Step 1: Determine the network users
Use word processing software to create a network organization structure document.
Examine the FilmCompany case study document and the sample interview.
Identify and list the potential end users.
Diagram the relationship between these users.
Step 2: Assess impact of user network access
Identify and include the different types of existing and potential new network services the listed users may require. Group the users under the type of network services they use
The impact of adding new user groups to the network also needs to be assessed. Identify and include in the network organization structure document:
• New user groups
• The type of access required
• Where access is allowed
• The overall impact on security
Save your network user structure document and network organization diagram and retain it for the next stages of this network design case study.
Step 3: Reflection
The total number of users has a direct impact on the scale of the network at the Access Layer. The type of users and the services they require also have implications for the network structure. Discuss and consider the impact that the range of network services required by even a relatively small number of users can have on the network structure
Rabu, 05 Januari 2011
Tugas CCNA 4 Lab 2.1.6 Observing Traffic Using Cisco Network Assistant
Step 1: Establish the network baseline criteria
Network baselining is the measuring and rating of the performance of a network as it transports data in real time.
Step 2: Configure network connectivity
NOTE: If the PCs used in this lab are also connected to your Academy LAN or to the Internet, ensure that you record the cable connections and TCP/IP settings so these can be restored at the conclusion of the lab.
Connect the devices in accordance with the given topology and configuration. Your instructor may substitute Discovery Server with an equivalent server for this lab.
See your instructor regarding device configuration. If the devices are not configured, then from the Admin PC, establish a terminal session in turn to each switch and the router using HyperTerminal or TeraTerm. Configure these devices in accordance with the configuration details provided.
Ping between all devices to confirm network connectivity. Troubleshoot and establish connectivity if
the pings fail.
Step 3: Set up Cisco Network Assistant
From the Admin PC, launch the Cisco Network Assistant program.
Set Cisco Network Assistant to discover the network. One method is to establish a “community” of devices. From the Application menu, click Communities.
In the Communities window, click Create.
In the Name field, enter FilmCompany.
List the four options available in the Discover field:
From the Discover drop-down list, select Devices in an IP address range.
At the Start IP address, enter 10.0.0.1
At the End IP address, enter 10.0.0.5
Click Start. The devices found will be listed.
Click OK on the Create Community and Communities dialog boxes. Note the range of icons now available on the top toolbar.
Click the Topology icon on the top toolbar and view the topology that Cisco Network Assistant has created.
Step 4: Examine Cisco Network Assistant features
Cisco Network Assistant provides a range of features to display text and graphical information about the network devices. From the topology view window, right click each device’s ID and select properties. What protocol is used to discover and obtain the device information displayed?
Jawaban: Cisco Discovery Protocol
Step 5: Examine sample Cisco Network Assistant output
Once devices are added to the community, the links can be monitored from the Monitor tab of Cisco Network Assistant.
Step 6: Clean up
Erase the configurations and reload the routers and switches. Disconnect and store the cabling. For PC hosts that are normally connected to other networks (such as the school LAN or to the Internet), reconnect the appropriate cabling and restore the TCP/IP settings.
Challenge
This lab focused on monitoring individual devices in a network. Consider, research, and discuss the network factors that should be included in network baseline measurements. Responses vary but examples include:
• Testing and reporting of the physical connectivity
• Normal network utilization
• Peak network utilization
• Average throughput of the network usage
• Protocol usage
In-depth network analysis can identify problems with speed and accessibility and can find vulnerabilities and other problems within the network. Once a network baseline has been established, this information can be ensure the current network is optimized for peak performance. Network analysis techniques include:
• Physical health analysis
• Broadcast storm analysis
• Network capacity overload analysis
• Network throughput analysis
• Transport and file retransmission analysis
• Packet route and path cost analysis
• End-to-end file transfer analysis
Network baselining is the measuring and rating of the performance of a network as it transports data in real time.
Step 2: Configure network connectivity
NOTE: If the PCs used in this lab are also connected to your Academy LAN or to the Internet, ensure that you record the cable connections and TCP/IP settings so these can be restored at the conclusion of the lab.
Connect the devices in accordance with the given topology and configuration. Your instructor may substitute Discovery Server with an equivalent server for this lab.
See your instructor regarding device configuration. If the devices are not configured, then from the Admin PC, establish a terminal session in turn to each switch and the router using HyperTerminal or TeraTerm. Configure these devices in accordance with the configuration details provided.
Ping between all devices to confirm network connectivity. Troubleshoot and establish connectivity if
the pings fail.
Step 3: Set up Cisco Network Assistant
From the Admin PC, launch the Cisco Network Assistant program.
Set Cisco Network Assistant to discover the network. One method is to establish a “community” of devices. From the Application menu, click Communities.
In the Communities window, click Create.
In the Name field, enter FilmCompany.
List the four options available in the Discover field:
From the Discover drop-down list, select Devices in an IP address range.
At the Start IP address, enter 10.0.0.1
At the End IP address, enter 10.0.0.5
Click Start. The devices found will be listed.
Click OK on the Create Community and Communities dialog boxes. Note the range of icons now available on the top toolbar.
Click the Topology icon on the top toolbar and view the topology that Cisco Network Assistant has created.
Step 4: Examine Cisco Network Assistant features
Cisco Network Assistant provides a range of features to display text and graphical information about the network devices. From the topology view window, right click each device’s ID and select properties. What protocol is used to discover and obtain the device information displayed?
Jawaban: Cisco Discovery Protocol
Step 5: Examine sample Cisco Network Assistant output
Once devices are added to the community, the links can be monitored from the Monitor tab of Cisco Network Assistant.
Step 6: Clean up
Erase the configurations and reload the routers and switches. Disconnect and store the cabling. For PC hosts that are normally connected to other networks (such as the school LAN or to the Internet), reconnect the appropriate cabling and restore the TCP/IP settings.
Challenge
This lab focused on monitoring individual devices in a network. Consider, research, and discuss the network factors that should be included in network baseline measurements. Responses vary but examples include:
• Testing and reporting of the physical connectivity
• Normal network utilization
• Peak network utilization
• Average throughput of the network usage
• Protocol usage
In-depth network analysis can identify problems with speed and accessibility and can find vulnerabilities and other problems within the network. Once a network baseline has been established, this information can be ensure the current network is optimized for peak performance. Network analysis techniques include:
• Physical health analysis
• Broadcast storm analysis
• Network capacity overload analysis
• Network throughput analysis
• Transport and file retransmission analysis
• Packet route and path cost analysis
• End-to-end file transfer analysis
Tugas CCNA 4 Lab 2.1.3 Creating a Project Plan
Step 1: Evaluate the current network, operations, and network management infrastructure
Use word processing software to create a Project Plan Checklist document based on this lab.
From the case study, document, identify, and assess the current state of the following factors:
Assess the ability of the current operations and network management infrastructure to support a new technology solution. On the checklist, list the following categories and include what changes must be completed before the implementation of any new technology solution.
• Infrastructure
• Personnel
• Processes
• Tools
Identify and add to the checklist any custom applications that may be required for the new network.
Step 2: Outline the project plan
To manage the project, the project plan includes five components. List these five components and an example of each, and then add them to the checklist. Jawaban: 1) Tasks· (Install wireless Access Points, configure routers), 2) Timelines and critical milestones· (Calendar or chart), 3) Risks and constraints· (Temporary loss of services, budget), 4) Responsibilities· (Allocation of tasks), 5) Resources required: (Cabling, equipment, time, specialist skills)
The plan needs to be within the scope, cost, and resource limits established by the business goals.
The FilmCompany and the stadium management need to assign staff to manage the project from each of their perspectives
Save your Project Plan Checklist document. You will use it during the next stages of this network design case study.
Step 3: Reflection
Sometimes apparent urgency, pressure to present results, and enthusiasm for a project can create a work environment that causes projects to be started before proper planning has been completed. Consider and discuss the potential problems that result from starting a network upgrade before completely assessing the existing network.
Category:
Use word processing software to create a Project Plan Checklist document based on this lab.
From the case study, document, identify, and assess the current state of the following factors:
Assess the ability of the current operations and network management infrastructure to support a new technology solution. On the checklist, list the following categories and include what changes must be completed before the implementation of any new technology solution.
• Infrastructure
• Personnel
• Processes
• Tools
Identify and add to the checklist any custom applications that may be required for the new network.
Step 2: Outline the project plan
To manage the project, the project plan includes five components. List these five components and an example of each, and then add them to the checklist. Jawaban: 1) Tasks· (Install wireless Access Points, configure routers), 2) Timelines and critical milestones· (Calendar or chart), 3) Risks and constraints· (Temporary loss of services, budget), 4) Responsibilities· (Allocation of tasks), 5) Resources required: (Cabling, equipment, time, specialist skills)
The plan needs to be within the scope, cost, and resource limits established by the business goals.
The FilmCompany and the stadium management need to assign staff to manage the project from each of their perspectives
Save your Project Plan Checklist document. You will use it during the next stages of this network design case study.
Step 3: Reflection
Sometimes apparent urgency, pressure to present results, and enthusiasm for a project can create a work environment that causes projects to be started before proper planning has been completed. Consider and discuss the potential problems that result from starting a network upgrade before completely assessing the existing network.
Category:
Tugas CCNA 4 Lab 1.4.6B Implementing Port Security
Step 1: Prepare the switch for configuration
NOTE: If the PCs used in this lab are also connected to your Academy LAN or to the Internet, ensure that you record the cable connections and TCP/IP settings so these can be restored at the conclusion of the lab.
Referring to the topology diagram, connect the console (or rollover) cable to the console port on the switch and the other cable end to the host computer with a DB-9 or DB-25 adapter to the COM 1 port. Ensure that power has been applied to both the host computer and switch.
Establish a console terminal session from PC1 to switch S1.
Prepare the switch for lab configuration by ensuring that all existing VLAN and general configurations are removed.
Power cycle the switch and exit the initial configuration setup when the switch restarts.
Step 2: Configure the switch
Configure the hostname and VLAN 1 interface IP address as shown in the table.
Step 3: Configure the hosts attached to the switch
Configure the two PCs to use the same IP subnet for the address and mask as shown in the table.
Connect PC1 to switch port Fa0/1 and PC2 to switch port Fa0/4. The Linksys device is not connected at this stage of the lab.
Step 4: Verify host connectivity
Ping between all PCs and the switch to verify correct configuration. If any ping was not successful, troubleshoot the hosts and switch configurations.
Step 5: Record the host MAC addresses
Determine and record the Layer 2 addresses of the PC network interface cards.
(For Windows 2000, XP, or Vista, check by using Start > Run > cmd > ipconfig /all.)
PC1 MAC Address: _______________________________ e.g., 00-07-EC-93-3CD1
PC2 MAC Address: _______________________________ e.g., 00-01-C7-E4-ED-E6
Step 6: Determine what MAC addresses the switch has learned
At the privileged EXEC mode prompt, issue the show mac-address-table command to display the PC MAC addresses that the switch has learned.
FC-ASW-1#show mac-address-table
Record the details displayed in the table.
____________________________________________________________________________
____________________________________________________________________________
Mac Address Table
——————————————-
Vlan Mac Address Type Ports
—- ———– ——– —–
1 0001.c7e4.ede6 DYNAMIC Fa0/1
1 0007.ec93.3cd1 DYNAMIC Fa0/4
NOTE: The MAC addresses above are examples only.
Note the MAC addresses shown and the associated switch ports. Confirm that these addresses
Task 2 Configure and Test the Switch for Dynamic Port Security
Step 1: Set port security options
Disconnect all PCs Ethernet cables from the switch ports.
Ensure that the MAC address table is clear of entries. To confirm this, issue the clear macaddress-
table dynamic and show mac-address-table commands.
a. Clear the MAC address table entries.
FC-ASW-1#clear mac-address-table dynamic
b. Issue the show mac-address-table command.
Record the table entries.
____________________________________________________________________________
____________________________________________________________________________
____________________________________________________________________________
____________________________________________________________________________
Mac Address Table
——————————————-
Vlan Mac Address Type Ports
—- ———– ——– —–
Determine the options for setting port security on interface FastEthernet 0/4. From the global configuration mode, enter interface fastethernet 0/4.
FC-ASW-1(config)#interface fa 0/4
Enabling switch port security provides options, such as specifying what happens when a security setting is violated.
To configure the switch port FastEthernet 0/4 to accept only the first device connected to the port, issue the following commands from the configuration mode:
FC-ASW-1(config-if)#switchport mode access
FC-ASW-1(config-if)#switchport port-security
In the event of a security violation, the interface should be shut down. Set the port security action to shutdown:
FC-ASW-1(config-if)#switchport port-security violation shutdown
FC-ASW-1(config-if)#switchport port-security mac-address sticky
What other action options are available with port security?Jawaban: protect, restrict
Exit the configuration mode.
Step 2: Verify the configuration
Display the running configuration.
What statements in the configuration directly reflect the security implementation?
Show the port security settings. FC-ASW-1#show port-security interface fastethernet 0/4
Record the details displayed in the table.
Port Security : Enabled
Port Status : Secure-down
Violation Mode : Shutdown
Aging Time : 0 mins
Aging Type : Absolute
SecureStatic Address Aging : Disabled
Maximum MAC Addresses : 1
Total MAC Addresses : 0
Configured MAC Addresses : 0
Sticky MAC Addresses : 0
Last Source Address:Vlan : 0000.0000.0000:0
Security Violation Count : 0
Step 3: Verify the port security
Connect PC1 to switch port Fa0/1 and PC2 to switch port Fa0/4.
From the command prompt ping from PC1 to PC2.
From the command prompt ping from PC2 to PC1.
From the console terminal session, issue the show mac-address-table command.
Show the port security settings.
FC-ASW-1#show port-security interface fastethernet 0/4
Record the details displayed in the table.
Port Security : Enabled
Port Status : Secure-down
Violation Mode : Shutdown
Aging Time : 0 mins
Aging Type : Absolute
SecureStatic Address Aging : Disabled
Maximum MAC Addresses : 1
Total MAC Addresses : 0
Configured MAC Addresses : 0
Sticky MAC Addresses : 0
Last Source Address:Vlan : 0000.0000.0000:0
Security Violation Count : 0
Step 4: Test the port security
Disconnect PC2 from Fa0/4
Connect PC2 to the Linksys using one of the ports on the Linksys LAN switch.
Use the Basic Setup tab to configure the Internet IP address on the Linksys device to the address and mask, as shown in the table.
Step 5: Reactivate the port
If a security violation occurs and the port is shut down, enter interface Fa0/4 configuration mode, disconnect the offending device, and use the shutdown command to temporarily disable the port.
Disconnect the Linksys and reconnect PC2 to port Fa0/4. Issue the no shutdown command on the
Step 6: Discuss switch port security using dynamic MAC address assignment
Step 7: Clean up
Erase the configurations and reload the switches. Disconnect and store the cabling. For PC hosts that are normally connected to other networks (such as the school LAN or to the Internet), reconnect the appropriate cabling and restore the TCP/IP settings.
Task 3: Reflection
When considering designing a typical enterprise network, it is necessary to think about points of security vulnerability at the Access Layer. Discuss which Access Layer switches should have port security and those for which it may not be appropriate. Include possible future issues in regard to wireless and guest access to the network.
Jawaban:
• What types of hosts are connected to the switch; e.g., general PCs, IP phones, printers, servers.
• The type of users – employees or guests
• Where access is made – in secure office or in public area
• Type of access – wired or wireless
• Investigating the security features available on different switch platforms
• How port security policies can be implemented and managed.
• Static versus dynamic port security
NOTE: If the PCs used in this lab are also connected to your Academy LAN or to the Internet, ensure that you record the cable connections and TCP/IP settings so these can be restored at the conclusion of the lab.
Referring to the topology diagram, connect the console (or rollover) cable to the console port on the switch and the other cable end to the host computer with a DB-9 or DB-25 adapter to the COM 1 port. Ensure that power has been applied to both the host computer and switch.
Establish a console terminal session from PC1 to switch S1.
Prepare the switch for lab configuration by ensuring that all existing VLAN and general configurations are removed.
Power cycle the switch and exit the initial configuration setup when the switch restarts.
Step 2: Configure the switch
Configure the hostname and VLAN 1 interface IP address as shown in the table.
Step 3: Configure the hosts attached to the switch
Configure the two PCs to use the same IP subnet for the address and mask as shown in the table.
Connect PC1 to switch port Fa0/1 and PC2 to switch port Fa0/4. The Linksys device is not connected at this stage of the lab.
Step 4: Verify host connectivity
Ping between all PCs and the switch to verify correct configuration. If any ping was not successful, troubleshoot the hosts and switch configurations.
Step 5: Record the host MAC addresses
Determine and record the Layer 2 addresses of the PC network interface cards.
(For Windows 2000, XP, or Vista, check by using Start > Run > cmd > ipconfig /all.)
PC1 MAC Address: _______________________________ e.g., 00-07-EC-93-3CD1
PC2 MAC Address: _______________________________ e.g., 00-01-C7-E4-ED-E6
Step 6: Determine what MAC addresses the switch has learned
At the privileged EXEC mode prompt, issue the show mac-address-table command to display the PC MAC addresses that the switch has learned.
FC-ASW-1#show mac-address-table
Record the details displayed in the table.
____________________________________________________________________________
____________________________________________________________________________
Mac Address Table
——————————————-
Vlan Mac Address Type Ports
—- ———– ——– —–
1 0001.c7e4.ede6 DYNAMIC Fa0/1
1 0007.ec93.3cd1 DYNAMIC Fa0/4
NOTE: The MAC addresses above are examples only.
Note the MAC addresses shown and the associated switch ports. Confirm that these addresses
Task 2 Configure and Test the Switch for Dynamic Port Security
Step 1: Set port security options
Disconnect all PCs Ethernet cables from the switch ports.
Ensure that the MAC address table is clear of entries. To confirm this, issue the clear macaddress-
table dynamic and show mac-address-table commands.
a. Clear the MAC address table entries.
FC-ASW-1#clear mac-address-table dynamic
b. Issue the show mac-address-table command.
Record the table entries.
____________________________________________________________________________
____________________________________________________________________________
____________________________________________________________________________
____________________________________________________________________________
Mac Address Table
——————————————-
Vlan Mac Address Type Ports
—- ———– ——– —–
Determine the options for setting port security on interface FastEthernet 0/4. From the global configuration mode, enter interface fastethernet 0/4.
FC-ASW-1(config)#interface fa 0/4
Enabling switch port security provides options, such as specifying what happens when a security setting is violated.
To configure the switch port FastEthernet 0/4 to accept only the first device connected to the port, issue the following commands from the configuration mode:
FC-ASW-1(config-if)#switchport mode access
FC-ASW-1(config-if)#switchport port-security
In the event of a security violation, the interface should be shut down. Set the port security action to shutdown:
FC-ASW-1(config-if)#switchport port-security violation shutdown
FC-ASW-1(config-if)#switchport port-security mac-address sticky
What other action options are available with port security?Jawaban: protect, restrict
Exit the configuration mode.
Step 2: Verify the configuration
Display the running configuration.
What statements in the configuration directly reflect the security implementation?
Show the port security settings. FC-ASW-1#show port-security interface fastethernet 0/4
Record the details displayed in the table.
Port Security : Enabled
Port Status : Secure-down
Violation Mode : Shutdown
Aging Time : 0 mins
Aging Type : Absolute
SecureStatic Address Aging : Disabled
Maximum MAC Addresses : 1
Total MAC Addresses : 0
Configured MAC Addresses : 0
Sticky MAC Addresses : 0
Last Source Address:Vlan : 0000.0000.0000:0
Security Violation Count : 0
Step 3: Verify the port security
Connect PC1 to switch port Fa0/1 and PC2 to switch port Fa0/4.
From the command prompt ping from PC1 to PC2.
