Solution Manual for Enterprise Networking, Security, and Automation Labs and Study Guide (CCNAv7)

Preview (16 of 508 Pages)

100%

Purchase to unlock

Loading page image...

Enterprise Networking,Security, and Automation Labsand Study Guide (CCNAv7)Instructor’s Answer KeyAllan JohnsonCisco Press221 River St.Hoboken, NJ 07030 USA

Loading page image...

viEnterpriseNetworking,Security,andAutomationLabsandStudyGuide(CCNAv7)Contents at a GlanceIntroductionxxviiiChapter 1Single-Area OSPFv2 Concepts1Chapter 2Single-Area OSPFv2 Configuration15Chapter 3Network Security Concepts77Chapter 4ACL Concepts123Chapter 5ACLs for IPv4 Configuration135Chapter 6NAT for IPv4201Chapter 7WAN Concepts249Chapter 8VPN and IPsec Concepts271Chapter 9QoS Concepts289Chapter 10Network Management305Chapter 11Network Design399Chapter 12Network Troubleshooting413Chapter 13Network Virtualization449Chapter 14Network Automation463

Loading page image...

ContentsIntroductionxxviiiChapter 1Single-Area OSPFv2 Concepts1Study Guide2OSPF Features and Characteristics2Components of OSPF2Link-State Operation2Single-Area and Multiarea OSPF3OSPFv33Check Your Understanding—OSPF Features andCharacteristics4OSPF Packets5Types of OSPF Packets5Link-State Updates5Hello Packet6Check Your Understanding—OSPF Packets7OSPF Operation8OSPF Operational States8The Need for a DR11LSA Flooding with a DR12Check Your Understanding—OSPF Operation12Labs and Activities14Chapter 2Single-Area OSPFv2 Configuration15Study Guide16OSPF Router ID16OSPF Reference Topology16Router IDs16Router ID Order of Precedence17Configure a Loopback Interface as the Router ID18Explicitly Configure a Router ID18Modify the Router ID18Check Your Understanding—OSPF Router ID18Point-to-Point OSPF Networks19The network Command Syntax19The Wildcard Mask20Configure OSPF Using the network Command20Configure OSPF Using the ip ospf Command20Passive Interface21Configure Passive Interfaces21Packet Tracer Exercise 2-1: Point-to-Point Single-AreaOSPFv2 Configuration21Contentsvii

Loading page image...

viiiEnterpriseNetworking,Security,andAutomationLabsandStudyGuide(CCNAv7)Multiaccess OSPF Networks22OSPF Designated Router22OSPF Multiaccess Reference Topology22Verify OSPF Multiaccess Router Roles23DR Failure and Recovery24Configure OSPF Priority24Modify Single-Area OSPFv225Cisco OSPF Cost Metric25Adjust the Reference Bandwidth25OSPF Accumulates Cost26Manually Set OSPF Cost Value27Modify OSPFv2 Intervals28Default Route Propagation28Propagate and Verify a Default Route28Packet Tracer Exercise 2-2—Modify a Point-to-Point Single-AreaOSPFv2 Configuration29Verify Single-Area OSPFv230Verify OSPF Neighbors30Verify OSPF Protocol Settings31Verify OSPF Process Information31Verify OSPF Interface Settings32Labs and Activities34Command Reference342.2.13 Packet Tracer—Point-to-Point Single-Area OSPFv2Configuration (Instructor Version)35Addressing Table35Objectives35Background35Instructions35Part 1: Configure Router IDs35Part 2: Configure Networks for OSPF Routing36Part 3: Configure Passive Interfaces38Part 4: Verify OSPF Configuration38Answer Scripts38Router R138Router R239Router R3392.3.11 Packet Tracer—Determine the DR and BDR (Instructor Version)40Addressing Table40Objectives40Scenario40Instructions40

Loading page image...

Part 1: Examine DR and BDR Changing Roles40Part 2: Modify OSPF Priority and Force Elections432.4.11 Packet Tracer—Modify Single-Area OSPFv2 (Instructor Version)44Addressing Table44Objectives44Scenario44Instructions44Part 1: Modify OSPF Default Settings44Part 2: Verify Connectivity46Answer Scripts46Router R146Router R2462.5.3 Packet Tracer—Propagate a Default Route in OSPFv2(Instructor Version)47Addressing Table47Objectives47Background47Instructions47Part 1: Propagate a Default Route47Part 2: Verify Connectivity49Answer Script49Router R2492.6.6 Packet Tracer—Verify Single-Area OSPFv2 (Instructor Version)50Addressing Table50Objectives50Background / Scenario50Instructions51Part 1: Verify the Existing OSPFv2 Network Operation51Part 2: Add the New Branch Office LAN to the OSPFv2 Network542.7.1 Packet Tracer—Single-Area OSPFv2 Configuration(Instructor Version)55Addressing Table55Objectives55Background55Instructions56Requirements56Answer Configurations56P2P-156P2P-257P2P-357BC-157BC-258BC-358Contents ix

