06477/2008
Jawaban:
- Layer 2 forwarding protocol
- Data Encryption Standard
- Secure hash algorithmi
- Advanced Encryption Standard
- Diffiehellman
- RSA
- Generic Routing Encapsulation
- Layer 2 Tunneling Protocol
- 3 DES
- IPSEC
- PPTD
- Message Digests
Kamis, 30 Desember 2010
Teka Teki Silang
Mike Putri
06477/2008
Jawaban:
06477/2008
Jawaban:
Rabu, 29 Desember 2010
Lab 1.3.2 menentukan Kapasitas Penyimpanan Data
Mike Putri
06477/2008
Tujuan
• Menentukan jumlah RAM (dalam MB) yang diinstal pada PC.
• Menentukan ukuran drive hard disk (dalam GB) yang diinstal pada PC.
• Menentukan ruang yang digunakan dan tersedia di dalam drive harddisk (dalam GB).
• Periksa jenis-jenis perangkat penyimpanan (floppy, CD-ROM, DVD).
Latar Belakang / Persiapan
Kapasitas penyimpanan komponen banyak PC diukur dalam megabytes (MB) dan gigabyte (GB). Ini
komponen termasuk RAM, hard disk drive, dan media optik, seperti CD dan DVD.Pada lab ini, Anda akan
menentukan kapasitas dan ruang yang tersedia untuk berbagai komponen komputer.
Sumber berikut diperlukan:
• Komputer dengan Windows XP diinstal
Langkah 1: Identifikasi RAM di komputer
a. Dengan Windows XP, ada dua cara untuk melihat panel kontrol: Classic View dan Kategori Lihat. Pilihan yang tersedia tergantung pada salah satu yang dari dua pandangan yang Anda gunakan. Jika Anda melihat Beralih ke Kategori Lihat opsi di sebelah kiri, Anda sedang dalam modus tampilan klasik. Jika Beralih ke Classic Lihat ditampilkan, Anda sedang dalam modus Lihat Kategori. Untuk langkah ini, Anda ingin menggunakan Classic Mode Tampilan.
b. Dari menu Start, pilih Control Panel. Pada Control Panel, pilih System untuk membuka
Kotak dialog Properti Sistem. Atau, Anda bisa mendapatkan informasi ini dengan mengklik tombol Start dan mengklik kanan ikon My Computer. Selanjutnya, pilih Properties dari menu drop-down. Sistem operasi komputer dan informasi paket layanan terdaftar di bagian atas dialog kotak. Prosesor komputer jenis, kecepatan, dan memori yang tercantum di bagian bawah.
c. Dalam contoh ini, prosesor komputer Pentium 4 prosesor dengan kecepatan clock 3,20 gigahertz (GHz). kecepatan Clock adalah pengukuran jumlah siklus per detik yang prosesor
mampu melakukan. Jumlah siklus dampak jumlah instruksi per detik bahwa CPU dapat memproses. Sebuah clock speed yang lebih tinggi umumnya berarti prosesor mampu melaksanakan lebih instruksi per detik. Komputer memiliki RAM 448 MB tersedia untuk CPU.
d. Periksa komputer Anda dan menentukan jumlah RAM yang tersedia untuk CPU.Berapa banyak RAM di komputer Anda?___intel (R) core ™ 2 Duo CPU T5750@ 2000 GHz 200 GHz,0.99 GB of RAM
Langkah 2: Tentukan ukuran hard disk drive
a. Klik dua kali ikon My Computer pada desktop komputer Anda. Jika Anda tidak memiliki My Computer
ikon, klik Start dan pilih My Computer.
b. Klik kanan drive disk lokal di bawah Hard Disk Drives Bagian (yang biasanya drive C), dan
pilih Properties. Ini akan membuka kotak Local Disk Properties dialog. Kapasitas total keras
drive ditampilkan di atas ikon C Drive.
c. Tentukan ukuran hard drive pada komputer Anda. Berapa ukuran total dari hard drive dalam GB?
_41.940.688.416
Langkah 3: Tentukan ruang bebas dan ruang yang digunakan pada hard drive
a. Pada kotak dialog Properties Local Disk, yang digunakan dan ruang bebas ditampilkan di kedua byte dan GB
Kapasitas di atas tersebut.
b. Apa ruang yang digunakan dari hard drive anda di GB?________39,0 GB__
c. Apakah ruang bebas dari hard drive Anda di GB?24.826.208.256 bytes
Langkah 4: Memeriksa perangkat penyimpanan lainnya
a. Klik kanan tombol Start dan pilih Explore. Pilih My Computer pada panel kiri.
b. Berapa banyak huruf drive yang ditampilkan pada jendela yang muncul? 6 drive
c. Klik kanan pada ikon drive selain C: dan pilih Properties. Properties Removable Disk
jendela muncul.
d. Pilih Hardware tab, yang memberikan informasi tentang masing-masing perangkat dan apakah itu bekerja
benar.
Langkah 5: Refleksi
a. Mengapa penting untuk mengetahui jumlah RAM di komputer Anda?
Supaya kita tahu berapa memory kita uyang telah terpakai
b. Mengapa ukuran hard drive serta ruang yang digunakan penting?
Menentukan kapasitas data system operasi dan data komputer kita
• Menentukan jumlah RAM (dalam MB) yang diinstal pada PC.
• Menentukan ukuran drive hard disk (dalam GB) yang diinstal pada PC.
• Menentukan ruang yang digunakan dan tersedia di dalam drive harddisk (dalam GB).
• Periksa jenis-jenis perangkat penyimpanan (floppy, CD-ROM, DVD).
Latar Belakang / Persiapan
Kapasitas penyimpanan komponen banyak PC diukur dalam megabytes (MB) dan gigabyte (GB). Ini
komponen termasuk RAM, hard disk drive, dan media optik, seperti CD dan DVD.Pada lab ini, Anda akan
menentukan kapasitas dan ruang yang tersedia untuk berbagai komponen komputer.
Sumber berikut diperlukan:
• Komputer dengan Windows XP diinstal
Langkah 1: Identifikasi RAM di komputer
a. Dengan Windows XP, ada dua cara untuk melihat panel kontrol: Classic View dan Kategori Lihat. Pilihan yang tersedia tergantung pada salah satu yang dari dua pandangan yang Anda gunakan. Jika Anda melihat Beralih ke Kategori Lihat opsi di sebelah kiri, Anda sedang dalam modus tampilan klasik. Jika Beralih ke Classic Lihat ditampilkan, Anda sedang dalam modus Lihat Kategori. Untuk langkah ini, Anda ingin menggunakan Classic Mode Tampilan.
b. Dari menu Start, pilih Control Panel. Pada Control Panel, pilih System untuk membuka
Kotak dialog Properti Sistem. Atau, Anda bisa mendapatkan informasi ini dengan mengklik tombol Start dan mengklik kanan ikon My Computer. Selanjutnya, pilih Properties dari menu drop-down. Sistem operasi komputer dan informasi paket layanan terdaftar di bagian atas dialog kotak. Prosesor komputer jenis, kecepatan, dan memori yang tercantum di bagian bawah.
c. Dalam contoh ini, prosesor komputer Pentium 4 prosesor dengan kecepatan clock 3,20 gigahertz (GHz). kecepatan Clock adalah pengukuran jumlah siklus per detik yang prosesor
mampu melakukan. Jumlah siklus dampak jumlah instruksi per detik bahwa CPU dapat memproses. Sebuah clock speed yang lebih tinggi umumnya berarti prosesor mampu melaksanakan lebih instruksi per detik. Komputer memiliki RAM 448 MB tersedia untuk CPU.
d. Periksa komputer Anda dan menentukan jumlah RAM yang tersedia untuk CPU.Berapa banyak RAM di komputer Anda?___intel (R) core ™ 2 Duo CPU T5750@ 2000 GHz 200 GHz,0.99 GB of RAM
Langkah 2: Tentukan ukuran hard disk drive
a. Klik dua kali ikon My Computer pada desktop komputer Anda. Jika Anda tidak memiliki My Computer
ikon, klik Start dan pilih My Computer.
b. Klik kanan drive disk lokal di bawah Hard Disk Drives Bagian (yang biasanya drive C), dan
pilih Properties. Ini akan membuka kotak Local Disk Properties dialog. Kapasitas total keras
drive ditampilkan di atas ikon C Drive.
c. Tentukan ukuran hard drive pada komputer Anda. Berapa ukuran total dari hard drive dalam GB?
_41.940.688.416
Langkah 3: Tentukan ruang bebas dan ruang yang digunakan pada hard drive
a. Pada kotak dialog Properties Local Disk, yang digunakan dan ruang bebas ditampilkan di kedua byte dan GB
Kapasitas di atas tersebut.
b. Apa ruang yang digunakan dari hard drive anda di GB?________39,0 GB__
c. Apakah ruang bebas dari hard drive Anda di GB?24.826.208.256 bytes
Langkah 4: Memeriksa perangkat penyimpanan lainnya
a. Klik kanan tombol Start dan pilih Explore. Pilih My Computer pada panel kiri.
b. Berapa banyak huruf drive yang ditampilkan pada jendela yang muncul? 6 drive
c. Klik kanan pada ikon drive selain C: dan pilih Properties. Properties Removable Disk
jendela muncul.
d. Pilih Hardware tab, yang memberikan informasi tentang masing-masing perangkat dan apakah itu bekerja
benar.
Langkah 5: Refleksi
a. Mengapa penting untuk mengetahui jumlah RAM di komputer Anda?
Supaya kita tahu berapa memory kita uyang telah terpakai
b. Mengapa ukuran hard drive serta ruang yang digunakan penting?
Menentukan kapasitas data system operasi dan data komputer kita
Lab 3.3.2 configuring, Veryfying and troubleshooting VLANs
Mike Putri
06477/2008
Objectives
• Observe default switch VLAN configuration and operation.
• Configure static VLANs on a switch.
• Verify VLAN configuration and operation.
• Modify an existing VLAN configuration.
Background / Preparation
This lab focuses on the basic VLAN configuration of the Cisco 2960 switch (or similar) using Cisco IOS commands. The information in this lab applies to other switches; however, command syntax may vary. Depending upon the switch model, the interface designations may differ. For example, modular switches have multiple slots; therefore, the Fast Ethernet ports may be FastEthernet 0/1 or FastEthernet 1/1, depending on the slot and port. The router used can be any router.
The following resources are required:
• One Cisco 2960 switch or equivalent switch
• One Cisco 1841 router or equivalent
• Two Windows-based PCs with a terminal emulation program
• At least one RJ-45-to-DB-9 connector console cable to configure the switch and the router
• Three straight-through Ethernet cables to connect from the PCs to Switch 1
NOTE: Make sure that the router and all the switches have been erased and have no startup configurations. For detailed instructions, refer to the Lab Manual that is located on Academy Connection in the Tools section.
NOTE: SDM Routers – If the startup-config is erased in an SDM router, SDM will no longer come up by default when the router is restarted. It will be necessary to build a basic router configuration using IOS commands. Contact your instructor if necessary.
Step 1: Connect the equipment
a. Connect the router Fa0/0 interface with a straight-through cable to Switch 1 Fa0/8 interface.
b. Connect the Host 1a Ethernet interface with a straight-through cable to Switch 1 Fa0/2 interface.
c. Connect the Host 1b Ethernet interface with a straight-through cable to Switch 1 Fa0/3 interface.
d. Connect a PC with a console cable to perform configurations on the router and switches.
e. Configure IP addresses on the hosts as shown in the chart.
Step 2: Perform basic configuration on the router
a. Connect a PC to the console port of the router to perform configurations using a terminal emulation program.
b. Configure Router 1 with a hostname and console, Telnet, and privileged passwords according to the table diagram.
Step 3: Configure Switch 1
a. Configure S1 hostname and passwords.
b. Configure Switch 1 with a hostname and console, Telnet, and privileged passwords according to the
addressing table.
c. Configure S1 with an IP address and default gateway.
S1(config)#interface vlan1
S1(config-if)#ip address 172.16.1.2 255.255.255.0
S1(config-if)#no shutdown
S1(config-if)#exit
S1(config)#ip default-gateway 172.16.1.1
S1(config)#end
Step 4: Verify connectivity and default VLAN configuration
a. Verify LAN connectivity by pinging from the router to the switch and the hosts. Also verify that you can ping from host to host.
b. Verify default VLAN configuration with the show vlan command on S1.
S1#show vlan
Are all switch ports assigned to VLAN 1? Ya, VLAN 1 port switchnya memang pada S1
Step 5: Configure VLANs on S1
a. Create and name two additional VLANs on S1.
S1(config)#vlan 20
S1(config-vlan)#name fred
S1(config-vlan)#exit
S1(config)#vlan 30
S1(config-vlan)#name wilma
S1(config-vlan)#exit
b. Verify the creation of the new VLANs with the show vlan command.
S1#show vlan
Do the new VLANs appear in the output? ya
What interfaces belong to the new VLANs? R1 yaitu FA0/0
c. Assign interfaces to VLANs. Assign S1 port Fa0/2 to VLAN 20 and ports Fa0/3 – Fa0/8 to VLAN 30.
S1(config)#int Fa0/2
S1(config-if)#switchport access vlan 20
S1(config-if)#exit
S1(config-)#interface range Fa0/3 – 8
• Observe default switch VLAN configuration and operation.