From the command prompt ping from PC2 to PC1.
From the console terminal session, issue the show mac-address-table command.
Show the port security settings.
FC-ASW-1#show port-security interface fastethernet 0/4
Record the details displayed in the table.
Port Security : Enabled
Port Status : Secure-down
Violation Mode : Shutdown
Aging Time : 0 mins
Aging Type : Absolute
SecureStatic Address Aging : Disabled
Maximum MAC Addresses : 1
Total MAC Addresses : 0
Configured MAC Addresses : 0
Sticky MAC Addresses : 0
Last Source Address:Vlan : 0000.0000.0000:0
Security Violation Count : 0
Step 4: Test the port security
Disconnect PC2 from Fa0/4
Connect PC2 to the Linksys using one of the ports on the Linksys LAN switch.
Use the Basic Setup tab to configure the Internet IP address on the Linksys device to the address and mask, as shown in the table.
Step 5: Reactivate the port
If a security violation occurs and the port is shut down, enter interface Fa0/4 configuration mode, disconnect the offending device, and use the shutdown command to temporarily disable the port.
Disconnect the Linksys and reconnect PC2 to port Fa0/4. Issue the no shutdown command on the
Step 6: Discuss switch port security using dynamic MAC address assignment
Step 7: Clean up
Erase the configurations and reload the switches. Disconnect and store the cabling. For PC hosts that are normally connected to other networks (such as the school LAN or to the Internet), reconnect the appropriate cabling and restore the TCP/IP settings.
Task 3: Reflection
When considering designing a typical enterprise network, it is necessary to think about points of security vulnerability at the Access Layer. Discuss which Access Layer switches should have port security and those for which it may not be appropriate. Include possible future issues in regard to wireless and guest access to the network.
Jawaban:
• What types of hosts are connected to the switch; e.g., general PCs, IP phones, printers, servers.
• The type of users – employees or guests
• Where access is made – in secure office or in public area
• Type of access – wired or wireless
• Investigating the security features available on different switch platforms
• How port security policies can be implemented and managed.
• Static versus dynamic port security
Tugas CCNA 4 Lab 1.4.6A Gaining Physical Access to the Network
Step 1: Attempt login to the router
NOTE: If the PC used in this lab is also connected to your Academy LAN or to the Internet, ensure that you record the cable connections and TCP/IP settings so these can be restored at the conclusion of the lab.
Referring to the Topology 1, connect the host PC NIC Ethernet port to the router Fa0/0 Ethernet port using a crossover cable. Ensure that power has been applied to both the host computer and router.
Using the given preconfigured topology, attempt to telnet to the router from the PC command line.
When this attempt at remote login fails, establish a direct physical connection to the router by making the necessary console connections between the PC and router. Then establish a terminal session using HyperTerminal or TeraTerm. What does the message-of-the-day display? Jawaban: ONLY AUTHORIZED ACCESS TO THIS DEVICE PERMITTED Unauthorized access will be penalized in accordance with the relevant laws
Attempt to log in by guessing the password.
How many login attempts are allowed? __________ 3
What message is displayed to indicate failure of the log-in attempts? Jawaban: % Bad passwords
The configuration register needs to be changed so that the startup-configuration is not loaded. Normally, this is this done from the global configuration mode, but because you cannot log in at all, the boot process must first be interrupted so that the change can be made in the ROM Monitor mode.
Step 2: Enter the ROM Monitor mode
ROM Monitor mode (ROMMON) is a limited command-line environment used for special purposes, such as low-level troubleshooting and debugging. ROMMON mode is invoked when a Break key sequence sent to the console port interrupts the router boot process. This can only be done via the physical console connection.
The actual Break key sequence depends on the terminal program used:
• With HyperTerminal, the key combination is Ctrl+Break.
• For TeraTerm, it is Alt+b.
The list of standard break key sequences is available at http://www.cisco.com/warp/public/701/61.pdf
To enter ROM Monitor mode, turn the router off, wait a few seconds, and turn it back on.
When the router starts displaying “System Bootstrap, Version …” on the terminal screen, press the Ctrl key and the Break key together if using HyperTerminal, or the Alt key and the b key together if using TeraTerm.
The router will boot in ROM monitor mode. Depending on the router hardware, one of several prompts such as “rommon 1 >” or simply “>” may show.
Step 3: Examine the ROM Monitor mode help
Enter ? at the prompt. The output should be similar to this:
rommon 1 > ?
alias set and display aliases command
boot boot up an external process
break set/show/clear the breakpoint
confreg configuration register utility
context display the context of a loaded image
dev list the device table
dir list files in file system
dis display instruction stream
help monitor builtin command help
history monitor command history
meminfo main memory information
repeat repeat a monitor command
reset system reset
set display the monitor variables
sysret print out info from last system return
tftpdnld tftp image download
xmodem x/ymodem image download
Step 4: Change the configuration register setting to boot without loading configuration file
From the ROM Monitor mode, enter confreg 0×2142 to change the config-register. rommon 2 > confreg 0×2142
NOTE: The ROMMON prompt increments when a command is issued – this is normal behavior. The increment does not mean a change of mode. The same ROMMON commands are still available. “0x” (zero- x) denotes that 2142 is a hexadecimal value. What is this value in binary?
Step 5: Restart router
From the ROM Monitor mode, enter reset, or power cycle the router. rommon 3 > reset
Due to the new configuration register setting, the router will not load the configuration file. After restarting, the system prompts:
“Would you like to enter the initial configuration dialog? [yes/no]:”
Enter no and press Enter.
Step 6: Enter Privileged EXEC mode and view and change passwords
The router is now running without a loaded configuration file.
At the user mode prompt Router>, enter enable and press Enter to go to the privileged mode without a password.
Use the command copy startup-config running-config to restore the existing configuration. Because the user is already in privileged EXEC, no password is needed.
Enter show running-config to display the configuration details. Note that all the passwords are shown.
enable password different
line con 0 password unusual
line vty 0 4 password uncommon
What two measures could be taken to prevent the passwords from being readable? service password encryption, enable secret somepassword
If the passwords were not readable, they can be changed. Enter configure terminal to enter the global configuration mode.
In global configuration mode, use these commands to change the passwords:
FC-CPE-1(config)#enable password cisco
FC-CPE-1(config)#line console 0
FC-CPE-1(config-line)#password console
FC-CPE-1(config-line)#login
FC-CPE-1(config-line)#line vty 0 4
FC-CPE-1(config-line)#password telnet
FC-CPE-1(config-line)#login
Step 7: Change the configuration register setting to boot and load the configuration file
The instructor will provide you with the original configuration register value, most likely 0×2101. While still in the global configuration mode, enter config-register 0×2101 (or the value provided by your instructor). Press Enter. FC-CPE-1(config)#config-register 0×2101
Use the Ctrl+z combination to return to the privileged EXEC mode.
Use the copy running-config startup-config command to save the new configuration.
Before restarting the router, verify the new configuration setting. From the privileged EXEC prompt, enter the show version command and press Enter.
Verify that the last line of the output reads: Configuration register is 0×2142 (will be 0×2101 at next reload).
Use the reload command to restart the router.
Step 8: Verify new password and configuration
When the router reloads, log in and change mode using the new passwords.
Issue the no shutdown command on the fa0/0 interface to bring it up to working status. FC-CPE-1(config-if)# no shutdown
Save the running configuration to startup configuration FC-CPE-1# copy run start
Disconnect the console cable and access the router using Telnet from the PC command line. The newly configured passwords will allow a successful login.
Step 9: Clean up
Erase the configurations and reload the router. Disconnect and store the cabling. For PC hosts that are normally connected to other networks (such as the school LAN or to the Internet), reconnect the appropriate cabling and restore the TCP/IP settings.
Task 2: Access and Change the Switch Passwords
Step 1: Attempt login to the switch
NOTE: If the PC used in this lab is also connected to your Academy LAN or to the Internet, ensure that you record the cable connections and TCP/IP settings so these can be restored at the conclusion of the lab.
Referring to the Topology 2, connect the host PC NIC Ethernet port to the switch Fa0/1 Ethernet port using a straight-through cable. Ensure that power has been applied to both the host computer and switch.
Using the given preconfigured topology, attempt to telnet to the router from the PC command line.
Step 2: Enter the switch: mode
Power off the switch.
Locate the MODE button on the front of the switch.
Hold down the MODE button on the front of the switch while powering on the switch. Release the
MODE button after 10 seconds.
Output similar to the following should be displayed:
Base ethernet MAC Address: 00:0a:b7:72:2b:40
Xmodem file system is available.
The password-recovery mechanism is enabled.
The system has been interrupted prior to initializing the
flash files system. The following commands will initialize
the flash files system, and finish loading the operating
system software:
flash_init
load_helper
boot
switch:
To initialize the file system and finish loading the operating system, enter the following commands at
the switch: prompt:
switch: flash_init
switch: load_helper
To view the contents of flash memory, enter dir flash: at the switch: prompt.
switch: dir flash:
NOTE: Do not forget to type the colon (:) after the word “flash” in the command dir flash:
The file config.txt should be seen listed.
Enter rename flash:config.text flash:config.old to rename the configuration file. This file contains the password definitions.
Enter dir flash: at the switch: prompt to view the name change. switch: dir flash:
Step 3: Restart the switch
Enter boot to restart the switch.
Would you like to terminate autoinstall? [Yes]: Y
Would you like to enter the initial configuration dialog? [yes/no] N Switch>
Step 4: Enter Privileged EXEC mode and view and change passwords
The switch is now running without a loaded configuration file.
At the user mode prompt Router>, type enable and press Enter to go to the privileged mode without a password.
Enter rename flash:config.old flash:config.text to rename the configuration file with its original name.
Switch#rename flash:config.old flash:config.text
Destination filename [config.text]?
Press Enter to confirm file name change.
Copy the configuration file into RAM.
Switch#copy flash:config.text system:running-config
Destination filename [running-config]?
Press Enter to confirm file name.
Press Enter to accept the default file names.
Source filename [config.text]?
Destination filename [running-config]
The configuration file is now loaded.
Enter show running-config to display the configuration details. Note that all the passwords are shown.
enable password different
line con 0 password unusual
line vty 0 4 password uncommon
What two measures could be taken to prevent the passwords from being readable?
____________________________________________ service password encryption
____________________________________________ enable secret somepassword
If the passwords were not readable they can be changed. Enter configure terminal to enter the global configuration mode.
Change the unknown passwords.
FC-ASW-1#configure terminal
FC-ASW-1(config)#enable password cisco
FC-ASW-1(config)#line console 0
FC-ASW-1(config-line)#password console
FC-ASW-1(config-line)#line vty 0 15
FC-ASW-1(config-line)#password telnet
FC-ASW-1(config-line)#exit
FC-ASW-1(config)#exit
Step 5: Save the configuration file
Use the copy running-config startup-config command to save the new configuration.
Step 6: Verify new password and configuration
Power cycle the switch and verify that the passwords are now functional.
Step 7: Clean up
Erase the configurations and reload the switch. Disconnect and store the cabling. For PC hosts that are normally connected to other networks (such as the school LAN or to the Internet), reconnect the appropriate cabling and restore the TCP/IP settings.
Task 3: Reflection
Consider the different methods of securing physical access to networking devices such as routers and
switches. List how only those people who require access can be identified and how this security can be
implemented. Jawaban: Physical security includes locking rooms and closets containing switches and routers. Networking devices sharing common space with other services, such as electrical power panels, should be enclosed in a separated lockable cabinet. Keys and access codes should only be given to identified authorized personnel. People authorized to access the networking devices should include only those network personnel required to configure and troubleshoot switches and routers as part of their regular or daily duties. Other IT personnel such as help desk staff, data center administrators, or desktop support workers would normally not be required to access switches and routers.
NOTE: If the PC used in this lab is also connected to your Academy LAN or to the Internet, ensure that you record the cable connections and TCP/IP settings so these can be restored at the conclusion of the lab.
Referring to the Topology 1, connect the host PC NIC Ethernet port to the router Fa0/0 Ethernet port using a crossover cable. Ensure that power has been applied to both the host computer and router.
Using the given preconfigured topology, attempt to telnet to the router from the PC command line.
When this attempt at remote login fails, establish a direct physical connection to the router by making the necessary console connections between the PC and router. Then establish a terminal session using HyperTerminal or TeraTerm. What does the message-of-the-day display? Jawaban: ONLY AUTHORIZED ACCESS TO THIS DEVICE PERMITTED Unauthorized access will be penalized in accordance with the relevant laws
Attempt to log in by guessing the password.
How many login attempts are allowed? __________ 3
What message is displayed to indicate failure of the log-in attempts? Jawaban: % Bad passwords
The configuration register needs to be changed so that the startup-configuration is not loaded. Normally, this is this done from the global configuration mode, but because you cannot log in at all, the boot process must first be interrupted so that the change can be made in the ROM Monitor mode.
Step 2: Enter the ROM Monitor mode
ROM Monitor mode (ROMMON) is a limited command-line environment used for special purposes, such as low-level troubleshooting and debugging. ROMMON mode is invoked when a Break key sequence sent to the console port interrupts the router boot process. This can only be done via the physical console connection.
The actual Break key sequence depends on the terminal program used:
• With HyperTerminal, the key combination is Ctrl+Break.
• For TeraTerm, it is Alt+b.
The list of standard break key sequences is available at http://www.cisco.com/warp/public/701/61.pdf
To enter ROM Monitor mode, turn the router off, wait a few seconds, and turn it back on.
When the router starts displaying “System Bootstrap, Version …” on the terminal screen, press the Ctrl key and the Break key together if using HyperTerminal, or the Alt key and the b key together if using TeraTerm.
The router will boot in ROM monitor mode. Depending on the router hardware, one of several prompts such as “rommon 1 >” or simply “>” may show.
Step 3: Examine the ROM Monitor mode help
Enter ? at the prompt. The output should be similar to this:
rommon 1 > ?
alias set and display aliases command
boot boot up an external process
break set/show/clear the breakpoint
confreg configuration register utility
context display the context of a loaded image
dev list the device table
dir list files in file system
dis display instruction stream
help monitor builtin command help
history monitor command history
meminfo main memory information
repeat repeat a monitor command
reset system reset
set display the monitor variables
sysret print out info from last system return
tftpdnld tftp image download
xmodem x/ymodem image download
Step 4: Change the configuration register setting to boot without loading configuration file
From the ROM Monitor mode, enter confreg 0×2142 to change the config-register. rommon 2 > confreg 0×2142
NOTE: The ROMMON prompt increments when a command is issued – this is normal behavior. The increment does not mean a change of mode. The same ROMMON commands are still available. “0x” (zero- x) denotes that 2142 is a hexadecimal value. What is this value in binary?
Step 5: Restart router
From the ROM Monitor mode, enter reset, or power cycle the router. rommon 3 > reset
Due to the new configuration register setting, the router will not load the configuration file. After restarting, the system prompts:
“Would you like to enter the initial configuration dialog? [yes/no]:”
Enter no and press Enter.
Step 6: Enter Privileged EXEC mode and view and change passwords
The router is now running without a loaded configuration file.
At the user mode prompt Router>, enter enable and press Enter to go to the privileged mode without a password.
Use the command copy startup-config running-config to restore the existing configuration. Because the user is already in privileged EXEC, no password is needed.
Enter show running-config to display the configuration details. Note that all the passwords are shown.
enable password different
line con 0 password unusual
line vty 0 4 password uncommon
What two measures could be taken to prevent the passwords from being readable? service password encryption, enable secret somepassword
If the passwords were not readable, they can be changed. Enter configure terminal to enter the global configuration mode.
In global configuration mode, use these commands to change the passwords:
FC-CPE-1(config)#enable password cisco
FC-CPE-1(config)#line console 0
FC-CPE-1(config-line)#password console
FC-CPE-1(config-line)#login
FC-CPE-1(config-line)#line vty 0 4
FC-CPE-1(config-line)#password telnet
FC-CPE-1(config-line)#login
Step 7: Change the configuration register setting to boot and load the configuration file
The instructor will provide you with the original configuration register value, most likely 0×2101. While still in the global configuration mode, enter config-register 0×2101 (or the value provided by your instructor). Press Enter. FC-CPE-1(config)#config-register 0×2101
Use the Ctrl+z combination to return to the privileged EXEC mode.
Use the copy running-config startup-config command to save the new configuration.
Before restarting the router, verify the new configuration setting. From the privileged EXEC prompt, enter the show version command and press Enter.
Verify that the last line of the output reads: Configuration register is 0×2142 (will be 0×2101 at next reload).
Use the reload command to restart the router.
Step 8: Verify new password and configuration
When the router reloads, log in and change mode using the new passwords.
Issue the no shutdown command on the fa0/0 interface to bring it up to working status. FC-CPE-1(config-if)# no shutdown
Save the running configuration to startup configuration FC-CPE-1# copy run start
Disconnect the console cable and access the router using Telnet from the PC command line. The newly configured passwords will allow a successful login.
Step 9: Clean up
Erase the configurations and reload the router. Disconnect and store the cabling. For PC hosts that are normally connected to other networks (such as the school LAN or to the Internet), reconnect the appropriate cabling and restore the TCP/IP settings.
Task 2: Access and Change the Switch Passwords
Step 1: Attempt login to the switch
NOTE: If the PC used in this lab is also connected to your Academy LAN or to the Internet, ensure that you record the cable connections and TCP/IP settings so these can be restored at the conclusion of the lab.
Referring to the Topology 2, connect the host PC NIC Ethernet port to the switch Fa0/1 Ethernet port using a straight-through cable. Ensure that power has been applied to both the host computer and switch.
Using the given preconfigured topology, attempt to telnet to the router from the PC command line.
Step 2: Enter the switch: mode
Power off the switch.
Locate the MODE button on the front of the switch.
Hold down the MODE button on the front of the switch while powering on the switch. Release the
MODE button after 10 seconds.
Output similar to the following should be displayed:
Base ethernet MAC Address: 00:0a:b7:72:2b:40
Xmodem file system is available.
The password-recovery mechanism is enabled.
The system has been interrupted prior to initializing the
flash files system. The following commands will initialize
the flash files system, and finish loading the operating
system software:
flash_init
load_helper
boot
switch:
To initialize the file system and finish loading the operating system, enter the following commands at
the switch: prompt:
switch: flash_init
switch: load_helper
To view the contents of flash memory, enter dir flash: at the switch: prompt.
switch: dir flash:
NOTE: Do not forget to type the colon (:) after the word “flash” in the command dir flash:
The file config.txt should be seen listed.
Enter rename flash:config.text flash:config.old to rename the configuration file. This file contains the password definitions.
Enter dir flash: at the switch: prompt to view the name change. switch: dir flash:
Step 3: Restart the switch
Enter boot to restart the switch.
Would you like to terminate autoinstall? [Yes]: Y
Would you like to enter the initial configuration dialog? [yes/no] N Switch>
Step 4: Enter Privileged EXEC mode and view and change passwords
The switch is now running without a loaded configuration file.
At the user mode prompt Router>, type enable and press Enter to go to the privileged mode without a password.
Enter rename flash:config.old flash:config.text to rename the configuration file with its original name.
Switch#rename flash:config.old flash:config.text
Destination filename [config.text]?
Press Enter to confirm file name change.
Copy the configuration file into RAM.
Switch#copy flash:config.text system:running-config
Destination filename [running-config]?
Press Enter to confirm file name.
Press Enter to accept the default file names.
Source filename [config.text]?
Destination filename [running-config]
The configuration file is now loaded.
Enter show running-config to display the configuration details. Note that all the passwords are shown.
enable password different
line con 0 password unusual
line vty 0 4 password uncommon
What two measures could be taken to prevent the passwords from being readable?
____________________________________________ service password encryption
____________________________________________ enable secret somepassword
If the passwords were not readable they can be changed. Enter configure terminal to enter the global configuration mode.
