Skip to main content
main-content

Über dieses Buch

This book is a concise one-stop desk reference and synopsis of basic knowledge and skills for Cisco certification prep. For beginning and experienced network engineers tasked with building LAN, WAN, and data center connections, this book lays out clear directions for installing, configuring, and troubleshooting networks with Cisco devices. The full range of certification topics is covered, including all aspects of IOS, NX-OS, and ASA software. The emphasis throughout is on solving the real-world challenges engineers face in configuring network devices, rather than on exhaustive descriptions of hardware features.

This practical desk companion doubles as a comprehensive overview of the basic knowledge and skills needed by CCENT, CCNA, and CCNP exam takers. It distills a comprehensive library of cheat sheets, lab configurations, and advanced commands that the authors assembled as senior network engineers for the benefit of junior engineers they train, mentor on the job, and prepare for Cisco certification exams. Prior familiarity with Cisco routing and switching is desirable but not necessary, as Chris Carthern, Dr. Will Wilson, Noel Rivera, and Richard Bedwell start their book with a review of the basics of configuring routers and switches. All the more advanced chapters have labs and exercises to reinforce the concepts learned.

This book differentiates itself from other Cisco books on the market by approaching network security from a hacker’s perspective. Not only does it provide network security recommendations but it teaches you how to use black-hat tools such as oclHashcat, Loki, Burp Suite, Scapy, Metasploit, and Kali to actually test the security concepts learned.

Readers of Cisco Networks will learn

How to configure Cisco switches, routers, and data center devices in typical corporate network architecturesThe skills and knowledge needed to pass Cisco CCENT, CCNA, and CCNP certification examsHow to set up and configure at-home labs using virtual machines and lab exercises in the book to practice advanced Cisco commandsHow to implement networks of Cisco devices supporting WAN, LAN, and data center configurationsHow to implement secure network configurations and configure the Cisco ASA firewallHow to use black-hat tools and network penetration techniques to test the security of your network

Inhaltsverzeichnis

Frontmatter

Chapter 1. Introduction to Practical Networking

Abstract
Chapter 1 begins by discussing a few of the tools that you will use throughout the book. Next, we cover the beloved OSI model and discuss how it relates to networking. We talk about all seven layers of the OSI model. Then we move on to the TCP/IP model and show its relation to the OSI model. We end the chapter discussing well-known port numbers, the different types of networks, and Cisco’s hierarchical internetwork model.
Chris Carthern, William Wilson, Richard Bedwell, Noel Rivera

Chapter 2. The Physical Medium

Abstract
Have you ever troubleshot a network issue for hours, racking your brain, only to find out that someone pulled a cable slightly out of the port? This chapter focuses on problems at layer 1—the physical layer—and how this layer is overlooked when network problems are experienced. A common example is a cable with a loose connection when troubleshooting another issue. I once left a network down for two days before actually looking at the port to determine the issue, which was a cable with a loose connection. It is very easy for you to blame your commercial carrier, but before you do so, you should exhaust all fault possibilities. This chapter discusses the importance of the physical medium in network design. Topics begin with the physical medium, including transmission media such as copper, coaxial cable, fiber optic cable, and the standards associated with each. Next, the Ethernet, duplex communication systems, autonegotation, Unidirectional Link Detection (UDLD), and common issues associated with layer 1 are covered.
Chris Carthern, William Wilson, Richard Bedwell, Noel Rivera

Chapter 3. Data Link Layer

Abstract
This chapter discusses protocols associated with the data link layer. The protocols covered are Address Resolution Protocol (ARP), Reverse Address Resolution Protocol (RARP), link layer functions, Link Layer Discovery Protocol (LLDP), and Cisco Discovery Protocol (CDP). As mentioned earlier, the data link layer must ensure that messages are transmitted to devices on a LAN using physical hardware addresses, and they also must convert packets sent from the network layer, and convert them into frames to be sent out to the physical layer to transmit. The data link layer converts packets into frames, which adds a header that contains the physical hardware device of the source and the destination address, flow control, and a footer with the checksum data (CRC). We are going to dive deeply into this layer.
Chris Carthern, William Wilson, Richard Bedwell, Noel Rivera

Chapter 4. The Network Layer with IP

Abstract
The heart of TCP/IP is Internet Protocol (IP) addressing and routing. An IP address is a numeric identifier assigned to each device on an IP network. The IP address provides the location of the device on the network. IP addresses are logical addresses implemented in software, unlike MAC addresses. IP addresses are represented as binary numbers in four sets of 8 bits each, called an, in Internet Protocol Version 4 (IPv4). IPv4 addresses are logical 32-bit addresses, whereas IPv6 addresses are logical 128-bit addresses.
Chris Carthern, William Wilson, Richard Bedwell, Noel Rivera