Loading page image...

xEnterpriseNetworking,Security,andAutomationLabsandStudyGuide(CCNAv7)2.7.2 Lab—Configure Single-Area OSPFv2 (Instructor Version)59Topology59Addressing Table59Objectives59Background / Scenario59Required Resources60Instructions60Part 1: Build the Network and Configure Basic Device Settings60Part 2: Configure and Verify Single-Area OSPFv2 for Basic Operation62Part 3: Optimize the Single-Area OSPFv2 Configuration64Router Interface Summary Table66Device Configs67Router R167Router R269Switch S171Switch S274Chapter 3Network Security Concepts77Study Guide78Current State of Cybersecurity78Current State of Affairs78Vectors of Network Attacks78Data Loss79Check Your Understanding—Current State of Cybersecurity80Threat Actors81The Hacker81Evolution of Hackers81Check Your Understanding—Threat Actors82Threat Actor Tools82Video—Threat Actor Tools83Evolution of Security Tools83Attack Types84Check Your Understanding—Threat Actor Tools84Malware85Viruses and Trojan Horses85Other Types of Malware86Check Your Understanding—Malware87Common Network Attacks89Overview of Network Attacks89Video—Reconnaissance Attacks89Reconnaissance Attacks89Video—Access and Social Engineering Attacks90Access Attacks90

Loading page image...

Social Engineering Attacks90Video—Denial of Service Attacks91DoS and DDoS Attacks91Check Your Understanding—Common Network Attacks92IP Vulnerabilities and Threats92Video—Common IP and ICMP Attacks93IPv4 and IPv693ICMP Attacks93Video—Amplification, Reflection, and Spoofing Attacks94Amplification and Reflection Attacks94Address Spoofing Attacks94Check Your Understanding—IP Vulnerabilities and Threats95TCP and UDP Vulnerabilities96TCP Segment Header96TCP Services97TCP Attacks98Check Your Understanding—TCP and UDP Vulnerabilities99IP Services100ARP Vulnerabilities100Video—ARP Spoofing100DNS Attacks101DHCP101DCHP Spoofing Attacks102Network Security Best Practices102Confidentiality, Integrity, and Availability (CIA)102The Defense-in-Depth Approach102IPS103Content Security Appliances104Check Your Understanding—Network Security Best Practices105Cryptography106Video—Cryptography106Securing Communications106Data Integrity107Origin Authentication107Data Confidentiality108Symmetric Encryption108Asymmetric Encryption109Diffie-Hellman110Check Your Understanding—Cryptography111Labs and Activities1123.5.7 Lab—Social Engineering (Instructor Version)112Objective112Contents xi

Loading page image...

xiiEnterpriseNetworking,Security,andAutomationLabsandStudyGuide(CCNAv7)Resources112Instructions1123.8.8 Lab—Explore DNS Traffic (Instructor Version)114Objectives114Background / Scenario114Required Resources114Instructions114Reflection Question121Chapter 4ACL Concepts123Study Guide124Purpose of ACLs124ACL Operation124Check Your Understanding—Purpose of ACLs124Wildcard Masks in ACLs125Wildcard Mask Overview125Wildcard Mask Types126Wildcard Mask Calculation126Wildcard Mask Keywords127Check Your Understanding—Wildcard Masks in ACLs127Guidelines for ACL Creation128Limited Number of ACLs per Interface128ACL Best Practices129Check Your Understanding—Guidelines for ACL Creation129Types of IPv4 ACLs129Standard and Extended ACLs130Numbered and Named ACLs130Standard and Extended ACL Placement130Check Your Understanding—Types of IPv4 ACLs131Labs and Activities1324.1.4 Packet Tracer—Access Control List Demonstration(Instructor Version)132Objectives132Background132Addressing Table132Instructions133Part 1: Verify Local Connectivity and Test Access Control List133Part 2: Remove the ACL and Repeat the Test133Chapter 5ACLs for IPv4 Configuration135Study Guide136Configure Standard IPv4 ACLs136

Loading page image...