Change the unknown passwords.
FC-ASW-1#configure terminal
FC-ASW-1(config)#enable password cisco
FC-ASW-1(config)#line console 0
FC-ASW-1(config-line)#password console
FC-ASW-1(config-line)#line vty 0 15
FC-ASW-1(config-line)#password telnet
FC-ASW-1(config-line)#exit
FC-ASW-1(config)#exit
Step 5: Save the configuration file
Use the copy running-config startup-config command to save the new configuration.
Step 6: Verify new password and configuration
Power cycle the switch and verify that the passwords are now functional.
Step 7: Clean up
Erase the configurations and reload the switch. Disconnect and store the cabling. For PC hosts that are normally connected to other networks (such as the school LAN or to the Internet), reconnect the appropriate cabling and restore the TCP/IP settings.
Task 3: Reflection
Consider the different methods of securing physical access to networking devices such as routers and
switches. List how only those people who require access can be identified and how this security can be
implemented. Jawaban: Physical security includes locking rooms and closets containing switches and routers. Networking devices sharing common space with other services, such as electrical power panels, should be enclosed in a separated lockable cabinet. Keys and access codes should only be given to identified authorized personnel. People authorized to access the networking devices should include only those network personnel required to configure and troubleshoot switches and routers as part of their regular or daily duties. Other IT personnel such as help desk staff, data center administrators, or desktop support workers would normally not be required to access switches and routers.
Tugas CCNA 4 Lab 1.4.5 Identifying Network Vulnerabilities
Step 1: Open the SANS Top 20 List
Using a web browser, go to http://www.sans.org/. On the resources menu, choose top 20 list. The SANS Top-20 Internet Security Attack Targets list is organized by category. An identifying letter indicates the category type, and numbers separate category topics. Router and switch topics fall under the Network Devices category, N. There are two major hyperlink topics:
N1. VoIP Servers and Phones
N2. Network and Other Devices Common Configuration Weaknesses
Step 2: Review common configuration weaknesses
Click hyperlink N2. Network and Other Devices Common Configuration Weaknesses.
List the four headings in this topic.
Step 3: Review common default configuration issues
Review the contents of N2.2 Common Default Configuration Issues. As an example, N.2.2.2 (in January 2007) contains information about threats associated with default accounts and values. A Google search on “wireless router passwords” returns links to multiple sites that publish a list of wireless router default administrator account names and passwords. Failure to change the default password on these devices can lead to compromised security and vulnerability to attackers.
Step 4: Note the CVE references
The last line under several topics cites references to CVE or Common Vulnerability Exposure. The CVE name is linked to the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD), sponsored by the United States Department of Homeland Security (DHS) National Cyber Security Division and US-CERT, which contains information about the vulnerability.
Step 5: Investigate a topic and associated CVE hyperlink
The remainder of this lab walks you through a vulnerability investigation and solution. Choose a topic to investigate, and click on an associated CVE hyperlink. The link should open a new web browser connected to http://nvd.nist.gov/ and the vulnerability summary page for the CVE.
NOTE: Because the CVE list changes, the current list may not contain the same vulnerabilities as
those in January 2007.
Step 6: Record vulnerability information
Complete the information about the vulnerability. Answers vary
Original release date: ____________________________
Last revised: ___________________________________
Source: _______________________________________
Overview: _____________________________________
Step 7: Record the vulnerability impact
Under Impact, there are several values. The Common Vulnerability Scoring System (CVSS) severity is
displayed and contains a value between 1 and 10. Complete the information about the vulnerability impact. Answers vary CVSS Severity
Access Complexity: ______________________________________________
Authentication: __________________________________________________
Impact Type: ___________________________________________________
Step 8: Record the solution
The References to Advisories, Solutions, and Tools section contains links with information about the
vulnerability and possible solutions. Jawaban: Using the hyperlinks, write a brief description of the solution found on those pages. Answers vary
Step 9: Reflection
The number of vulnerabilities to computers, networks, and data, continues to increase. Many national governments have dedicated significant resources to coordinating and disseminating information about security vulnerability and possible solutions. It remains the responsibility of the end user to implement the solution. Think of ways that users can help strengthen security. Write down some user habits that create security risks.
Jawaban: Using weak passwords, Writing down passwords, Not changing passwords frequently, Not securing workstations when leaving them unattended, Not following procedures or protocols when divulging network information (checking a person’s identity and clearance to have that information). Creating a “work-around” solution to a current security requirement (if it impedes a work process) instead of formally requesting that the issue be reviewed and amended. (Network administrators also need to be aware that network functionality is essential and that implementing security measures that render a business network feature inoperable is not viable.).
Using a web browser, go to http://www.sans.org/. On the resources menu, choose top 20 list. The SANS Top-20 Internet Security Attack Targets list is organized by category. An identifying letter indicates the category type, and numbers separate category topics. Router and switch topics fall under the Network Devices category, N. There are two major hyperlink topics:
N1. VoIP Servers and Phones
N2. Network and Other Devices Common Configuration Weaknesses
Step 2: Review common configuration weaknesses
Click hyperlink N2. Network and Other Devices Common Configuration Weaknesses.
List the four headings in this topic.
Step 3: Review common default configuration issues
Review the contents of N2.2 Common Default Configuration Issues. As an example, N.2.2.2 (in January 2007) contains information about threats associated with default accounts and values. A Google search on “wireless router passwords” returns links to multiple sites that publish a list of wireless router default administrator account names and passwords. Failure to change the default password on these devices can lead to compromised security and vulnerability to attackers.
Step 4: Note the CVE references
The last line under several topics cites references to CVE or Common Vulnerability Exposure. The CVE name is linked to the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD), sponsored by the United States Department of Homeland Security (DHS) National Cyber Security Division and US-CERT, which contains information about the vulnerability.
Step 5: Investigate a topic and associated CVE hyperlink
The remainder of this lab walks you through a vulnerability investigation and solution. Choose a topic to investigate, and click on an associated CVE hyperlink. The link should open a new web browser connected to http://nvd.nist.gov/ and the vulnerability summary page for the CVE.
NOTE: Because the CVE list changes, the current list may not contain the same vulnerabilities as
those in January 2007.
Step 6: Record vulnerability information
Complete the information about the vulnerability. Answers vary
Original release date: ____________________________
Last revised: ___________________________________
Source: _______________________________________
Overview: _____________________________________
Step 7: Record the vulnerability impact
Under Impact, there are several values. The Common Vulnerability Scoring System (CVSS) severity is
displayed and contains a value between 1 and 10. Complete the information about the vulnerability impact. Answers vary CVSS Severity
Access Complexity: ______________________________________________
Authentication: __________________________________________________
Impact Type: ___________________________________________________
Step 8: Record the solution
The References to Advisories, Solutions, and Tools section contains links with information about the
vulnerability and possible solutions. Jawaban: Using the hyperlinks, write a brief description of the solution found on those pages. Answers vary
Step 9: Reflection
The number of vulnerabilities to computers, networks, and data, continues to increase. Many national governments have dedicated significant resources to coordinating and disseminating information about security vulnerability and possible solutions. It remains the responsibility of the end user to implement the solution. Think of ways that users can help strengthen security. Write down some user habits that create security risks.
Jawaban: Using weak passwords, Writing down passwords, Not changing passwords frequently, Not securing workstations when leaving them unattended, Not following procedures or protocols when divulging network information (checking a person’s identity and clearance to have that information). Creating a “work-around” solution to a current security requirement (if it impedes a work process) instead of formally requesting that the issue be reviewed and amended. (Network administrators also need to be aware that network functionality is essential and that implementing security measures that render a business network feature inoperable is not viable.).
Tugas CCNA 4 Lab 1.4.3 Monitoring VLAN Traffic
Task 1: Demonstrate Broadcasts across a Single LAN
Step 1: Prepare the switch for configuration
NOTE: If the PCs used in this lab are also connected to your Academy LAN or to the Internet, ensure that you record the cable connections and TCP/IP settings so these can be restored at the conclusion of the lab.
Referring to the topology diagram, connect the console (or rollover) cable to the console port on the switch and the other cable end to the host computer with a DB-9 or DB-25 adapter to the COM 1 port. Ensure that power has been applied to both the host computer and switch.
Establish a HyperTerminal, or other terminal emulation program, connection from PC1 to the switch.
Ensure that the switch is ready for lab configuration by verifying that all existing VLAN and general configurations are removed.
1) Remove the switch startup configuration file from NVRAM.
Switch#erase startup-config
Erasing the nvram filesystem will remove all files! Continue? [confirm]
2) Press Enter to confirm.
The response should be:
Erase of nvram: complete
Step 2: Configure the PCs
a. Connect the two PCs to the switch as shown in the topology diagram.
b. Configure the two PCs to have the IP addresses and subnet mask shown in the topology table.
c. Clear the ARP cache on each PC by issuing the arp -d command at the PC command prompt.
d. Confirm that the ARP cache is clear by issuing the arp -a command.
Step 3: Generate and examine ARP broadcasts
Launch Wireshark on each PC and start the packet capture for the traffic seen by the NIC in each PC.
From the command line of each PC, ping all connected devices.
Monitor the operation of Wireshark. Note the ARP traffic registering on each PC.
Stop the Wireshark capture on each PC.
Examine the entries in the Wireshark Packet List (upper) Pane.
Exit Wireshark. (You have the option to save the capture file for later examination.)
Task 2: Demonstrate Broadcasts within Multiple VLANs
Step 1: Configure the VLANs on the switch
Using the established console session from PC1 to the switch, set the hostname by issuing the following command from the global configuration mode:
Switch(config)# hostname FC-ASW-1
Set interfaces Fa0/1 and Fa0/2 to VLAN 10 by issuing the following commands from the global configuration and interface configuration modes:
FC_ASW-1(config)#interface FastEthernet0/1
FC_ASW-1(config-if)#switchport access vlan 10
% Access VLAN does not exist. Creating vlan 10
FC_ASW-1(config-if)#interface FastEthernet0/2
FC_ASW-1(config-if)#switchport access vlan 10
Set interfaces Fa0/3 and Fa0/4 to VLAN 20 by issuing the following commands from the interface configuration mode:
FC_ASW-1(config-if)#interface FastEthernet0/3
FC_ASW-1(config-if)#switchport access vlan 20
% Access VLAN does not exist. Creating vlan 20
FC_ASW-1(config-if)#interface FastEthernet0/4
FC_ASW-1(config-if)#switchport access vlan 20
FC_ASW-1(config-if)#end
Confirm that the interfaces are assigned to the current VLANs by issuing the show vlan command from the Privileged EXEC mode. If the VLANs are not assigned correctly, troubleshoot the command entries shown in Steps 1b and 1c and reconfigure the switch.
Step 2: Prepare the PCs
Clear ARP cache on each PC by issuing the arp -d command at the PC command prompt.
Confirm the ARP cache is clear by issuing the arp -a command.
Step 3: Generate ARP broadcasts
Launch Wireshark on each PC and start the packet capture for the traffic seen by the NIC in each PC.
From the command line of each PC, ping each of the other three devices connected to the switch.
Monitor the operation of Wireshark. Note the ARP traffic registering on the two PCs.
Stop the Wireshark capture on each PC.
Examine the entries in the Wireshark Packet List (upper) Pane.
Exit Wireshark. (You have the option to save the capture file for later examination.)
Step 4: Clean up
Erase the configuration and reload the switch. Disconnect and store the cabling. For PC hosts that are normally connected to other networks (such as the school LAN or to the Internet), reconnect the appropriate cabling and restore the TCP/IP settings.
Task 3: Reflection
Discuss the use of VLANS in keeping data traffic separated. What are the advantages of doing this?
When designing a network list different criteria that could be used to divide a network into VLANs.
Step 1: Prepare the switch for configuration
NOTE: If the PCs used in this lab are also connected to your Academy LAN or to the Internet, ensure that you record the cable connections and TCP/IP settings so these can be restored at the conclusion of the lab.
Referring to the topology diagram, connect the console (or rollover) cable to the console port on the switch and the other cable end to the host computer with a DB-9 or DB-25 adapter to the COM 1 port. Ensure that power has been applied to both the host computer and switch.
Establish a HyperTerminal, or other terminal emulation program, connection from PC1 to the switch.
Ensure that the switch is ready for lab configuration by verifying that all existing VLAN and general configurations are removed.
1) Remove the switch startup configuration file from NVRAM.
Switch#erase startup-config
Erasing the nvram filesystem will remove all files! Continue? [confirm]
2) Press Enter to confirm.
The response should be:
Erase of nvram: complete
Step 2: Configure the PCs
a. Connect the two PCs to the switch as shown in the topology diagram.
b. Configure the two PCs to have the IP addresses and subnet mask shown in the topology table.
c. Clear the ARP cache on each PC by issuing the arp -d command at the PC command prompt.
d. Confirm that the ARP cache is clear by issuing the arp -a command.
Step 3: Generate and examine ARP broadcasts
Launch Wireshark on each PC and start the packet capture for the traffic seen by the NIC in each PC.
From the command line of each PC, ping all connected devices.
Monitor the operation of Wireshark. Note the ARP traffic registering on each PC.
Stop the Wireshark capture on each PC.
Examine the entries in the Wireshark Packet List (upper) Pane.
Exit Wireshark. (You have the option to save the capture file for later examination.)
Task 2: Demonstrate Broadcasts within Multiple VLANs
Step 1: Configure the VLANs on the switch
Using the established console session from PC1 to the switch, set the hostname by issuing the following command from the global configuration mode:
Switch(config)# hostname FC-ASW-1
Set interfaces Fa0/1 and Fa0/2 to VLAN 10 by issuing the following commands from the global configuration and interface configuration modes:
FC_ASW-1(config)#interface FastEthernet0/1
FC_ASW-1(config-if)#switchport access vlan 10
% Access VLAN does not exist. Creating vlan 10
FC_ASW-1(config-if)#interface FastEthernet0/2
FC_ASW-1(config-if)#switchport access vlan 10
Set interfaces Fa0/3 and Fa0/4 to VLAN 20 by issuing the following commands from the interface configuration mode:
FC_ASW-1(config-if)#interface FastEthernet0/3
FC_ASW-1(config-if)#switchport access vlan 20
% Access VLAN does not exist. Creating vlan 20
FC_ASW-1(config-if)#interface FastEthernet0/4
FC_ASW-1(config-if)#switchport access vlan 20
FC_ASW-1(config-if)#end
Confirm that the interfaces are assigned to the current VLANs by issuing the show vlan command from the Privileged EXEC mode. If the VLANs are not assigned correctly, troubleshoot the command entries shown in Steps 1b and 1c and reconfigure the switch.
Step 2: Prepare the PCs
Clear ARP cache on each PC by issuing the arp -d command at the PC command prompt.
Confirm the ARP cache is clear by issuing the arp -a command.
Step 3: Generate ARP broadcasts
Launch Wireshark on each PC and start the packet capture for the traffic seen by the NIC in each PC.
From the command line of each PC, ping each of the other three devices connected to the switch.
Monitor the operation of Wireshark. Note the ARP traffic registering on the two PCs.
Stop the Wireshark capture on each PC.
Examine the entries in the Wireshark Packet List (upper) Pane.
Exit Wireshark. (You have the option to save the capture file for later examination.)
Step 4: Clean up
Erase the configuration and reload the switch. Disconnect and store the cabling. For PC hosts that are normally connected to other networks (such as the school LAN or to the Internet), reconnect the appropriate cabling and restore the TCP/IP settings.
Task 3: Reflection
Discuss the use of VLANS in keeping data traffic separated. What are the advantages of doing this?
When designing a network list different criteria that could be used to divide a network into VLANs.
Tugsa CCNA 4 Lab 1.3.4 Creating an ACL
Step 1: Analyze the traffic filtering requirements
Determine the access and filtering requirements.
For this lab:
PC1 is a network administrator’s workstation. This host must be permitted FTP and HTTP access to the network server, and telnet access to the router FC-CPE-1.
PC2 is a general workstation that is to have HTTP access only. FTP services and Telnet access to the router is not permitted.
Having determined specific requirements, decide if all other traffic is to be allowed or denied. List the benefits and potential problems to the following filtering scenarios:
Step 2: Design and create the ACL
Review, and then apply, ACL recommended practice.
• Always plan thoroughly before implementation.
• The sequence of the statements is important. Put the more specific statements at the beginning and the more general statements at the end.
• Statements are added to the end of the ACL as they are written.
• Create and edit ACLs with a text editor and save the file.
• Use Named ACLs wherever possible.
• Use comments (remark option) within the ACL to document the purpose of the statements.
• To take effect, ACLs must be applied to an interface.
• An interface can have one ACL per Network Layer protocol, per direction.
• Although there is an implicit deny any statement at the end of every ACL, it is good practice to
configure this explicitly. This ensures that you remember that the effect is in place and allows
logging of matches to this statement to be used.
• ACLs with many statements take longer to process, which may affect router performance.
• Placement of ACLs:
o Standard: closest to destination (if have administrative authority on that router)
o Extended: closest to source (if have administrative authority on that router)
Consider the two approaches to writing ACLs:
• Permit specific traffic first and then deny general traffic.
• Deny specific traffic first and then permit general traffic.
Select one approach and write the ACL statements that will meet the requirements of this lab.
Step 3: Cable and configure the given network
NOTE: If the PCs used in this lab are also connected to your Academy LAN or to the Internet, ensure that you record the cable connections and TCP/IP settings so these can be restored at the conclusion of the lab.
Referring to the topology diagram, connect the console (or rollover) cable to the console port on the router and the other cable end to the host computer with a DB-9 or DB-25 adapter to the COM 1 port. Ensure that power has been applied to both the host computer and router.
Connect and configure the devices in accordance with the given topology and configuration. Your instructor may substitute Discovery Server with an equivalent server for this lab.
Establish a HyperTerminal, or other terminal emulation program, from PC1 to Router R1.
From the global configuration mode issue the following commands:
Router(config)#hostname FC-CPE-1
FC-CPE-1(config)#interface FastEthernet0/0
FC-CPE-1(config-if)#ip address 10.0.0.1 255.255.255.0
FC-CPE-1(config-if)#no shutdown
FC-CPE-1(config-if)#exit
FC-CPE-1(config)#interface FastEthernet0/1
FC-CPE-1(config-if)#ip address 172.17.0.1 255.255.0.0
FC-CPE-1(config-if)#no shutdown
FC-CPE-1(config-if)#exit
FC-CPE-1(config)#line vty 0 4
FC-CPE-1(config-line)#password telnet
FC-CPE-1(config-line)#login
FC-CPE-1(config-line)#end
Ping between PC1 and Discovery Server to confirm network connectivity. Troubleshoot and establish connectivity if the pings fail.
Step 4: Test the network services without ACLs Perform the following tests on PC1:
Open a web browser on PC1 and enter the URL http://172.17.1.1 at the address bar. What web page was displayed? Discovery Server Home Page
Open a web browser on PC1 and enter the URL ftp://172.17.1.1 at the address bar. What web page was displayed? Discovery FTP Home Directory
On the Discovery FTP Home Directory, open the Discovery 1 folder. Click and drag a Chapter file to the local Desktop. Did the file copy successfully?
From the PC1 command line prompt, issue the command telnet 10.0.0.1, or use a Telnet client (HyperTerminal or TeraTerm, for example) to establish a Telnet session to the router. What response did the router display?
Step 5: Configure the network services ACL
From the global configuration mode issue the following commands:
Allow PC1 to access the web server and telnet to the router.
Allow PC2 to access the web server.
FC-CPE-1(config-ext-nacl)#remark Allow PC2 to access web server
FC-CPE-1(config-ext-nacl)#permit tcp host 10.0.0.201 host 172.17.1.1 eq
www log
Allow PC1 telnet access to router
FC-CPE-1(config-ext-nacl)#remark Allow PC1 to telnet router
FC-CPE-1(config-ext-nacl)#permit tcp host 10.0.0.10 host 10.0.0.1 eq telnet log
Deny all other traffic.
