Transcription
CCDA 640-864Official Cert GuideAnthony Bruno, CCIE No. 2738Steve Jordan, CCIE No. 11293Cisco Press800 East 96th StreetIndianapolis, IN 46240
iiCCDA 640-864 Official Cert GuideCCDA 640-864 Official Cert GuideAnthony Bruno, CCIE No. 2738Steve Jordan, CCIE No. 11293Copyright 2011 Pearson Education, Inc.Published by:Cisco Press800 East 96th StreetIndianapolis, IN 46240 USAAll rights reserved. No part of this book may be reproduced or transmitted in any form or by any means,electronic or mechanical, including photocopying, recording, or by any information storage and retrievalsystem, without written permission from the publisher, except for the inclusion of brief quotations in areview.Third Printing: September 2012Library of Congress Cataloging-in-Publication data is on file.ISBN-10: 1-58714-257-0ISBN-13: 978-1-58714-257-4Warning and DisclaimerThis book is designed to provide information about the CCDA exam. Every effort has been made to makethis book as complete and accurate as possible, but no warranty or fitness is implied.The information is provided on an “as is” basis. The authors, Cisco Press, and Cisco Systems, Inc. shall haveneither liability nor responsibility to any person or entity with respect to any loss or damages arising fromthe information contained in this book or from the use of the discs or programs that may accompany it.The opinions expressed in this book belong to the authors and are not necessarily those of Cisco Systems, Inc.
iiiFeedback InformationAt Cisco Press, our goal is to create in-depth technical books of the highest quality and value. Each bookis crafted with care and precision, undergoing rigorous development that involves the unique expertise ofmembers of the professional technical community.Reader feedback is a natural continuation of this process. If you have any comments on how we couldimprove the quality of this book, or otherwise alter it to better suit your needs, you can contact usthrough email at feedback@ciscopress.com. Please be sure to include the book title and ISBN in yourmessage.We greatly appreciate your assistance.Corporate and Government SalesCisco Press offers excellent discounts on this book when ordered in quantity for bulk purchases or special sales. For more information, please contact:U.S. Corporate and Government Sales 1-800-382-3419 corpsales@pearsontechgroup.comFor sales outside of the U.S., please contact:International Sales 1-317-581-3793 international@pearsontechgroup.comTrademark AcknowledgmentsAll terms mentioned in this book that are known to be trademarks or service marks have been appropriately capitalized. Cisco Press or Cisco Systems, Inc. cannot attest to the accuracy of this information. Useof a term in this book should not be regarded as affecting the validity of any trademark or service mark.Publisher: Paul BogerManager, Global Certification: Erik UllandersonAssociate Publisher: David DusthimerBusiness Operation Manager, Cisco Press: Anand SundaramExecutive Editor: Brett BartowTechnical Editors: David Morgan and Farai TafaManaging Editor: Sandra SchroederCopy Editor: Keith ClineDevelopment Editor: Andrew CuppBook Designer: Gary AdairSenior Project Editor: Tonya SimpsonPublishing Coordinator: Vanessa EvansCover Designer: Sandra SchroederComposition: Mark ShirarIndexer: Cheryl Lenser
ivCCDA 640-864 Official Cert GuideAbout the AuthorsAnthony Bruno, CCIE No. 2738, is a senior principal consultant with BT with more than20 years of experience in the internetworking field. Previously, he worked for InternationalNetwork Services, Lucent Technologies, and as a captain in the U.S. Air Force. His othernetwork certifications include CCDP, CCVP, CCSP, Cisco Data Center NetworkInfrastructure Specialist, Cisco Security Solutions & Design Specialist, JNCIS-ER,Project , ITILv3 Foundation, and CWNA. He has consulted for many enterprise and service provider customers in the design, implementation, and optimization of large-scale dataand IP telephony networks. Anthony leads architecture and design teams in building nextgeneration networks for his customers. He completed his Master of Science in ElectricalEngineering at the University of Missouri–Rolla in 1994 and his Bachelor of Science inElectrical Engineering at the University of Puerto Rico–Mayaguez in 1990. He is also apart-time instructor for the University of Phoenix–Online, teaching networking courses.Steve Jordan, CCIE No. 11293, is a senior consultant with Extropy with more than 15years of experience in the internetworking field. Previously, he worked for GeneralDatatech in Houston, Texas. His other certifications include VMware VCP4 and CiscoDC specializations in Network Infrastructure, Storage, and Unified Computing Design.He specializes in data center architecture involving network, storage, compute, and virtualization technologies. He has extensive experience with large-scale data center environments and has designed and implemented network solutions in the financial, energy,retail, manufacturing, and telecommunications industries.Steve was also the coauthor for the previous edition of the CCDA Exam CertificationGuide, Third Edition.