• Configure static VLANs on a switch.
• Verify VLAN configuration and operation.
• Modify an existing VLAN configuration.
Background / Preparation
This lab focuses on the basic VLAN configuration of the Cisco 2960 switch (or similar) using Cisco IOS commands. The information in this lab applies to other switches; however, command syntax may vary. Depending upon the switch model, the interface designations may differ. For example, modular switches have multiple slots; therefore, the Fast Ethernet ports may be FastEthernet 0/1 or FastEthernet 1/1, depending on the slot and port. The router used can be any router.
The following resources are required:
• One Cisco 2960 switch or equivalent switch
• One Cisco 1841 router or equivalent
• Two Windows-based PCs with a terminal emulation program
• At least one RJ-45-to-DB-9 connector console cable to configure the switch and the router
• Three straight-through Ethernet cables to connect from the PCs to Switch 1
NOTE: Make sure that the router and all the switches have been erased and have no startup configurations. For detailed instructions, refer to the Lab Manual that is located on Academy Connection in the Tools section.
NOTE: SDM Routers – If the startup-config is erased in an SDM router, SDM will no longer come up by default when the router is restarted. It will be necessary to build a basic router configuration using IOS commands. Contact your instructor if necessary.
Step 1: Connect the equipment
a. Connect the router Fa0/0 interface with a straight-through cable to Switch 1 Fa0/8 interface.
b. Connect the Host 1a Ethernet interface with a straight-through cable to Switch 1 Fa0/2 interface.
c. Connect the Host 1b Ethernet interface with a straight-through cable to Switch 1 Fa0/3 interface.
d. Connect a PC with a console cable to perform configurations on the router and switches.
e. Configure IP addresses on the hosts as shown in the chart.
Step 2: Perform basic configuration on the router
a. Connect a PC to the console port of the router to perform configurations using a terminal emulation program.
b. Configure Router 1 with a hostname and console, Telnet, and privileged passwords according to the table diagram.
Step 3: Configure Switch 1
a. Configure S1 hostname and passwords.
b. Configure Switch 1 with a hostname and console, Telnet, and privileged passwords according to the
addressing table.
c. Configure S1 with an IP address and default gateway.
S1(config)#interface vlan1
S1(config-if)#ip address 172.16.1.2 255.255.255.0
S1(config-if)#no shutdown
S1(config-if)#exit
S1(config)#ip default-gateway 172.16.1.1
S1(config)#end
Step 4: Verify connectivity and default VLAN configuration
a. Verify LAN connectivity by pinging from the router to the switch and the hosts. Also verify that you can ping from host to host.
b. Verify default VLAN configuration with the show vlan command on S1.
S1#show vlan
Are all switch ports assigned to VLAN 1? Ya, VLAN 1 port switchnya memang pada S1
Step 5: Configure VLANs on S1
a. Create and name two additional VLANs on S1.
S1(config)#vlan 20
S1(config-vlan)#name fred
S1(config-vlan)#exit
S1(config)#vlan 30
S1(config-vlan)#name wilma
S1(config-vlan)#exit
b. Verify the creation of the new VLANs with the show vlan command.
S1#show vlan
Do the new VLANs appear in the output? ya
What interfaces belong to the new VLANs? R1 yaitu FA0/0
c. Assign interfaces to VLANs. Assign S1 port Fa0/2 to VLAN 20 and ports Fa0/3 – Fa0/8 to VLAN 30.
S1(config)#int Fa0/2
S1(config-if)#switchport access vlan 20
S1(config-if)#exit
S1(config-)#interface range Fa0/3 – 8
Lab 3.1.4 Applying Basic switch Security
Mike Putri
06477/2008
Step 1: Connect PC1 to the switch
Step 2: Connect PC2 to the switch
Step 3: Configure PC3 but do not connect
Step 4: Perform an initial configuration on the switch
a. Configure the hostname of the switch as Switch1
b. Set the privileged EXEC mode password to cisco.
c. Set the privileged EXEC mode secret password to class.
d. Configure the console and virtual terminal lines to use a password and require it at login.
e. Exit from the console session and log in again.
Which password was required to enter privileged EXEC mode?
Why?
Step 5: Configure the switch management interface on VLAN 1
a. Enter the interface configuration mode for VLAN 1.
b. Set the IP address, subnet mask, and default gateway for the management interface.
Why does interface VLAN 1 require an IP address in this LAN?
What is the purpose of the default gateway?
Step 6: Verify the management LANs settings
a. Verify that the IP address of the management interface on the switch VLAN 1 and the IP address of PC1 and PC2 are on the same local network. Use the show running-config command to check the IP address configuration of the switch.
b. Verify the interface settings on VLAN 1.
What is the bandwidth on this interface?
What are the VLAN states?
VLAN 1 is __________ and line protocol is __________.
Step 7: Disable the switch from being an http server
Step 8: Verify connectivity
a. To verify that hosts and switch are correctly configured, ping the switch IP address from the hosts. Were the pings successful?
If the ping is not successful, verify the connections and configurations again. Check to ensure that all cables are correct and that connections are seated. Check the host and switch configurations.
b. Save the configuration.
Step 9: Record the host MAC addresses
Determine and record the Layer 2 addresses of the PC network interface cards. From the command prompt of each PC, enter ipconfig /all.
PC1 __________________________________________________
PC2 __________________________________________________
PC3 __________________________________________________
Step 10: Determine what MAC addresses the switch has learned
Determine what MAC addresses the switch has learned by using the show mac-address-tablecommand at the privileged EXEC mode prompt.
How many dynamic addresses are there?
How many total MAC addresses are there?
Do the MAC addresses match the host MAC addresses?
Step 11: View the show mac-address-table options
View the options that the show mac-address-table command has available.
Switch1(config)#show mac-address-table ?
What options are available?
Step 12: Set up a static MAC address
Step 13: Verify the results
a. Verify the MAC address table entries.
Switch1#show mac-address-table
How many dynamic MAC addresses are there now?
How many static MAC addresses are there now?
b. Remove the static entry from the MAC Address Table.
Step 14: List port security options
a. Determine the options for setting port security on interface FastEthernet 0/4.
What are some available options?
b. To allow the switch port FastEthernet 0/4 to accept only one device, configure port security.
c. Exit configuration mode and check the port security settings.
If a host other than PC2 attempts to connect to Fa0/4, what will happen?
Step 15: Limit the number of hosts per port
a. On interface FastEthernet 0/4, set the port security maximum MAC count to 1.
b. Disconnect the PC attached to FastEthernet 0/4. Connect PC3 to FastEthernet 0/4. PC3 has been given the IP address of 192.168.1.5 and has not yet been attached to the switch. It may be necessary to ping the switch address 192.168.1.2 to generate some traffic. Record any observations. _____________________________________
Step 16: Configure the port to shut down if there is a security violation
a. In the event of a security violation, the interface should be shut down. To make the port security shut down, enter the following command: Switch1(config-if)#switchport port-security violation shutdown
What other action options are available with port security?
b. If necessary, ping the switch address 192.168.1.2 from the PC3 192.168.1.5. This PC is now connected to interface FastEthernet 0/4. This ensures that there is traffic from the PC to the switch.
c. Record any observations. _____________________________________________________________________________
d. Check the port security settings
Step 17: Show port 0/4 configuration information
FastEthernet0/4 is __________ and line protocol is __________.
Step 18: Reactivate the port
Step 19: Disable unused ports
Step 20: Reflection
a. Why would port security be enabled on a switch?
b. Why should unused ports on a switch be disabled?
Step 2: Connect PC2 to the switch
Step 3: Configure PC3 but do not connect
Step 4: Perform an initial configuration on the switch
a. Configure the hostname of the switch as Switch1
b. Set the privileged EXEC mode password to cisco.
c. Set the privileged EXEC mode secret password to class.
d. Configure the console and virtual terminal lines to use a password and require it at login.
e. Exit from the console session and log in again.
Which password was required to enter privileged EXEC mode?
Why?
Step 5: Configure the switch management interface on VLAN 1
a. Enter the interface configuration mode for VLAN 1.
b. Set the IP address, subnet mask, and default gateway for the management interface.
Why does interface VLAN 1 require an IP address in this LAN?
What is the purpose of the default gateway?
Step 6: Verify the management LANs settings
a. Verify that the IP address of the management interface on the switch VLAN 1 and the IP address of PC1 and PC2 are on the same local network. Use the show running-config command to check the IP address configuration of the switch.
b. Verify the interface settings on VLAN 1.
What is the bandwidth on this interface?
What are the VLAN states?
VLAN 1 is __________ and line protocol is __________.
Step 7: Disable the switch from being an http server
Step 8: Verify connectivity
a. To verify that hosts and switch are correctly configured, ping the switch IP address from the hosts. Were the pings successful?
If the ping is not successful, verify the connections and configurations again. Check to ensure that all cables are correct and that connections are seated. Check the host and switch configurations.
b. Save the configuration.
Step 9: Record the host MAC addresses
Determine and record the Layer 2 addresses of the PC network interface cards. From the command prompt of each PC, enter ipconfig /all.
PC1 __________________________________________________
PC2 __________________________________________________
PC3 __________________________________________________
Step 10: Determine what MAC addresses the switch has learned
Determine what MAC addresses the switch has learned by using the show mac-address-tablecommand at the privileged EXEC mode prompt.
How many dynamic addresses are there?
How many total MAC addresses are there?
Do the MAC addresses match the host MAC addresses?
Step 11: View the show mac-address-table options
View the options that the show mac-address-table command has available.
Switch1(config)#show mac-address-table ?
What options are available?
Step 12: Set up a static MAC address
Step 13: Verify the results
a. Verify the MAC address table entries.
Switch1#show mac-address-table
How many dynamic MAC addresses are there now?
How many static MAC addresses are there now?
b. Remove the static entry from the MAC Address Table.
Step 14: List port security options
a. Determine the options for setting port security on interface FastEthernet 0/4.
What are some available options?
b. To allow the switch port FastEthernet 0/4 to accept only one device, configure port security.
c. Exit configuration mode and check the port security settings.
If a host other than PC2 attempts to connect to Fa0/4, what will happen?
Step 15: Limit the number of hosts per port
a. On interface FastEthernet 0/4, set the port security maximum MAC count to 1.
b. Disconnect the PC attached to FastEthernet 0/4. Connect PC3 to FastEthernet 0/4. PC3 has been given the IP address of 192.168.1.5 and has not yet been attached to the switch. It may be necessary to ping the switch address 192.168.1.2 to generate some traffic. Record any observations. _____________________________________
Step 16: Configure the port to shut down if there is a security violation
a. In the event of a security violation, the interface should be shut down. To make the port security shut down, enter the following command: Switch1(config-if)#switchport port-security violation shutdown
What other action options are available with port security?
b. If necessary, ping the switch address 192.168.1.2 from the PC3 192.168.1.5. This PC is now connected to interface FastEthernet 0/4. This ensures that there is traffic from the PC to the switch.
c. Record any observations. _____________________________________________________________________________
d. Check the port security settings
Step 17: Show port 0/4 configuration information
FastEthernet0/4 is __________ and line protocol is __________.
Step 18: Reactivate the port
Step 19: Disable unused ports
Step 20: Reflection
a. Why would port security be enabled on a switch?
b. Why should unused ports on a switch be disabled?
LAb 5.2.3 configuring an ISR with SDM Express
Mike Putri
06477/2008
Objectives
· Configure basic router global settings – router name, users, and login passwords – using Cisco SDM Express.
· Configure LAN and Internet connections on a Cisco ISR using Cisco SDM Express.
Background / Preparation
Cisco Router and Security Device Manager (SDM) is a Java-based web application and a device-management tool for Cisco IOS Software-based routers. The Cisco SDM simplifies router and security configuration through the use of smart wizards, which allows you to deploy, configure, and monitor a Cisco router without requiring knowledge of the command-line interface (CLI). The Cisco SDM is supported on a wide range of Cisco routers and Cisco IOS Software releases. Many newer Cisco routers come with SDM preinstalled. If you are using an 1841 router, SDM (and SDM Express) is pre-installed. This lab assumes the use of a Cisco 1841 router. You can use another router model as long as it is capable of supporting SDM. If you are using a supported router that does not have SDM installed, you can download the latest version free of charge from the following location: http://www.cisco.com/pcgi-bin/tablebuild.pl/sdm From the URL shown above, view or download the document “Downloading and Installing Cisco Router and Security Device Manager.” This document provides instructions for installing SDM on your router. It lists specific model numbers and IOS versions that can support SDM, and the amount of memory required. Cisco SDM Express is a component of SDM. SDM Express automatically runs a GUI wizard that allows you to perform an initial basic configuration of a Cisco router using a browser and the web interface of the router. SDM Express will only be activated when the router is in its factory-default state. In this lab, you will use Cisco SDM Express to configure LAN and Internet connections on a Cisco ISR.