FC-CPE-1(config-ext-nacl)#remark Deny all other traffic
FC-CPE-1(config-ext-nacl)#deny ip any any log
FC-CPE-1(config-ext-nacl)#exit
Step 6: Apply the ACLs
Apply the Extended ACL to the router interface closest to the source.
FC-CPE-1(config)#interface FastEthernet0/0
FC-CPE-1(config-if)#ip access-group Server-Access in
FC-CPE-1(config-if)#end
From the Privileged EXEC mode, issue the show running-configuration command and confirm that the ACLs have been configured and applied as required. Reconfigure if errors are noted.
Step 7: Test the network services with ACLs
Perform the following tests on PC1:
Open a web browser on PC1 and enter the URL http://172.17.1.1 at the address bar.
Open a web browser on PC1 and enter the URL ftp://172.17.1.1 at the address bar.
On the Discovery FTP Home Directory, open the Discovery 1 folder. Click and drag a Chapter file to the local Desktop.
Did the file copy successfully? _________
Why is this the outcome?
From the PC1 command line prompt, issue the command telnet 10.0.0.1, or use a Telnet client (HyperTerminal or TeraTerm, for example) to establish a Telnet session to the router. What response did the router display? Why is this the outcome?
Exit the Telnet session.
Perform the following tests on PC2:
Open a web browser on PC2 and enter the URL http://172.17.1.1 at the address bar.
Open a web browser on PC2 and enter the URL ftp://172.17.1.1 at the address bar.
From the PC2 command line prompt, issue the command telnet 10.0.0.1, or use a Telnet client (HyperTerminal or TeraTerm, for example) to establish a Telnet session to the router. If any of these transactions did not result in the expected outcome, troubleshoot the network and configurations and retest the ACLs from each host.
Step 8: Observe the number of statement matches
From the Privileged EXEC mode, issue the command:
FC-CPE-1#show access-list Server-Access
List the number of matches logged against each ACL statement.
Step 9: Clean up
Erase the configurations and reload the routers and switches. Disconnect and store the cabling. For PC hosts that are normally connected to other networks (such as the school LAN or to the Internet), reconnect the appropriate cabling and restore the TCP/IP settings.
Challenge
Rewrite the Server-Access ACL used in this lab so that:
1) Administrator workstations are considered to be in the address range of 10.0.0.10 /24 to
10.0.0.15 /24 instead of a single host; and,
2) The general workstations have the address range of 10.0.0.16 /24 to 10.0.0.254 /24 instead of
being a single host.
Determine the access and filtering requirements.
For this lab:
PC1 is a network administrator’s workstation. This host must be permitted FTP and HTTP access to the network server, and telnet access to the router FC-CPE-1.
PC2 is a general workstation that is to have HTTP access only. FTP services and Telnet access to the router is not permitted.
Having determined specific requirements, decide if all other traffic is to be allowed or denied. List the benefits and potential problems to the following filtering scenarios:
Step 2: Design and create the ACL
Review, and then apply, ACL recommended practice.
• Always plan thoroughly before implementation.
• The sequence of the statements is important. Put the more specific statements at the beginning and the more general statements at the end.
• Statements are added to the end of the ACL as they are written.
• Create and edit ACLs with a text editor and save the file.
• Use Named ACLs wherever possible.
• Use comments (remark option) within the ACL to document the purpose of the statements.
• To take effect, ACLs must be applied to an interface.
• An interface can have one ACL per Network Layer protocol, per direction.
• Although there is an implicit deny any statement at the end of every ACL, it is good practice to
configure this explicitly. This ensures that you remember that the effect is in place and allows
logging of matches to this statement to be used.
• ACLs with many statements take longer to process, which may affect router performance.
• Placement of ACLs:
o Standard: closest to destination (if have administrative authority on that router)
o Extended: closest to source (if have administrative authority on that router)
Consider the two approaches to writing ACLs:
• Permit specific traffic first and then deny general traffic.
• Deny specific traffic first and then permit general traffic.
Select one approach and write the ACL statements that will meet the requirements of this lab.
Step 3: Cable and configure the given network
NOTE: If the PCs used in this lab are also connected to your Academy LAN or to the Internet, ensure that you record the cable connections and TCP/IP settings so these can be restored at the conclusion of the lab.
Referring to the topology diagram, connect the console (or rollover) cable to the console port on the router and the other cable end to the host computer with a DB-9 or DB-25 adapter to the COM 1 port. Ensure that power has been applied to both the host computer and router.
Connect and configure the devices in accordance with the given topology and configuration. Your instructor may substitute Discovery Server with an equivalent server for this lab.
Establish a HyperTerminal, or other terminal emulation program, from PC1 to Router R1.
From the global configuration mode issue the following commands:
Router(config)#hostname FC-CPE-1
FC-CPE-1(config)#interface FastEthernet0/0
FC-CPE-1(config-if)#ip address 10.0.0.1 255.255.255.0
FC-CPE-1(config-if)#no shutdown
FC-CPE-1(config-if)#exit
FC-CPE-1(config)#interface FastEthernet0/1
FC-CPE-1(config-if)#ip address 172.17.0.1 255.255.0.0
FC-CPE-1(config-if)#no shutdown
FC-CPE-1(config-if)#exit
FC-CPE-1(config)#line vty 0 4
FC-CPE-1(config-line)#password telnet
FC-CPE-1(config-line)#login
FC-CPE-1(config-line)#end
Ping between PC1 and Discovery Server to confirm network connectivity. Troubleshoot and establish connectivity if the pings fail.
Step 4: Test the network services without ACLs Perform the following tests on PC1:
Open a web browser on PC1 and enter the URL http://172.17.1.1 at the address bar. What web page was displayed? Discovery Server Home Page
Open a web browser on PC1 and enter the URL ftp://172.17.1.1 at the address bar. What web page was displayed? Discovery FTP Home Directory
On the Discovery FTP Home Directory, open the Discovery 1 folder. Click and drag a Chapter file to the local Desktop. Did the file copy successfully?
From the PC1 command line prompt, issue the command telnet 10.0.0.1, or use a Telnet client (HyperTerminal or TeraTerm, for example) to establish a Telnet session to the router. What response did the router display?
Step 5: Configure the network services ACL
From the global configuration mode issue the following commands:
Allow PC1 to access the web server and telnet to the router.
Allow PC2 to access the web server.
FC-CPE-1(config-ext-nacl)#remark Allow PC2 to access web server
FC-CPE-1(config-ext-nacl)#permit tcp host 10.0.0.201 host 172.17.1.1 eq
www log
Allow PC1 telnet access to router
FC-CPE-1(config-ext-nacl)#remark Allow PC1 to telnet router
FC-CPE-1(config-ext-nacl)#permit tcp host 10.0.0.10 host 10.0.0.1 eq telnet log
Deny all other traffic.
FC-CPE-1(config-ext-nacl)#remark Deny all other traffic
FC-CPE-1(config-ext-nacl)#deny ip any any log
FC-CPE-1(config-ext-nacl)#exit
Step 6: Apply the ACLs
Apply the Extended ACL to the router interface closest to the source.
FC-CPE-1(config)#interface FastEthernet0/0
FC-CPE-1(config-if)#ip access-group Server-Access in
FC-CPE-1(config-if)#end
From the Privileged EXEC mode, issue the show running-configuration command and confirm that the ACLs have been configured and applied as required. Reconfigure if errors are noted.
Step 7: Test the network services with ACLs
Perform the following tests on PC1:
Open a web browser on PC1 and enter the URL http://172.17.1.1 at the address bar.
Open a web browser on PC1 and enter the URL ftp://172.17.1.1 at the address bar.
On the Discovery FTP Home Directory, open the Discovery 1 folder. Click and drag a Chapter file to the local Desktop.
Did the file copy successfully? _________
Why is this the outcome?
From the PC1 command line prompt, issue the command telnet 10.0.0.1, or use a Telnet client (HyperTerminal or TeraTerm, for example) to establish a Telnet session to the router. What response did the router display? Why is this the outcome?
Exit the Telnet session.
Perform the following tests on PC2:
Open a web browser on PC2 and enter the URL http://172.17.1.1 at the address bar.
Open a web browser on PC2 and enter the URL ftp://172.17.1.1 at the address bar.
From the PC2 command line prompt, issue the command telnet 10.0.0.1, or use a Telnet client (HyperTerminal or TeraTerm, for example) to establish a Telnet session to the router. If any of these transactions did not result in the expected outcome, troubleshoot the network and configurations and retest the ACLs from each host.
Step 8: Observe the number of statement matches
From the Privileged EXEC mode, issue the command:
FC-CPE-1#show access-list Server-Access
List the number of matches logged against each ACL statement.
Step 9: Clean up
Erase the configurations and reload the routers and switches. Disconnect and store the cabling. For PC hosts that are normally connected to other networks (such as the school LAN or to the Internet), reconnect the appropriate cabling and restore the TCP/IP settings.
Challenge
Rewrite the Server-Access ACL used in this lab so that:
1) Administrator workstations are considered to be in the address range of 10.0.0.10 /24 to
10.0.0.15 /24 instead of a single host; and,
2) The general workstations have the address range of 10.0.0.16 /24 to 10.0.0.254 /24 instead of
being a single host.
Tugas CCNA 2 Lab 4.1.5 Subnetting a Network
Objective
• Create an IP addressing plan for a small network.
Background / Preparation
In this activity, you will play the role of an onsite installation and support technician from an ISP. A customer has called the ISP complaining of e-mail problems and occasional poor Internet performance. On The ISP is preparing a design for a network upgrade. The interim topology diagram for the proposed network is shown below.
There is still a requirement for an IP addressing plan. One of the ISP network designers has made some
notes on a simplified sketch of the proposed network, and has written some requirements. The designer asks you to create an IP address plan for the network upgrade.
Step 1: Analyze the network
perhitungkanlah berapa minimal subnet host yang dibutuhkan:
30 hosts
5 bits
S ubnet terbesar harus dapat mendukung host yaitu 3 subnets
Ya
Step 2: Calculate the custom subnet mask
Langkah 2: Hitung subnet mask custom
Sekarang jumlah bit subnet ID diketahui, subnet mask dapat dihitung. Sebuah jaringan kelas C memiliki
default subnet mask dari 24 bit, atau 255.255.255.0. Apa yang akan subnet mask custom bisa?
Subnet mask kustom untuk jaringan ini akan menjadi 255.255.255.224 atau / 27
Step 3: Specify the host IP addresses
Langkah 3: Tentukan alamat IP host
Sekarang subnet mask diidentifikasi, skema pengalamatan jaringan dapat dibuat. Pengalamatan
skema termasuk nomor subnet, alamat broadcast subnet, dan kisaran alamat IP
dialihkan ke host.
Lengkapi tabel yang menunjukkan semua subnet yang mungkin untuk jaringan 192.168.1.0.
Step 4 Consider other subnetting options
Bagaimana jika ada lebih dari 30 host yang harus didukung pada porsi baik kabel atau nirkabel
jaringan. Anda bisa meminjam lebih sedikit bit, yang akan membuat subnet yang lebih sedikit, namun masing-masing akan mendukung besar jumlah host per subnet.
Berapa banyak bit akan dipinjam untuk membuat empat subnet? Jawaban 2 bit (2 ^ 2 = 4 subnet)
Berapa banyak bit akan ditinggalkan untuk host pada subnet masing-masing? Jawanban 6 bit
Berapa jumlah maksimum host setiap subnet dapat mendukung? 2 ^ 6 = 64-2 = 62
Apa yang akan subnet mask dalam desimal bertitik dan nomor slash (/ #) format?
Pinjaman 2 bit akan membuat 255.255.255.192 atau / 26 subnet mask.
Jika Anda mulai dengan jaringan 192.168.1.0 yang sama seperti sebelumnya dan subnet ke empat subnet, apa yang akan nomor subjaringan? 192.168.1.0, 192.168.1.64, 192.168.1.128, 192.168.1.192
Step 5: Reflection
Apakah subnetting membantu mengurangi masalah deplesi alamat IP? Jelaskan jawaban Anda. jawaban: Ya. Subnetting mengizinkan kita untuk menggunakan satu alamat kelas C untuk mendukung berbagai jaringan.
Rough Desain Diagram Catatan mencatat bahwa subnet nirkabel akan memiliki hingga 30 PC
menghubungkan. Dalam berpasangan atau dalam kelompok kecil, berdiskusi maupun tidak yang menciptakan situasi di mana IP alamat mungkin akan sia-sia. Apakah itu penting, dan mengapa atau mengapa tidak?
Ada metode alternatif dari subnetting dengan CIDR dan VLSM. Apakah VLSM menjadi berharga pilihan untuk subnetting jaringan ini? Diskusikan dalam kelompok kecil
• Create an IP addressing plan for a small network.
Background / Preparation
In this activity, you will play the role of an onsite installation and support technician from an ISP. A customer has called the ISP complaining of e-mail problems and occasional poor Internet performance. On The ISP is preparing a design for a network upgrade. The interim topology diagram for the proposed network is shown below.
There is still a requirement for an IP addressing plan. One of the ISP network designers has made some
notes on a simplified sketch of the proposed network, and has written some requirements. The designer asks you to create an IP address plan for the network upgrade.
Step 1: Analyze the network
perhitungkanlah berapa minimal subnet host yang dibutuhkan:
30 hosts
5 bits
S ubnet terbesar harus dapat mendukung host yaitu 3 subnets
Ya
Step 2: Calculate the custom subnet mask
Langkah 2: Hitung subnet mask custom
Sekarang jumlah bit subnet ID diketahui, subnet mask dapat dihitung. Sebuah jaringan kelas C memiliki
default subnet mask dari 24 bit, atau 255.255.255.0. Apa yang akan subnet mask custom bisa?
Subnet mask kustom untuk jaringan ini akan menjadi 255.255.255.224 atau / 27
Step 3: Specify the host IP addresses
Langkah 3: Tentukan alamat IP host
Sekarang subnet mask diidentifikasi, skema pengalamatan jaringan dapat dibuat. Pengalamatan
skema termasuk nomor subnet, alamat broadcast subnet, dan kisaran alamat IP
dialihkan ke host.
Lengkapi tabel yang menunjukkan semua subnet yang mungkin untuk jaringan 192.168.1.0.
Step 4 Consider other subnetting options
Bagaimana jika ada lebih dari 30 host yang harus didukung pada porsi baik kabel atau nirkabel
jaringan. Anda bisa meminjam lebih sedikit bit, yang akan membuat subnet yang lebih sedikit, namun masing-masing akan mendukung besar jumlah host per subnet.
Berapa banyak bit akan dipinjam untuk membuat empat subnet? Jawaban 2 bit (2 ^ 2 = 4 subnet)
Berapa banyak bit akan ditinggalkan untuk host pada subnet masing-masing? Jawanban 6 bit
Berapa jumlah maksimum host setiap subnet dapat mendukung? 2 ^ 6 = 64-2 = 62
Apa yang akan subnet mask dalam desimal bertitik dan nomor slash (/ #) format?
Pinjaman 2 bit akan membuat 255.255.255.192 atau / 26 subnet mask.
Jika Anda mulai dengan jaringan 192.168.1.0 yang sama seperti sebelumnya dan subnet ke empat subnet, apa yang akan nomor subjaringan? 192.168.1.0, 192.168.1.64, 192.168.1.128, 192.168.1.192
Step 5: Reflection
Apakah subnetting membantu mengurangi masalah deplesi alamat IP? Jelaskan jawaban Anda. jawaban: Ya. Subnetting mengizinkan kita untuk menggunakan satu alamat kelas C untuk mendukung berbagai jaringan.
Rough Desain Diagram Catatan mencatat bahwa subnet nirkabel akan memiliki hingga 30 PC
menghubungkan. Dalam berpasangan atau dalam kelompok kecil, berdiskusi maupun tidak yang menciptakan situasi di mana IP alamat mungkin akan sia-sia. Apakah itu penting, dan mengapa atau mengapa tidak?
Ada metode alternatif dari subnetting dengan CIDR dan VLSM. Apakah VLSM menjadi berharga pilihan untuk subnetting jaringan ini? Diskusikan dalam kelompok kecil
Tugas CCNA 2 Lab 4.2.4 Determining PAT Translations
Klien pada jaringan pribadi mengirimkan permintaan ke server web di Internet publik.\
NAT router menerjemahkan alamat sumber dan meneruskan permintaan ke web server
web server merespon ke alamat klien diterjemahkan
Router NAT menerjemahkan alamat klien (tujuan) kembali ke alamat pribadi asli
Tujuan
Menjelaskan koneksi jaringan yang aktif terbuka pada komputer saat melihat halaman web tertentu.
Menentukan apa alamat IP internal dan nomor port dijabarkan ke menggunakan alamat port translation (PAT).
Latar Belakang / Persiapan
Alamat port translation (PAT) adalah bentuk network address translation (NAT). Dengan PAT, router menerjemahkan beberapa internal (biasanya swasta) alamat ke alamat IP tunggal umum pada antarmuka yang tersambung ke Internet. nomor Port yang digunakan, dalam kombinasi dengan alamat IP, untuk melacak individu koneksi. Pada lab ini, Anda menggunakan perintah ipconfig dan netstat untuk melihat port yang terbuka pada komputer. Anda akan dapat melihat alamat IP awal dan kombinasi pelabuhan, dan menentukan diterjemahkan kombinasi alamat IP dan port. Sumber berikut diperlukan:
Komputer menjalankan Windows XP Professional
Koneksi ke router gateway atau ISR yang menggunakan PAT
Koneksi internet
Akses ke prompt perintah PC.
Langkah 1: Tentukan alamat IP komputer
Buka jendela Command Prompt dengan mengklik Start> Run dan ketik cmd. Atau, Anda mungkinmklik Start> All Program> Accessories> Command Prompt. Pada tipe, prompt ipconfig perintah untuk menampilkan alamat IP dari komputer.
Apa alamat IP dari komputer? Apakah ada nomor port yang ditampilkan, dan mengapa atau mengapa tidak? Jawaban: Alamat IP seperti yang ditunjukkan untuk adapter aktif pada komputer Tidak ada nomor port akan ditampilkan, karena nomor port berhubungan dengan koneksi aktif antara proses pada beberapa perangkat.
Langkah 2: Tentukan alamat IP dari router gateway atau ISR
Periksa dengan instruktur Anda untuk mendapatkan alamat IP untuk gateway NAT ISR router.
Internal Ethernet Alamat:
Eksternal alamat Internet:
Langkah 3: Hasil baseline Tampilan netstat
Pada command prompt, ketik perintah netstat-n.
Apa jenis informasi yang tidak kembali perintah netstat-n? Jawaban: Aktif informasi Koneksi ditampilkan: Protokol, Lokal Alamat, Alamat Asing, Negara. IP alamat dan nomor port akan ditampilkan.
Mana alamat IP yang ditemukan pada Langkah 1 muncul? Apakah ada nomor port yang terkait dengan itu? Mengapa atau mengapa tidak? Jawaban: Perintah netstat menunjukkan alamat IP lokal pada kolom Alamat Lokal. Port number mungkin atau mungkin tidak akan ditampilkan tergantung pada koneksi aktif saat ini. Catatan: Jika komputer telah diam selama beberapa saat dan tidak ada koneksi jaringan baru-baru ini dilakukan, mungkin tidak menunjukkan entri atau hanya menampilkan alamat loopback dan nomor port di Lokal dan Asing Kolom alamat (misalnya 127.0.0.1:1039)
Langkah 4: Tampilkan koneksi jaringan aktif
Ping alamat www.cisco.com dan mencatat.
