CCNA Certification Study Guide Volume 1: Exam 200-301 v1.1

CCNA®

Certification

Study Guide

Volume 1

Exam 200-301 v1.1

Second Edition

Todd Lammle

Donald Robb

Copyright © 2025 by John Wiley & Sons, Inc. All rights, including for text and data mining, AI training, and similar technologies, are reserved.

Published by John Wiley & Sons, Inc., Hoboken, New Jersey.

Published simultaneously in Canada and the United Kingdom.

ISBNs: 9781394213016 (paperback), 9781394213030 (ePDF), 9781394213023 (ePub)

No part of this publication may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, electronic, mechanical, photocopying, recording, scanning, or otherwise, except as permitted under Section 107 or 108 of the 1976 United States Copyright Act, without either the prior written permission of the Publisher, or authorization through payment of the appropriate per-copy fee to the Copyright Clearance Center, Inc., 222 Rosewood Drive, Danvers, MA 01923, (978) 750-8400, fax (978) 750-4470, or on the web at www.copyright.com. Requests to the Publisher for permission should be addressed to the Permissions Department, John Wiley & Sons, Inc., 111 River Street, Hoboken, NJ 07030, (201) 748-6011, fax (201) 748-6008, or online at www.wiley.com/go/permission.

Trademarks: WILEY, the Wiley logo, and Sybex are trademarks or registered trademarks of John Wiley & Sons, Inc. and/or its affiliates, in the United States and other countries, and may not be used without written permission. CCNA is a registered trademark of Cisco Technology, Inc. All other trademarks are the property of their respective owners. John Wiley & Sons, Inc. is not associated with any product or vendor mentioned in this book.

Limit of Liability/Disclaimer of Warranty: While the publisher and authors have used their best efforts in preparing this book, they make no representations or warranties with respect to the accuracy or completeness of the contents of this book and specifically disclaim any implied warranties of merchantability or fitness for a particular purpose. No warranty may be created or extended by sales representatives or written sales materials. The advice and strategies contained herein may not be suitable for your situation. You should consult with a professional where appropriate. Further, readers should be aware that websites listed in this work may have changed or disappeared between when this work was written and when it is read. Neither the publisher nor authors shall be liable for any loss of profit or any other commercial damages, including but not limited to special, incidental, consequential, or other damages.

For general information on our other products and services, please contact our Customer Care Department within the United States at (800) 762-2974, outside the United States at (317) 572- 3993. For product technical support, you can find answers to frequently asked questions or reach us via live chat at https://sybexsupport.wiley.com.

Wiley also publishes its books in a variety of electronic formats. Some content that appears in print may not be available in electronic formats. For more information about Wiley products, visit our website at www.wiley.com.

Library of Congress Control Number: 2024948040

Cover image: © Getty Images Inc./Jeremy Woodhouse

Cover design: Wiley

Acknowledgments

Many people helped us build the new CCNA books in 2024 and 2025. First, Kenyon Brown helped me put together the book direction and managed the internal editing at Wiley. Thank you, Ken, for working diligently for many months to keep these books moving along.

Thanks also to Kim Wimpsett, my most excellent and highly dependable development editor at Wiley for well over a decade. She always does an excellent job, and I refuse to work on a book without her now!

We’d also like to thank John Sleeva and Tiffany Tayler for their hard work and edits in books one and two, respectively. They really helped us create fine-tuned books.

In this book, I enjoyed collaborating with Donald Robb from Canada. He played a crucial role in crafting the new table of contents and was instrumental in writing, editing, and thoroughly addressing the latest exam topics across various chapters. His expertise is unparalleled, and he worked tirelessly alongside me daily to bring this book to life. I’m confident you’ll appreciate his contributions as much as I do. You can connect with Donald through his well-known blog at https://the-packet-thrower.com. He also serves as a leading moderator and contributor on Reddit: https://www.reddit.com/r/ccna.