The following resources are required:
· Cisco 1841 ISR router with SDM version 2.4 installed (critical – see Note 2 in Step 1)
· Cisco 1841 ISR router configured with factory default settings and with a serial port add-in module (critical – see Notes 1 and 3 in Step 1)
· (Optional) Other Cisco router model with SDM installed
· Windows XP computer with Internet Explorer 5.5 or higher and SUN Java Runtime Environment (JRE) version 1.4.2_05 or later (or Java Virtual Machine (JVM) 5.0.0.3810). (See Note 3 in Step 1)
· Straight-through or crossover category 5 Ethernet cable
· Access to PC network TCP/IP configuration
Step 1: Configure the PC to connect to the router and then launch Cisco SDM
a. Power up the router.
b. Power up the PC.
c. Disable any popup blocker programs. Popup blockers prevent SDM Express windows fromdisplaying.
d. Connect the PC NIC to the FastEthernet 0/0 port on the Cisco 1841 ISR router with the Ethernet cable.
NOTE: An SDM router other than the 1841 may require connection to different port in order to access SDM.
e. Configure the IP address of the PC to be 10.10.10.2 with a subnet mask of 255.255.255.248.
f. SDM does not load automatically on the router. You must open the web browser to reach the SDM.Open the web browser on the PC and connect to the following URL: http://10.10.10.1
NOTE 1 – If browser connection to router fails: If you cannot connect and see the login screen, check your cabling and connections and make sure the IP configuration of the PC is correct. The router may have been previously configured to an address of 192.168.1.1 on the Fa0/0 interface. Try setting the IP address of the PC to 192.168.1.2 with a subnet mask of 255.255.255.0 and connect to http://192.168.1.1 using the browser. If you have difficulty with this procedure, contact your instructor for assistance.
If the startup-config is erased in an SDM router, SDM will no longer come up by default when the router is restarted. It will be necessary to build a basic router configuration using IOS commands.Refer to the procedure at the end of this lab or contact your instructor.
g. In the Connect to dialog box, enter cisco for the username and cisco for the password. Click OK. The main SDM web application will start and you will be prompted to use HTTPS. Click Cancel. In the Security Warning window, click Yes to trust the Cisco application.
h. In the Welcome to the Cisco SDM Express Wizard window, read the message and then click Next.
i. Verify that you are using the latest version of SDM. The initial SDM screen that displays immediately after the login shows the current version number. It is also displayed on the main SDM screen shown below, along with IOS version.
NOTE 2: If the current version is not 2.4 or higher, notify your instructor before continuing with this lab. You will need to download the latest zip file from the URL listed above and save it to the PC. From the Tools menu of the SDM GUI, use the Update SDM option to specify the location of the zip file and start the update.
NOTE 3 – If SDM Express Wizard fails to start: If you connect to the router and SDM Express starts but the SDM Express Setup Wizard shown above does not start automatically, the router may be partially configured and needs to be reset to its factory defaults. If the SDM Express main screen is displayed, choose the Reset to Factory Defaults option, repeat Steps 1a through 1e, and log in again. If the full SDM application starts (not SMD Express), choose the Reset to Factory Defaults option from the File menu on the main SDM screen, repeat Steps 1a through 1e, and log in again. If you have difficulty with this procedure, contact your instructor for assistance.
Also note that the Windows XP computer you are using must have Internet Explorer 5.5 or higher and SUN Java Runtime Environment (JRE) version 1.4.2_05 or later (or Java Virtual Machine (JVM) 5.0.0.3810). If it does not, SDM will not start. You will need to download and install JRE on the PC before continuing with the lab.
Step 2: Perform initial basic configuration
a. In the Basic Configuration window, enter the following information. When you complete the basic configuration, click Next to continue
· In the Host Name field, enter CustomerRouter.
· In the Domain Name field, enter the domain name customer.com.
· Enter the username admin and the password cisco123 for SDM Express users and Telnet users. This password gives access to SDM locally, through the console connection, or remotely using Telnet.
· Enter the enable secret password of cisco123. This entry creates an encrypted password that prevents casual users from entering privileged mode and modifying the configuration of the router using the CLI.
b. From the Router Provisioning window, click the radio button next to SDM Express and then clickNext.
Step 3: Configure the LAN IP address
In the LAN Interface Configuration window, choose FastEthernet0/0 from the Interface list. For interface FastEthernet 0/0, enter the IP address of 192.168.1.1 and subnet mask of 255.255.255.0. You can also enter the subnet mask information in a different format: entering a count of the number of binary digits or bits in the subnet mask, such as 255.255.255.0 or 24 subnet bits.
Step 4: De-select DHCP server
At this point, do not enable the DHCP server. This procedure is covered in a later section of this course. In the DHCP server configuration window, ensure that the Enable DHCP server on the LAN interface check box is cleared before proceeding. Click Next to continue.
Step 5: Configure the WAN interface
a. In the WAN Configuration window, choose Serial0/0/0 interface from the list and click the Add Connection button. The Add Connection window appears.
NOTE: With the 1841 router, the serial interface is designated by 3 digits – C/S/P, whereC=Controller#, S=Slot# and P=Port#. The 1841 has two modular slots. The designation Serial0/0/0 indicates that the serial interface module is on controller 0, in slot 0, and that the interface to be used is the first one (0). The second interface is Serial0/0/1. The serial module is normally installed in slot 0 but may be may be installed in slot 1. If this is the case, the designation for the first serial interface on the module would be Serial0/1/0 and the second would be Serial0/1/1.
b. From the Add Serial0/0/0 Connection dialog box, choose PPP from the Encapsulation list. From the Address Type list, choose Static IP Address. Enter 209.165.200.225 for the IP address and 255.255.255.224 for the Subnet mask. Click OK to continue. Notice that this subnet mask translates to a /27, or 27 bits for the mask.
c. Notice that the IP address that you just set for the serial WAN interface now appears in the Interface List. Click Next to continue.
d. Enter the IP address 209.165.200.226 as the Next Hop IP Address for the Default Route. Click Next to continue.
e. Ensure that the check box next to Enable NAT is cleared. This procedure is covered in a later section of this course. Click Next to continue.
Step 6: Enable the firewall and security settings
a. Depending on the router IOS version, the next step may be Firewall Configuration. In the Firewall Configuration window, click the radio button that enables the firewall and then click Next. The Security Configuration window appears.
b. Leave all the default security options checked in the Security Configuration window and then click Next.
Step 7: Review and complete the configuration
a. If you are not satisfied with the Cisco SDM Express Summary, click Back to fix any changes and then click Finish to commit the changes to the router.
b. Click OK after reading the Reconnection Instructions. Save these instructions to a file for future reference, if desired.
NOTE: Before the next time you connect, you will need to change the IP address of the PC to be compatible with the new address that you configured to FastEthernet 0/0. The Reconnectioninstructions are shown below.
c. When the delivery of the configuration to the router is complete. Click OK to close Cisco SDM Express.
Step 8: Reflection
a. What feature makes configuring the router easy?
b. Summarize the steps that are configured by the Cisco SDM Express
SDM router basic IOS configuration to bring up SDM
If the startup-config is erased in an SDM router, SDM will no longer come up by default when the router is restarted. It will be necessary to build a basic config as follows. Further details regarding the setup and use of SDM are can be found in the SDM Quick StartGuide:
http://www.cisco.com/en/US/products/sw/secursw/ps5318/products_quick_start09186a0080511c89.html#wp44788
1) Set the router Fa0/0 IP address
(This is the interface that a PC will connect to using a browser to bring up SDM. The PC IP address should be set to 10.10.10.2 255.255.255.248)
NOTE: An SDM router other than the 1841 may require connection to different port in order to access SDM.
Router(config)# interface Fa0/0
Router(config-if)# ip address 10.10.10.1 255.255.255.248
Router(config-if)# no shutdown
2) Enable the HTTP/HTTPS server of the router, using the following CiscoIOS commands:
Router(config)#ip http server
Router(config)#ip http secure-server
Router(config)#ip http authentication local
3) Create a user account with privilege level 15 (enable privileges).
Router(config)# username privilege 15 password 0
Replace and with the username and password that you want to configure.
4) Configure SSH and Telnet for local login and privilege level 15:
Router(config)# line vty 0 4
Router(config-line)# privilege level 15
Router(config-line)# login local
Router(config-line)# transport input telnet
Router(config-line)# transport input telnet ssh
Router(config-line)# exit
· Configure basic router global settings – router name, users, and login passwords – using Cisco SDM Express.
· Configure LAN and Internet connections on a Cisco ISR using Cisco SDM Express.
Background / Preparation
Cisco Router and Security Device Manager (SDM) is a Java-based web application and a device-management tool for Cisco IOS Software-based routers. The Cisco SDM simplifies router and security configuration through the use of smart wizards, which allows you to deploy, configure, and monitor a Cisco router without requiring knowledge of the command-line interface (CLI). The Cisco SDM is supported on a wide range of Cisco routers and Cisco IOS Software releases. Many newer Cisco routers come with SDM preinstalled. If you are using an 1841 router, SDM (and SDM Express) is pre-installed. This lab assumes the use of a Cisco 1841 router. You can use another router model as long as it is capable of supporting SDM. If you are using a supported router that does not have SDM installed, you can download the latest version free of charge from the following location: http://www.cisco.com/pcgi-bin/tablebuild.pl/sdm From the URL shown above, view or download the document “Downloading and Installing Cisco Router and Security Device Manager.” This document provides instructions for installing SDM on your router. It lists specific model numbers and IOS versions that can support SDM, and the amount of memory required. Cisco SDM Express is a component of SDM. SDM Express automatically runs a GUI wizard that allows you to perform an initial basic configuration of a Cisco router using a browser and the web interface of the router. SDM Express will only be activated when the router is in its factory-default state. In this lab, you will use Cisco SDM Express to configure LAN and Internet connections on a Cisco ISR.
The following resources are required:
· Cisco 1841 ISR router with SDM version 2.4 installed (critical – see Note 2 in Step 1)
· Cisco 1841 ISR router configured with factory default settings and with a serial port add-in module (critical – see Notes 1 and 3 in Step 1)
· (Optional) Other Cisco router model with SDM installed
· Windows XP computer with Internet Explorer 5.5 or higher and SUN Java Runtime Environment (JRE) version 1.4.2_05 or later (or Java Virtual Machine (JVM) 5.0.0.3810). (See Note 3 in Step 1)
· Straight-through or crossover category 5 Ethernet cable
· Access to PC network TCP/IP configuration
Step 1: Configure the PC to connect to the router and then launch Cisco SDM
a. Power up the router.
b. Power up the PC.
c. Disable any popup blocker programs. Popup blockers prevent SDM Express windows fromdisplaying.
d. Connect the PC NIC to the FastEthernet 0/0 port on the Cisco 1841 ISR router with the Ethernet cable.
NOTE: An SDM router other than the 1841 may require connection to different port in order to access SDM.
e. Configure the IP address of the PC to be 10.10.10.2 with a subnet mask of 255.255.255.248.
f. SDM does not load automatically on the router. You must open the web browser to reach the SDM.Open the web browser on the PC and connect to the following URL: http://10.10.10.1
NOTE 1 – If browser connection to router fails: If you cannot connect and see the login screen, check your cabling and connections and make sure the IP configuration of the PC is correct. The router may have been previously configured to an address of 192.168.1.1 on the Fa0/0 interface. Try setting the IP address of the PC to 192.168.1.2 with a subnet mask of 255.255.255.0 and connect to http://192.168.1.1 using the browser. If you have difficulty with this procedure, contact your instructor for assistance.
If the startup-config is erased in an SDM router, SDM will no longer come up by default when the router is restarted. It will be necessary to build a basic router configuration using IOS commands.Refer to the procedure at the end of this lab or contact your instructor.
g. In the Connect to dialog box, enter cisco for the username and cisco for the password. Click OK. The main SDM web application will start and you will be prompted to use HTTPS. Click Cancel. In the Security Warning window, click Yes to trust the Cisco application.
h. In the Welcome to the Cisco SDM Express Wizard window, read the message and then click Next.
i. Verify that you are using the latest version of SDM. The initial SDM screen that displays immediately after the login shows the current version number. It is also displayed on the main SDM screen shown below, along with IOS version.
NOTE 2: If the current version is not 2.4 or higher, notify your instructor before continuing with this lab. You will need to download the latest zip file from the URL listed above and save it to the PC. From the Tools menu of the SDM GUI, use the Update SDM option to specify the location of the zip file and start the update.
NOTE 3 – If SDM Express Wizard fails to start: If you connect to the router and SDM Express starts but the SDM Express Setup Wizard shown above does not start automatically, the router may be partially configured and needs to be reset to its factory defaults. If the SDM Express main screen is displayed, choose the Reset to Factory Defaults option, repeat Steps 1a through 1e, and log in again. If the full SDM application starts (not SMD Express), choose the Reset to Factory Defaults option from the File menu on the main SDM screen, repeat Steps 1a through 1e, and log in again. If you have difficulty with this procedure, contact your instructor for assistance.
Also note that the Windows XP computer you are using must have Internet Explorer 5.5 or higher and SUN Java Runtime Environment (JRE) version 1.4.2_05 or later (or Java Virtual Machine (JVM) 5.0.0.3810). If it does not, SDM will not start. You will need to download and install JRE on the PC before continuing with the lab.
Step 2: Perform initial basic configuration
a. In the Basic Configuration window, enter the following information. When you complete the basic configuration, click Next to continue
· In the Host Name field, enter CustomerRouter.
· In the Domain Name field, enter the domain name customer.com.
· Enter the username admin and the password cisco123 for SDM Express users and Telnet users. This password gives access to SDM locally, through the console connection, or remotely using Telnet.