vAbout the Technical ReviewersDavid Morgan is a senior technical consultant, technical trainer, and UC Practice Leadfor General Datatech, a Cisco Gold Partner in Dallas, Texas. He has designed, deployed,and supported hundreds of communications systems, with enterprise implementationssupporting as many as 120,000 phones and 2000 remote sites. He has more than 12years of general networking experience. He also has experience supporting LAN, WAN,security, and voice technologies and Microsoft server technology, and IBM AS/400 systems. David lives in Arlington, Texas with his wife, Trisha, and two sons.Farai Tafa, CCIE No. 14811, is a senior consultant with British Telecom with ten yearsof experience in the internetworking field. He holds CCIE certifications in the Routingand Switching and Service Provider tracks. His other certifications include the CCVP,JNCIA, JNCIS, and ITILv3 Foundation certifications. Prior to British Telecom, Farai hadthe privilege of working for industry powerhouses such as Google, Inc. and CiscoSystems, Inc. Farai has ten years of experience in the design, implementation, and supportof enterprise and service provider routing and switching solutions, and Enterprise CiscoIP Telephony and Unified Wireless solutions.
viCCDA 640-864 Official Cert GuideDedicationsThis book is dedicated to my wife, Yvonne Bruno, Ph.D., and to our daughters, Joanneand Dianne. Thanks for all of your support during the development of this book. Joanne,hopefully this book will help me pay for your computer engineering classes at TexasA&M!—Anthony BrunoThis book is dedicated to my wife of 17 years, Dorin, and my three sons, Blake, Lance,and Miles, for their support during the development of this book. For Blake, Lance, andMiles, we can now play many more games! I also want to dedicate this book to both ofmy grandmothers, Frances Cross and Anna C. Smith, who recently passed. I miss youboth very much!—Steve JordanAcknowledgmentsThis book would not have been possible without the efforts of many dedicated people.Thanks to Andrew Cupp, development editor, for his guidance and special attention todetail. Thanks to Tonya Simpson, senior project editor, for her accuracy. Thanks to BrettBartow, executive editor, for his vision. Thanks to all other Cisco Press team memberswho worked behind the scenes to make this a better book.A special thanks my coauthor, Steve Jordan, for contributing five chapters. And a specialthanks to the technical reviewers, David Morgan and Farai Tafa. Their technical adviceand careful attention to detail made this book accurate.—Anthony BrunoThis book would not be possible without all the great people who have assisted me. Iwould first like to thank Anthony Bruno for inviting me to assist him in this endeavoronce more. Thanks to Brett Bartow, executive editor, for his guidance and support duringthe book development. Thanks again to Andrew Cupp, development editor, for supporting my schedule delays and keeping me on track.Special thanks goes to the technical reviewers of this book, David Morgan and Farai Tafa,who provided wisdom and helped with keeping the book accurate.Finally, thanks to all the managers and marketing people at Cisco Press who make allthese books possible.—Steve Jordan