About the Authors

Todd Lammle is widely regarded as one of the foremost authorities on Cisco certification and internetworking, holding certifications across nearly every Cisco certification category. With a career spanning more than three decades, Todd has established himself as a globally recognized author, speaker, trainer, and consultant. His expertise extends across a broad range of technologies, including LANs, WANs, and large-scale enterprise wireless networks, both licensed and unlicensed. In recent years, he has specialized in implementing extensive Cisco security networks, particularly using Firepower/FTD and ISE.

What sets Todd apart is his deep, hands-on experience, which is evident in his writing and training materials. He’s not just an author; he’s a seasoned networking engineer with practical knowledge gained from working on some of the largest and most complex networks in the world. His experience includes significant contributions to companies such as Xerox, Hughes Aircraft, Texaco, AAA, Cisco, and Toshiba, among many others. This real-world experience allows Todd to bring a unique, practical perspective to his work, making his books and training sessions invaluable resources for IT professionals at all levels.

Todd has authored more than 120 books, solidifying his reputation as a leading voice in the industry. Some of his most popular titles include the CCNA: Cisco Certified Network Associate Study Guide, CCNA Wireless Study Guide, CCNA Data Center Study Guide, CCNP SNCF (Firepower), and CCNP Security. All of these works are published by Sybex, a respected name in technical publishing.

In addition to his writing and speaking engagements, Todd runs an international consulting and training company based in Idaho. His company provides expert guidance and training to organizations around the world, helping them to navigate the complexities of modern networking technologies. Despite his busy professional life, Todd still finds time to enjoy the natural beauty of Idaho, often spending his free time at the lake in the mountains, where he enjoys the outdoors with his beloved golden retrievers.

For those looking to dive deeper into Todd Lammle’s work, you can find his extensive range of books at https://www.lammle.com/order-our-books. Additionally, Todd is accessible to his readers and clients through his website at www.lammle.com, where you can find more resources, updates, and ways to connect with him directly.

Donald Robb, widely recognized online as The Packet Thrower, brings over two decades of experience in the IT industry. His career has spanned a diverse array of roles, beginning with help desk support and evolving into a position as one of the most respected consultants in the field. Donald has honed expert-level skills across various IT domains, including networking, security, collaboration, data center management, wireless technologies, and service providers. His depth of knowledge and technical expertise have made him a sought-after professional in the industry.

Currently, Donald is a principal network architect for Walt Disney Studios. In this role, he serves as a subject matter expert on various technologies, playing a critical role in shaping the company’s network architecture and ensuring its reliability and performance. His work involves leading the design and implementation of complex networks and guiding teams and stakeholders through the technical intricacies of modern IT infrastructures.

Over the years, Donald has collaborated with major industry vendors and smaller, specialized companies, earning many advanced certifications along the way. His achievements include becoming a double JNCIE and obtaining most of Cisco’s professional-level certifications, demonstrating his deep technical proficiency and commitment to continuous learning. His expertise has also been recognized through his selection as a Cisco Champion for four consecutive years, an honor awarded to top influencers in the networking community.

In addition to his hands-on work in the field, Donald has made significant contributions to IT education. He has had the privilege of working alongside Todd Lammle, a legendary figure in the IT world, coauthoring several books and developing courses that have helped countless professionals advance their careers. Through his extensive experience, certifications, and educational efforts, Donald Robb has solidified his reputation as a leading authority in the IT industry.

Introduction

Welcome to the exciting world of Cisco certification! If you’ve picked up this book because you want to improve yourself and your life with a better, more satisfying, and secure job, you’ve done the right thing. Whether your plan is to enter the thriving, dynamic IT sector or to enhance your skill set and advance your position within it, being Cisco certified can seriously stack the odds in your favor to help you attain your goals.

Cisco certifications are powerful instruments of success that also just happen to improve your grasp of all things internetworking. As you progress through this book, you’ll gain a complete understanding of networking that reaches far beyond Cisco devices. By the end of this book, you’ll comprehensively know how disparate network topologies and technologies work together to form the fully operational networks that are vital to today’s very way of life in the developed world. The knowledge and expertise you’ll gain here are essential for and relevant to every networking job. It’s why Cisco certifications are in such high demand—even at companies with few Cisco devices!