Buka web browser dan masukkan www.cisco.com di address bar.
Kembali ke jendela Command Prompt. Ketik perintah netstat-n lagi, dan kemudian ketik
perintah tanpa opsi-n. Outputnya terlihat mirip dengan gambar berikut, tergantung pada apa aplikasi jaringan lainnya dan sambungan terbuka ketika anda mengeluarkan perintah.
Apa perbedaan di antara output netstat dan perintah netstat-n?
Jawaban: Tanpa n-opsi, alamat IP yang memutuskan untuk host nama, dan nomor protokol yang dikonversi ke nama protokol.
Tulis entri koneksi untuk alamat IP klien dan alamat IP dari www.cisco.com yang
web server. alamat IP lokal klien dan nomor port: Luar Negeri Alamat IP dan nomor port:
Apakah entri netstat ada lebih kedua kalinya? Jawaban: Mungkin ya
Langkah 5: Tentukan diterjemahkan alamat
Gunakan informasi yang dicatat dalam langkah 2 dan 4 dan diagram topologi yang ditampilkan pada awal lab untuk mengisi Alamat: kolom Port.
Langkah 6: Refleksi
Alamat port translation (PAT) juga disebut dengan NAT overload. Apakah yang “overload” Istilah lihat untuk? Jawaban: Menggunakan satu “kelebihan beban” alamat eksternal untuk menerjemahkan untuk alamat internal beberapa.
NAT terminologi yang digunakan dalam laboratorium mencakup empat jenis alamat: di-lokal, di dalam-global, luar-lokal, dan luar-global. Dalam banyak hubungan yang melalui router NAT, dua dari alamat sering sama. Yang dua dari empat alamat biasanya tetap tidak berubah, dan mengapa Anda berpikir bahwa ini terjadi?
Jawaban: Luar lokal dan luar global, karena alamat IP di luar atau tujuan harus tetap
yang sama untuk host internal untuk dapat mencapai host yang lain di Internet.
NAT router menerjemahkan alamat sumber dan meneruskan permintaan ke web server
web server merespon ke alamat klien diterjemahkan
Router NAT menerjemahkan alamat klien (tujuan) kembali ke alamat pribadi asli
Tujuan
Menjelaskan koneksi jaringan yang aktif terbuka pada komputer saat melihat halaman web tertentu.
Menentukan apa alamat IP internal dan nomor port dijabarkan ke menggunakan alamat port translation (PAT).
Latar Belakang / Persiapan
Alamat port translation (PAT) adalah bentuk network address translation (NAT). Dengan PAT, router menerjemahkan beberapa internal (biasanya swasta) alamat ke alamat IP tunggal umum pada antarmuka yang tersambung ke Internet. nomor Port yang digunakan, dalam kombinasi dengan alamat IP, untuk melacak individu koneksi. Pada lab ini, Anda menggunakan perintah ipconfig dan netstat untuk melihat port yang terbuka pada komputer. Anda akan dapat melihat alamat IP awal dan kombinasi pelabuhan, dan menentukan diterjemahkan kombinasi alamat IP dan port. Sumber berikut diperlukan:
Komputer menjalankan Windows XP Professional
Koneksi ke router gateway atau ISR yang menggunakan PAT
Koneksi internet
Akses ke prompt perintah PC.
Langkah 1: Tentukan alamat IP komputer
Buka jendela Command Prompt dengan mengklik Start> Run dan ketik cmd. Atau, Anda mungkinmklik Start> All Program> Accessories> Command Prompt. Pada tipe, prompt ipconfig perintah untuk menampilkan alamat IP dari komputer.
Apa alamat IP dari komputer? Apakah ada nomor port yang ditampilkan, dan mengapa atau mengapa tidak? Jawaban: Alamat IP seperti yang ditunjukkan untuk adapter aktif pada komputer Tidak ada nomor port akan ditampilkan, karena nomor port berhubungan dengan koneksi aktif antara proses pada beberapa perangkat.
Langkah 2: Tentukan alamat IP dari router gateway atau ISR
Periksa dengan instruktur Anda untuk mendapatkan alamat IP untuk gateway NAT ISR router.
Internal Ethernet Alamat:
Eksternal alamat Internet:
Langkah 3: Hasil baseline Tampilan netstat
Pada command prompt, ketik perintah netstat-n.
Apa jenis informasi yang tidak kembali perintah netstat-n? Jawaban: Aktif informasi Koneksi ditampilkan: Protokol, Lokal Alamat, Alamat Asing, Negara. IP alamat dan nomor port akan ditampilkan.
Mana alamat IP yang ditemukan pada Langkah 1 muncul? Apakah ada nomor port yang terkait dengan itu? Mengapa atau mengapa tidak? Jawaban: Perintah netstat menunjukkan alamat IP lokal pada kolom Alamat Lokal. Port number mungkin atau mungkin tidak akan ditampilkan tergantung pada koneksi aktif saat ini. Catatan: Jika komputer telah diam selama beberapa saat dan tidak ada koneksi jaringan baru-baru ini dilakukan, mungkin tidak menunjukkan entri atau hanya menampilkan alamat loopback dan nomor port di Lokal dan Asing Kolom alamat (misalnya 127.0.0.1:1039)
Langkah 4: Tampilkan koneksi jaringan aktif
Ping alamat www.cisco.com dan mencatat.
Buka web browser dan masukkan www.cisco.com di address bar.
Kembali ke jendela Command Prompt. Ketik perintah netstat-n lagi, dan kemudian ketik
perintah tanpa opsi-n. Outputnya terlihat mirip dengan gambar berikut, tergantung pada apa aplikasi jaringan lainnya dan sambungan terbuka ketika anda mengeluarkan perintah.
Apa perbedaan di antara output netstat dan perintah netstat-n?
Jawaban: Tanpa n-opsi, alamat IP yang memutuskan untuk host nama, dan nomor protokol yang dikonversi ke nama protokol.
Tulis entri koneksi untuk alamat IP klien dan alamat IP dari www.cisco.com yang
web server. alamat IP lokal klien dan nomor port: Luar Negeri Alamat IP dan nomor port:
Apakah entri netstat ada lebih kedua kalinya? Jawaban: Mungkin ya
Langkah 5: Tentukan diterjemahkan alamat
Gunakan informasi yang dicatat dalam langkah 2 dan 4 dan diagram topologi yang ditampilkan pada awal lab untuk mengisi Alamat: kolom Port.
Langkah 6: Refleksi
Alamat port translation (PAT) juga disebut dengan NAT overload. Apakah yang “overload” Istilah lihat untuk? Jawaban: Menggunakan satu “kelebihan beban” alamat eksternal untuk menerjemahkan untuk alamat internal beberapa.
NAT terminologi yang digunakan dalam laboratorium mencakup empat jenis alamat: di-lokal, di dalam-global, luar-lokal, dan luar-global. Dalam banyak hubungan yang melalui router NAT, dua dari alamat sering sama. Yang dua dari empat alamat biasanya tetap tidak berubah, dan mengapa Anda berpikir bahwa ini terjadi?
Jawaban: Luar lokal dan luar global, karena alamat IP di luar atau tujuan harus tetap
yang sama untuk host internal untuk dapat mencapai host yang lain di Internet.
Tugas CCNA 2 Lab 6.1.2 Creating a Network Diagram From Routing Tables Diposkan oleh minda_165
Step 1:Examine the routing table entries for the router R1
a. Examine show ip route output from router R1 shown below
b. How many networks does router R1 know about? Lima networks
c. How many networks are directly connected to this router? Tiga networks
d. How many networks have been learned from another router? Dua network
e. Using the codes at the beginning of the show ip route output what does the ‘R’ mean? R adalah router
f. In the routers learned via RIP to which device does the ip address 172.17.0.2 belong? Ya ada
a. In the routers learned via RIP to which device is serial 0/0 referring and what does it mean? 0/0 adalah interfacenya yaitu menampilkan informasi khusus hardware interface. Perintah ini harus di-set termasuk nomor port/slot dari interface serial.
Step 2: Examine the routing table entries for the router R2
b. Examine show ip route output from router R2 shown below
c. How many networks does router R2 know about? Lima networks
d. How many networks are directly connected to this router? Tiga networks
e. How many networks have been learned from another router? Dua networks
f. Using the codes at the beginning of the show ip route output what does the ‘R’ mean? R adalah router
g. In the routers learned via RIP to which device does the ip address 172.17.0.2 belong? Ya ada
h. In the routers learned via RIP to which device is serial 0/0 referring and what does it mean? Serial 0/0 adalah interface –nya yaitu menampilkan informasi khusus hardware interface. Perintah ini harus di-set termasuk nomor port/slot dari interface serial.
Step 3: document router interfaces and IP addresses
a. Based on the shown ip router output from R1 and R2Device interface IP Address Subnet mask (dotted decimal and/xx)
R1 0/0 172.17.0.0 255.255.0.0/16
R1 0/0 192.168.1.0 255.255.255.0/24
R1 0/1 192.168.2.0 255.255.255.0/24
R2 0/0 172.17.0.0 255.255.0.0/16
R2 0/0 192.168.3.0 255.255.255.0/24
R2 192.168.4.0 255.255.255.0/24
b. In this example can the exact IP address of all router interface be determined by looking at the routing tables? Ya bisa
c. Which router interface IP address can be determined from the routing tables? Interface 0/0 dan 0/1
Step 4: create a network topology diagram
Step 5: reflection
a. What do you think would happen to the entries in the routing table on R1 if one of the enthernet networks on R2 was disconnected? Maka pemrosesan sinyal untuk data jaringan computer akan terputus atau tidak akan terjadi.
b. What do you think would happen to the entries in the routing tables on R1 and R2 if the serial interface on R2 was shut down?
a. Examine show ip route output from router R1 shown below
b. How many networks does router R1 know about? Lima networks
c. How many networks are directly connected to this router? Tiga networks
d. How many networks have been learned from another router? Dua network
e. Using the codes at the beginning of the show ip route output what does the ‘R’ mean? R adalah router
f. In the routers learned via RIP to which device does the ip address 172.17.0.2 belong? Ya ada
a. In the routers learned via RIP to which device is serial 0/0 referring and what does it mean? 0/0 adalah interfacenya yaitu menampilkan informasi khusus hardware interface. Perintah ini harus di-set termasuk nomor port/slot dari interface serial.
Step 2: Examine the routing table entries for the router R2
b. Examine show ip route output from router R2 shown below
c. How many networks does router R2 know about? Lima networks
d. How many networks are directly connected to this router? Tiga networks
e. How many networks have been learned from another router? Dua networks
f. Using the codes at the beginning of the show ip route output what does the ‘R’ mean? R adalah router
g. In the routers learned via RIP to which device does the ip address 172.17.0.2 belong? Ya ada
h. In the routers learned via RIP to which device is serial 0/0 referring and what does it mean? Serial 0/0 adalah interface –nya yaitu menampilkan informasi khusus hardware interface. Perintah ini harus di-set termasuk nomor port/slot dari interface serial.
Step 3: document router interfaces and IP addresses
a. Based on the shown ip router output from R1 and R2Device interface IP Address Subnet mask (dotted decimal and/xx)
R1 0/0 172.17.0.0 255.255.0.0/16
R1 0/0 192.168.1.0 255.255.255.0/24
R1 0/1 192.168.2.0 255.255.255.0/24
R2 0/0 172.17.0.0 255.255.0.0/16
R2 0/0 192.168.3.0 255.255.255.0/24
R2 192.168.4.0 255.255.255.0/24
b. In this example can the exact IP address of all router interface be determined by looking at the routing tables? Ya bisa
c. Which router interface IP address can be determined from the routing tables? Interface 0/0 dan 0/1
Step 4: create a network topology diagram
Step 5: reflection
a. What do you think would happen to the entries in the routing table on R1 if one of the enthernet networks on R2 was disconnected? Maka pemrosesan sinyal untuk data jaringan computer akan terputus atau tidak akan terjadi.
b. What do you think would happen to the entries in the routing tables on R1 and R2 if the serial interface on R2 was shut down?
Tugas CCNA 2 Lab 6.1.5 Configure and Verify RIP
Step 1: Build the network and configure the routers
Step 2: Check the routing table entries
a. View the IP routing table for R1 using the show ip route command:
b. What is the significance of the “C” to the left of the 172.16.0.0 and 172.17.0.0 network entries in the routing table? Pada IP 172.16.0.0 menggunakan interface type DCE sedangkan pada IP 172.17.0.0 menggunakan interface type DTE.
Step 3: Configure the routing protocol of the routers
Step 4: Configure the hosts with the proper IP address, subnet mask, and default gateway
a. Configure the host attached to R1 with an IP address, subnet mask and default gateway that is compatible with the IP address of the Fast Ethernet interface (172.16.0.0).
b. Configure the host attached to R2 with an IP address, subnet mask and default gateway that is compatible with the IP address of the Fast Ethernet interface (172.18.0.0).
c. Verify that the internetwork is functioning by pinging the Fast Ethernet interface of the other router.
d. From the host attached to R1, is it possible to ping the R2 router Fast Ethernet interface? Ya mungkin karena sudah menggunakan gateway yang akan menghubungkan dua buah jaringan yang berbeda.
e. From the host attached to R2, is it possible to ping the R1 router Fast Ethernet interface? Ya mungkin karena sudah menggunakan gateway yang akan menghubungkan dua buah jaringan yang berbeda.
f. If the answer is no for either question, troubleshoot the router configurations to find the error. Then do the pings again until the answer to both questions is yes. Be sure to check physical cabling for problems and bad connections and make sure that you are using the correct cable types.
Step 5: Show the routing tables for each router
a. In enable or privileged EXEC mode, examine the routing table entries using the show ip route command on router R1.
b. What are the entries in the R1 routing table? R1 terkoneksi pada jaringan 172.17.0.0/16 dan 172.16.0.0/16
c. What is the significance of the “R” to the left of the 172.18.0.0 network entry in the routing table? 172.18.0.0 terhubung ke jaringan melalui 172.17.0.2
d. What does “via 172.17.0.2” mean for this network route? Router mempelajari melalui RIP dengan device 172.17.0.2
e. What does “Serial0/0” mean for this network route? Serial interfacenya atau port/slot
f. Examine the routing table entries using the show ip route command on router R1.
g. What are the entries in the R2 routing table? 172.16.0.0/16
Step 6: Use debug to observe RIP communications
a. On router R1, enter the debug ip rip command from privileged EXEC mode. Examine the exchange of routes between the two routers. The output should look similar to that shown here.
b. Enter the command undebug all to stop all debugging activity
c. What interface does router R1 send and receive updates through? R1 mengirim ke alamat 224.0.0.9 dan R1 menerima dari 172.17.0.2
d. Why does the route to 172.17.0.0 have metric of 1 and the route to 172.18.0.0 have a metric of 2? Karena pada ruter ke 172.17.0.0 memiliki satu lompatan atau terkoneksi langsung sehingga disebut 1 metric sedangkan 172.18.0.0 memiliki dua lompatan karena tidak terkoneksi secara langsung melainkan melalui router lain.
e. Log off by typing exit and turn off the router.
Step 7: Reflection
a. What do you think would happen to the routing table on router R1 if the Ethernet network on router R2 went down? Koneksi antara R1 dan R2 akan terputus
b. What do you think would happen if router R1 was configured to run RIPv1, and R2 was configured to run RIPv2? Maka router dapat berkomunikasi dengan router lain sehingga dapat menetukan jalan yng terbaik dalam pengiriman paket data tanpa memperhatikan subnet, konfigurasi ini di butuh kan untuk proses routing untuk menentukan interface mana yang akan mengirim data atau menerima.
Step 2: Check the routing table entries
a. View the IP routing table for R1 using the show ip route command:
b. What is the significance of the “C” to the left of the 172.16.0.0 and 172.17.0.0 network entries in the routing table? Pada IP 172.16.0.0 menggunakan interface type DCE sedangkan pada IP 172.17.0.0 menggunakan interface type DTE.
Step 3: Configure the routing protocol of the routers
Step 4: Configure the hosts with the proper IP address, subnet mask, and default gateway
a. Configure the host attached to R1 with an IP address, subnet mask and default gateway that is compatible with the IP address of the Fast Ethernet interface (172.16.0.0).
b. Configure the host attached to R2 with an IP address, subnet mask and default gateway that is compatible with the IP address of the Fast Ethernet interface (172.18.0.0).
c. Verify that the internetwork is functioning by pinging the Fast Ethernet interface of the other router.
d. From the host attached to R1, is it possible to ping the R2 router Fast Ethernet interface? Ya mungkin karena sudah menggunakan gateway yang akan menghubungkan dua buah jaringan yang berbeda.
e. From the host attached to R2, is it possible to ping the R1 router Fast Ethernet interface? Ya mungkin karena sudah menggunakan gateway yang akan menghubungkan dua buah jaringan yang berbeda.
f. If the answer is no for either question, troubleshoot the router configurations to find the error. Then do the pings again until the answer to both questions is yes. Be sure to check physical cabling for problems and bad connections and make sure that you are using the correct cable types.
Step 5: Show the routing tables for each router
a. In enable or privileged EXEC mode, examine the routing table entries using the show ip route command on router R1.
b. What are the entries in the R1 routing table? R1 terkoneksi pada jaringan 172.17.0.0/16 dan 172.16.0.0/16
c. What is the significance of the “R” to the left of the 172.18.0.0 network entry in the routing table? 172.18.0.0 terhubung ke jaringan melalui 172.17.0.2
d. What does “via 172.17.0.2” mean for this network route? Router mempelajari melalui RIP dengan device 172.17.0.2
e. What does “Serial0/0” mean for this network route? Serial interfacenya atau port/slot
f. Examine the routing table entries using the show ip route command on router R1.
g. What are the entries in the R2 routing table? 172.16.0.0/16
Step 6: Use debug to observe RIP communications
a. On router R1, enter the debug ip rip command from privileged EXEC mode. Examine the exchange of routes between the two routers. The output should look similar to that shown here.
b. Enter the command undebug all to stop all debugging activity
c. What interface does router R1 send and receive updates through? R1 mengirim ke alamat 224.0.0.9 dan R1 menerima dari 172.17.0.2
d. Why does the route to 172.17.0.0 have metric of 1 and the route to 172.18.0.0 have a metric of 2? Karena pada ruter ke 172.17.0.0 memiliki satu lompatan atau terkoneksi langsung sehingga disebut 1 metric sedangkan 172.18.0.0 memiliki dua lompatan karena tidak terkoneksi secara langsung melainkan melalui router lain.
e. Log off by typing exit and turn off the router.
Step 7: Reflection
a. What do you think would happen to the routing table on router R1 if the Ethernet network on router R2 went down? Koneksi antara R1 dan R2 akan terputus
b. What do you think would happen if router R1 was configured to run RIPv1, and R2 was configured to run RIPv2? Maka router dapat berkomunikasi dengan router lain sehingga dapat menetukan jalan yng terbaik dalam pengiriman paket data tanpa memperhatikan subnet, konfigurasi ini di butuh kan untuk proses routing untuk menentukan interface mana yang akan mengirim data atau menerima.
Tugas CCNA lab 4.5.4
Objectives
• Use a punch down tool to terminate an RJ-45 wall jack.
• Install an RJ-45 jack in a wall plate.
• Use a punch down tool to terminate a UTP cable at a patch panel.
Background / Preparation
In this lab you will wire an RJ-45 data jack for installation in a wall plate using a punch-down tool. This is done frequently when installing cabling in an office environment. The punch tool is also used to terminate the other end of the cable at a patch panel punch-down block. The punch tool uses spring-loaded action to push wires between metal pins, while at the same time skinning the sheath away from the wire. This ensures that the wire makes a good electrical connection with the pins inside the jack. The punch tool also cuts off any extra wire.