Create an ACL136Numbered Standard IPv4 ACLs136Apply a Standard IPv4 ACL137Named Standard IPv4 ACLs137Standard IPv4 ACL Scenarios138Modify IPv4 ACLs139Sequence Numbers Method139Secure VTY Ports with a Standard IPv4 ACL140The access-class Command140Secure VTP Access Example140Configure Extended IPv4 ACLs140Extended ACLs141Numbered Extended IPv4 ACLs141Numbered Extended ACL Configuration Scenarios141Evaluate Extended IPv4 ACL Statements142Extended ACL Quiz144Labs and Activities146Command Reference1465.1.8 Packet Tracer—Configure Numbered StandardIPv4 ACLs (Instructor Version)147Addressing Table147Objectives147Background / Scenario147Instructions147Part 1: Plan an ACL Implementation147Part 2: Configure, Apply, and Verify a Standard ACL148Answer Configurations150Router R2150Router R31505.1.9 Packet Tracer—Configure Named StandardIPv4 ACLs (Instructor Version)151Addressing Table151Objectives151Background / Scenario151Instructions151Part 1: Configure and Apply a Named Standard ACL151Part 2: Verify the ACL Implementation152Answer Scripts152Router R11525.2.7 Packet Tracer—Configure and Modify Standard IPv4 ACLs(Instructor Version)153Addressing Table153Objectives153Contentsxiii

Loading page image...

xivEnterpriseNetworking,Security,andAutomationLabsandStudyGuide(CCNAv7)Background / Scenario153Instructions154Part 1: Verify Connectivity154Part 2: Configure and Verify Standard Numbered and Named ACLs154Part 3: Modify a Standard ACL159Reflection Questions161Answer Scripts161Router R1161Router R31625.4.12 Packet Tracer—Configure Extended ACLs—Scenario 1(Instructor Version)163Addressing Table163Objectives163Background / Scenario163Instructions163Part 1: Configure, Apply, and Verify an Extended NumberedACL163Part 2: Configure, Apply, and Verify an Extended Named ACL166Answer Script167Router R11675.4.13 Packet Tracer—Configure Extended IPv4 ACLs—Scenario 2(Instructor Version)168Addressing Table168Objectives168Background / Scenario168Instructions168Part 1: Configure a Named Extended ACL168Part 2: Apply and Verify the Extended ACL170Answer Configuration171Router RT11715.5.1 Packet Tracer—IPv4 ACL Implementation Challenge(Instructor Version)173Addressing Table173Objectives173Background / Scenario173Instructions174Answer Scripts176Router HQ176Router Branch1765.5.2 Lab—Configure and Verify Extended IPv4 ACLs(Instructor Version)177Topology177Addressing Table177VLAN Table177

Loading page image...

Objectives178Background / Scenario178Required Resources178Instructions178Part 1: Build the Network and Configure Basic Device Settings178Part 2: Configure VLANs on the Switches180Part 3: Configure Trunking182Part 4: Configure Routing183Part 5: Configure Remote Access184Part 6: Verify Connectivity185Part 7: Configure and Verify Extended Access Control Lists185Device Configs186Router R1186Router R2190Switch S1192Switch S2196Chapter 6NAT for IPv4201Study Guide202NAT Characteristics202IPv4 Private Address Space202NAT Terminology202Check Your Understanding—NAT Characteristics203Types of NAT204Static NAT204Dynamic NAT204Port Address Translation204NAT and PAT Comparison204NAT Advantages and Disadvantages204Check Your Understanding—NAT Advantages and Disadvantages205Static NAT205Configure Static NAT206Packet Tracer Exercise 6-1: Configure Static NAT206Dynamic NAT207Configure Dynamic NAT207Packet Tracer Exercise 6-2: Configure Dynamic NAT208PAT209Configure PAT209NAT64213Labs and Activities214Command Reference214Contents xv

Loading page image...

xviEnterpriseNetworking,Security,andAutomationLabsandStudyGuide(CCNAv7)6.2.7 Packet Tracer—Investigate NAT Operations (Instructor Version)214Addressing Table214Objectives215Scenario215Instructions215Part 1: Investigate NAT Operation Across the Intranet215Part 2: Investigate NAT Operation Across the Internet216Part 3: Conduct Further Investigations2176.4.5 Packet Tracer—Configure Static NAT (Instructor Version)219Objectives219Scenario219Instructions219Part 1: Test Access Without NAT219Part 2: Configure Static NAT220Part 3: Test Access with NAT2206.5.6 Packet Tracer—Configure Dynamic NAT (Instructor Version)221Objectives221Instructions221Part 1: Configure Dynamic NAT221Part 2: Verify NAT Implementation222Answer Script222Router R22226.6.7 Packet Tracer—Configure PAT (Instructor Version)223Objectives223Part 1: Configure Dynamic NAT with Overload223Part 2: Verify Dynamic NAT with Overload Implementation224Part 3: Configure PAT Using an Interface224Part 4: Verify PAT Interface Implementation225Answer Configurations225Router R1225Router R22266.8.1 Packet Tracer—Configure NAT for IPv4 (Instructor Version)227Addressing Table227Objectives227Background / Scenario227Instructions227Answer Configurations228Router R22286.8.2 Lab—Configure NAT for IPv4 (Instructor Version)229Topology229Addressing Table229Objectives229

Loading page image...