For up-to-the-minute updates covering additions or modifications to the Cisco certification exams, as well as additional study tools, review questions, videos, and bonus materials, be sure to visit the Todd Lammle website and forum at www.lammle.com/ccna.

Cisco’s Network Certifications

Way back in 1998, obtaining the Cisco Certified Network Associate (CCNA) certification was the first pitch in the Cisco certification climb. It was also the official prerequisite to each of the more advanced levels. But that changed in 2007, when Cisco announced the Cisco Certified Entry Network Technician (CCENT) certification. Then again, in May 2016, Cisco announced new updates to the CCENT and CCNA Routing and Switching (R/S) tests. Today, things have changed dramatically again.

In July 2019, Cisco switched up the certification process more than they have in the last 20 years! They announced all-new certifications that started in February 2020, and then again, an update and revision in the summer of 2024, which is probably why you’re reading this book!

So what’s changed? For starters, the CCENT course and exam (ICND1 and ICND2) no longer exist, nor do the terms Routing & Switching (rebranded to Enterprise). On top of that, the CCNA is no longer a prerequisite for any of the higher certifications at all, meaning that you’ll be able to jump straight to CCNP without having to take the new CCNA exam if you have already achieved the CCNA or have enough background to skip the CCNA.

The new Cisco certification process will look like this:

FIGURE I.1 The Cisco certification path

First, the CCST entry-level certification was added, and you can find the Wiley Study Guide for the CCST Network book authored by Todd Lammle and Donald Robb, as well as this CCNA Study Guide, at https://www.lammle.com/order-our-books.

If you have an entry-level network background, you will want to head directly to CCNA, using this book and the abundant resources on www.lammle.com/ccna, of course!

The Todd Lammle CCNA program, beginning with this book, is a powerful tool to get you started in your CCNA studies, and it’s vital to understand the material found in this book and at www.lammle.com/ccna before you go on to conquer any other certifications!

What Does This Book Cover?

This first book in the CCNA series covers everything you need to know regarding internetworking, Ethernet, switching, and routing. Volume II starts right where this first book in the series leaves off.

But regardless of which Cisco certification path you choose, as I’ve said, taking plenty of time to study and practice with routers or a router simulator is the real key to success.

You will learn the following information in this book:

Chapter 1: Network Fundamentals In Chapter 1, you will learn the basics of network fundamentals, the Cisco three-layer model, and wide area networks. Ethernet cabling including, fiber-optic, is discussed. The chapter ends with an overview of PoE. Review questions await you at the end to test your understanding of the material.

Chapter 2: Ethernet NetworkingChapter 2 provides you with the Ethernet foundation you need in order to pass both the CCST and CCNA exams. Data encapsulation is discussed in detail in this chapter as well. As with the other chapters, this chapter includes written labs and review questions to help you.

Chapter 3: TCP/IPChapter 3 covers the protocols of TCP/IP. I’ll begin by exploring the DoD’s version of TCP/IP, then compare that version and its protocols with the OSI reference model. Lastly, I’ll dive into the world of IP addressing and the different classes of IP addresses used in networks today. Review questions are included at the end of the chapter to test your understanding of the material.

Chapter 4: Easy SubnettingChapter 4 picks up right where we left off in the last chapter and continues to explore the world of IP addressing. The chapter opens by showing you how to subnet an IP network. Prepare yourself because being able to subnet quickly and accurately is pretty challenging. Use the review questions to test your ability to understand subnetting. You can also use the bonus tools found at www.lammle.com/ccna.

Chapter 5: Troubleshooting IP AddressingChapter 5 covers IP address troubleshooting while focusing on the steps Cisco recommends following when troubleshooting an IP network. Working through this chapter will hone your knowledge of IP addressing and networking while refining the essential skills you’ve attained so far.