viiContents at a GlanceIntroductionxxxiPart IGeneral Network Design3Chapter 1Network Design MethodologyChapter 2Network Structure ModelsPart IILAN and WAN DesignChapter 3Enterprise LAN DesignChapter 4Data Center DesignChapter 5Wireless LAN DesignChapter 6WAN TechnologiesChapter 7WAN DesignPart IIIThe Internet Protocol and Routing ProtocolsChapter 8Internet Protocol Version 4265Chapter 9Internet Protocol Version 6305Chapter 10Routing Protocol Characteristics, RIP, and EIGRP345Chapter 11OSPF, BGP, Route Manipulation, and IP Multicast387Part IVSecurity, Convergence, Network ManagementChapter 12Managing Security445Chapter 13Security Solutions481Chapter 14Voice and Video DesignChapter 15Network Management ProtocolsPart VComprehensive Scenarios and Final PrepChapter 16Comprehensive ScenariosChapter 17Final 3
viiiCCDA 640-864 Official Cert GuidePart VIAppendixesAppendix AAnswers to the “Do I Know This Already?” Quizzesand Q&A Questions 623Appendix BCCDA Exam Updates: Version 1.0Appendix COSI Model, TCP/IP Architecture, and Numeric ConversionGlossaryIndex621677690Elements Available on the CDAppendix DMemory TablesAppendix EMemory Tables Answer Key657661
ixContentsIntroductionxxxiPart IGeneral Network Design3Chapter 1Network Design Methodology“Do I Know This Already?” QuizFoundation Topics558Cisco Architectures for the EnterpriseBorderless Networks ArchitectureCollaboration Architecture899Data Center/Virtualization Architecture10Prepare, Plan, Design, Implement, Operate, andOptimize Phases 11Prepare PhasePlan Phase1314Design Phase14Implement PhaseOperate Phase1414Optimize Phase14Summary of PPDIOO Phases14Design Methodology Under PPDIOO15Identifying Customer Design RequirementsCharacterizing the Existing NetworkSteps in Gathering InformationNetwork Audit Tools171718Network Analysis ToolsNetwork Checklist152222Designing the Network Topology and SolutionsTop-Down Approach23Pilot and Prototype TestsDesign Document2425References and Recommended ReadingExam Preparation TasksReview All Key Topics262727Complete Tables and Lists from MemoryDefine Key TermsQ&A28272723
xCCDA 640-864 Official Cert GuideChapter 2Network Structure Models37“Do I Know This Already?” QuizFoundation Topics3740Hierarchical Network Models40Benefits of the Hierarchical ModelHierarchical Network DesignCore Layer4141Distribution LayerAccess Layer404243Hierarchical Model Examples45Cisco Enterprise Architecture ModelEnterprise Campus ModuleEnterprise Edge Area50E-Commerce Module50Internet Connectivity ModuleVPN/Remote AccessEnterprise WAN4748515253Service Provider Edge ModuleRemote Modules5455Enterprise Branch Module56Enterprise Data Center ModuleEnterprise Teleworker ModuleBorderless Network Services565658High Availability Network Services58Workstation-to-Router Redundancy and LANHigh Availability Protocols 59ARP59Explicit ConfigurationRDPRIPHSRP59595960VRRP61GLBP61Server Redundancy61Route Redundancy62Load Balancing62Increasing Availability62Link Media Redundancy64
xiReferences and Recommended ReadingExam Preparation Tasks6566Review All Key Topics66Complete Tables and Lists from MemoryDefine Key TermsQ&A666666Part IILAN and WAN Design77Chapter 3Enterprise LAN Design79“Do I Know This Already?” QuizFoundation TopicsLAN Media798282Ethernet Design Rules83100-Mbps Fast Ethernet Design RulesGigabit Ethernet Design Rules84861000BASE-LX Long-Wavelength Gigabit Ethernet861000BASE-SX Short-Wavelength Gigabit Ethernet871000BASE-CX Gigabit Ethernet over Coaxial Cable1000BASE-T Gigabit Ethernet over UTP10 Gigabit Ethernet Design Rules10GE Media TypesEtherChannel8889Comparison of Campus MediaLAN s88919192Layer 3 Switches93Campus LAN Design and Best Practices94Best Practices for Hierarchical Layers95Access Layer Best Practices96Distribution Layer Best PracticesCore Layer Best PracticesLarge-Building LANs101Enterprise Campus LANsEdge Distribution98103102968787