· Enter the enable secret password of cisco123. This entry creates an encrypted password that prevents casual users from entering privileged mode and modifying the configuration of the router using the CLI.
b. From the Router Provisioning window, click the radio button next to SDM Express and then clickNext.
Step 3: Configure the LAN IP address
In the LAN Interface Configuration window, choose FastEthernet0/0 from the Interface list. For interface FastEthernet 0/0, enter the IP address of 192.168.1.1 and subnet mask of 255.255.255.0. You can also enter the subnet mask information in a different format: entering a count of the number of binary digits or bits in the subnet mask, such as 255.255.255.0 or 24 subnet bits.
Step 4: De-select DHCP server
At this point, do not enable the DHCP server. This procedure is covered in a later section of this course. In the DHCP server configuration window, ensure that the Enable DHCP server on the LAN interface check box is cleared before proceeding. Click Next to continue.
Step 5: Configure the WAN interface
a. In the WAN Configuration window, choose Serial0/0/0 interface from the list and click the Add Connection button. The Add Connection window appears.
NOTE: With the 1841 router, the serial interface is designated by 3 digits – C/S/P, whereC=Controller#, S=Slot# and P=Port#. The 1841 has two modular slots. The designation Serial0/0/0 indicates that the serial interface module is on controller 0, in slot 0, and that the interface to be used is the first one (0). The second interface is Serial0/0/1. The serial module is normally installed in slot 0 but may be may be installed in slot 1. If this is the case, the designation for the first serial interface on the module would be Serial0/1/0 and the second would be Serial0/1/1.
b. From the Add Serial0/0/0 Connection dialog box, choose PPP from the Encapsulation list. From the Address Type list, choose Static IP Address. Enter 209.165.200.225 for the IP address and 255.255.255.224 for the Subnet mask. Click OK to continue. Notice that this subnet mask translates to a /27, or 27 bits for the mask.
c. Notice that the IP address that you just set for the serial WAN interface now appears in the Interface List. Click Next to continue.
d. Enter the IP address 209.165.200.226 as the Next Hop IP Address for the Default Route. Click Next to continue.
e. Ensure that the check box next to Enable NAT is cleared. This procedure is covered in a later section of this course. Click Next to continue.
Step 6: Enable the firewall and security settings
a. Depending on the router IOS version, the next step may be Firewall Configuration. In the Firewall Configuration window, click the radio button that enables the firewall and then click Next. The Security Configuration window appears.
b. Leave all the default security options checked in the Security Configuration window and then click Next.
Step 7: Review and complete the configuration
a. If you are not satisfied with the Cisco SDM Express Summary, click Back to fix any changes and then click Finish to commit the changes to the router.
b. Click OK after reading the Reconnection Instructions. Save these instructions to a file for future reference, if desired.
NOTE: Before the next time you connect, you will need to change the IP address of the PC to be compatible with the new address that you configured to FastEthernet 0/0. The Reconnectioninstructions are shown below.
c. When the delivery of the configuration to the router is complete. Click OK to close Cisco SDM Express.
Step 8: Reflection
a. What feature makes configuring the router easy?
b. Summarize the steps that are configured by the Cisco SDM Express
SDM router basic IOS configuration to bring up SDM
If the startup-config is erased in an SDM router, SDM will no longer come up by default when the router is restarted. It will be necessary to build a basic config as follows. Further details regarding the setup and use of SDM are can be found in the SDM Quick StartGuide:
http://www.cisco.com/en/US/products/sw/secursw/ps5318/products_quick_start09186a0080511c89.html#wp44788
1) Set the router Fa0/0 IP address
(This is the interface that a PC will connect to using a browser to bring up SDM. The PC IP address should be set to 10.10.10.2 255.255.255.248)
NOTE: An SDM router other than the 1841 may require connection to different port in order to access SDM.
Router(config)# interface Fa0/0
Router(config-if)# ip address 10.10.10.1 255.255.255.248
Router(config-if)# no shutdown
2) Enable the HTTP/HTTPS server of the router, using the following CiscoIOS commands:
Router(config)#ip http server
Router(config)#ip http secure-server
Router(config)#ip http authentication local
3) Create a user account with privilege level 15 (enable privileges).
Router(config)# username privilege 15 password 0
Replace and with the username and password that you want to configure.
4) Configure SSH and Telnet for local login and privilege level 15:
Router(config)# line vty 0 4
Router(config-line)# privilege level 15
Router(config-line)# login local
Router(config-line)# transport input telnet
Router(config-line)# transport input telnet ssh
Router(config-line)# exit
Lab 8.3.2 conducting a Network capture with wireshark
Mike Putri
06477/2008
Step 1: install and launch Wireshark
Step 2: select an interface to use for capturing pakets
Step 3 : Analysyze web trafict information (optional)
a. The conection to the google server with a query to the DNS server to lookup the server IP address. The destination server IP address will most likely start with 64.x.x.x what is the source and destination of the first packet sent to the google server?
Source: 192.168.1.103
Destination: 65.24.7.3
b. Open another browser window and go to the ARIN who is database http://www.arin.net/whois/ or use another whois lookup tool and enter thr IP address of the destination server. To what organization is this IP address assigned? 192.168.1.103
c. What are the protocols is used to establish the connection to the web server and deliver the web page to your local host? TCP
d. What is the color used to establish the connection to the server and deliver the web page to your local host? hijau
e. What is the color used to highlight the traffic between your host and the google web server? gray
Step 5: filter a network capture
a. Open a command prompt window by clicking start > all programs > run and typing cmd.
b. Ping a host IP address on your local network and observer? ICMP
c. When icmp is typed in the filter text box what kind of raffic is was displayed? Ketika kita menge-ping host IP address yang ada di jaringan local kita
d. Click the filter: Expression button on the wireshark eindow. Scroll down the list and view the filter possibilities there. Are TCP, HTTP,ARP and other protocols listed? Ya ada
Step 6:reflection
a. There are hundreads of filters listed in the filter: expression option. It may be possible that, in a large network , there would be enormounts and many different types of traffic. Which three filters in the long list do you think might be most useful to a network administrator
b. Is wreshark a tool for out of band or in band network monitoring
Explain your answare
06477/2008
Step 1: install and launch Wireshark
Step 2: select an interface to use for capturing pakets
Step 3 : Analysyze web trafict information (optional)
a. The conection to the google server with a query to the DNS server to lookup the server IP address. The destination server IP address will most likely start with 64.x.x.x what is the source and destination of the first packet sent to the google server?
Source: 192.168.1.103
Destination: 65.24.7.3
b. Open another browser window and go to the ARIN who is database http://www.arin.net/whois/ or use another whois lookup tool and enter thr IP address of the destination server. To what organization is this IP address assigned? 192.168.1.103
c. What are the protocols is used to establish the connection to the web server and deliver the web page to your local host? TCP
d. What is the color used to establish the connection to the server and deliver the web page to your local host? hijau
e. What is the color used to highlight the traffic between your host and the google web server? gray
Step 5: filter a network capture
a. Open a command prompt window by clicking start > all programs > run and typing cmd.
b. Ping a host IP address on your local network and observer? ICMP
c. When icmp is typed in the filter text box what kind of raffic is was displayed? Ketika kita menge-ping host IP address yang ada di jaringan local kita
d. Click the filter: Expression button on the wireshark eindow. Scroll down the list and view the filter possibilities there. Are TCP, HTTP,ARP and other protocols listed? Ya ada
Step 6:reflection
a. There are hundreads of filters listed in the filter: expression option. It may be possible that, in a large network , there would be enormounts and many different types of traffic. Which three filters in the long list do you think might be most useful to a network administrator
b. Is wreshark a tool for out of band or in band network monitoring
Explain your answare
CCNA Discovery 4- Modul 6 Exam Answer Version 4.0
Mike Putri
06477/2008
1. A network engineer researched whether there are mechanisms available to help with the transition from an IPv4 addressing structure to IPv6. What three options did the engineer find?(Choose three.)
• A protocol translation mechanism allows communication between the IPv4 and IPv6 networks.
• A packet analyzer determines the addressing structure and converts it to the appropriate IPv4 or IPv6 scheme.
• New Core devices that support IPV6 must be purchased.
• A protocol converter changes IPv4 packets into IPv6 packets and vice versa.
• A dual-stack network design allows both IPv4 and IPv6 addressing to be used on all network devices.
• Tunneling allows IPv4 packets to be encapsulated so that they can traverse IPv6 networks and vice versa.
2. When should the command no auto-summary be used?
• with RIP version 1, to enable classless routing
• with RIP version 2, to enable classless routing
• with RIP version 1, when discontigous networks exist
• with RIP version 2, when discontigous networks exist
3. Refer to the exhibit. What must an administrator do on R3 to ensure that update packets are sent with subnet mask information?
• Add the commands:
R3(config-router)# auto-summary
R3(config-router)# no version 2
• Add the commands:
R3(config-router)# version 2
R3(config-router)# no auto-summary
• Change the network statement on R3:
R3(config)# network 10.10.4.0
• Add the command:
R3(config)# ip route 0.0.0.0 0.0.0.0 s0/0
4. What best describes a discontiguous network?
• combines several classfull networking address
• contains more than one route to a destination
• implements more than one routing protocol
• separated from the rest of the hierarchical group by another network
5. Refer to the exhibit. A company has decided to add a new workgroup. If the subnetting scheme for the network uses contiguous blocks of addresses, what subnet is assigned to WGROUP3?
• 172.16.3.12/29
• 172.16.3.16/29
• 172.16.3.20/29
• 172.16.3.24/29
• 172.16.3.32/29
6. A network administrator is using the 10.0.0.0/8 network for the company. The administrator must create a masking scheme to support 750 users at the main office and 620 users at the remote office. What mask should be assigned to the 10.0.0.0/8 network to preserve the most addresses?
• 255.255.255.0
• /19
• /20
• 255.255.252.0
• /23
• /21
7. What is another format for the IPv6 address 1080:0000:0000:0000:0000:0000:1267:01A2?
• 1080::1267:01A2
• 1080:0:0:0:0:1267:01A2
• 1080::0:1267:01A2
• 1080:::::1267.01A2
8. How many bits make up an IPv6 address?
• 32
• 48
• 64
• 128
9. After activating IPv6 traffic forwarding, configuring IPv6 addresses, and globally configure RIPng, what is the remaining step to activate RIPng?
• Enter the ipv6 router rip name command and then use network statements to activate RIPng on the interfaces.
• Enter the ipv6 router rip name command and then specify which interfaces run RIPng, which are passive, and which only receive.
• Enter the interface mode for each IPv6 interface and enable RIPng with the ipv6 rip name enable command.
• Enter the interface mode for each IPv6 interface and enable the multicast group FF02::9, and then activate RIPng globally using the ipv6 router rip name command.
• Enter the router rip command, and then activate RIPng using the version command.
• RIPng then automatically runs on all IPv6 interfaces.
10. Refer to the exhibit. The IT management has determined that the new subnet for WGROUP3 needs to be broken down into four more subnets. What would the subnet mask be for the four newly created subnets within WGROUP3?
• 255.255.128.0
• 255.255.192.0
• 255.255.224.0
• 255.255.248.0
• 255.255.252.0
11. Refer to the exhibit. What is the first usable IP address that can be assigned to the WGROUP3 switch?
• 172.16.50.96/27
• 172.16.50.97/27
• 172.16.50.98/27
• 172.16.50.99/27
• 255.255.255.0
12. Refer to the exhibit. Which set of router commands is required to turn on unequal-cost load sharing so that RTRA selects the path A-B-E and the lowest cost path A-C-E to the Internet?
• RTRA(config)# router eigrp 1
RTRA(config-router)# variance 2
• RTRA(config)# router eigrp 1
RTRA(config-router)# variance 1
• RTRA(config)# router eigrp 1
RTRA(config-router)# maximum-paths 2
• RTRA(config)# router eigrp 1
RTRA(config-router)# maximum-paths 1
13. Refer to the exhibit. Assuming that the default EIGRP configuration is running on both routers, which statement is true about Router A reaching the 2.2.2.0/24 network?
• The no auto-summary command needs to be issued to disable automatic summarization.
• The network 2.2.2.0 command needs to be issued to ensure that Router A recognizes the 2.2.2.0 network.
• EIGRP supports VLSM and automatically recognizes the 2.2.2.0 network.
• EIGRP does not support VLSM; therefore it cannot be used with discontiguous networks.
14. Refer to the exhibit. The network administrator wants router RTA to send only the summarized route of 10.10.0.0/16 to RTC. Which configuration accomplishes this?
• RTA(config)# interface s0/0
RTA(config-if)# ip summary-address eigrp 101 10.10.0.0 255.255.0.0
RTA(config-if)# exit
RTA(config)# router eigrp 101
RTA(config-router)# no auto-summary
• RTA(config)# interface s0/1
RTA(config-if)# ip summary-address eigrp 101 10.10.0.0 255.255.0.0
RTA(config-if)# exit
RTA(config)# router eigrp 101
RTA(config-router)# no auto-summary
• RTA(config)# interface s0/0
RTA(config-if)# ip summary-address eigrp 101 10.10.0.0 255.255.0.0
• RTA(config)# interface s0/1
RTA(config-if)# ip summary-address eigrp 101 10.10.0.0 255.255.0.0
15. What is a good design practice when developing a hierarchical addressing scheme?
• Address the nodes in the Access Layer and work toward the Core Layer.