Chapter 6: Cisco’s Internetworking Operating System (IOS)Chapter 6 introduces you to the Cisco Internetworking Operating System (IOS) and command-line interface (CLI). You’ll learn how to turn on a router and configure the basics of the IOS, including setting passwords, banners, and more. Be sure to complete the written lab and review questions.

Chapter 7: Managing a Cisco InternetworkChapter 7 covers the finer points of layer 2 switching to ensure that you know exactly how it works. You should already know that we rely on switching to break up large collision domains into smaller ones and that a collision domain is a network segment with two or more devices sharing the same bandwidth. Switches have changed the way networks are designed and implemented. If a pure switched design is implemented well, the result will be a clean, cost-effective, and resilient internetwork.

Chapter 8: Managing Cisco DevicesChapter 8 describes the boot process of Cisco routers, the configuration register, and how to manage Cisco IOS files. The chapter finishes with a section on Cisco’s new licensing strategy for IOS. The written labs and review questions will help you build a strong foundation for the objectives covered in this chapter.

Chapter 9: IP RoutingChapter 9 focuses on the core topic of the ubiquitous IP routing process. It’s integral to networking because it pertains to all routers and configurations that use it—easily the lion’s share. IP routing is basically the process of moving packets from one network to another network using routers, and this chapter covers IP routing in depth.

Chapter 10: Open Shortest Path FirstChapter 10 discusses Open Shortest Path First (OSPF), which is by far the most popular and important routing protocol in use today—so important that I’m devoting an entire chapter to it! The chapter begins with the basics by completely familiarizing you with key OSPF terminology.

Chapter 11: Enhanced IGRPChapter 11 covers Enhanced IGRP (EIGRP), which is a Cisco-proprietary routing protocol that has been available for other companies to add to their router operating systems for a few years now. This advanced distance-vector routing protocol is covered in depth, including exam essentials, a written lab, and review questions.

Chapter 12: Layer 2 SwitchingChapter 12 provides the solid background you need on layer two switching, how switches perform address learning, and how to make forwarding and filtering decisions. In addition, switch port security with MAC addresses is covered in detail. As always, go through the hands-on labs, written lab, and review questions to make sure you’ve really got layer two switching down!

Chapter 13: VLANs and Inter-VLAN RoutingChapter 13 discusses how we break up broadcast domains in a pure switched internetwork. We do this by creating virtual local area networks (VLANs). We’ll also guide you through troubleshooting techniques in this all-important chapter. The written lab and review questions reinforce the VLAN material.

Chapter 14: Cloud and Virtual Private NetworksChapter 14 provides in-depth coverage of VPNs. You’ll learn some smart solutions that will help you meet your company’s off-site network access needs and dive deep into how these networks utilize IP security to provide secure communications over a public network via the Internet using VPNs with IPsec. This VPN section wraps up by demonstrating how to create a tunnel using GRE (Generic Routing Encapsulation). We’ll then dive into on-premises and cloud technologies. Private cloud is simply a fancy term for hosting resources inside your physical environment, usually in a data center. You might have heard the saying that cloud is just using someone else’s data center, but this time, we are referring to yours! Generally speaking, the terms private cloud and on-premises are used interchangeably.

Chapter 15: Introduction to Artificial Intelligence and Machine LearningChapter 15 dives into the new and exciting world of machine learning and generative AI. By the end of the chapter, you will understand how they work and why they are beneficial to understand as a networking professional. We will even get into practical examples!

Appendix A: Answers to the Written Labs This appendix provides the answers to the end-of-chapter written labs.

Appendix B: Answers to the Review Questions This appendix provides the answers to the end-of-chapter review questions.

Interactive Online Learning Environment and Test Bank

The interactive online learning environment that accompanies the CCNA Certification Study Guide provides a test bank with study tools to help you prepare for the certification exams and increase your chances of passing them the first time! The test bank includes the following elements:

Sample Tests All of the questions in this book are provided in the test bank, including the assessment test, which you’ll find at the end of this introduction, and the review questions at the end of each chapter. In addition, you’ll find a bonus exam. Use these questions to test your knowledge of the study guide material. The online test bank runs on multiple devices.