xiiCCDA 640-864 Official Cert GuideMedium-Size LANs103Small and Remote Site LANsServer Farm Module103104Server Connectivity Options105Enterprise Data Center InfrastructureCampus LAN QoS ConsiderationsMulticast Traffic ConsiderationsCGMP105106108108IGMP Snooping109References and Recommended ReadingsExam Preparation Tasks109110Review All Key Topics110Complete Tables and Lists from MemoryDefine Key TermsQ&AChapter 4110110110Data Center Design121“Do I Know This Already?” QuizFoundation Topics121124Enterprise DC Architectures124Data Center 3.0 Components125Data Center 3.0 Topology ComponentsChallenges in the DC127Data Center Facility AspectsData Center Space130Data Center Power131Data Center CoolingData Center Heat128132133Data Center Cabling133Enterprise DC Infrastructure135Defining the DC Access Layer136Defining the DC Aggregation LayerDefining the DC Core LayerVirtualization OverviewChallenges127138139141141Defining Virtualization and BenefitsTypes of Virtualization142141
xiiiVirtualization TechnologiesVSS143143VRF143vPC143Device Contexts144Server Virtualization144Network Virtualization Design ConsiderationsAccess ControlPath Isolation145Services Edge145References and Recommended ReadingsExam Preparation Tasks145147Review All Key Topics147Complete Tables and Lists from MemoryDefine Key TermsQ&AChapter 5144145148148148Wireless LAN Design153“Do I Know This Already?” QuizFoundation Topics155Wireless LAN TechnologiesWLAN Standards153155155ISM and UNII Frequencies156Summary of WLAN StandardsService Set Identifier157WLAN Layer 2 Access MethodWLAN Security157157157Unauthorized Access158WLAN Security Design Approach158IEEE 802.1X-2001 Port-Based AuthenticationDynamic WEP Keys and LEAP159Controlling WLAN Access to ServersCisco Unified Wireless NetworkCisco UWN ArchitectureLWAPP159160160162CAPWAP163Cisco Unified Wireless Network Split-MACArchitecture 163159
xivCCDA 640-864 Official Cert GuideLocal MACAP Modes164164LWAPP Discovery of WLCWLAN Authentication166167Authentication Options168WLAN Controller ComponentsWLC Interface Types169169AP Controller Equipment ScalingRoaming and Mobility GroupsIntracontroller Roaming171173173Layer 2 Intercontroller Roaming173Layer 3 Intercontroller Roaming174Mobility GroupsWLAN Design174176Controller Redundancy Design: Deterministicvs. Dynamic 176N 1 WLC Redundancy176N N WLC Redundancy177N N 1 WLC Redundancy177Radio Management and Radio GroupsRF Groups178179RF Site Survey179Using EoIP Tunnels for Guest ServicesWireless Mesh for Outdoor WirelessMesh Design RecommendationsCampus Design ConsiderationsBranch Design ConsiderationsLocal MACREAP181181182183184184184Hybrid REAP184Branch Office Controller OptionsReferences and Recommended ReadingsExam Preparation Tasks185186187Review All Key Topics187Complete Tables and Lists from MemoryDefine Key TermsQ&A188187187
xvChapter 6WAN Technologies199“Do I Know This Already?” QuizFoundation TopicsWAN Overview202202WAN Defined202WAN Connection ModulesWAN Transport TechnologiesISDN203204205ISDN BRI Service205ISDN PRI Service205Digital Subscriber LineCable199206206Wireless207Frame Relay208Time-Division MultiplexingMetro EthernetSONET/SDH209209209Multiprotocol Label SwitchingDark Fiber211211Dense Wavelength-Division Multiplexing212Ordering WAN Technology and ContractsWAN Design MethodologyResponse TimeThroughputReliability212213214214215Bandwidth ConsiderationsWAN Link Categories215216Optimizing Bandwidth Using QoS217Queuing, Traffic Shaping, and PolicingClassification217218Congestion ManagementPriority Queuing218Custom Queuing218Weighted Fair Queuing218218Class-Based Weighted Fair QueuingLow-Latency Queuing219Traffic Shaping and Policing219218