Chapter 5. Intermediate LAN Switching

Abstract
This chapter starts with an introduction to Cisco IOS software, discussing some basic configuration commands and how to access a Cisco device. Switching concepts are covered in this chapter, including EtherChannels and the Spanning Tree Protocol. You’ll also take a look at the IOS, including configurations and the file system.
Chris Carthern, William Wilson, Richard Bedwell, Noel Rivera

Chapter 6. Routing

Abstract
Now we get to the fun, the world of routing. This chapter discusses router configurations, including static routing and dynamic routing protocols such as Routing Information Protocol (RIP), Enhanced Interior Gateway Routing Protocol (EIGRP), Open Shortest Path First (OSPF), and the Border Gateway Protocol (BGP). Routing can be compared to mail delivery. You identify the recipient of the mail by writing the name and address, and you identify yourself as the sender with your address. You put your letter in the mailbox to be picked up by the mailman. The mailman takes your letter to the post office, where it is determined how to route your letter to its destination. Your letter may pass through many post offices along the way. If there is a problem along the way, the letter is routed back to you as the sender.
Chris Carthern, William Wilson, Richard Bedwell, Noel Rivera

Chapter 7. VLANs, Trunking, VTP, and MSTP

Abstract
This chapter explores the configuration of Virtual Logical Networks (VLANs), trunking between switches, routing between VLANs, VLAN Trunking Protocol (VTP) configuration, and Multiple Spanning Tree Protocol (MSTP) configuration. The exercises at the end of the chapter reinforce what is covered.
Chris Carthern, William Wilson, Richard Bedwell, Noel Rivera

Chapter 8. Basic Switch and Router Troubleshooting

Abstract
This chapter discusses key troubleshooting concepts that aid in resolving network issues. These concepts include maintaining up-to-date documentation and how to systematically isolate network issues and correct them. We start with the physical medium, as many engineers simply ignore this layer, but you will be shown why it is important. The chapter provides examples and steps that can be used to resolve issues dealing with VLANs, trunking, EtherChannels, VTP, STP, static routing, RIP, EIGRP, OSPF, and BGP. There are plenty of exercises at the end of the chapter to reinforce what you have learned.
Chris Carthern, William Wilson, Richard Bedwell, Noel Rivera

Chapter 9. Network Address Translation and Dynamic Host Configuration Protocol

Abstract
This chapter covers Network Address Translation (NAT) and Dynamic Host Configuration Protocol (DHCP). The NAT discussion covers static NAT, dynamic NAT, and Port Address Translation (PAT). DHCP covers configuring the router to forward a DHCP request and configuring a router to be a DHCP server. At the end of the chapter, there are exercises to reinforce the NAT and DHCP concepts.
Chris Carthern, William Wilson, Richard Bedwell, Noel Rivera

Chapter 10. Management Plane

Abstract
This chapter covers topics related to the management plane. These topics include password creation, user account creation, performing a password recovery, configuring banner messages, enabling management capabilities such as Telnet and Secure Socket Shell (SSH), disabling unnecessary services, configuring authentication, authorization and accounting (AAA), and how to monitor your devices using Simple Network Management Protocol (SNMP) and syslog.
Chris Carthern, William Wilson, Richard Bedwell, Noel Rivera

Chapter 11. Data Plane

Abstract
Over the next two chapters, we will discuss the chicken and the egg. This phrase is used because of the relationship between the data plane and the control plane. As network engineers, most of our work is with configuring the control plane and monitoring the data plane.
Chris Carthern, William Wilson, Richard Bedwell, Noel Rivera

Chapter 12. Control Plane

Abstract
Now that we have discussed the chicken, let’s discuss the egg. In earlier chapters, configuration examples and details about several control plane protocols were provided. This chapter discusses what it means to be a control plane protocol, how these protocols interact, how to secure the control plane, and provides additional configuration examples.
Chris Carthern, William Wilson, Richard Bedwell, Noel Rivera

Chapter 13. Introduction to Availability

Abstract
This chapter discusses how to provide a high availability of systems, including network redundancy and fault tolerance. It covers protocols such as Hot Standby Router Protocol (HSRP), Virtual Router Redundancy Protocol (VRRP), and Gateway Load Balancing Protocol (GLBP) to increase network uptime. High availability is a requirement that companies use to keep mission-critical networks and applications available. Imagine if Amazon or Google had a four-hour outage. How much money would these companies lose because of this outage? Possibly millions of dollars. Thus you see the importance of high availability.
Chris Carthern, William Wilson, Richard Bedwell, Noel Rivera

Chapter 14. Advanced Switching

Abstract
This chapter discusses securing switch interfaces using port security, and reviews DHCP snooping. In Chapter 13 you learned how to provide high-availability of systems, including network redundancy and fault tolerance. You will revisit protocols such as Hot Standby Router Protocol (HSRP) and Virtual Router Redundancy Protocol (VRRP), and learn how they can be used for load balancing and with VLANs. You will also learn about server load balancing, and how you can add redundancy and load balancing to servers connected to switches. Other content in this chapter includes the switch management function, including backup up and restoring switch configurations, completing a password recovery of a switch, and upgrading the IOS of a switch. Toward the end of the chapter, Virtual Switching Systems (VSS) is covered.
Chris Carthern, William Wilson, Richard Bedwell, Noel Rivera