A Category 5/5e straight-through patch cable with an RJ-45 connector normally plugs into a data jack or outlet to connect a PC to the network. It is important to use Category 5 or 5e rated jacks and patch panels with Category 5 or 5e cabling in order to support Fast Ethernet (100 Mbps) and Gigabit Ethernet (1000 Mbps). The process of punching down wires into a data jack in an office area is the same as punching them down at a patch panel in a wiring closet. This lab can be performed individually, in pairs, or in groups. The following resources are required:
• 60-90 cm (2-3 feet) length of cable, either Category 5 or 5e.
• RJ-45 data jack—If RJ-45 data jacks are installed on both ends of the cable, two jacks will be and the installation can be tested by inserting cable with RJ-45 connectors and a simple cable continuity tester. More jacks may also be needed if errors are made.
• Category 5/5e wall plate.
• Patch panel.
• Punch tool, type 110.
• UTP cable stripper.
• Wire cutters.
• Two known good straight-through patch cables for testing (optional).
Step 1: Strip the sheath
a. Remove the cable sheath 2.54 cm (1 inch) from the end of the cable.
Step 2: Position wires in data jack
a. Position wires in the proper channels on the RJ-45 jack maintaining the twists as close to the jack as possible. The diagram that follows shows an example of how to place the wires with one type of jack.
b. Most jacks have the channels color-coded to indicate where the wires go. The following photo of the jack shows one model. Jacks are typically stamped to indicate whether they are T568A or T568B
Step 3: Punch down the data jack
a. Use the punch tool to push conductors into the channels. Make sure to position the cutting side of the punch tool so that it faces the outside of the jack. If this is not done, it will cut the wire being punched. Try tilting the handle of the punch tool a little to the outside, so it will cut better.
b. If any wire remains attached after using the punch tool, simply twist the ends gently to remove them. Then place the clips on the jack, and tighten them. Make sure that no more than 1.27 cm (one half inch) of untwisted wire is between the end of the cable jacket and the channels on the jack.
Step 4. Attach the faceplate.
Snap the jack into the faceplate by pushing it from the back side. Make sure when this is done, that the jack is right-side up so the clip faces down when the wall plate is mounted.
Use the screws to attach the faceplate to either the box or to the bracket. If there is a surfacemounted box, keep in mind that it might hold 30-60 cm (1-2 feet) of excess cable. Then it will be necessary to either slide the cable through the tie-wraps, or pull back the raceway that covers it, in order to push the excess cable back into the wall. If there is a flush-mounted jack, all that is needed is to push the excess cable back into the wall.
Step 5: Punch down the patch panel
On the opposite end of the cabling, remove the jacket 2.54 cm (1 inch) from the cable.
Lay the wires down in the patch panel so that the colors of the wires correspond exactly to the colors indicated on the pin locations in the same manner as the data jack was punched down.
Keep the sheath within .64 cm (¼ inch) of where the wires begin branching out to their pin locations.
Do not untwist the wires more than necessary to lay them down at the pin locations. A good way to keep from untwisting too much is to hold down the wires next to the patch panel with one finger while using the other hand to pull apart each end as you lay it across the connector.
The following figure shows a large punch down patch panel with carefully routed cabling.
Step 6: Test the data jack and patch panel terminations with a basic cable tester (optional)
Obtain two straight-through Ethernet patch cables and verify they both function properly using a simple cable tester.
Connect one end of one of the straight-through Ethernet patch cables to the data jack outlet and one end of the other straight-through cable to the jack at the patch panel.
Insert the opposite ends of the two cables into a simple cable tester and check for continuity from end to end through both patch cables, the data jack, and the patch panel. Did the cable run test good from end to end? Jawaban: yes. Yes. If not, try to analyze where the problem is and repeat the connections if possible with another wall jack and patch panel port
Step 7: Reflection (optional)
Take a tour of a wiring closet that contains patch panels and punch-down blocks. Was there any other type of devices that might use similar techniques to attach wires? What do you think attaches to these cables? Jawaban: wifi card, modem dll. Ternyata koneksi dengan menggunakan kabel memiliki speed yang lebih cepat dari pada menggunakan wifi.
What do you think are some of the drawbacks and advantages of having a job installing network cabling? Jawaban: dengan teknik pengkabelan kita dapat merasakan keuntungan: speednya lebih cepat dari pada wifi, sedangkan kekurangannya: sulit untuk pemasangan kabel untuk area gedung yang luas dan banyak memakan biaya.
• Use a punch down tool to terminate an RJ-45 wall jack.
• Install an RJ-45 jack in a wall plate.
• Use a punch down tool to terminate a UTP cable at a patch panel.
Background / Preparation
In this lab you will wire an RJ-45 data jack for installation in a wall plate using a punch-down tool. This is done frequently when installing cabling in an office environment. The punch tool is also used to terminate the other end of the cable at a patch panel punch-down block. The punch tool uses spring-loaded action to push wires between metal pins, while at the same time skinning the sheath away from the wire. This ensures that the wire makes a good electrical connection with the pins inside the jack. The punch tool also cuts off any extra wire.
A Category 5/5e straight-through patch cable with an RJ-45 connector normally plugs into a data jack or outlet to connect a PC to the network. It is important to use Category 5 or 5e rated jacks and patch panels with Category 5 or 5e cabling in order to support Fast Ethernet (100 Mbps) and Gigabit Ethernet (1000 Mbps). The process of punching down wires into a data jack in an office area is the same as punching them down at a patch panel in a wiring closet. This lab can be performed individually, in pairs, or in groups. The following resources are required:
• 60-90 cm (2-3 feet) length of cable, either Category 5 or 5e.
• RJ-45 data jack—If RJ-45 data jacks are installed on both ends of the cable, two jacks will be and the installation can be tested by inserting cable with RJ-45 connectors and a simple cable continuity tester. More jacks may also be needed if errors are made.
• Category 5/5e wall plate.
• Patch panel.
• Punch tool, type 110.
• UTP cable stripper.
• Wire cutters.
• Two known good straight-through patch cables for testing (optional).
Step 1: Strip the sheath
a. Remove the cable sheath 2.54 cm (1 inch) from the end of the cable.
Step 2: Position wires in data jack
a. Position wires in the proper channels on the RJ-45 jack maintaining the twists as close to the jack as possible. The diagram that follows shows an example of how to place the wires with one type of jack.
b. Most jacks have the channels color-coded to indicate where the wires go. The following photo of the jack shows one model. Jacks are typically stamped to indicate whether they are T568A or T568B
Step 3: Punch down the data jack
a. Use the punch tool to push conductors into the channels. Make sure to position the cutting side of the punch tool so that it faces the outside of the jack. If this is not done, it will cut the wire being punched. Try tilting the handle of the punch tool a little to the outside, so it will cut better.
b. If any wire remains attached after using the punch tool, simply twist the ends gently to remove them. Then place the clips on the jack, and tighten them. Make sure that no more than 1.27 cm (one half inch) of untwisted wire is between the end of the cable jacket and the channels on the jack.
Step 4. Attach the faceplate.
Snap the jack into the faceplate by pushing it from the back side. Make sure when this is done, that the jack is right-side up so the clip faces down when the wall plate is mounted.
Use the screws to attach the faceplate to either the box or to the bracket. If there is a surfacemounted box, keep in mind that it might hold 30-60 cm (1-2 feet) of excess cable. Then it will be necessary to either slide the cable through the tie-wraps, or pull back the raceway that covers it, in order to push the excess cable back into the wall. If there is a flush-mounted jack, all that is needed is to push the excess cable back into the wall.
Step 5: Punch down the patch panel
On the opposite end of the cabling, remove the jacket 2.54 cm (1 inch) from the cable.
Lay the wires down in the patch panel so that the colors of the wires correspond exactly to the colors indicated on the pin locations in the same manner as the data jack was punched down.
Keep the sheath within .64 cm (¼ inch) of where the wires begin branching out to their pin locations.
Do not untwist the wires more than necessary to lay them down at the pin locations. A good way to keep from untwisting too much is to hold down the wires next to the patch panel with one finger while using the other hand to pull apart each end as you lay it across the connector.
The following figure shows a large punch down patch panel with carefully routed cabling.
Step 6: Test the data jack and patch panel terminations with a basic cable tester (optional)
Obtain two straight-through Ethernet patch cables and verify they both function properly using a simple cable tester.
Connect one end of one of the straight-through Ethernet patch cables to the data jack outlet and one end of the other straight-through cable to the jack at the patch panel.
Insert the opposite ends of the two cables into a simple cable tester and check for continuity from end to end through both patch cables, the data jack, and the patch panel. Did the cable run test good from end to end? Jawaban: yes. Yes. If not, try to analyze where the problem is and repeat the connections if possible with another wall jack and patch panel port
Step 7: Reflection (optional)
Take a tour of a wiring closet that contains patch panels and punch-down blocks. Was there any other type of devices that might use similar techniques to attach wires? What do you think attaches to these cables? Jawaban: wifi card, modem dll. Ternyata koneksi dengan menggunakan kabel memiliki speed yang lebih cepat dari pada menggunakan wifi.
What do you think are some of the drawbacks and advantages of having a job installing network cabling? Jawaban: dengan teknik pengkabelan kita dapat merasakan keuntungan: speednya lebih cepat dari pada wifi, sedangkan kekurangannya: sulit untuk pemasangan kabel untuk area gedung yang luas dan banyak memakan biaya.
Tugas CCNA lab 5.1.4
Objectives
• Switch between the two Windows Calculator modes.
• Use Windows Calculator to convert between decimal, binary, and hexadecimal.
• Use Windows Calculator to determine the number of hosts in a network with powers of 2.
Background / Preparation
Network technicians work with binary, decimal, hexadecimal numbers with computers and networking devices. In this lab you will use the Windows Calculator application to convert between the binary, decimal, and hexadecimal number systems. You will also use the powers function to determine the number of hosts that can be addressed based on the number of bits available. The following resources are required:
• PC with Windows XP installed and functional
Step 1: Access Windows Calculator and determine mode of operation
From the Start button menu, select All Programs > Accessories, and click on Calculator. An alternate method of starting the Calculator application is to access the Start menu, click on Run, type calc and press Enter. Try both methods.
Once the Calculator application opens, select the View menu option.
Which mode [Standard | Scientific] is currently active? Jawab: Mode yang sedang aktif sekarang adalah Scientific
Select the Standard mode. This is a basic mode for simple calculations. How many mathematical functions are available in this mode? Jawab: Fungsi matematika yang ada pada Standart model adalah 7 fungsi matematika
Step 2: Convert between number systems
Access Scientific mode. Notice the number system modes available—Hex (Hexadecimal), Dec (Decimal), Oct (Octal), and Bin (Binary).
Which number system is currently active? Jawab: System bilangan yang sedang aktif pada model Scientific adalah Decimal.
Which numbers on the number pad are active in Decimal mode? Jawab: Bilangan yang aktif adalah:
Click on the Bin (Binary) mode radio button. Which numbers on the number pad are now active? Jawab:
Why do you think the other numbers are grayed out? Jawab: bilangan yang berwarna buram membuktikan bahwa bilangan tersebut tidak aktif untuk binery. Karena bilangan pada binery hanya 0 dan 1.
Click on the Hex (Hexadecimal) mode radio button.
Which characters on the number pad are now activated? Jawab karakter yang aktif pada bilangan hexadecimal adalah:
Click on the Dec radio button. Using your mouse, click on the number 1 followed by the number 5 on the number pad. The decimal number 15 has now been entered. Click on the Bin radio button.
What happened to the number 15 listed in the textbox at the top of the window? Jawab: Ketika decimal aktif saya mengetikan angka 15 kemudian saya tukar dengan Binery maka angka 15 berubah menjadi 1111.
By selecting different modes, numbers are converted from one number system to another. Select Dec mode again. The number in the window converts back to decimal. Select the Hex mode.
Which hexadecimal character (0 through 9 or A through F) represents decimal 15? Jawab: pada Hexadecimal yang mempresentasika 15 adalah F
Clear the number 15 in the window. Select Dec mode again. Not only can the mouse be used to enter numbers, but the numerical keypad on the keyboard as well as numbers on the keyboard can also be used. Using the numerical keypad to the right of the ENTER key, type the number 22. Note that if the number does not enter into the calculator, press the Num Lock key to enable the numeric keypad. While the number 22 is showing in the calculator, use the number keys across the top of the keyboard to add a 0 to the number 22 (220 should now be on the calculator). Select the Bin radio button.
What is the binary equivalent of 220? Jawab: Decimal 220 equivalent dengan 11011100 pada bineryClear the number 220 in the window. From Binary mode, type in the following binary number: 11001100. Select the Dec radio button.
What is the decimal equivalent to the binary number of 11011100? Jawab: Binery 11011100 equivalent dengan 220 Decimal
Convert the following decimal numbers to binary.
Decimal Binery
86 1010110
175 10101111
204 11001100
19 10011
Convert the following binary numbers to decimal.
Decimal Binery
11000011 195
101010 42
111000 56
10010011 147
Step 3: Convert host IP addresses
Computer hosts usually have two addresses, an Internet Protocol (IP) address and an Ethernet Media Access Control (MAC) address. For the benefit of humans, the IP address is normally represented as a dotted decimal notation, such as 135.15.227.68. Each of the decimal octets in the address or a mask can be converted to 8 binary bits. Remember that the computer only understands binary bits. If all 4 octets were converted to binary, how many bits would there be?
Jawab:
jika jumlah semua ada 4 oktet maka ada 32 bit yang terbentuk karena 1 oktet terdiri dari 8 bits.
IP addresses are normally shown with four decimal numbers ranging from 0 to 255 and separated by a period. Convert the 4 parts of the IP address 192.168.10.2 to binary.
Decimal Binary
192 11000000
168 10101000
10 00001010
2 00000010s
Notice in the previous problem how the 10 converted to only four digits and the number 2 converted to only two digits. When IP addresses can have any number from 0 to 255 in each position, eight digits are normally used to represent each number. In the previous example, eight digits were needed to convert 192 and 168 to binary, but 10 and 2 did not need as many digits. Normally 0s are added to the left of the digits to have eight digits in binary for each IP address number. The number 10 would be shown as 00001010. Four extra zeros are added to the front of the other four binary digits.
On the calculator in Binary mode, enter the digits 00001010 and select the Dec radio button.
Which decimal number is equivalent to 00001010?
Jawab:
00001010 ekuivalen dengan 10 pada decimal
Did adding “leading” zeros affect the number any?
Jawab:
Tidak karena 0 di depan tidak mempunyai pengaruh di dalam pengkonversian.
What would the number 2 (in the previous example) be if you were to make it eight digits?
Jawab:
karena pada IP address satu octet harus berisikan 8 digit bilangan biner.
Step 4: Convert host IP subnet masks
Subnet masks, such as 255.255.255.0, are also represented as dotted decimal. A subnet mask will always consist of four 8-bit octets, each one represented as a decimal number. With the exception of decimal 0 (all 8 binary zeros) and decimal 255 (all 8 binary ones), each octet will have some number of ones on the left and some number of zeros on the right. Convert the 8 possible decimal subnet octet values to binary.Decimal Binary
0 00000000.00000000.00000000.00000000
128 11111111.11111111.00000000.00000000
192 11111111.11111111.11111111.00000000
224 11111111.11111111.11111111.00000000
240 11111111.11111111.11111111.00000000
248 11111111.11111111.11111111.00000000
252 11111111.11111111.11111111.00000000
254 11111111.11111111.11111111.00000000
255 11111111.11111111.11111111.11111111
Convert the four parts of the subnet mask 255.255.255.0 to binary.
Jawab:
11111111.11111111.11111111.00000000
Step 5: Convert broadcast addresses
Computer hosts and network devices use broadcast addresses to send messages to all hosts. Convert the following broadcast addresses.
Address Binery
IP broadcast255.255.255.255 11111111.1111111.11111111.11111111
MAC broadcastFF:FF:FF:FF:FF:FF 11111111.1111111.11111111.11111111
Step 6: Convert IP and MAC addresses for a host
Click the Start button, select Run, type cmd, and press Enter. From the command prompt, type ipconfig /all.
Make a note of the IP address and physical address (also known as a MAC address).
IP Address:
Jawab:
IP addressnya adalah 192.168.193.71
MAC Address:
Jawab:
MAC addresnya adalah 00-17-C4-23-43-FE
Using the calculator, convert the four numbers contained in the IP address to binary.
Decimal Binary
192 11000000
168 10101000
193 11000001
71 01000111
The MAC or physical address is normally represented as 12 hexadecimal characters, grouped in pairs and separated by dashes (-). Physical addresses on a Windows-based computer are shown in a format of xx-xx-xx-xx-xx-xx, where each x is a number from 0 to 9 or a letter from a to f. Each of the hex characters in the address can be converted to 4 binary bits which is what the computer understands. If all 12 hex characters were converted to binary, how many bits would there be?
Jawab:
Jika ada 12 karakter hexadecimal maka akan ada 96 bilangan biner yang terbentuk.
Convert each of the hexadecimal pairs to binary. For example, if the number CC-12-DE-4A-BD-88-34 was the physical address, convert the hexadecimal number CC to binary (11001100). Then convert the hexadecimal number 12 to binary (00010010) and so on. Be sure to add the leading zeros for a total of 8 binary digits per pair of hex digits.
Hexadecimal Binery
CC 11001100
12 00010010
DE 11011110
4A 01001010
BD 10111101
88 10001000
34 00110100
Step 7: Manipulate powers of 2 to determine the number of hosts on a network
Binary numbers use two digits, 0 and 1. When you calculate how many hosts can be on a subnetwork, you use powers of two because binary is being used. As an example, we have a subnet mask that leaves six bits in the host portion of the IP address. In this case, the number of hosts on that network is 2 to the 6th power minus 2 (because you need a number to represent the network and
number that can be used to reach all the hosts—the broadcast address). The number 2 is always used because we are working in binary. The number 6 is the number of bits that are used for the host bits.
On the calculator, in Dec mode, input the number 2. Select the x^y key, the key which raises a number to a power. Input the number 6. Click on the = key, press Enter on the keyboard, or press the = key on the keyboard—all give the total. The number 64 appears in the output. To subtract two, click on the minus (-) key and then the 2 key followed by the = key. The number 62 appears in the output. This means 62 hosts could be utilized.
Using the previously described process, determine the number of hosts if the following number of bits are used for host bits.
No. of Bits Used forHosts No. of Hosts
5 30 hosts
14 16382 hosts
24 16777214 host
10 1022 hosts
Using a similar technique as learned previously, determine what 10 to the 4th power equals.
Jawab:
Hasilnya adalah 9998
Close the Windows Calculator application.
Step 8: (Optional) Determine the network number and number of hosts based on subnet mask
Given the IP network address of 172.16.203.56 and a subnet mask of 255.255.248.0, determine the network portion of the address and calculate how many hosts can be created from host bits left.
Start by converting the 4 octets of the decimal IP address to binary and then convert the decimal subnet mask to binary. Remember to include leading zeros when converting to binary in order to make a total of 8 bits per octet.
Decimal IP addressand subnet mask Binary IP address and subnet mask
172.16.203.56 10101100.00010000.11001011.00111000
255.255.248.0 11111111.11111111.11111000.00000000
Align the 32 bits of the subnet mask to the 32 bits of the IP address and compare them. The bits in the IP address that align with the ones bits in the subnet mask represent the network number. What is the binary and decimal network number for this IP address? Determine the binary address first (include all 32 bits) and then convert it to decimal. Binary network address:
Jawab:
10101100.00010000.11001011.00111000
11111111.11111111.11111000.00000000
10101100.00010000.11001000.00000000
Decimal network address:
Jawab:
172.16.200.0
How many ones bits are in the subnet mask?
Jawab:
Subnetmask = 2n = 23=8
How many bits are left for host bits?