xviCCDA 640-864 Official Cert GuideLink EfficiencyWindow Size220220References and Recommended ReadingsExam Preparation Tasks220221Review All Key Topics221Complete Tables and Lists from MemoryDefine Key TermsQ&AChapter 7221221222WAN Design227“Do I Know This Already?” QuizFoundation Topics227230Traditional WAN TechnologiesHub-and-Spoke TopologyFull-Mesh Topology230230231Partial-Mesh Topology231Remote-Access Network DesignVPN Network Design232232Enterprise VPN vs. Service Provider VPNEnterprise VPNs234Service Provider Offerings234Enterprise Managed VPN: IPsecIPsec Direct EncapsulationCisco Easy VPN234234235Generic Routing EncapsulationIPsec DMVPN233236236IPsec Virtual Tunnel Interface Design237Layer 2 Tunneling Protocol Version 3237Service Provider Managed OfferingsMetro EthernetVirtual Private LAN ServicesMPLS237237238238MPLS Layer 3 Design OverviewVPN Benefits239239WAN Backup Design240Load-Balancing Guidelines240WAN Backup over the Internet241
xviiEnterprise WAN Architecture241Cisco Enterprise MAN/WAN243Enterprise WAN/MAN Architecture ComparisonEnterprise WAN ComponentsComparing Hardware and SoftwareEnterprise Branch ArchitectureBranch Design247248248Enterprise Branch Profiles248ISR G2 New Features249Small Branch Design250Medium Branch DesignLarge Branch Design250252Enterprise Teleworker DesignISRs for Teleworkers254254References and Recommended ReadingsExam Preparation Tasks255256Review All Key Topics256Complete Tables and Lists from MemoryDefine Key TermsQ&A256257257Part IIIThe Internet Protocol and Routing ProtocolsChapter 8Internet Protocol Version 4“Do I Know This Already?” QuizFoundation TopicsIPv4 HeaderToS243245268268271IPv4 FragmentationIPv4 Addressing274275IPv4 Address Classes276Class A Addresses277Class B Addresses277Class C Addresses277Class D Addresses277Class E Addresses278IPv4 Address Types278IPv4 Private Addresses279265265263
xviiiCCDA 640-864 Official Cert GuideNAT279Private and Public IP Address and NAT GuidelinesIPv4 Address Subnets282Mask Nomenclature283IP Address Subnet Design283Determining the Network Portion of an IP AddressVariable-Length Subnet MasksLoopback Addresses286288IP Telephony Networks288VLSM Address Assignment: Example 2Address Assignment and Name Resolution289290Recommended Practices of IP Address AssignmentDHCP291292ARP295References and Recommended ReadingsExam Preparation Tasks296297Review All Key Topics297Complete Tables and Lists from MemoryDefine Key TermsChapter 9290291DNSQ&A285286VLSM Address Assignment: Example 1BOOTP280297297298Internet Protocol Version 6305“Do I Know This Already?” QuizFoundation TopicsIntroduction to IPv6IPv6 Header305308308309IPv6 Address Representation311IPv4-Compatible IPv6 AddressesIPv6 Prefix Representation312312IPv6 Address Scope Types and Address AllocationsIPv6 Address AllocationsIPv6 Unicast Address313314Global Unicast AddressesLink-Local Addresses314315Unique Local IPv6 Address315313