Electronic Flashcards The flashcards are included for quick reference and are great tools for learning quick facts. You can even consider these as additional simple practice questions, which is essentially what they are.

PDF of Glossary of Terms

There is a glossary included that covers the key terms used in this book.

The Sybex Interactive Online Test Bank, flashcards, and glossary can be accessed at http://www.wiley.com/go/Sybextestprep.

Todd Lammle Bonus Material and Labs Be sure to check www.lammle.com/ccna for directions on how to download all the latest bonus material created specifically to help you study for your CCNA exam.

Todd Lammle Videos I have created a full CCNA series of videos that can be purchased at www.lammle.com/ccna.

Like all exams, the CCNA certification is updated periodically and may eventually be retired or replaced. At some point after Cisco is no longer offering this exam, the old editions of our books and online tools will be retired. If you have purchased this book after the exam was retired, or you are attempting to register in the Sybex online learning environment after the exam was retired, please know that we make no guarantees that this exam’s online Sybex tools will be available once the exam is no longer available.

CCNA Exam Overview

Cisco has designed the new CCNA program to prepare you for today’s associate-level job roles in IT technologies. The CCNA now includes security and automation and programmability, and there is even a new CCNA DevNet certification. The new CCNA program has one certification that covers a broad range of fundamentals for IT careers.

The new CCNA certification covers a huge number of topics, including:

Network fundamentals

Network access

IP connectivity

IP services

Security fundamentals

Wireless

Automation and programmability

Are There Any Prerequisites for Taking the CCNA Exam?

Not really, but having experience is really helpful. Cisco has no formal prerequisites for CCNA certification, but you should understand the exam topics before taking the exam.

CCNA candidates often also have:

One or more years of experience implementing and administering Cisco solutions

Knowledge of basic IP addressing

A good understanding of network fundamentals

How to Use This Book

If you want a solid foundation for the serious effort of preparing for the new CCNA exam, then look no further. I’ve spent hundreds of hours putting together this book with the sole intention of helping you pass the Cisco exams, as well as really learning how to correctly configure Cisco routers and switches!

This book is loaded with valuable information, and you will get the most out of your study time if you understand the way in which the book is organized.

To maximize your benefit from this book, I recommend the following study method:

Take the assessment test that’s provided at the end of this introduction. (The answers are at the end of the test.) It’s okay if you don’t know any of the answers; that’s why you bought this book! Carefully read over the explanations for any questions you get wrong and note the chapters where the relevant material relevant is covered. This information should help you plan your study strategy.

Study each chapter carefully, making sure you fully understand the information and the test objectives listed at the beginning of each one. Pay extra-close attention to any chapter that includes material covered in questions you missed.

Answer all of the review questions related to each chapter. (The answers appear in Appendix A.) Note the questions that confuse you and study the topics they cover again until the concepts are crystal clear. And again—do not just skim these questions! Make sure you fully comprehend the reason for each correct answer. Remember, these will not be the exact questions you will find on the exam, but they’re written to help you understand the chapter material and ultimately pass the exam!

Try your hand at the practice questions that are exclusive to this book. The questions can be found only at http://www.wiley.com/go/sybextestprep. Don’t forget to check out www.lammle.com/ccna for the most up-to-date Cisco exam prep questions, videos, hands-on labs, and Todd Lammle boot camps.

Test yourself using the flashcards, which are also found on the download link listed in step 4. These are brand-new and updated flashcards to help you prepare for the CCNA exam and a wonderful study tool!

To learn every bit of the material covered in this book, you’ll have to apply yourself regularly and with discipline. Try to set aside the same time period every day to study, and select a comfortable and quiet place to do so. I’m confident that if you work hard, you’ll be surprised at how quickly you will learn this material!

You can download bonus material and hands-on labs from www.Lammle.com/ccna, and by doing hands-on labs every single day in addition to using the review questions, the practice exams, the optional Todd Lammle video sections on Lammle.com, the electronic flashcards, and the written labs included with this book—it would actually be hard to fail the Cisco exams.

