step 1: Verify the Existing Wired Network 316
Step 2: Install and Configure the AP’s Wired and IP Details 317
Step 3: Configure the AP’s WLAN Details 317
Step 4: Install and Configure One Wireless Client 318
Step 5: Verify That the WLAN Works from the Client 319
1828xbook.fm Page xvi Thursday, July 26, 2007 3:10 PM