xixGlobal Aggregatable IPv6 AddressIPv4-Compatible IPv6 AddressIPv6 Anycast AddressesICMPv6316316IPv6 Multicast AddressesIPv6 Mechanisms316317320320IPv6 Neighbor Discovery ProtocolIPv6 Name Resolution320321Path MTU Discovery322IPv6 Address-Assignment Strategies322Link-Local Address (Stateless Autoconfiguration)322Autoconfiguration of Globally Unique IP address323DHCPv6324IPv6 Security324IPv6 Routing ProtocolsRIPng325325EIGRP for IPv6OSPFv3325325IS-IS for IPv6325BGP4 Multiprotocol Extensions (MP-BGP) for IPv6IPv4 to IPv6 Transition Mechanisms andDeployment Models 326Dual-Stack Mechanism326IPv6 over IPv4 Tunnels326Protocol Translation MechanismsIPv6 Deployment ModelsDual-Stack ModelHybrid Model328329329330Service Block Model330IPv6 Deployment Model ComparisonIPv6 Comparison with IPv4333References and Recommended ReadingsExam Preparation Tasks334336Review All Key Topics336Complete Tables and Lists from MemoryDefine Key TermsQ&A337332337337326
xxCCDA 640-864 Official Cert GuideChapter 10Routing Protocol Characteristics, RIP, and EIGRP“Do I Know This Already?” QuizFoundation Topics345348Routing Protocol Characteristics348Static Versus Dynamic Route Assignment348Interior Versus Exterior Routing ProtocolsDistance-Vector Routing ProtocolsEIGRP345350351351Link-State Routing Protocols352Distance-Vector Routing Protocols Versus Link-State ProtocolsHierarchical Versus Flat Routing ProtocolsClassless Versus Classful Routing ProtocolsIPv4 Versus IPv6 Routing ProtocolsAdministrative liability359Maximum Transmission Unit360Routing Loop-Prevention SchemesSplit Horizon360Poison Reverse361Counting to InfinityTriggered UpdatesSummarization361361361RIPv2 and RIPng362Authentication362MD5 AuthenticationRIPv2 Routing DatabaseRIPv2 Message FormatRIPv2 Timers364RIPv2 Design364RIPv2 SummaryRIPng365364353354Routing Protocol Metrics and Loop PreventionHop Count353362362363360356352
xxiRIPng Timers365Authentication365RIPng Message FormatRIPng DesignRIPng SummaryEIGRP365366366367EIGRP Components367Protocol-Dependent Modules368Neighbor Discovery and RecoveryRTPDUAL368368368EIGRP Timers369EIGRP Metrics370EIGRP Packet TypesEIGRP Design371372EIGRP for IPv4 Summary373EIGRP for IPv6 (EIGRPv6) NetworksEIGRP for IPv6 Design374EIGRP for IPv6 Summary374References and Recommended ReadingsExam Preparation Tasks373375377Review All Key Topics377Complete Tables and Lists from MemoryDefine Key TermsQ&AChapter 11377377377OSPF, BGP, Route Manipulation, and IP Multicast“Do I Know This Already?” QuizFoundation TopicsOSPFv2387391391OSPFv2 Metric391OSPFv2 Adjacencies and Hello TimersOSPFv2 Areas392393OSPF Router TypesOSPF DRs395LSA Types396394Autonomous System External Path Types397387
xxiiCCDA 640-864 Official Cert GuideOSPF Stub Area TypesStub Areas397397Totally Stubby AreasNSSAs398398Virtual Links399OSPFv2 Router AuthenticationOSPFv2 SummaryOSPFv3399399400OSPFv3 Changes from OSPFv2400OSPFv3 Areas and Router TypesOSPFv3 LSAs401OSPFv3 SummaryBGP401404404BGP NeighborseBGP406iBGP406405Route Reflectors407Confederations409BGP Administrative Distance409BGP Attributes, Weight, and the BGP Decision ProcessBGP Path Attributes410Next-Hop Attribute411Local Preference AttributeOrigin Attribute411411Autonomous System Path AttributeMED Attribute412412Community Attribute413Atomic Aggregate and Aggregator AttributesWeight414BGP Decision ProcessBGP SummaryRoute ManipulationPBR414415416416Route Summarization416Route Redistribution419Default Metric420OSPF Redistribution421413409
xxiiiRoute Filtering421Routing Protocols on the Hierarchical NetworkInfrastructure 422IP Multicast Review423Multicast Addresses423Layer 3-to-Layer 2 6IGMP Snooping427Sparse Versus Dense Multicast427Multicast Source and Shared TreesPIM428428PIM-SM429PIM DR429Auto-RP429PIMv2 Bootstrap RouterDVMRP430430IPv6 Multicast Addresses430References and Recommended ReadingsExam Preparation Tasks431433Review All Key Topics433Complete Tables and Lists from MemoryDefine Key TermsQ&A433433434Part IVSecurity, Convergence, Network ManagementChapter 12Managing Security445“Do I Know This Already?” QuizFoundation TopicsNetwork Security OverviewSecurity LegislationSecurity Threats445448448448450Reconnaissance and Port ScanningVulnerability ScannersUnauthorized Access451452450443