But understand that studying for the Cisco exams is a lot like getting in shape—if you do not go to the gym every day, it’s not going to happen!

Where Do You Take the Exam?

You can take the CCNA Composite or any Cisco exam at any of the Pearson VUE authorized testing centers. For information, check www.vue.com or call 877-404-EXAM (3926).

To register for a Cisco exam, follow these steps:

Determine the number of the exam you want to take. (The CCNA exam number is 200-301.)

Register with the nearest Pearson VUE testing center. At this point, you will be asked to pay for the exam in advance. You can schedule exams up to six weeks in advance or as late as the day you want to take it—but if you fail a Cisco exam, you must wait five days before you will be allowed to retake it. If you need to cancel or reschedule your exam appointment, contact Pearson VUE at least 24 hours in advance.

When you schedule the exam, you’ll get instructions regarding all appointment and cancellation procedures, the ID requirements, and information about the testing-center location.

Tips for Taking Your Cisco Exams

The Cisco exams contain approximately 50 questions and must be completed in about 90 minutes. It’s difficult to provide exact details, as they frequently change. Typically, you need a score of around 85 percent to pass, but this can vary depending on the exam.

Many questions on the exam have answer choices that at first glance look identical—especially the syntax questions! So, remember to read through the choices carefully because close just doesn’t cut it. If you get commands in the wrong order or forget one measly character, you’ll get the question wrong.

Also, never forget that the right answer is the Cisco answer. In many cases, more than one appropriate answer is presented, but the correct answer is the one that Cisco recommends. On the exam, you will always be told to pick one, two, or three options, never choose all that apply. The Cisco exam may include the following test formats:

Multiple-choice single answer

Multiple-choice multiple answer

Drag-and-drop

Router simulations

Cisco proctored exams will not show the steps to follow in completing a router interface configuration, but they do allow partial command responses. For example, show run, sho running, or sh running-config would all be acceptable.

Here are some general tips for exam success:

Arrive early at the exam center so you can relax and review your study materials.

Read the questions carefully. Don’t jump to conclusions. Make sure you’re clear about exactly what each question asks. I always tell my students, Read twice, answer once.

When answering multiple-choice questions that you’re not sure about, use the process of elimination to get rid of the obviously incorrect answers first. Doing this greatly improves your odds if you need to make an educated guess.

You can no longer move forward and backward through the Cisco exams, so double-check your answer before clicking Next, as you can’t change your mind.

After you complete an exam, you’ll get immediate online notification of your pass or fail status, along with a printed examination score report detailing your results by section. (The test administrator will provide the printed score report.)

Test scores are automatically forwarded to Cisco within 5 working days after you take the test, so you don’t need to send your score to them. If you pass the exam, you’ll receive confirmation from Cisco, typically within 2–4 weeks, though sometimes a bit longer.

CCNA Certification Exam 200-301 Objectives

This table shows where each exam is covered in this book series.

How to Contact the Publisher

If you believe you have found a mistake in this book, please bring it to our attention. At John Wiley & Sons, we understand how important it is to provide our customers with accurate content, but even with our best efforts an error may occur.

In order to submit your possible errata, please email it to our Customer Service Team at [email protected] with the subject line Possible Book Errata Submission.

Assessment Test

What is a network appliance that checks the state of a packet to determine whether the packet is legitimate?

Layer 2 switch

Load balancer

Firewall

LAN controller

Which type of organization should use a collapsed core architecture?

A large organization that requires a flexible and scalable network design

A large organization that must minimize downtime when hardware fails

A small company that needs to reduce networking costs

A small company that is expected to grow dramatically in the near future

Which WAN topology provides a combination of simplicity, quality, and availability?

Partial mesh

Full mesh

Point-to-point

Hub-and-spoke

What is the name of the layer in the Cisco borderless switched network design that is considered to be the backbone used for high-speed connectivity and fault isolation?

Data link

Access

Core

Network

Network access

What are two similarities between UTP Cat 5e and Cat 6a cabling? (Choose two.)