• Assign addresses to the Core devices before planning the addressing scheme for the server farm.
• Determine where statically configured addressing will be implemented.
• Determine what percentage of devices are wired and what percentage of devices are wireless.
16. A network administrator is asked to design a new addressing scheme for a corporate network. Presently, there are 850 users at the head office, 220 users at sales, 425 at manufacturing, and 50 at the research site. Which statement defines the correct VLSM addressing map with minimal waste using the 172.17.0.0/16 network?
• 172.17.0.0/20 head office
172.17.1.0/21 manufacturing
172.17.1.0/22 sales
172.17.3.0/26 research
• 172.17.48.0/19 head office
172.17.16.0/20 manufacturing
172.17.48.128/25 sales
172.17.48.0/26 research
• 172.17.0.0/22 head office
172.17.4.0/23 manufacturing
172.17.5.0/24 sales
172.17.6.0/26 research
• 172.17.2.0/22 head office
172.17.3.0/23 manufacturing
172.17.4.0/26 sales
172.17.4.128/25 research
16. How would the routes for networks 172.16.1.0/24, 172.16.3.0/24, and 172.16.15.0/24 be summarized?
• 172.16.0.0/20
• 172.16.0.0/21
• 172.16.0.0/22
• 172.16.0.0/24
17. What two advantages does CIDR provide to a network? (Choose two.)
• dynamic address assignment
• automatic route redistribution
• reduced routing update traffic
• easier management of summarization
• automatic summarization at classfull boundaries
18. Which statement describes MD5 authentication for neighbor authentication?
• All passwords are sent in clear text when neighbors first learn about each other.
• Only the initiating router sends its password using encrypted text when it first discovers a new router.
• All routers send their password using encrypted text only when they first learn of each other.
• All routers send their password using encrypted text each time they exchange update packets.
19. Refer to the exhibit. What are the broadcast addresses for each subnet?
• Admin - 172.16.31.0
QA - 172.16.1.127
Development - 172.16.2.255
Sales - 172.16.32.255
• Admin - 172.16.31.255
QA - 172.16.1.255
Development - 172.16.3.255
Sales - 172.16.63.255
• Admin - 172.16.31.255
QA - 172.16.1.127
Development - 172.16.3.255
Sales - 172.16.63.255
• Admin - 172.16.31.0
QA - 172.16.1.255
Development - 172.16.2.255
Sales - 172.16.32.255
20. Refer to the exhibit. The IT management is adding three VLANs to the wgroup3 switch. The current subnet will be broken down to support 14 hosts for each of the new VLANs. What will the new subnet mask be for these VLANs?
• 255.255.255.192
• 255.255.255.240
• 255.255.248.0
• 255.255.255.224
• 255.255.240.0
• 255.255.255.248
21. An administrator is configuring IPv6 on a router. The steps that have already been completed are:
1. Activate IPv6 traffic forwarding.
2. Configure IPv6 addresses.
3. Globally configure RIPng.
What is the remaining step to complete the activation of RIPng?
• Enter the ipv6 router rip name command and then use network statements to activate RIPng on the interfaces.
• Enter the ipv6 router rip name command and then specify which interfaces run RIPng, which are passive, and which only receive.
• Enter the interface mode for each IPv6 interface and enable RIPng with the ipv6 rip name enable command.
• Enter the interface mode for each IPv6 interface and enable the multicast group FF02::9, and then activate RIPng globally using the ipv6 router rip name command.
• Enter the router rip command, and then activate RIPng using the version command. RIPng then automatically runs on all IPv6 interfaces.
22. Which range includes all available networks in the 192.168.8.0/21 network?
• 192.168.8.0/24 - 192.168.14.0/24
• 192.168.8.0/24 - 192.168.15.0/24
• 192.168.8.0/24 - 192.168.16.0/24
• 192.168.8.0/24 - 192.168.17.0/24
23. Which two are best practices for creating a new IP addressing scheme for a network? (Choose two.)
• Plan and allow for significant growth.
• Assign addresses to the access layer before any other layer.
• Plan the entire addressing scheme before assigning any addresses.
• Begin with the access layer network summary addresses and work to the edge.
• Plan the addressing scheme to meet the current minimum requirement needs.
• Implement statically assigned addresses to all hosts in the distribution layer first.
24. Refer to the exhibit. Which subnet will provide sufficient addresses for the Production network with minimal waste?
• 172.16.0.192/26
• 172.16.0.192/27
• 172.16.0.224/26
• 172.16.0.160/26
• 172.16.0.144/27
25. A network designer is implementing a new network for a company. The designer is using all new Cisco equipment and has decided to select a hierarchical routing protocol for the network. The designer wishes to minimize traffic from routing updates but also needs fast routing convergence in the event of a topology change. Also, the existing IP addressing scheme requires that the selected protocol support VLSM. Which routing protocol should be chosen?
• BGP
• RIP v1
• RIP v2
• OSPF
• EIGRP
• A protocol translation mechanism allows communication between the IPv4 and IPv6 networks.
• A packet analyzer determines the addressing structure and converts it to the appropriate IPv4 or IPv6 scheme.
• New Core devices that support IPV6 must be purchased.
• A protocol converter changes IPv4 packets into IPv6 packets and vice versa.
• A dual-stack network design allows both IPv4 and IPv6 addressing to be used on all network devices.
• Tunneling allows IPv4 packets to be encapsulated so that they can traverse IPv6 networks and vice versa.
2. When should the command no auto-summary be used?
• with RIP version 1, to enable classless routing
• with RIP version 2, to enable classless routing
• with RIP version 1, when discontigous networks exist
• with RIP version 2, when discontigous networks exist
3. Refer to the exhibit. What must an administrator do on R3 to ensure that update packets are sent with subnet mask information?
• Add the commands:
R3(config-router)# auto-summary
R3(config-router)# no version 2
• Add the commands:
R3(config-router)# version 2
R3(config-router)# no auto-summary
• Change the network statement on R3:
R3(config)# network 10.10.4.0
• Add the command:
R3(config)# ip route 0.0.0.0 0.0.0.0 s0/0
4. What best describes a discontiguous network?
• combines several classfull networking address
• contains more than one route to a destination
• implements more than one routing protocol
• separated from the rest of the hierarchical group by another network
5. Refer to the exhibit. A company has decided to add a new workgroup. If the subnetting scheme for the network uses contiguous blocks of addresses, what subnet is assigned to WGROUP3?
• 172.16.3.12/29
• 172.16.3.16/29
• 172.16.3.20/29
• 172.16.3.24/29
• 172.16.3.32/29
6. A network administrator is using the 10.0.0.0/8 network for the company. The administrator must create a masking scheme to support 750 users at the main office and 620 users at the remote office. What mask should be assigned to the 10.0.0.0/8 network to preserve the most addresses?
• 255.255.255.0
• /19
• /20
• 255.255.252.0
• /23
• /21
7. What is another format for the IPv6 address 1080:0000:0000:0000:0000:0000:1267:01A2?
• 1080::1267:01A2
• 1080:0:0:0:0:1267:01A2
• 1080::0:1267:01A2
• 1080:::::1267.01A2
8. How many bits make up an IPv6 address?
• 32
• 48
• 64
• 128
9. After activating IPv6 traffic forwarding, configuring IPv6 addresses, and globally configure RIPng, what is the remaining step to activate RIPng?
• Enter the ipv6 router rip name command and then use network statements to activate RIPng on the interfaces.
• Enter the ipv6 router rip name command and then specify which interfaces run RIPng, which are passive, and which only receive.
• Enter the interface mode for each IPv6 interface and enable RIPng with the ipv6 rip name enable command.
• Enter the interface mode for each IPv6 interface and enable the multicast group FF02::9, and then activate RIPng globally using the ipv6 router rip name command.
• Enter the router rip command, and then activate RIPng using the version command.
• RIPng then automatically runs on all IPv6 interfaces.
10. Refer to the exhibit. The IT management has determined that the new subnet for WGROUP3 needs to be broken down into four more subnets. What would the subnet mask be for the four newly created subnets within WGROUP3?
• 255.255.128.0
• 255.255.192.0
• 255.255.224.0
• 255.255.248.0
• 255.255.252.0
11. Refer to the exhibit. What is the first usable IP address that can be assigned to the WGROUP3 switch?
• 172.16.50.96/27
• 172.16.50.97/27
• 172.16.50.98/27
• 172.16.50.99/27
• 255.255.255.0
12. Refer to the exhibit. Which set of router commands is required to turn on unequal-cost load sharing so that RTRA selects the path A-B-E and the lowest cost path A-C-E to the Internet?
• RTRA(config)# router eigrp 1
RTRA(config-router)# variance 2
• RTRA(config)# router eigrp 1
RTRA(config-router)# variance 1
• RTRA(config)# router eigrp 1
RTRA(config-router)# maximum-paths 2
• RTRA(config)# router eigrp 1
RTRA(config-router)# maximum-paths 1
13. Refer to the exhibit. Assuming that the default EIGRP configuration is running on both routers, which statement is true about Router A reaching the 2.2.2.0/24 network?
• The no auto-summary command needs to be issued to disable automatic summarization.
• The network 2.2.2.0 command needs to be issued to ensure that Router A recognizes the 2.2.2.0 network.
• EIGRP supports VLSM and automatically recognizes the 2.2.2.0 network.
• EIGRP does not support VLSM; therefore it cannot be used with discontiguous networks.
14. Refer to the exhibit. The network administrator wants router RTA to send only the summarized route of 10.10.0.0/16 to RTC. Which configuration accomplishes this?
• RTA(config)# interface s0/0
RTA(config-if)# ip summary-address eigrp 101 10.10.0.0 255.255.0.0
RTA(config-if)# exit
RTA(config)# router eigrp 101
RTA(config-router)# no auto-summary
• RTA(config)# interface s0/1
RTA(config-if)# ip summary-address eigrp 101 10.10.0.0 255.255.0.0
RTA(config-if)# exit
RTA(config)# router eigrp 101
RTA(config-router)# no auto-summary
• RTA(config)# interface s0/0
RTA(config-if)# ip summary-address eigrp 101 10.10.0.0 255.255.0.0
• RTA(config)# interface s0/1
RTA(config-if)# ip summary-address eigrp 101 10.10.0.0 255.255.0.0
15. What is a good design practice when developing a hierarchical addressing scheme?
• Address the nodes in the Access Layer and work toward the Core Layer.
• Assign addresses to the Core devices before planning the addressing scheme for the server farm.
• Determine where statically configured addressing will be implemented.
• Determine what percentage of devices are wired and what percentage of devices are wireless.
16. A network administrator is asked to design a new addressing scheme for a corporate network. Presently, there are 850 users at the head office, 220 users at sales, 425 at manufacturing, and 50 at the research site. Which statement defines the correct VLSM addressing map with minimal waste using the 172.17.0.0/16 network?
• 172.17.0.0/20 head office
172.17.1.0/21 manufacturing
172.17.1.0/22 sales
172.17.3.0/26 research
• 172.17.48.0/19 head office
172.17.16.0/20 manufacturing
172.17.48.128/25 sales
172.17.48.0/26 research
• 172.17.0.0/22 head office
172.17.4.0/23 manufacturing
172.17.5.0/24 sales
172.17.6.0/26 research
• 172.17.2.0/22 head office
172.17.3.0/23 manufacturing
172.17.4.0/26 sales
172.17.4.128/25 research
16. How would the routes for networks 172.16.1.0/24, 172.16.3.0/24, and 172.16.15.0/24 be summarized?
• 172.16.0.0/20
• 172.16.0.0/21
• 172.16.0.0/22
• 172.16.0.0/24
17. What two advantages does CIDR provide to a network? (Choose two.)
• dynamic address assignment
• automatic route redistribution
• reduced routing update traffic
• easier management of summarization
• automatic summarization at classfull boundaries
18. Which statement describes MD5 authentication for neighbor authentication?
• All passwords are sent in clear text when neighbors first learn about each other.
• Only the initiating router sends its password using encrypted text when it first discovers a new router.
• All routers send their password using encrypted text only when they first learn of each other.
• All routers send their password using encrypted text each time they exchange update packets.
19. Refer to the exhibit. What are the broadcast addresses for each subnet?
• Admin - 172.16.31.0
QA - 172.16.1.127
Development - 172.16.2.255
Sales - 172.16.32.255
• Admin - 172.16.31.255
QA - 172.16.1.255
Development - 172.16.3.255
Sales - 172.16.63.255
• Admin - 172.16.31.255
QA - 172.16.1.127
Development - 172.16.3.255
Sales - 172.16.63.255
• Admin - 172.16.31.0
QA - 172.16.1.255
Development - 172.16.2.255
Sales - 172.16.32.255
20. Refer to the exhibit. The IT management is adding three VLANs to the wgroup3 switch. The current subnet will be broken down to support 14 hosts for each of the new VLANs. What will the new subnet mask be for these VLANs?
• 255.255.255.192
• 255.255.255.240
• 255.255.248.0
• 255.255.255.224
• 255.255.240.0
• 255.255.255.248
21. An administrator is configuring IPv6 on a router. The steps that have already been completed are:
1. Activate IPv6 traffic forwarding.
2. Configure IPv6 addresses.
3. Globally configure RIPng.
What is the remaining step to complete the activation of RIPng?