xxivCCDA 640-864 Official Cert GuideSecurity RisksTargets453453Loss of Availability454Integrity Violations and Confidentiality BreachesSecurity Policy and Process456Security Policy Defined457Basic Approach of a Security PolicyPurpose of Security Policies458Security Policy Components459Risk AssessmentRisk Index455458459460Continuous Security461Integrating Security Mechanisms into Network DesignTrust and Identity ManagementTrust463Domains of cates465Access Control466Secure Connectivity466Encryption FundamentalsEncryption KeysVPN Protocols466467467Transmission ConfidentialityData IntegrityThreat Defense469469470Physical Security470Infrastructure Protection471Security Management Solutions472References and Recommended ReadingsExam Preparation Tasks473474Review All Key Topics474Complete Tables and Lists from MemoryDefine Key TermsQ&A475475474462
xxvChapter 13Security Solutions481“Do I Know This Already?” QuizFoundation Topics481484Cisco SAFE Architecture484Network Security Platforms485Cisco Security Control FrameworkTrust and Identity TechnologiesFirewall ACLs486486487Cisco NAC Appliance488Cisco Identity-Based Network Services489Identity and Access Control DeploymentsDetecting and Mitigating Threats489490Threat Detection and Mitigation Technologies491Threat-Detection and Threat-Mitigation SolutionsCisco IronPort ESA493Cisco IronPort WSA494Security Management ApplicationsSecurity Platform Solutions495495Security Management Network496Integrating Security into Network DevicesIOS Security497498ISR G2 Security Hardware OptionsCisco Security AppliancesIntrusion Prevention499499500Catalyst 6500 Service ModulesEndpoint Security500502Securing the Enterprise502Implementing Security in the Campus502Implementing Security in the Data Center503Implementing Security in the Enterprise Edgeand WAN 504References and Recommended ReadingsExam Preparation Tasks507508Review All Key Topics508Complete Tables and Lists from MemoryDefine Key TermsQ&A509509508492
xxviCCDA 640-864 Official Cert GuideChapter 14Voice and Video Design515“Do I Know This Already?” QuizFoundation Topics518Traditional Voice ArchitecturesPBX and PSTN Switches518518Local Loop and TrunksPorts515519520Major Analog and Digital Signaling TypesLoop-Start Signaling522Ground-Start SignalingE&M Signaling522523CAS and CCS SignalingPSTN Numbering PlanCentrex Services527528528Database ServicesIVR524526Other PSTN ServicesVoice Mail521528528ACD528Voice Engineering TerminologyGrade of ServiceErlangs528528Centum Call SecondBusy Hour529529Busy-Hour Traffic529Blocking ProbabilityCall Detail Records530530Converged Multiservice NetworksVoIP528530531IPT Components532Design Goals of IP TelephonyIPT Deployment Models535Single-Site Deployment535534Multisite WAN with Centralized Call Processing Model536Multisite WAN with Distributed Call Processing Model536Unified CallManager Express DeploymentsVideo Deployment ConsiderationsCodecs539537537