Chapter 15. Advanced Routing

Abstract
This chapter expands on what was covered in Chapters 6 and 12. It includes some overlap to help reinforce the concepts, while providing more depth than Chapter 6 and more focus on implementation than Chapter 12. Advanced routing topics include EIGRP, multiarea OSPF, advanced BGP, IPv6 routing, redistribution, tunneling, such as Generic Routing Encapsulation (GRE) tunnels and Internet Protocol Security (IPsec), and policy-based routing (PBR) using route maps. At the end of the chapter, there are several challenging exercises that will reinforce what you have learned this chapter.
Chris Carthern, William Wilson, Richard Bedwell, Noel Rivera

Chapter 16. Advanced Security

Abstract
Before we start, let’s be realistic about the expectations that there cannot be a 100% secure information system (IS). There are too many factors to evaluate that are out of your control, including the human factor. Therefore, security is more of a trade-off art of balancing risk. It goes without saying that complex systems with millions of lines of code are harder to secure than simpler systems. Usually, there are oppositely proportional factors that contribute to the security of a system, such as flexibility vs. narrow scope, and factors that are directly proportional to security of the system, such as the time invested securing the system. However, factors that tend to increase the security of the system also tend to increase cost, and so a careful balance must be found between time, cost, flexibility, and security.
Chris Carthern, William Wilson, Richard Bedwell, Noel Rivera

Chapter 17. Advanced Troubleshooting

Abstract
This chapter discusses key troubleshooting concepts that aid in resolving advanced network issues. These concepts build on the material covered in Chapter 8 and aid in how to systematically isolate network issues and correct them. This chapter gives examples and steps that can be used to resolve issues dealing with access control lists (ACLs), VNAT, HSRP, VRRP, GLBP, EIGRP, OSPF, BGP, route redistribution, GRE tunnels, IPSec tunnels, and IPv6. There are plenty of exercises at the end of the chapter to reinforce what you have learned.
Chris Carthern, William Wilson, Richard Bedwell, Noel Rivera

Chapter 18. Effective Network Management

Abstract
Chapter 10 introduced the management plane. That chapter focused on the management plane and supporting commands on the router itself. This chapter looks more at enterprise network management. This includes aggregation of log and SNMP data into central tools that are used to monitor and manage the infrastructure.
Chris Carthern, William Wilson, Richard Bedwell, Noel Rivera

Chapter 19. Data Center and NX-OS

Abstract
This chapter discusses the next generation operation system relied upon in many data centers worldwide. The operating system is called NX-OS; it is used in Cisco Nexus switches. NX-OS is similar to Cisco IOS, but different enough to frustrate regular users of Cisco IOS. Some of the commands are the same but others are entirely different. This chapter covers these differences and many of the concepts already covered for IOS, including VLANs, VTP, EIGRP, OSPF, BGP, port channels, port profiles, Fabric Extenders (FEX), Hot Standby Redundancy Protocols (HSRP), virtual device context (VDC), virtual port channels (vPC), and VRF-lite (virtual routing and forwarding).
Chris Carthern, William Wilson, Richard Bedwell, Noel Rivera

Chapter 20. Wireless LAN (WLAN)

Abstract
This chapter covers WLANs and WLAN standards; the basic components of the Cisco Wireless Network architecture; how to install and configure access points; wireless controller installation and configuration; wireless security; and WLAN threats and vulnerabilities.
Chris Carthern, William Wilson, Richard Bedwell, Noel Rivera

Chapter 21. ASA and IDS

Abstract
No other network security device is as common as the firewall; however, modern firewalls have evolved leaps over the traditional plain state tracking firewalls. Modern firewalls provide options such as traffic normalization, template style policies, application inspection, IDS integration, and VPN capabilities among many other features. Of particular interest and not commonly enabled, perhaps mainly for lack of understanding are the TCP normalization and application inspections features. This chapter gleans over some of these features; however, if you wish to get a deep understanding, we suggest references,, and .
Chris Carthern, William Wilson, Richard Bedwell, Noel Rivera

Chapter 22. Introduction to Network Penetration Testing

Abstract
Penetration testing helps determine the security posture of a network. There are different types of penetration testing that relate to the depth of the test and the level of knowledge of the tester. This chapter provides an introduction to penetration testing.
Chris Carthern, William Wilson, Richard Bedwell, Noel Rivera

Chapter 23. Multiprotocol Label Switching

Abstract
Last, but not least, is a discussion on Multiprotocol Label Switching (MPLS). This chapter provides an overview of MPLS and covers how to configure and troubleshoot it. It also discusses protocols that commonly use MPLS for their underlying transport.
Chris Carthern, William Wilson, Richard Bedwell, Noel Rivera

Backmatter

Weitere Informationen

Premium Partner

    Bildnachweise