Jawab:
Host = 2n-2= 25-2= 30
How many hosts can be created with the bits left?
Jawab:
Host =2n-2= 211-2= 2046
Step 9: Reflection
List one other thing for which you might use the Windows Calculator scientific mode. It does not have to be related to networking.
• Switch between the two Windows Calculator modes.
• Use Windows Calculator to convert between decimal, binary, and hexadecimal.
• Use Windows Calculator to determine the number of hosts in a network with powers of 2.
Background / Preparation
Network technicians work with binary, decimal, hexadecimal numbers with computers and networking devices. In this lab you will use the Windows Calculator application to convert between the binary, decimal, and hexadecimal number systems. You will also use the powers function to determine the number of hosts that can be addressed based on the number of bits available. The following resources are required:
• PC with Windows XP installed and functional
Step 1: Access Windows Calculator and determine mode of operation
From the Start button menu, select All Programs > Accessories, and click on Calculator. An alternate method of starting the Calculator application is to access the Start menu, click on Run, type calc and press Enter. Try both methods.
Once the Calculator application opens, select the View menu option.
Which mode [Standard | Scientific] is currently active? Jawab: Mode yang sedang aktif sekarang adalah Scientific
Select the Standard mode. This is a basic mode for simple calculations. How many mathematical functions are available in this mode? Jawab: Fungsi matematika yang ada pada Standart model adalah 7 fungsi matematika
Step 2: Convert between number systems
Access Scientific mode. Notice the number system modes available—Hex (Hexadecimal), Dec (Decimal), Oct (Octal), and Bin (Binary).
Which number system is currently active? Jawab: System bilangan yang sedang aktif pada model Scientific adalah Decimal.
Which numbers on the number pad are active in Decimal mode? Jawab: Bilangan yang aktif adalah:
Click on the Bin (Binary) mode radio button. Which numbers on the number pad are now active? Jawab:
Why do you think the other numbers are grayed out? Jawab: bilangan yang berwarna buram membuktikan bahwa bilangan tersebut tidak aktif untuk binery. Karena bilangan pada binery hanya 0 dan 1.
Click on the Hex (Hexadecimal) mode radio button.
Which characters on the number pad are now activated? Jawab karakter yang aktif pada bilangan hexadecimal adalah:
Click on the Dec radio button. Using your mouse, click on the number 1 followed by the number 5 on the number pad. The decimal number 15 has now been entered. Click on the Bin radio button.
What happened to the number 15 listed in the textbox at the top of the window? Jawab: Ketika decimal aktif saya mengetikan angka 15 kemudian saya tukar dengan Binery maka angka 15 berubah menjadi 1111.
By selecting different modes, numbers are converted from one number system to another. Select Dec mode again. The number in the window converts back to decimal. Select the Hex mode.
Which hexadecimal character (0 through 9 or A through F) represents decimal 15? Jawab: pada Hexadecimal yang mempresentasika 15 adalah F
Clear the number 15 in the window. Select Dec mode again. Not only can the mouse be used to enter numbers, but the numerical keypad on the keyboard as well as numbers on the keyboard can also be used. Using the numerical keypad to the right of the ENTER key, type the number 22. Note that if the number does not enter into the calculator, press the Num Lock key to enable the numeric keypad. While the number 22 is showing in the calculator, use the number keys across the top of the keyboard to add a 0 to the number 22 (220 should now be on the calculator). Select the Bin radio button.
What is the binary equivalent of 220? Jawab: Decimal 220 equivalent dengan 11011100 pada bineryClear the number 220 in the window. From Binary mode, type in the following binary number: 11001100. Select the Dec radio button.
What is the decimal equivalent to the binary number of 11011100? Jawab: Binery 11011100 equivalent dengan 220 Decimal
Convert the following decimal numbers to binary.
Decimal Binery
86 1010110
175 10101111
204 11001100
19 10011
Convert the following binary numbers to decimal.
Decimal Binery
11000011 195
101010 42
111000 56
10010011 147
Step 3: Convert host IP addresses
Computer hosts usually have two addresses, an Internet Protocol (IP) address and an Ethernet Media Access Control (MAC) address. For the benefit of humans, the IP address is normally represented as a dotted decimal notation, such as 135.15.227.68. Each of the decimal octets in the address or a mask can be converted to 8 binary bits. Remember that the computer only understands binary bits. If all 4 octets were converted to binary, how many bits would there be?
Jawab:
jika jumlah semua ada 4 oktet maka ada 32 bit yang terbentuk karena 1 oktet terdiri dari 8 bits.
IP addresses are normally shown with four decimal numbers ranging from 0 to 255 and separated by a period. Convert the 4 parts of the IP address 192.168.10.2 to binary.
Decimal Binary
192 11000000
168 10101000
10 00001010
2 00000010s
Notice in the previous problem how the 10 converted to only four digits and the number 2 converted to only two digits. When IP addresses can have any number from 0 to 255 in each position, eight digits are normally used to represent each number. In the previous example, eight digits were needed to convert 192 and 168 to binary, but 10 and 2 did not need as many digits. Normally 0s are added to the left of the digits to have eight digits in binary for each IP address number. The number 10 would be shown as 00001010. Four extra zeros are added to the front of the other four binary digits.
On the calculator in Binary mode, enter the digits 00001010 and select the Dec radio button.
Which decimal number is equivalent to 00001010?
Jawab:
00001010 ekuivalen dengan 10 pada decimal
Did adding “leading” zeros affect the number any?
Jawab:
Tidak karena 0 di depan tidak mempunyai pengaruh di dalam pengkonversian.
What would the number 2 (in the previous example) be if you were to make it eight digits?
Jawab:
karena pada IP address satu octet harus berisikan 8 digit bilangan biner.
Step 4: Convert host IP subnet masks
Subnet masks, such as 255.255.255.0, are also represented as dotted decimal. A subnet mask will always consist of four 8-bit octets, each one represented as a decimal number. With the exception of decimal 0 (all 8 binary zeros) and decimal 255 (all 8 binary ones), each octet will have some number of ones on the left and some number of zeros on the right. Convert the 8 possible decimal subnet octet values to binary.Decimal Binary
0 00000000.00000000.00000000.00000000
128 11111111.11111111.00000000.00000000
192 11111111.11111111.11111111.00000000
224 11111111.11111111.11111111.00000000
240 11111111.11111111.11111111.00000000
248 11111111.11111111.11111111.00000000
252 11111111.11111111.11111111.00000000
254 11111111.11111111.11111111.00000000
255 11111111.11111111.11111111.11111111
Convert the four parts of the subnet mask 255.255.255.0 to binary.
Jawab:
11111111.11111111.11111111.00000000
Step 5: Convert broadcast addresses
Computer hosts and network devices use broadcast addresses to send messages to all hosts. Convert the following broadcast addresses.
Address Binery
IP broadcast255.255.255.255 11111111.1111111.11111111.11111111
MAC broadcastFF:FF:FF:FF:FF:FF 11111111.1111111.11111111.11111111
Step 6: Convert IP and MAC addresses for a host
Click the Start button, select Run, type cmd, and press Enter. From the command prompt, type ipconfig /all.
Make a note of the IP address and physical address (also known as a MAC address).
IP Address:
Jawab:
IP addressnya adalah 192.168.193.71
MAC Address:
Jawab:
MAC addresnya adalah 00-17-C4-23-43-FE
Using the calculator, convert the four numbers contained in the IP address to binary.
Decimal Binary
192 11000000
168 10101000
193 11000001
71 01000111
The MAC or physical address is normally represented as 12 hexadecimal characters, grouped in pairs and separated by dashes (-). Physical addresses on a Windows-based computer are shown in a format of xx-xx-xx-xx-xx-xx, where each x is a number from 0 to 9 or a letter from a to f. Each of the hex characters in the address can be converted to 4 binary bits which is what the computer understands. If all 12 hex characters were converted to binary, how many bits would there be?
Jawab:
Jika ada 12 karakter hexadecimal maka akan ada 96 bilangan biner yang terbentuk.
Convert each of the hexadecimal pairs to binary. For example, if the number CC-12-DE-4A-BD-88-34 was the physical address, convert the hexadecimal number CC to binary (11001100). Then convert the hexadecimal number 12 to binary (00010010) and so on. Be sure to add the leading zeros for a total of 8 binary digits per pair of hex digits.
Hexadecimal Binery
CC 11001100
12 00010010
DE 11011110
4A 01001010
BD 10111101
88 10001000
34 00110100
Step 7: Manipulate powers of 2 to determine the number of hosts on a network
Binary numbers use two digits, 0 and 1. When you calculate how many hosts can be on a subnetwork, you use powers of two because binary is being used. As an example, we have a subnet mask that leaves six bits in the host portion of the IP address. In this case, the number of hosts on that network is 2 to the 6th power minus 2 (because you need a number to represent the network and
number that can be used to reach all the hosts—the broadcast address). The number 2 is always used because we are working in binary. The number 6 is the number of bits that are used for the host bits.
On the calculator, in Dec mode, input the number 2. Select the x^y key, the key which raises a number to a power. Input the number 6. Click on the = key, press Enter on the keyboard, or press the = key on the keyboard—all give the total. The number 64 appears in the output. To subtract two, click on the minus (-) key and then the 2 key followed by the = key. The number 62 appears in the output. This means 62 hosts could be utilized.
Using the previously described process, determine the number of hosts if the following number of bits are used for host bits.
No. of Bits Used forHosts No. of Hosts
5 30 hosts
14 16382 hosts
24 16777214 host
10 1022 hosts
Using a similar technique as learned previously, determine what 10 to the 4th power equals.
Jawab:
Hasilnya adalah 9998
Close the Windows Calculator application.
Step 8: (Optional) Determine the network number and number of hosts based on subnet mask
Given the IP network address of 172.16.203.56 and a subnet mask of 255.255.248.0, determine the network portion of the address and calculate how many hosts can be created from host bits left.
Start by converting the 4 octets of the decimal IP address to binary and then convert the decimal subnet mask to binary. Remember to include leading zeros when converting to binary in order to make a total of 8 bits per octet.
Decimal IP addressand subnet mask Binary IP address and subnet mask
172.16.203.56 10101100.00010000.11001011.00111000
255.255.248.0 11111111.11111111.11111000.00000000
Align the 32 bits of the subnet mask to the 32 bits of the IP address and compare them. The bits in the IP address that align with the ones bits in the subnet mask represent the network number. What is the binary and decimal network number for this IP address? Determine the binary address first (include all 32 bits) and then convert it to decimal. Binary network address:
Jawab:
10101100.00010000.11001011.00111000
11111111.11111111.11111000.00000000
10101100.00010000.11001000.00000000
Decimal network address:
Jawab:
172.16.200.0
How many ones bits are in the subnet mask?
Jawab:
Subnetmask = 2n = 23=8
How many bits are left for host bits?
Jawab:
Host = 2n-2= 25-2= 30
How many hosts can be created with the bits left?
Jawab:
Host =2n-2= 211-2= 2046
Step 9: Reflection
List one other thing for which you might use the Windows Calculator scientific mode. It does not have to be related to networking.
tugas ccna lab 1.3.3
Lab 1.3.3 Determining the Screen Resolution of a Computer
Objectives
Determine the current screen resolution of a PC monitor.
Determine the maximum resolution for the highest color quality.
Calculate the number of pixels needed for resolution settings.
Identify the type of monitor and graphics card installed.
Background / Preparation
The resolution of a monitor determines the quality of the screen display. The resolution is determined by the number of horizontal and vertical picture elements (pixels) that are used to produce the image on the monitor. The number of pixels is typically predefined by the manufacturers of graphics cards and PC monitors. The highest number of pixels that a monitor and graphics card can support is referred to as maximum resolution. An example of maximum resolution is 1280 x1024, which means the display is composed of 1280 horizontal pixels and 1024 vertical pixels. The higher the resolution is set, the sharper the display image. The maximum resolution of a PC monitor and the number of colors the monitor can display are determined by two factors:
• Capability of the monitor
• Capability of the graphics card, especially the amount of onboard memory
The following resources are required:
• Computer with Windows XP installed
Step 1: Determine the current screen resolution
To view the current screen resolution and color quality settings, right-click on any empty space on the desktop and select Properties from the context menu. In the Display Properties window, select the Settings tab.
You can also access Display Properties by opening the Control Panel and clicking the Display icon.
Use the Display Properties Settings tab to record the current settings on your PC: The screen resolution is (H by V) Answere: Horizontal The horizontal resolution is: 1024, The vertical resolution is: 768, The color quality value is: 32 bit
Step 2: Determine the maximum resolution for the highest color quality
The slide bar under Screen resolution is used to configure the desired resolution.
a. Move the slide bar to see the range of screen resolutions that are available on your PC. (The range is determined by the operating system when it identifies the display card and the monitor.)
b. Use the Display Properties Settings tab to fill out the following table for the current settings on your PC: Answere:
Minimum screen resolution 800×600 pixels
Maximum screen resolutio 1280×800 pixels
Available color quality settings medium (16 bit) dan highest 932 bit)
Step 3: Calculate the pixels for current and maximum resolution settings
The display on the screen consists of rows of pixels. The number of pixels in each row is the horizontal resolution. The number of rows is the vertical resolution. To determine the total number of pixels in a screen resolution, you multiply the horizontal resolution by the vertical resolution. For example, if the current resolution is 1280 x 1024, the total number of pixels is 1280 times 1024, or 1,310,720. Answere:
Calculate the total number of pixels for the lowest resolution: 600 pixels______________________
Calculate the total number of pixels for the maximum resolution: 1280 pixels____________________
Step 4: Identify the type of graphics card installed
You can get detailed information about the graphics card (also called the display adapter) in the Display Properties screen.
a. In the Display Properties screen, click the Advanced button.
b. Select the Adapter tab.
Use the information found in the Adapter tab to complete the following table:
Answere:Graphics card manufacturer and model (Adapter Type)Graphics memory on card (Memory Size) Chip type, DAC Type, memory Size, adapter string, Bios infoemation128 MB, but this is based on speck of the each of the computer.
Step 5: Identify the type of monitor and available refresh rates
You can get detailed information about the monitor in the Display Properties screen. The screen refresh rate determines the number of times per second the screen is illuminated or redrawn. A refresh rate of 60 hertz means the screen is illuminated 60 times per second. Higher refresh rates provide less screen flicker, which reduces eye strain, but may adversely affect the monitor. You should set the refresh rate to the highest level the monitor can safely support.
Click on the Monitor tab to see the monitor type and current refresh rate.
Use the information found in the Monitor tab to complete the following table: Answere:Monitor type Plug and Play Monitor and NVIDIA GeForce Go 7400
Supported refresh rates 60 Hert
3. What can occur if you select a refresh rate that is higher than what the monitor can safely display? Answere: Can be damage to hadware.
Objectives
Determine the current screen resolution of a PC monitor.
Determine the maximum resolution for the highest color quality.
Calculate the number of pixels needed for resolution settings.
Identify the type of monitor and graphics card installed.
Background / Preparation
The resolution of a monitor determines the quality of the screen display. The resolution is determined by the number of horizontal and vertical picture elements (pixels) that are used to produce the image on the monitor. The number of pixels is typically predefined by the manufacturers of graphics cards and PC monitors. The highest number of pixels that a monitor and graphics card can support is referred to as maximum resolution. An example of maximum resolution is 1280 x1024, which means the display is composed of 1280 horizontal pixels and 1024 vertical pixels. The higher the resolution is set, the sharper the display image. The maximum resolution of a PC monitor and the number of colors the monitor can display are determined by two factors:
• Capability of the monitor
• Capability of the graphics card, especially the amount of onboard memory
The following resources are required:
• Computer with Windows XP installed
Step 1: Determine the current screen resolution
To view the current screen resolution and color quality settings, right-click on any empty space on the desktop and select Properties from the context menu. In the Display Properties window, select the Settings tab.
You can also access Display Properties by opening the Control Panel and clicking the Display icon.
Use the Display Properties Settings tab to record the current settings on your PC: The screen resolution is (H by V) Answere: Horizontal The horizontal resolution is: 1024, The vertical resolution is: 768, The color quality value is: 32 bit
Step 2: Determine the maximum resolution for the highest color quality
The slide bar under Screen resolution is used to configure the desired resolution.
a. Move the slide bar to see the range of screen resolutions that are available on your PC. (The range is determined by the operating system when it identifies the display card and the monitor.)
b. Use the Display Properties Settings tab to fill out the following table for the current settings on your PC: Answere:
Minimum screen resolution 800×600 pixels
Maximum screen resolutio 1280×800 pixels
Available color quality settings medium (16 bit) dan highest 932 bit)
Step 3: Calculate the pixels for current and maximum resolution settings
The display on the screen consists of rows of pixels. The number of pixels in each row is the horizontal resolution. The number of rows is the vertical resolution. To determine the total number of pixels in a screen resolution, you multiply the horizontal resolution by the vertical resolution. For example, if the current resolution is 1280 x 1024, the total number of pixels is 1280 times 1024, or 1,310,720. Answere:
Calculate the total number of pixels for the lowest resolution: 600 pixels______________________
Calculate the total number of pixels for the maximum resolution: 1280 pixels____________________
Step 4: Identify the type of graphics card installed
You can get detailed information about the graphics card (also called the display adapter) in the Display Properties screen.
a. In the Display Properties screen, click the Advanced button.
b. Select the Adapter tab.
Use the information found in the Adapter tab to complete the following table:
Answere:Graphics card manufacturer and model (Adapter Type)Graphics memory on card (Memory Size) Chip type, DAC Type, memory Size, adapter string, Bios infoemation128 MB, but this is based on speck of the each of the computer.
Step 5: Identify the type of monitor and available refresh rates
You can get detailed information about the monitor in the Display Properties screen. The screen refresh rate determines the number of times per second the screen is illuminated or redrawn. A refresh rate of 60 hertz means the screen is illuminated 60 times per second. Higher refresh rates provide less screen flicker, which reduces eye strain, but may adversely affect the monitor. You should set the refresh rate to the highest level the monitor can safely support.
Click on the Monitor tab to see the monitor type and current refresh rate.
Use the information found in the Monitor tab to complete the following table: Answere:Monitor type Plug and Play Monitor and NVIDIA GeForce Go 7400
Supported refresh rates 60 Hert
3. What can occur if you select a refresh rate that is higher than what the monitor can safely display? Answere: Can be damage to hadware.
Tugas Teka-teki Silang validate Choise of VPN Topology, Device And Topologies
TEKA-TEKI SILANG
Jawaban:
Layer 2 forwarding protocol
Data Encryption Standard
Secure hash algorithmi
Advanced Encryption Standard
Diffiehellman
RSA
Generic Routing Encapsulation
Layer 2 Tunneling Protocol
3 DES
IPSEC
PPTD
Message Digests
gambar:
CCNA 3 Lab 5.2.3 Configuring RIPv2 with VLSM, and Default Route Propagation
Lab 5.2.3 Configuring RIPv2 with VLSM, and Default Route Propagation
Step 1: Connect the equipment.
a. Connect Router3 to Router1 and Router2 with serial cables.
b. Connect Router1’s Fa0/0 interface with a straight-through cable to Switch1’s Fa0/1 interface.
c. Connect Router2’s Fa0/0 interface with a straight-through cable to Switch2’s Fa0/1 interface
d. Connect PC1 to Switch1 and PC2 to Switch 2 with straight-through cables.
e. Connect PC3 to Router3’s Fa0/0 interface with a crossover cable.
f. Connect a PC with a console cable to perform configurations on the routers and switches.
Step 2: Perform basic configurations on the routers.
a. Establish a console session with Router1 and configure hostname, passwords, and interfaces as
described in the table. Save the configuration.
b. Establish a console session with Router2 and perform a similar configuration, using the addresses
and other information from the table. Save the configuration.
c. Establish a console session with Router3. Configure hostname, passwords, and interfaces according
to the table. Note that both serials are DCE on this router. Save the configuration.