• Enter the ipv6 router rip name command and then use network statements to activate RIPng on the interfaces.
• Enter the ipv6 router rip name command and then specify which interfaces run RIPng, which are passive, and which only receive.
• Enter the interface mode for each IPv6 interface and enable RIPng with the ipv6 rip name enable command.
• Enter the interface mode for each IPv6 interface and enable the multicast group FF02::9, and then activate RIPng globally using the ipv6 router rip name command.
• Enter the router rip command, and then activate RIPng using the version command. RIPng then automatically runs on all IPv6 interfaces.
22. Which range includes all available networks in the 192.168.8.0/21 network?
• 192.168.8.0/24 - 192.168.14.0/24
• 192.168.8.0/24 - 192.168.15.0/24
• 192.168.8.0/24 - 192.168.16.0/24
• 192.168.8.0/24 - 192.168.17.0/24
23. Which two are best practices for creating a new IP addressing scheme for a network? (Choose two.)
• Plan and allow for significant growth.
• Assign addresses to the access layer before any other layer.
• Plan the entire addressing scheme before assigning any addresses.
• Begin with the access layer network summary addresses and work to the edge.
• Plan the addressing scheme to meet the current minimum requirement needs.
• Implement statically assigned addresses to all hosts in the distribution layer first.
24. Refer to the exhibit. Which subnet will provide sufficient addresses for the Production network with minimal waste?
• 172.16.0.192/26
• 172.16.0.192/27
• 172.16.0.224/26
• 172.16.0.160/26
• 172.16.0.144/27
25. A network designer is implementing a new network for a company. The designer is using all new Cisco equipment and has decided to select a hierarchical routing protocol for the network. The designer wishes to minimize traffic from routing updates but also needs fast routing convergence in the event of a topology change. Also, the existing IP addressing scheme requires that the selected protocol support VLSM. Which routing protocol should be chosen?
• BGP
• RIP v1
• RIP v2
• OSPF
• EIGRP
CCNA Discovery 4- Modul 7 Exam Answer Version 4.0
Mike Putri
06477/2008
1. A network engineer has decided to pilot test a portion of a new network design rather than rely on a prototype for proof-of-concept. What are two advantages of pilot testing a design concept?(Choose two.)
• The test network experiences real-world network traffic.
• Users within the enterprise are not affected by the test.
• Network response can be tested in unplanned and unpredictable situations.
• Unlikely failure conditions can be conveniently tested.
• Network response can be tested in a highly controlled simulated environment.
2. While preparing a network test plan document, a network designer records all initial and modified device configurations. Which section of the document typically contains this information?
• Appendix
• Test Procedures
• Test Description
• Actual Results and Conclusions
• Anticipated Results and Success Criteria
3. Refer to the exhibit. A network designer creates a test plan that includes the specification shown. In which section of the test plan would this specification be found?
• Test Description
• Test Procedures
• Design and Topology Diagram
• Actual Results and Conclusions
• Anticipated Results and Success Criteria
4. What OSI model Layer 2 security measure can a network engineer implement when prototyping network security?
• a firewall at the network edge
• port security at the access design layer
• port security at the distribution design layer
• IP access control lists at the access design layer
5. How do designers decide which network functions need to be included in the prototype test?
• They select the functions that align with the business goals.
• They select the functions that occur at the network core.
• They select the functions that do not exist in the existing network.
• They select the functions from a list of generic network operations.
6. Refer to the exhibit. During prototype testing of the Cisco network shown, connectivity must be verified. Assuming all connections are working and CDP is enabled on all devices and interfaces, on which device was the command issued?
• R1
• S1
• R3
• S2
• R5
• S3
7. Refer to the exhibit. During prototyping, Layer 2 functionality is being tested. Based on the output shown, which two pieces of information can be determined? (Choose two.)
• Switch1 is the root bridge.
• Interface Fa0/2 on Switch1 has no role in the operation of spanning tree.
• Interface Fa0/2 on Switch1 is the alternate port used to reach the root bridge.
• Based on the entries in the "Role" column, it can be concluded that RSTP has been implemented.
• Interface Fa0/1 on Switch1 is the forwarding port selected for the entire spanning-tree topology.
8. What Rapid Spanning Tree Protocol (RSTP) state is given to the forwarding port elected for every switched Ethernet LAN segment?
• root
• backup
• alternate
• designated
9. Refer to the exhibit. During prototype testing, verification of VLAN connectivity is being performed. Based on the information shown, what command produced the output?
• show spanning-tree
• show interfaces trunk
• show cdp neighbors
• show interfaces
• show ip interface brief
10. Switch port Fa0/24 was previously configured as a trunk, but now it is to be used to connect a host to the network. How should the network administrator reconfigure switch port Fa0/24?
• Use the switchport mode access command from interface configuration mode.
• Enter the switchport nonegotiate command from interface configuration mode.
• Administratively shut down and re-enable the interface to return it to the default.
• Enter the no switchport mode trunk command in interface configuration mode.
• Use the switchport access vlan vlan number command from interface configuration mode
• to remove the port from the trunk and add it to a specific VLAN.
11. Refer to the exhibit. The redundant paths are of equal bandwidth and EIGRP is the routing protocol in use. Which statement describes the data flow from Server to PC2?
• EIGRP load balances across the R3 to R1 and R3 to R2 links.
• EIGRP load balances across the R1 to Switch3 and R2 to Switch3 paths.
• EIGRP load balances across the Switch1 to Switch3 and Switch1 to Switch2 paths.
• EIGRP does not load balance in this topology.
12. A network designer needs to determine if a proposed IP addressing scheme allows efficient route summarization and provides the appropriate amount of scalability to a design. What is useful for validating a proposed hierarchical IP addressing scheme?
• NBAR
• a pilot network
• a route summary
• a network simulator
• a physical topology ma
13. In the router command encapsulation dot1q 10, what does the number 10 represent?
• the metric used for a particular route
• the number of the VLAN associated with the encapsulated subinterface
• the priority number given to the device for the election process
• the number that must match the Fast Ethernet subinterface number
• the number used to program the router for unequal cost path load balancing
14. Refer to the exhibit. The users on the 192.168.10.192 network are not allowed Internet access. The network design calls for an extended ACL to be developed and tested. Where should the ACL be placed for the least effect on other network traffic?
• inbound on Fa0/0 of R3
• outbound on Fa0/0 of R3
• inbound on Fa0/1 of R3
• outbound on Fa0/1 of R3
• inbound on Fa0/1 of R2
• outbound on S0/0 of R2
15. Refer to the exhibit. What two measures can be taken to address the areas of weakness circled in the network design? (Choose two.)
• Provide redundant connections to all end users.
• Add another core switch to increase redundancy.
• Add a switch in the server block connecting the server farm to each core switch.
• Add an additional switch to the DMZ and direct links from the new switch to the core switches.
• Provide a redundant firewall router connecting to a second ISP, the core switches, and the DMZ.
16. Why is it important to record baseline measurements of a prototype network?
• Test results show security weaknesses after the baseline tests are run.
• The baseline is the point at which the network is operating at its fullest potential.
• Baseline measurements define a point at which network traffic has exceeded the designed capabilities of the network.
• Test results are compared to the baseline to see how the test conditions increase processor use or decrease available bandwidth.
17. Refer to the exhibit. A network administrator has been given the task of creating a design for a temporary classroom building that is to be set up outside an overcrowded school. In testing the prototype, it is found that the student PC cannot ping the teacher PC. All the switch interfaces are active and connected properly, as is interface Fa0/0 of the router. Given that only the commands shown have bee added to the router configuration, what is the source of the problem?
• The IP settings on the student PC are incorrect.
• The default gateway on the teacher PC is misconfigured.
• The router Fa0/0 interface has not been configured as a VLAN trunk.
• The Fa0/0 physical interface has not been configured with an IP address and subnet mask.
• The administrator forgot to configure a routing protocol to allow the ping packets to reach the teacher PC subnet.
18. Refer to the exhibit. Why are interfaces Fa0/11, Fa0/23, and Fa0/24 not shown in this switch output?
• Interfaces Fa0/11, Fa0/23, and Fa0/24 are trunks.
• Interfaces Fa0/11, Fa0/23, and Fa0/24 are shutdown.
• Interfaces Fa0/11, Fa0/23, and Fa0/24 are blocking.
• Interfaces Fa0/11, Fa0/23, and Fa0/24 failed diagnostics
19. Refer to the exhibit. A network technician is performing an initial installation of a new switch in the east wing. The technician removes the switch from the box, makes the connections to the network, and adds the configuration shown. The technician notifies the network administrator that the switch has been installed. When the network administrator at the home office attempts to telnet to the switch from host 192.168.0.1, the connection fails. What action should the network technician take?
• Add an enable password to the switch.
• Add a default gateway to the switch configuration.
• Configure the switch with an IP access list to permit the host connection.
• Enable the physical interfaces of the switch with the no shutdown command.
20. Refer to the exhibit. After all the interfaces have stabilized, what is the spanning-tree state of all the enabled interfaces of SW11?
• discarding
• forwarding
• learning
• listening
• The test network experiences real-world network traffic.
• Users within the enterprise are not affected by the test.
• Network response can be tested in unplanned and unpredictable situations.
• Unlikely failure conditions can be conveniently tested.
• Network response can be tested in a highly controlled simulated environment.
2. While preparing a network test plan document, a network designer records all initial and modified device configurations. Which section of the document typically contains this information?
• Appendix
• Test Procedures
• Test Description
• Actual Results and Conclusions
• Anticipated Results and Success Criteria
3. Refer to the exhibit. A network designer creates a test plan that includes the specification shown. In which section of the test plan would this specification be found?
• Test Description
• Test Procedures
• Design and Topology Diagram
• Actual Results and Conclusions
• Anticipated Results and Success Criteria
4. What OSI model Layer 2 security measure can a network engineer implement when prototyping network security?
• a firewall at the network edge
• port security at the access design layer
• port security at the distribution design layer
• IP access control lists at the access design layer
5. How do designers decide which network functions need to be included in the prototype test?
• They select the functions that align with the business goals.
• They select the functions that occur at the network core.
• They select the functions that do not exist in the existing network.
• They select the functions from a list of generic network operations.
6. Refer to the exhibit. During prototype testing of the Cisco network shown, connectivity must be verified. Assuming all connections are working and CDP is enabled on all devices and interfaces, on which device was the command issued?
• R1
• S1
• R3
• S2
• R5
• S3
7. Refer to the exhibit. During prototyping, Layer 2 functionality is being tested. Based on the output shown, which two pieces of information can be determined? (Choose two.)
• Switch1 is the root bridge.
• Interface Fa0/2 on Switch1 has no role in the operation of spanning tree.
• Interface Fa0/2 on Switch1 is the alternate port used to reach the root bridge.
• Based on the entries in the "Role" column, it can be concluded that RSTP has been implemented.
• Interface Fa0/1 on Switch1 is the forwarding port selected for the entire spanning-tree topology.
8. What Rapid Spanning Tree Protocol (RSTP) state is given to the forwarding port elected for every switched Ethernet LAN segment?
• root
• backup
• alternate
• designated
9. Refer to the exhibit. During prototype testing, verification of VLAN connectivity is being performed. Based on the information shown, what command produced the output?
• show spanning-tree
• show interfaces trunk
• show cdp neighbors
• show interfaces
• show ip interface brief
10. Switch port Fa0/24 was previously configured as a trunk, but now it is to be used to connect a host to the network. How should the network administrator reconfigure switch port Fa0/24?
• Use the switchport mode access command from interface configuration mode.
• Enter the switchport nonegotiate command from interface configuration mode.
• Administratively shut down and re-enable the interface to return it to the default.
• Enter the no switchport mode trunk command in interface configuration mode.
• Use the switchport access vlan vlan number command from interface configuration mode
• to remove the port from the trunk and add it to a specific VLAN.
11. Refer to the exhibit. The redundant paths are of equal bandwidth and EIGRP is the routing protocol in use. Which statement describes the data flow from Server to PC2?
• EIGRP load balances across the R3 to R1 and R3 to R2 links.
• EIGRP load balances across the R1 to Switch3 and R2 to Switch3 paths.
• EIGRP load balances across the Switch1 to Switch3 and Switch1 to Switch2 paths.
• EIGRP does not load balance in this topology.
12. A network designer needs to determine if a proposed IP addressing scheme allows efficient route summarization and provides the appropriate amount of scalability to a design. What is useful for validating a proposed hierarchical IP addressing scheme?
• NBAR
• a pilot network
• a route summary
• a network simulator
• a physical topology ma
13. In the router command encapsulation dot1q 10, what does the number 10 represent?
• the metric used for a particular route
• the number of the VLAN associated with the encapsulated subinterface
• the priority number given to the device for the election process
• the number that must match the Fast Ethernet subinterface number
• the number used to program the router for unequal cost path load balancing
14. Refer to the exhibit. The users on the 192.168.10.192 network are not allowed Internet access. The network design calls for an extended ACL to be developed and tested. Where should the ACL be placed for the least effect on other network traffic?
• inbound on Fa0/0 of R3
• outbound on Fa0/0 of R3
• inbound on Fa0/1 of R3
• outbound on Fa0/1 of R3
• inbound on Fa0/1 of R2
• outbound on S0/0 of R2
15. Refer to the exhibit. What two measures can be taken to address the areas of weakness circled in the network design? (Choose two.)