Background / Scenario229Required Resources230Instructions230Part 1: Build the Network and Configure Basic Device Settings230Part 2: Configure and Verify NAT for IPv4232Part 3: Configure and Verify PAT for IPv4234Part 4: Configure and Verify Static NAT for IPv4237Router Interface Summary Table238Device Configs - Final238Router R1238Router R2240Switch S1242Switch S2245Chapter 7WAN Concepts249Study Guide250Purpose of WANs250LANs and WANs250WAN Topologies250Evolving Networks251Check Your Understanding—Purpose of WANs252WAN Operations253WAN Standards253WAN Terminology and Devices254Check Your Understanding—WAN Operations255Traditional WAN Connectivity256Traditional WAN Connectivity Options256Leased Lines257Legacy Switched WAN Options258Check Your Understanding—Traditional WAN Connectivity258Modern WAN Connectivity259Modern WANs259Modern WAN Connectivity Options260Check Your Understanding—Modern WAN Connectivity261Internet-Based Connectivity261Internet-Based Connectivity Terminology261Labs and Activities2637.5.11 Lab—Research Broadband Internet Access Technologies(Instructor Version)263Objectives263Background / Scenario263Required Resources263Contentsxvii

Loading page image...

xviiiEnterpriseNetworking,Security,andAutomationLabsandStudyGuide(CCNAv7)Part 1: Investigate Broadband Distribution263Part 2: Research Broadband Access Options for Specific Scenarios265Reflection Question2667.6.1 Packet Tracer—WAN Concepts (Instructor Version)267Objectives267Background / Scenario267Instructions267Part 1: Investigate Consumer WAN Technologies for Homeand Mobile Devices267Part 2: Explore Connectivity270Chapter 8VPN and IPsec Concepts271Study Guide272VPN Technology272Virtual Private Networks272VPN Benefits272Site-to-Site and Remote-Access VPNs273Enterprise and Service Provider VPNs273Check Your Understanding—VPN Technology274Types of VPNs275Remote-Access VPNs275SSL and IPsec276Site-to-Site IPsec VPNs276GRE over IPsec276Dynamic Multipoint VPNs277IPsec Virtual Tunnel Interface278Service Provider MPLS VPNs278Check Your Understanding—Types of VPNs278IPsec279Video—IPsec Concepts279IPsec Technologies279IPsec Protocol Encapsulation281Confidentiality281Integrity282Authentication283Secure Key Exchange with Diffie-Hellman283Video—IPsec Transport and Tunnel Mode284Check Your Understanding—IPsec284Labs and Activities287Chapter 9QoS Concepts289Study Guide290Network Transmission Quality290

Loading page image...

Video Tutorial—The Purpose of QoS290Network Transmission Quality Terminology290Check Your Understanding—Network Transmission Quality291Traffic Characteristics292Video Tutorial—Traffic Characteristics292Traffic Characteristics292Check Your Understanding—Traffic Characteristics292Queuing Algorithms293Video Tutorial—QoS Algorithms293Identify the Queuing Algorithm293Queuing Algorithm Characteristics295Check Your Understanding—Queuing Algorithms296QoS Models297Video Tutorial—QoS Models297QoS Model Characteristics297Check Your Understanding—QoS Models298QoS Implementation Techniques299Video Tutorial—QoS Implementation Techniques299QoS Implementation Techniques Overview299Traffic Marking Tools299Marking at Layer 2300Marking at Layer 3300QoS Mechanism Terminology302Check Your Understanding—QoS Implementation Techniques303Labs and Activities304Chapter 10Network Management305Study Guide306Device Discovery with CDP and LLDP306Configure and Verify CDP306Configure and Verify LLDP307Draw and Label the Network Topology308Compare CDP and LLDP309NTP310Set the Clock310NTP Operation310Configure and Verify NTP311SNMP311SNMP Operation311SNMP Versions312Community Strings312MIB Object ID312Contentsxix

Preview Mode

This document has 508 pages. Sign in to access the full document!

Report

Study Now!

Document Details

Related Documents

Lecture Notes for Enterprise Networking, Security, and Automation Labs and Study Guide (CCNAv7)

DevOps and Its Importance Study Notes

Veeam Certified Engineer VMCE-V12

Modules 1 - 3 Basic Network Connectivity and Commu

Notes CCNA

CCNA 200-301 Portable Command Guide 5th Edition 20

CCNA 200-301 Portable Command Guide 5th Edition 22

CCNA 200-301 Portable Command Guide 5th Edition 36

Foundations of Novell Networking Section 26

Modulo 7 DHCPv4

Company

Explore

Study Tools