Step 3: Perform basic configurations on the switches.
a. Establish a console session with Switch1 and configure hostname and passwords according to the
table. Save the configuration.
b. Perform a similar configuration on Switch2, configuring the hostname and passwords as described for
S1. Save the configuration.
Step 4: Configure the hosts with the proper IP address, subnet mask, and default gateway.
a. Configure each host with the proper IP address, subnet mask, and default gateway. Host1 should be
assigned 172.16.1.2/24 and Host 2 should be assigned 172.16.2.2 /24. Host3, which is used to
simulate Internet access, should be assigned 209.165.201.2/24. All three PCs use their attached
router’s Fa0/0 interface as the default gateway.
b. Each workstation should be able to ping the attached router. If the ping was not successful,
troubleshoot as necessary. Check and verify that the workstation has been assigned a specific IP
address and default gateway.
Step 5: Configure RIP v2 routing
a. On R1, configure RIP version 2 as the routing protocol and advertise the appropriate networks:
R1(config)#router rip
R1(config-router)#version 2
R1(config-router)#network 172.16.1.0
R1(config-router)#network 172.16.3.0
Predict: how will RIP report these subnets in the routing table? As a 172.16.0.0 summary route, as well as individual subnets of the 172.16.0.0 network.
b. From the network commands, which interfaces are participating in RIP routing? _____________
Fa0/0, S0/0/0.
c. Perform a similar configuration on R2, setting the version, advertising the appropriate networks, and
turning off auto-summarization
d. On R3, perform a similar configuration. Do not advertise the 209.165.201.0/24 network.
Step 6: Configure and redistribute a default route for Internet access.
a. From the R3 router to the host simulating the Internet, create a static route to network 0.0.0.0 0.0.0.0,
using the ip route command. This will forward any unknown-destination address traffic to the PC
simulating the Internet by setting a Gateway of Last Resort on the R3 router.
R3(config)#ip route 0.0.0.0 0.0.0.0 209.165.201.2
b. R3 will advertise this route to the other routers if this command is added to its RIP configuration:
R3(config)#router rip
R3(config-router)#default-information originate
Step 7: Verify the routing configuration.
a. View the routing table on R3:
R3#show ip route
<
Step 1: Connect the equipment.
a. Connect Router3 to Router1 and Router2 with serial cables.
b. Connect Router1’s Fa0/0 interface with a straight-through cable to Switch1’s Fa0/1 interface.
c. Connect Router2’s Fa0/0 interface with a straight-through cable to Switch2’s Fa0/1 interface
d. Connect PC1 to Switch1 and PC2 to Switch 2 with straight-through cables.
e. Connect PC3 to Router3’s Fa0/0 interface with a crossover cable.
f. Connect a PC with a console cable to perform configurations on the routers and switches.
Step 2: Perform basic configurations on the routers.
a. Establish a console session with Router1 and configure hostname, passwords, and interfaces as
described in the table. Save the configuration.
b. Establish a console session with Router2 and perform a similar configuration, using the addresses
and other information from the table. Save the configuration.
c. Establish a console session with Router3. Configure hostname, passwords, and interfaces according
to the table. Note that both serials are DCE on this router. Save the configuration.
Step 3: Perform basic configurations on the switches.
a. Establish a console session with Switch1 and configure hostname and passwords according to the
table. Save the configuration.
b. Perform a similar configuration on Switch2, configuring the hostname and passwords as described for
S1. Save the configuration.
Step 4: Configure the hosts with the proper IP address, subnet mask, and default gateway.
a. Configure each host with the proper IP address, subnet mask, and default gateway. Host1 should be
assigned 172.16.1.2/24 and Host 2 should be assigned 172.16.2.2 /24. Host3, which is used to
simulate Internet access, should be assigned 209.165.201.2/24. All three PCs use their attached
router’s Fa0/0 interface as the default gateway.
b. Each workstation should be able to ping the attached router. If the ping was not successful,
troubleshoot as necessary. Check and verify that the workstation has been assigned a specific IP
address and default gateway.
Step 5: Configure RIP v2 routing
a. On R1, configure RIP version 2 as the routing protocol and advertise the appropriate networks:
R1(config)#router rip
R1(config-router)#version 2
R1(config-router)#network 172.16.1.0
R1(config-router)#network 172.16.3.0
Predict: how will RIP report these subnets in the routing table? As a 172.16.0.0 summary route, as well as individual subnets of the 172.16.0.0 network.
b. From the network commands, which interfaces are participating in RIP routing? _____________
Fa0/0, S0/0/0.
c. Perform a similar configuration on R2, setting the version, advertising the appropriate networks, and
turning off auto-summarization
d. On R3, perform a similar configuration. Do not advertise the 209.165.201.0/24 network.
Step 6: Configure and redistribute a default route for Internet access.
a. From the R3 router to the host simulating the Internet, create a static route to network 0.0.0.0 0.0.0.0,
using the ip route command. This will forward any unknown-destination address traffic to the PC
simulating the Internet by setting a Gateway of Last Resort on the R3 router.
R3(config)#ip route 0.0.0.0 0.0.0.0 209.165.201.2
b. R3 will advertise this route to the other routers if this command is added to its RIP configuration:
R3(config)#router rip
R3(config-router)#default-information originate
Step 7: Verify the routing configuration.
a. View the routing table on R3:
R3#show ip route
<
CCNA Discovery 4 Module 9 Exam Answers Version 4.0
1. Which two statements describe factors that influence the layout of a proposal? (Choose two.)
• Proposal layouts are required to use sans serif typefaces.
• A specific proposal layout is followed when one is specified in the RFP.
• A designer chooses the layout if a written RFP does not specify an outline.
• The software that is used to create the proposal dictates the proposal layouts.
• Proposal layouts are required to use a format that is designed by the network engineer.
2 . What two items are typically included in the executive summary of a proposal? (Choose two.)
• project scope summary
• high-level implementation plan
• quotes for all needed equipment
• technical requirements for the design
• emphasis on the benefits that meet the goals of the customer
3. Which proposal section describes the intended routing protocol, security mechanisms, and addressing for the planned network?
• logical design
• physical design
• executive summary
• implementation plan
• network requirements
4. Which occurrence would indicate a failure of the design phase?
• The incorrect model switches were ordered.
• There is no customer signoff for task completion.
• New requirements are identified after implementation begins.
• The new network capacity is inadequate to support required traffic.
5. A network installation team is assigned to replace all core switches in an existing data center. No other upgrades are planned. Which kind of installation is this?
• a new installation
• a fork-lift installation
• a phased installation
• a green field installation
6. What service is provided Cisco standard warranty?
• software application maintenance
• replacement of defected hardware
• next business day delivery of replacement parts
• access to the Cisco Technical Assistance Center (TAC) 24 hours a day, 7 days a week
7. An upgraded version of the Cisco IOS has been purchased. However, the CD arrived damaged. How will this loss be covered?
• a hardware warranty
• a software warranty
• the Cisco SMARTnet Service
• an additional service contract
8. A company informs the account manager that the installation of a new edge router at the customer remote branch location cannot be done at the scheduled time because of a large order that the branch office needs to complete. As a result, the end date of the project must be adjusted to accommodate the additional time. What is the action should the account manager take?
• Cancel the order for the new edge router.
• Work with designer to redesign the branch network.
• Instruct the technician to complete the install of the router at on the date in the contract.
• Adjust the timeline documentation to show the company how the delay will affect the
• project completion date.
9. NetworkingCompany completes the installation of a network upgrade for a retail customer. All of the onsite tests complete successfully and the customer IT staff approves the results of the tests. The manager of the retail store contacts NetworkingCompany to inform the company that the store will not pay for the upgrade until a recently purchased software package is installed and tested on the network. Which two items that are contained in the proposal can the account manager refer to when discussing this issue with the store manager?(Choose two.)
• the project scope
• the bill-of-material
• the project timeline
• the terms and conditions
• the business goals of the customer
• the evaluation of the current network
10. The operation of a new branch location network is delayed because a VPN cannot be configured and established between the branch location and the main office. It is determined that the router at the main office does not have enough memory and does not have the correct Cisco IOS version image to support the VPN features. To prevent this delay, this problem should have been identified and corrected during which part of the design project?
• the preparation of the business case
• the prioritizing of the technical goals
• the characterization of the existing network
• the implementation of the approved design
11.The NetworkingCompany team is tasked to prepare an implementation schedule for a customer. It is determined that the new firewalls and wireless controllers that are specified in the design cannot be delivered and installed within the agreed upon time frame. The NetworkingCompany informs the customer of the problem. What two options can the NetworkingCompany team take to ensure the success of the project? (Choose two.)
• plan to add additional staff and resources to shorten the installation time after the new equipment is delivered
• eliminate redundancy in the design to reduce the amount of equipment that is needed
• renegotiate a new time frame with the customer to accommodate the delay
• delay the installation of the security devices and controllers until a later time
• redesign the network to use only readily available equipment and software
12. AAA Financial Services Company is performing implementation planning for a core switch upgrade. The company has 200 financial software programmers that work billable hours during the week. They have critical, scheduled money transfer transmissions that occur at hourly intervals every night. There are two, two-hour long IT maintenance windows scheduled for software upgrades, one on Saturday and one on Sunday. The bank advertises online banking as available 24 hours on business days and 21 hours on the weekends. However, a network upgrade that is necessary to replace some switches is expected to take four hours. Because of rack constraints, this time includes three hours to remove the old switches before the new switches can be installed and one hour to test the logical configuration. How should the implementation scheduling be handled
• Defer the software upgrades. Use the Saturday window to perform the hardware installation. Use the Sunday window to perform the logical testing.
• Coordinate and publish a separate four-hour downtime during Friday to perform the complete switch installation and testing process. Use the Saturday and Sunday windows to correct any outage problems after the Friday window.
• Coordinate and publish two, four-hour downtimes incorporating the published Saturday and Sunday windows. Defer any software upgrades until the new network is proven to be working
correctly with the old software. Use the Sunday window as a fallback scheduling period if there re problems necessitating backing out of the Saturday window.
• Coordinate and publish an eight-hour downtime incorporating the Saturday window. This ill allow four hours for installation and logical testing, one hour for troubleshooting and decision, and three hours to roll back to the previous configuration if the new switching cannot pass the logical testing. Defer any software upgrades until the new network is proven to be working orrectly with the old software.
13. ncluded in a Bill of Materials (BOM) for a SOHO wired implementation is a Cisco 2811 router, Catalyst 2560 switch, four PCs, three laptops, and a networked printer. Wireless LAN capability will be implemented on this network. Which two equipment types must be added to the BOM to implement this request? (Choose two.)
• DNS server
• LAN switch
• wireless NICs
• DHCP server
• wireless access points
14. A customer has just taken delivery of a Cisco 2811 router and Catalyst 3560 switch. Included with the purchase is the SMARTnet Service. Which two resources are included with SMARTnet Service? (Choose two.)
• signature file updates
• technical support from TAC
• maintenance releases for OS
• software application major releases
• software application maintenance and minor releases
15. A Cisco 1841 router has been purchased without an agreement for SMARTnet Service. What two items are guaranteed under the standard warranty? (Choose two.)
• access to TAC
• replacement of defective physical media
• advanced replacement of hardware parts
• access to a renewable standard warranty contract
• under normal use, replacement of defective hardware
16. Upon completion of a proposal, a network design team must sell their ideas to two key stakeholders. Who are these two stakeholders? (Choose two.)
• customers
• licensing boards
• cabling contractors
• internal management
• project implementation team
17. What are two important guidelines when creating a slide presentation for a meeting with a customer? (Choose two.)
• Use all capital letters on words and phrases when possible for added emphasis.
• Provide varied background graphics to enhance viewer interest.
• Use contrasting colors for background and text to aid visibility.
• Change fonts frequently to denote differences in subject matter.
• Use bulleted text to lead the discussion.
18. In order to finalize a project proposal, an account manager of a
• networking company creates the terms and conditions section. What are two clauses that should be included in this section? (Choose two.)
• cost summary
• installation steps
• change order procedures
• problem resolution process
• maintenance contract quotation
19. Which two items will a systems engineer include in an implementation plan? (Choose two.)
• references to design documents
• the business goals of the customer
• diagrams of the existing traffic flows
• the steps to install and test the network
• cost of each network device and component
20. Which statement describes a phased installation into an existing network?
• A phased installation generally takes less time and expense than a green-field installation.
• A phased installation is not suitable for large, multi-site network installations or upgrades.
• A phased installation requires detailed planning in order to avoid disruption of user services.
• A phased installation involves building an entire replacement network and migrating users over to it.
• Proposal layouts are required to use sans serif typefaces.
• A specific proposal layout is followed when one is specified in the RFP.
• A designer chooses the layout if a written RFP does not specify an outline.
• The software that is used to create the proposal dictates the proposal layouts.
• Proposal layouts are required to use a format that is designed by the network engineer.
2 . What two items are typically included in the executive summary of a proposal? (Choose two.)
• project scope summary
• high-level implementation plan
• quotes for all needed equipment
• technical requirements for the design
• emphasis on the benefits that meet the goals of the customer
3. Which proposal section describes the intended routing protocol, security mechanisms, and addressing for the planned network?
• logical design
• physical design
• executive summary
• implementation plan
• network requirements
4. Which occurrence would indicate a failure of the design phase?
• The incorrect model switches were ordered.
• There is no customer signoff for task completion.
• New requirements are identified after implementation begins.
• The new network capacity is inadequate to support required traffic.
5. A network installation team is assigned to replace all core switches in an existing data center. No other upgrades are planned. Which kind of installation is this?
• a new installation
• a fork-lift installation
• a phased installation
• a green field installation
6. What service is provided Cisco standard warranty?
• software application maintenance
• replacement of defected hardware
• next business day delivery of replacement parts
• access to the Cisco Technical Assistance Center (TAC) 24 hours a day, 7 days a week
7. An upgraded version of the Cisco IOS has been purchased. However, the CD arrived damaged. How will this loss be covered?
• a hardware warranty
• a software warranty
• the Cisco SMARTnet Service
• an additional service contract
8. A company informs the account manager that the installation of a new edge router at the customer remote branch location cannot be done at the scheduled time because of a large order that the branch office needs to complete. As a result, the end date of the project must be adjusted to accommodate the additional time. What is the action should the account manager take?
• Cancel the order for the new edge router.
• Work with designer to redesign the branch network.
• Instruct the technician to complete the install of the router at on the date in the contract.
• Adjust the timeline documentation to show the company how the delay will affect the
• project completion date.
9. NetworkingCompany completes the installation of a network upgrade for a retail customer. All of the onsite tests complete successfully and the customer IT staff approves the results of the tests. The manager of the retail store contacts NetworkingCompany to inform the company that the store will not pay for the upgrade until a recently purchased software package is installed and tested on the network. Which two items that are contained in the proposal can the account manager refer to when discussing this issue with the store manager?(Choose two.)
• the project scope
• the bill-of-material
• the project timeline
• the terms and conditions
• the business goals of the customer
• the evaluation of the current network
10. The operation of a new branch location network is delayed because a VPN cannot be configured and established between the branch location and the main office. It is determined that the router at the main office does not have enough memory and does not have the correct Cisco IOS version image to support the VPN features. To prevent this delay, this problem should have been identified and corrected during which part of the design project?
• the preparation of the business case
• the prioritizing of the technical goals
• the characterization of the existing network
• the implementation of the approved design
11.The NetworkingCompany team is tasked to prepare an implementation schedule for a customer. It is determined that the new firewalls and wireless controllers that are specified in the design cannot be delivered and installed within the agreed upon time frame. The NetworkingCompany informs the customer of the problem. What two options can the NetworkingCompany team take to ensure the success of the project? (Choose two.)
• plan to add additional staff and resources to shorten the installation time after the new equipment is delivered
• eliminate redundancy in the design to reduce the amount of equipment that is needed
• renegotiate a new time frame with the customer to accommodate the delay
• delay the installation of the security devices and controllers until a later time
• redesign the network to use only readily available equipment and software
12. AAA Financial Services Company is performing implementation planning for a core switch upgrade. The company has 200 financial software programmers that work billable hours during the week. They have critical, scheduled money transfer transmissions that occur at hourly intervals every night. There are two, two-hour long IT maintenance windows scheduled for software upgrades, one on Saturday and one on Sunday. The bank advertises online banking as available 24 hours on business days and 21 hours on the weekends. However, a network upgrade that is necessary to replace some switches is expected to take four hours. Because of rack constraints, this time includes three hours to remove the old switches before the new switches can be installed and one hour to test the logical configuration. How should the implementation scheduling be handled
• Defer the software upgrades. Use the Saturday window to perform the hardware installation. Use the Sunday window to perform the logical testing.
• Coordinate and publish a separate four-hour downtime during Friday to perform the complete switch installation and testing process. Use the Saturday and Sunday windows to correct any outage problems after the Friday window.
• Coordinate and publish two, four-hour downtimes incorporating the published Saturday and Sunday windows. Defer any software upgrades until the new network is proven to be working
correctly with the old software. Use the Sunday window as a fallback scheduling period if there re problems necessitating backing out of the Saturday window.
• Coordinate and publish an eight-hour downtime incorporating the Saturday window. This ill allow four hours for installation and logical testing, one hour for troubleshooting and decision, and three hours to roll back to the previous configuration if the new switching cannot pass the logical testing. Defer any software upgrades until the new network is proven to be working orrectly with the old software.
13. ncluded in a Bill of Materials (BOM) for a SOHO wired implementation is a Cisco 2811 router, Catalyst 2560 switch, four PCs, three laptops, and a networked printer. Wireless LAN capability will be implemented on this network. Which two equipment types must be added to the BOM to implement this request? (Choose two.)
• DNS server
• LAN switch
• wireless NICs
• DHCP server
• wireless access points
14. A customer has just taken delivery of a Cisco 2811 router and Catalyst 3560 switch. Included with the purchase is the SMARTnet Service. Which two resources are included with SMARTnet Service? (Choose two.)
• signature file updates
• technical support from TAC
• maintenance releases for OS
• software application major releases
• software application maintenance and minor releases
15. A Cisco 1841 router has been purchased without an agreement for SMARTnet Service. What two items are guaranteed under the standard warranty? (Choose two.)
• access to TAC
• replacement of defective physical media
• advanced replacement of hardware parts
• access to a renewable standard warranty contract
• under normal use, replacement of defective hardware
16. Upon completion of a proposal, a network design team must sell their ideas to two key stakeholders. Who are these two stakeholders? (Choose two.)
• customers
• licensing boards
• cabling contractors
• internal management
• project implementation team
17. What are two important guidelines when creating a slide presentation for a meeting with a customer? (Choose two.)
• Use all capital letters on words and phrases when possible for added emphasis.
• Provide varied background graphics to enhance viewer interest.
• Use contrasting colors for background and text to aid visibility.
• Change fonts frequently to denote differences in subject matter.
• Use bulleted text to lead the discussion.
18. In order to finalize a project proposal, an account manager of a
• networking company creates the terms and conditions section. What are two clauses that should be included in this section? (Choose two.)
• cost summary
• installation steps
• change order procedures
• problem resolution process
• maintenance contract quotation
19. Which two items will a systems engineer include in an implementation plan? (Choose two.)
• references to design documents
• the business goals of the customer
• diagrams of the existing traffic flows
• the steps to install and test the network
• cost of each network device and component
20. Which statement describes a phased installation into an existing network?
• A phased installation generally takes less time and expense than a green-field installation.
• A phased installation is not suitable for large, multi-site network installations or upgrades.
• A phased installation requires detailed planning in order to avoid disruption of user services.
• A phased installation involves building an entire replacement network and migrating users over to it.
Langganan:
Komentar (Atom)