• Provide redundant connections to all end users.
• Add another core switch to increase redundancy.
• Add a switch in the server block connecting the server farm to each core switch.
• Add an additional switch to the DMZ and direct links from the new switch to the core switches.
• Provide a redundant firewall router connecting to a second ISP, the core switches, and the DMZ.
16. Why is it important to record baseline measurements of a prototype network?
• Test results show security weaknesses after the baseline tests are run.
• The baseline is the point at which the network is operating at its fullest potential.
• Baseline measurements define a point at which network traffic has exceeded the designed capabilities of the network.
• Test results are compared to the baseline to see how the test conditions increase processor use or decrease available bandwidth.
17. Refer to the exhibit. A network administrator has been given the task of creating a design for a temporary classroom building that is to be set up outside an overcrowded school. In testing the prototype, it is found that the student PC cannot ping the teacher PC. All the switch interfaces are active and connected properly, as is interface Fa0/0 of the router. Given that only the commands shown have bee added to the router configuration, what is the source of the problem?
• The IP settings on the student PC are incorrect.
• The default gateway on the teacher PC is misconfigured.
• The router Fa0/0 interface has not been configured as a VLAN trunk.
• The Fa0/0 physical interface has not been configured with an IP address and subnet mask.
• The administrator forgot to configure a routing protocol to allow the ping packets to reach the teacher PC subnet.
18. Refer to the exhibit. Why are interfaces Fa0/11, Fa0/23, and Fa0/24 not shown in this switch output?
• Interfaces Fa0/11, Fa0/23, and Fa0/24 are trunks.
• Interfaces Fa0/11, Fa0/23, and Fa0/24 are shutdown.
• Interfaces Fa0/11, Fa0/23, and Fa0/24 are blocking.
• Interfaces Fa0/11, Fa0/23, and Fa0/24 failed diagnostics
19. Refer to the exhibit. A network technician is performing an initial installation of a new switch in the east wing. The technician removes the switch from the box, makes the connections to the network, and adds the configuration shown. The technician notifies the network administrator that the switch has been installed. When the network administrator at the home office attempts to telnet to the switch from host 192.168.0.1, the connection fails. What action should the network technician take?
• Add an enable password to the switch.
• Add a default gateway to the switch configuration.
• Configure the switch with an IP access list to permit the host connection.
• Enable the physical interfaces of the switch with the no shutdown command.
20. Refer to the exhibit. After all the interfaces have stabilized, what is the spanning-tree state of all the enabled interfaces of SW11?
• discarding
• forwarding
• learning
• listening
CCNA Discovery 4- Modul 8 Exam Answer Version 4.0
Mike Putri
06477/2008
1. Which mechanism is used to create a floating static route?
• administrative distance
• cost
• hop count
• passive interface
2. IPSec operates at which layer of the OSI model?
• application
• network
• datalink
• transport
3. Which is true regarding Frame Relay LMI?
• There are three LMI types standardized by ANSI, ITU-T, and Cisco.
• Routers at each end of a Frame Relay virtual circuit must always use the same LMI type.
• The LMI type must be manually configured.
• The only function of LMI is to verify the connection between the router and the Frame Relay switch.
4. Which statement identifies the IP address design for subinterfaces that are configured for a Frame Relay network?
• Multipoint configurations require the IP address of each subinterface on each router to be in its own subnet.
• Multipoint configurations require IP addresses for each subinterface on each router to be a part of the same subnet.
• Point-to-point configurations require IP addresses for each subinterface on each router to be a part of the same subnet.
• Point-to-point configurations do not require IP addresses on each subinterface on each router.
• Multipoint configurations do not require IP addresses on each subinterface on each router.
5. Which three algorithms can be used to encrypt user data in an IPSec VPN framework? (Choose three.)
• 3DES
• AES
• Diffie-Hellman
• DES
• ESP
• SHA
6. Which flag is set by a Frame Relay switch to inform the receiving station that congestion was experienced?
• BECN
• DE
• FECN
• FCS
7. Refer to the exhibit. The complete configuration of a Frame Relay interface on the Chicago router is shown. How does the Chicago router know which DLCI is mapped to the IP address of the remote router?
• DE
• CIR
• FECN
• Inverse ARP
8. What statement correctly defines the purpose of the split horizon rule?
• marks the route unreachable in a routing update that is sent to other routers
• prevents routers from advertising a network through the interface from which the update came
• prevents routers from accepting higher cost routes to networks previously marked as inaccessible before the timer expires
• limits the number of hops a packet can traverse through the network before it should be discarded
9. Which PVC status suggests that the router recognizes the DLCI configured on its interface as being present on the Frame Relay switch, but the PVC associated with the DLCI is not capable of end-to-end communication?
• active
• deleted
• inactive
• idle
10. Refer to the exhibit. Which router command is used to associate a Layer 2 address with the corresponding Layer 3 address?
• Miller(config-if)#frame-relay map ip 172.16.150.1 110
• Miller(config-if)#frame-relay map ip 172.16.150.1 112
• Miller(config-if)#frame-relay map ip 172.16.150.2 110
• Miller(config-if)#frame-relay map ip 172.16.150.2 112
11. A network administrator issued the command show frame-relay pvc. The response from the router shows the status of a PVC as deleted. What is the reason for this status?
• The DLCI is using the wrong LMI type.
• The DLCI is usable but has little activity.
• The DLCI is programmed in the switch but the circuit is not usable.
• The DLCI configured on the CPE device does not match the DLCI.
12. What is one benefit of using a network simulation software package?
• The network design can be tested before it is actually implemented.
• Simulation software packages are quickly updated to support new network technologies and devices.
• Simulated devices have the same features as actual devices, allowing for detection of all potential problems.
• Software packages can simulate all possible network traffic conditions, giving an accurate prediction of network performance.
13. What are two components a network designer considers when planning a VPN? (Choose two.)
• encryption algorithm for privacy and security
• encapsulation protocol to use when creating the VPN tunnel
• switching technology to optimize VPN WAN throughput
• tunneling technology for guarding against data corruption
• routing protocol on the gateway for optimum performance
14. When identifying VPN requirements for endpoint users, what care must be taken to protect the network when remote users log in from unsecured public locations?
• Ensure that the user has VPN client software that allows access to all internal resources.
• Ensure that the VPN user traffic does not slow down internally sourced traffic on the network.
• Ensure that there are no obstacles to hamper the users from accessing all internal resources.
• Ensure that remote users can only access network resources that are appropriate to their job function.
15. Which two components are key elements when implementing a VPN? (Choose two.)
• concentration
• encryption
• prioritization
• compression
• encapsulation
16. What tool can help ease the configuration of VPN servers on routers?
• Cisco SDM
• PIX Firewall
• Cisco VPN Concentrator
• Cisco Adaptive Security Appliances
17. What is used to identify the path to the next frame-relay switch in a Frame Relay network?
• CIR
• DLCI
• FECN
• BECN
18. Which two statements are true regarding VPN security? (Choose two.)
• Users may only establish a VPN connection from secure locations and never from public areas.
• Users that connect to a network through a VPN do not have to log in to resources on the network.
• Users that connect to a network through a VPN are are considered trusted users on the network.
• Users may establish a VPN connection from unsecure locations such as airports and hotel lobbies.
• Users that connect to a network through a VPN should have access to all the resources on the network.
19. Refer to the exhibit. What is placed in the address field of a frame that will travel from the Orlando office to the DC office?
• MAC address of the Orlando router
• MAC address of the DC router
• 192.168.1.25
• 192.168.1.26
• DLCI 100
• DLCI 200
20. Two directly connected routers are able to ping each other through the Serial 0/0/0 interfaces. A network administrator changes the encapsulation on one router to PPP, and the other is left at the default value. What statement would appear in the output of the show interfaces command issued on one of the routers?
• Serial 0/0/0 is up, line protocol is up
• Serial 0/0/0 is down, line protocol is down
• Serial 0/0/0 is up, line protocol is down
• Serial 0/0/0 is down, line protocol is up
• Serial 0/0/0 is administratively down, line protocol is down
21. Refer to the exhibit. What statement is true about the configuration shown for R2?
• R2 is configured as the Frame Relay switch.
• R2 is configured as the main site in a multipoint Frame Relay WAN prototype.
• R2 is configured as the main site in a point-to-point Frame Relay WAN prototype.
• R2 is configured as a remote site in a multipoint Frame Relay WAN prototype.
• R2 is configured as a remote site in a point-to-point Frame Relay WAN prototype.
22. A company uses serial interfaces on its border router to connect to branch offices through WAN connections. The security policy dictates that the encapsulation should use PPP with authentication protocol CHAP. Which statement is true about the configuration requirement of CHAP?
• Both the username and password are case sensitive.
• Neither the username nor the password is case sensitive.
• The username is case sensitive but the password is not case sensitive.
• The password is case sensitive but the username is not case sensitive.
23. Which two statements about split tunnels are true? (Choose two.)
• Local LAN printing will use the VPN tunnel.
• The traffic load on the VPN server is increased.
• Traffic to the corporate network will be encrypted.
• There is a reduced security risk to the corporate network.
• All traffic travels across the VPN tunnel from client to server.
• Traffic to public web sites and general Internet navigation is not encrypted.
24. An IP address has been assigned to the S0/0/0 interface of a new Cisco router. The administrator wishes to quickly test basic connectivity with the serial interface of an adjoining Cisco router via the use of the default WAN protocol. Which WAN protocol will be used for this test?
• PPP
• Frame Relay
• DSL
• HDLC
• ATM
25. Which two statements about split tunnels are true? (Choose two.)
• Local LAN printing will use the VPN tunnel.
• The traffic load on the VPN server is increased.
• Traffic to the corporate network will be encrypted.
• There is a reduced security risk to the corporate network.
• All traffic travels across the VPN tunnel from client to server.
• Traffic to public web sites and general Internet navigation is not encrypted
• administrative distance
• cost
• hop count
• passive interface
2. IPSec operates at which layer of the OSI model?
• application
• network
• datalink
• transport
3. Which is true regarding Frame Relay LMI?
• There are three LMI types standardized by ANSI, ITU-T, and Cisco.
• Routers at each end of a Frame Relay virtual circuit must always use the same LMI type.
• The LMI type must be manually configured.
• The only function of LMI is to verify the connection between the router and the Frame Relay switch.
4. Which statement identifies the IP address design for subinterfaces that are configured for a Frame Relay network?
• Multipoint configurations require the IP address of each subinterface on each router to be in its own subnet.
• Multipoint configurations require IP addresses for each subinterface on each router to be a part of the same subnet.
• Point-to-point configurations require IP addresses for each subinterface on each router to be a part of the same subnet.
• Point-to-point configurations do not require IP addresses on each subinterface on each router.
• Multipoint configurations do not require IP addresses on each subinterface on each router.
5. Which three algorithms can be used to encrypt user data in an IPSec VPN framework? (Choose three.)
• 3DES
• AES
• Diffie-Hellman
• DES
• ESP
• SHA
6. Which flag is set by a Frame Relay switch to inform the receiving station that congestion was experienced?
• BECN
• DE
• FECN
• FCS
7. Refer to the exhibit. The complete configuration of a Frame Relay interface on the Chicago router is shown. How does the Chicago router know which DLCI is mapped to the IP address of the remote router?
• DE
• CIR
• FECN
• Inverse ARP
8. What statement correctly defines the purpose of the split horizon rule?
• marks the route unreachable in a routing update that is sent to other routers
• prevents routers from advertising a network through the interface from which the update came
• prevents routers from accepting higher cost routes to networks previously marked as inaccessible before the timer expires
• limits the number of hops a packet can traverse through the network before it should be discarded
9. Which PVC status suggests that the router recognizes the DLCI configured on its interface as being present on the Frame Relay switch, but the PVC associated with the DLCI is not capable of end-to-end communication?
• active
• deleted
• inactive
• idle
10. Refer to the exhibit. Which router command is used to associate a Layer 2 address with the corresponding Layer 3 address?
• Miller(config-if)#frame-relay map ip 172.16.150.1 110
• Miller(config-if)#frame-relay map ip 172.16.150.1 112
• Miller(config-if)#frame-relay map ip 172.16.150.2 110
• Miller(config-if)#frame-relay map ip 172.16.150.2 112
11. A network administrator issued the command show frame-relay pvc. The response from the router shows the status of a PVC as deleted. What is the reason for this status?
• The DLCI is using the wrong LMI type.
• The DLCI is usable but has little activity.
• The DLCI is programmed in the switch but the circuit is not usable.
• The DLCI configured on the CPE device does not match the DLCI.
12. What is one benefit of using a network simulation software package?
• The network design can be tested before it is actually implemented.
• Simulation software packages are quickly updated to support new network technologies and devices.
• Simulated devices have the same features as actual devices, allowing for detection of all potential problems.
• Software packages can simulate all possible network traffic conditions, giving an accurate prediction of network performance.
13. What are two components a network designer considers when planning a VPN? (Choose two.)
• encryption algorithm for privacy and security
• encapsulation protocol to use when creating the VPN tunnel
• switching technology to optimize VPN WAN throughput
• tunneling technology for guarding against data corruption
• routing protocol on the gateway for optimum performance
14. When identifying VPN requirements for endpoint users, what care must be taken to protect the network when remote users log in from unsecured public locations?