xxviiAnalog-to-Digital Signal ConversionCodec Standards540540VoIP Control and Transport ProtocolsDHCP, DNS, and TFTPSCCP542RTP and RTCPMGCP544H.264547548IPT culating Voice Bandwidth551Delay Components in VoIP NetworksPacket Loss552555Echo Cancellation555QoS and Bandwidth Mechanisms for VoIP and Video NetworkscRTP556IEEE 802.1P556Resource Reservation ProtocolLFILLQ557557557Auto QoS559IPT Design Recommendations560Service Class Recommendations561References and Recommended ReadingsExam Preparation Tasks562564Review All Key Topics564Complete Tables and Lists from MemoryDefine Key TermsQ&AChapter 15565565Network Management Protocols“Do I Know This Already?” QuizFoundation Topics575578Simple Network Management ProtocolSNMP ComponentsMIB580575579579564555
xxviiiCCDA 640-864 Official Cert GuideSNMP Message VersionsSNMPv1581SNMPv2582SNMPv3582581Other Network Management TechnologiesRMON583583RMON2584NetFlow585NetFlow Compared to RMON and SNMPCDPSyslog587588References and Recommended ReadingExam Preparation Tasks589591Review All Key Topics591Complete Tables and Lists from MemoryDefine Key TermsQ&A591591592Part VComprehensive Scenarios and Final PrepChapter 16Comprehensive ScenariosScenario One QuestionsScenario One Answers600Scenario Two Questions604604605Scenario Three: Beauty Things StoreScenario Three QuestionsScenario Three Answers599601Scenario Two: Big Oil and GasScenario Two Answers606607608Scenario Four: Falcon CommunicationsScenario Four QuestionsScenario Four AnswersFinal Preparation597599Scenario One: Pearland HospitalChapter 17586608609609613Tools for Final Preparation613Pearson Cert Practice Test Engine and Questions on the CDInstall the Software from the CD614Activate and Download the Practice Exam614613
xxixActivating Other ExamsPremium Edition615615The Cisco Learning NetworkMemory Tables615615Chapter-Ending Review Tools616Suggested Plan for Final Review/StudySubnetting Practice616Using the Exam EngineSummary616617618Part VIAppendixesAppendix AAnswers to the “Do I Know This Already?” Quizzes and Q&AQuestions 623Appendix BCCDA Exam Updates: Version 1.0Appendix COSI Model, TCP/IP Architecture, and Numeric ConversionGlossaryIndex621677690Elements Available on the CDAppendix DMemory TablesAppendix EMemory Tables Answer Key657661
xxxCCDA 640-864 Official Cert GuideCommand Syntax ConventionsThe conventions used to present command syntax in this book are the same conventionsused in the IOS Command Reference. The Command Reference describes these conventions as follows: Bold indicates commands and keywords that are entered literally as shown. In actualconfiguration examples and output (not general command syntax), bold indicatescommands that are manually input by the user (such as a show command). Italic indicates arguments for which you supply actual values. Vertical bars ( ) separate alternative, mutually exclusive elements. Square brackets ([ ]) indicate an optional element. Braces ({ }) indicate a required choice. Braces within brackets ([{ }]) indicate a required choice within an optional element.
xxxiIntroductionSo, you have worked on Cisco devices for a while, designing networks for your customers, and now you want to get certified? There are several good reasons to do so. TheCisco certification program allows network analysts and engineers to demonstrate theircompetence in different areas and levels of networking. The prestige and respect thatcome with a Cisco certification will definitely help you in your career. Your clients, peers,and superiors will recognize you as an expert in network
GLBP 61 Server Redundancy 61 Route Redundancy 62 Load Balancing 62 Increasing Availability 62 Link Media Redundancy 64 x CCDA 640-864 Official Cert Guide. References and Recommended Reading 65 Exam Preparation Tasks 66 Review All Key Topics 66 Complete Tables and Lists from Memory 66