• Ensure that the user has VPN client software that allows access to all internal resources.
• Ensure that the VPN user traffic does not slow down internally sourced traffic on the network.
• Ensure that there are no obstacles to hamper the users from accessing all internal resources.
• Ensure that remote users can only access network resources that are appropriate to their job function.
15. Which two components are key elements when implementing a VPN? (Choose two.)
• concentration
• encryption
• prioritization
• compression
• encapsulation
16. What tool can help ease the configuration of VPN servers on routers?
• Cisco SDM
• PIX Firewall
• Cisco VPN Concentrator
• Cisco Adaptive Security Appliances
17. What is used to identify the path to the next frame-relay switch in a Frame Relay network?
• CIR
• DLCI
• FECN
• BECN
18. Which two statements are true regarding VPN security? (Choose two.)
• Users may only establish a VPN connection from secure locations and never from public areas.
• Users that connect to a network through a VPN do not have to log in to resources on the network.
• Users that connect to a network through a VPN are are considered trusted users on the network.
• Users may establish a VPN connection from unsecure locations such as airports and hotel lobbies.
• Users that connect to a network through a VPN should have access to all the resources on the network.
19. Refer to the exhibit. What is placed in the address field of a frame that will travel from the Orlando office to the DC office?
• MAC address of the Orlando router
• MAC address of the DC router
• 192.168.1.25
• 192.168.1.26
• DLCI 100
• DLCI 200
20. Two directly connected routers are able to ping each other through the Serial 0/0/0 interfaces. A network administrator changes the encapsulation on one router to PPP, and the other is left at the default value. What statement would appear in the output of the show interfaces command issued on one of the routers?
• Serial 0/0/0 is up, line protocol is up
• Serial 0/0/0 is down, line protocol is down
• Serial 0/0/0 is up, line protocol is down
• Serial 0/0/0 is down, line protocol is up
• Serial 0/0/0 is administratively down, line protocol is down
21. Refer to the exhibit. What statement is true about the configuration shown for R2?
• R2 is configured as the Frame Relay switch.
• R2 is configured as the main site in a multipoint Frame Relay WAN prototype.
• R2 is configured as the main site in a point-to-point Frame Relay WAN prototype.
• R2 is configured as a remote site in a multipoint Frame Relay WAN prototype.
• R2 is configured as a remote site in a point-to-point Frame Relay WAN prototype.
22. A company uses serial interfaces on its border router to connect to branch offices through WAN connections. The security policy dictates that the encapsulation should use PPP with authentication protocol CHAP. Which statement is true about the configuration requirement of CHAP?
• Both the username and password are case sensitive.
• Neither the username nor the password is case sensitive.
• The username is case sensitive but the password is not case sensitive.
• The password is case sensitive but the username is not case sensitive.
23. Which two statements about split tunnels are true? (Choose two.)
• Local LAN printing will use the VPN tunnel.
• The traffic load on the VPN server is increased.
• Traffic to the corporate network will be encrypted.
• There is a reduced security risk to the corporate network.
• All traffic travels across the VPN tunnel from client to server.
• Traffic to public web sites and general Internet navigation is not encrypted.
24. An IP address has been assigned to the S0/0/0 interface of a new Cisco router. The administrator wishes to quickly test basic connectivity with the serial interface of an adjoining Cisco router via the use of the default WAN protocol. Which WAN protocol will be used for this test?
• PPP
• Frame Relay
• DSL
• HDLC
• ATM
25. Which two statements about split tunnels are true? (Choose two.)
• Local LAN printing will use the VPN tunnel.
• The traffic load on the VPN server is increased.
• Traffic to the corporate network will be encrypted.
• There is a reduced security risk to the corporate network.
• All traffic travels across the VPN tunnel from client to server.
• Traffic to public web sites and general Internet navigation is not encrypted
Jumat, 24 Desember 2010
Lab 7.2.6 Configuring a Wireless Client
Mike Putri
06477/2008
Step 1: Install the wireless NIC driver
a. Insert the CD that contains the wireless NIC driver into the CD/DVD drive and install the driver according to the manufacturer recommendations. Most USB devices require that the driver be installed before the device is physically attached.
b. Who is the manufacturer of the wireless NIC? Answer will be hardware dependent.Jawaban: WLAN IEEE 802.11 g oleh Linksys
c. Describe how you installed the wireless NIC driver. Answer will be student dependent
Jawban:
a. Mode Infrastruktur
1. Konfigurasi Access Point( Wireless Adapter dan Instalasi Access Point)
2. Konfigurasi Client
3. Konfigurasi USB Wireless Adapter( Instalasi Usb Wireless Adapter, Koneksi ke Access Point Pada Linksys Network Monitor, danKoneksi ke Access Point Pada Windows)
b. Mode Ad-Hoc
1. Aktifkan Wireless adapter masing – masing komputer yang akan dihubungkan dengan jaringan
2. Klik kanan pada icon Network Wireless Connection pada taskbar, lalu pilih View Available Wireless Networks,
3. Klik Change the order preferred Network maka akan muncul.
4. Klik Add pada kolom Preferred Network, lalu ketikkan Nama Network yang akan digunakan pada kolom Network Name. contoh nama SSID Broadcasternya adalah Ad Hoc.
5. Klik Ok
6. Klik refresh Network list maka akan muncul koneksi Ad-Hoc dengan nama SSID Ad Hoc.
7. Kemudian pilihlah opsi Change advance setting maka Klik 2 kali pada opsi internet protoco(TCP/IP) maka akan muncul gambar selanjutnya.
8. Kemudian setting pada masing masing komputer dengan IP address yang berbeda dengan aturan 192.168.1.xxx dengan xxx adalah sesuai angka yang diharapkan dalam range 1s/d 254. misal (192.168.1.65)
9. tentukan Subnet mask-nya dengan 255.255.255.0 untuk membentuk jaringan lokal. Kosongkan gateawaynya
10. Klik ok untuk verifikasi.
11. Tes koneksi dengan command PING pada command prompt,bila terhubung maka komputer komputer tersebut siap berkomunikasi dalam jaringan Ad-Hoc secara Pear to pear.
Step 2: Install the wireless NIC
a. When prompted, connect the USB NIC cable to an available USB port. Click Next to continue.
Step 3: Attach to the wireless network
a. Most wireless NIC adapters have client software to control the NIC. The software shows any wireless networks that are discovered. Select the SSID of the wireless network that you configured on the AP in a previous lab.
b. Which SSID are you using? Answer is student/network.
Jawaban : linksys
c. If the wireless NIC did not connect to the wireless network, perform the appropriate troubleshooting.
d. What is the signal strength for the wireless NIC? Answer is hardware dependent.
Jawaban : linksys
e. Did the wireless NIC see any other wireless networks in the area? Why or why not? Answer is lab dependent and on how many students are in the lab at once.
Jawaban : Ya. Karena dikampus saya banyakk sinyal wireless yg aktif
f. Show your active wireless connection to a fellow student or the lab assistant.
g. What is another name for a wireless host?
Jawaban : Elektronika1, Elektronika 2, Linksys e57, Elektro UNP.
h. Is it better to use the client software from the wireless NIC manufacturer or let Windows XP control.
Jawaban: Ya.
i. The wireless NIC? It is better to use client software to control the wireless NIC.
Jawaban: Ya karena cukup mudah dikonfigurasi.
Step 4: Determine the NIC driver version
a. Hardware manufacturers continually update drivers. The driver that ships with a NIC or other piece of hardware is frequently not the most current.
b. To check the driver version for the NIC you installed, click Start, select Control Panel and then Network Connections. Right-click on the wireless connection and select Properties. Click the Configure button for the NIC and then the Driver tab. What is the name and version of the driver you installed? Answer is hardware dependent.
Jawaban : Linksys version 2.9.8.335
Step 5: Determine if the NIC driver is the most current
a. Search the NIC manufacturer web site for drivers that support the wireless NIC you installed. Are there more current ones available? Very possibly
Jawaban : Ya.
b. What is the most current one listed? Answer is hardware dependent
c. If there is a more current driver, how would you apply it? Download the driver to a known location on the hard drive and use the Update Driver option from the network connection properties screen.
Jawaban : tidak mendonloadnya karena dapat membuat ke aslian dari software yang sedang dipakai/terinstal terdeteksi dan akan menyebabkan software yang telah terinstal jadi tidak optimal kerjanya.
Step 6: Verify connectivity
a. Once you have installed the NIC, it is time to verify connectivity with the Linksys WRT300N.
b. Open a web browser such as Windows Internet Explorer or Mozilla Firefox.
c. In the address line type http://192.168.1.1, which is the default setting on the AP.
d. In the Connect to 192.168.1.1 dialog box, leave the username text box empty, and type admin in the password text box. Leave the Remember my password checkbox unchecked. Click OK.
e. If you receive the Linksys Setup screen, you have established connectivity with the AP. If you do not establish connectivity, you will have to troubleshoot the connection by checking to ensure the devices are turned on and the IP addresses on all devices are correct. Which IP address should be configured on the wireless NIC?Answer should be an IP address in the 192.168.1.0/24 network
Step 7: Reflection
a. Do you think the process of setting up a wireless network at a food store or book store is any different from what you just did? Why or why not?. Answer will be student dependent, but they should see that it is no different.
Jawaban : Tidak. Bias saja sama jika menggunakan software yang sama. Pada dasarnya setiap software wireless yang beredar dipasaran itu sama saja hanya interfacenya saja yang sedikit berbeda.
b. Do you think the AP model that you are using would be sufficient for the food store in your neighborhood? Why or why not? Answer is student’s own opinion.
Jawaban: Ya. IP addressnya harus berbeda, tidak boleh sama.
Lab 7.2.5 Configuring a Wireless Access Point
Mike Putri
0677/2008
Step 1: Verify connectivity between the computer and the multi-function device
a. The computer used to configure the AP should be attached to one of the multi-function device’s switch ports.
b. On the computer, click the Start button and select Run. Type cmd and click OK or press Enter.
c. At the command prompt, ping the multi-function device using the default IP address 192.168.1.1 or the IP that has been configured on the multi-function device’s port. Do not proceed until the ping succeeds.
d. Write down the command used to ping the multi-function device. ping 192.168.1.1 (or whatever IP address was used)
NOTE: If the ping is not successful, try these troubleshooting steps:
- Check to make sure the IP address of the computer is on the 192.168.1.0 network. The computer must be on the same network as the multi-function device to be able to ping it. The DHCP service of the multi-function device is enabled by default. If the computer is configured as a DHCP client it should have a valid IP address and subnet mask. If the computer has a static IP address, it must be in on the 192.168.1.0 network and the subnet mask must be 255.255.255.0. The answer : ping 192.168.1.1 -t
- Make sure the cable is a known-good straight-through cable. Test to verify.
- Verify that the link light for the port where the computer is attached is lit.
- Check whether the multi-function device has power.
- If none of these steps correct the problem, check with your instructor.
Step 2: Log in to the multi-function device and configure the wireless network
a. Open a web browser. In the address line, type http://ip_address, where ip_address is the IP address of the wireless router (default is 192.168.1.1). At the prompt, leave the user name textbox empty, but type the password assigned to the router. The default password is admin. Click OK.
b. In the main menu, click on the Wireless option.
c. In the Basic Wireless Settings window, the Network Mode shows mixed by default, because the AP supports 802.11b, g, and n wireless devices. You can use any of these standards to connect to the AP. If the wireless portion of the multi-function device is NOT being used, the network mode would be set to Disabled. Leave the default of Mixed selected.
d. Delete the default SSID (linksys) in the Network Name (SSID) textbox. Enter a new SSID using your last name or name chosen by your instructor. SSIDs are case-sensitive.
e. Write down the exact SSID name that you are using. The SSID is student dependent
f. Click on the Radio Band drop-down menu and write down the two options. Standard-20MHz Channel and Wide-40MHz Channel
g. For a wireless network that can use 802.11b, g, or n client devices, the default is Auto. Auto allows the Wide Channel option to be chosen and gives the best performance. The Standard ChannelWide ChannelAuto selected. option is used if the wireless client devices are 802.11b or g, or both b and g. The option is used if only 802.11n client devices are being used. Leave the default of
h. SSID Broadcast is set to enabled by default, which enables the AP to periodically send out the SSID using the wireless antenna. Any wireless devices in the area can detect this broadcast. This is how clients detect nearby wireless networks.
i. Click on the Save Settings button. When the settings have been successfully saved, click on Continue.
j. The AP is now configured for a wireless network with the name (SSID) that you gave it. It is important to write down this information before starting the next lab or attaching any wireless NICs to the wireless network.
Step 3: Reflection
a. How many wireless networks do you think could be configured in one classroom? What would limit this? Answer will be student dependent, but depends on which signal power is being used, whether 802.11a, b, g, or n is being used, and how many channels are available for that particular type of wireless network.
Jawaban : 1-50 , dengam membuat password dan batasan Ip address yang bias mengakses.
b. What do you see as a potential security problem when you broadcast your SSID from the AP?
Jawaban : Answer is student’s own opinion, but one answer is that any wireless device in the area will know
there is a wireless network there. One of the first security threats in wireless is if the intruder knows where a wireless network is located and what the SSID is. Kesulitan dalam mengkonfigurasi , jika salah konfigurasi maka tidak dapat terkoneksi
Langganan:
Postingan (Atom)