They both operate at a frequency of 500 MHz.

They both support runs of up to 55 meters.

They both support runs of up to 100 meters.

They both support speeds of at least 1 Gbps.

They both support speeds of up to 10 Gigabits.

Which three actions are taken in the operation of CSMA/CD when a collision occurs?

A jam signal informs all devices that a collision occurred.

The collision invokes a random backoff algorithm on the system involved in the collision.

Each device on the Ethernet segment stops transmitting for a short time until its backoff timer expires.

All hosts have equal priority to transmit after the timers have expired.

Which protocol does an IPv4 host use to obtain a dynamically assigned IP address?

ARP

DHCP

CDP

DNS

What is the authoritative source for an address lookup?

A recursive DNS search

The operating system cache

The ISP local cache

The browser cache

How is RFC 1918 addressing used in a network?

It is used to access the Internet from the internal network without conversion.

It is used in place of public addresses for Increased security.

It is used with NAT to preserve public IPv4 addresses.

It is used by Internet Service Providers to route over the Internet.

What is the capability of FTP in network management operations?

It encrypts data before sending it between resources.

Devices are directly connected and use UDP to pass file information.

It uses separate control and data connections to move files between servers and clients.

It offers proprietary support at the Session layer when transferring data.

Which of the following is the valid host range for the subnet on which the IP address 192.168.168.188 255.255.255.192 resides?

192.168.168.129–190

192.168.168.129–191

192.168.168.128–190

192.168.168.128–192

Which class of IP address provides 15 bits for subnetting?

A

B

C

D

Which of the following statements describe the IP address 10.16.3.65/23? (Choose two.)

The subnet address is 10.16.3.0 255.255.254.0.

The lowest host address in the subnet is 10.16.2.1 255.255.254.0.

The last valid host address in the subnet is 10.16.2.254 255.255.254.0.

The broadcast address of the subnet is 10.16.3.255 255.255.254.0.

The network is not subnetted.

Traffic that is flowing over interface TenGigabitEthernet0/0 experiences slow transfer speeds. What is the reason for the issue?

Heavy traffic congestion

A duplex incompatibility

A speed conflict

Queuing drops

What is the best way to verify that a host has a path to other hosts in different networks?

Ping the loopback address.

Ping the remote network.

Ping the local interface address.

Ping the default gateway.

While you were troubleshooting a connection issue, a ping from one VLAN to another VLAN on the same switch failed. Which command verifies that IP routing is enabled on interfaces and that the local VLANs are up?

show ip route

show ip interface brief

show ip statistics

show ip nat statistics

You save the configuration on a router with the copy running-config startup-config command and reboot the router. The router, however, comes up with a blank configuration. What could be the problem?

You didn’t boot the router with the correct command.

NVRAM is corrupted.

The configuration register setting is incorrect.

The newly upgraded IOS is not compatible with the hardware of the router.

The configuration you saved is not compatible with the hardware.

Which command will install a right-to-use license so you can use an evaluation version of a feature?

install right-to-use license featurefeature

install temporary featurefeature

license install feature

license boot module

What is the AD of IS-IS and BGP Internal routes?

120 and 200

10 and 20

15 and 20

115 and 200

What of the following are drawbacks of implementing a link-state routing protocol? (Choose two.)

The large size of the topology table listing all advertised routes in the converged network

The requirement for a hierarchical IP addressing scheme for optimal functionality

The high demand on router resources to run the link-state routing algorithm

The sequencing and acknowledgment of link-state packets

The high volume of link-state advertisements in a converged network

You have two OSPF directly configured routers that are not forming an adjacency. What of the following should you check? (Choose three.)

Process ID

Hello and Dead timers

Link cost

Area

IP address/subnet mask

When do two adjacent routers enter the 2-way state?

After both routers have received Hello information

After they have exchanged topology databases

When they connect only to a DR or BDR

When they need to exchange RID information

Which of the following commands will place network 10.2.3.0/24 into area 0? (Choose two.)

router eigrp 10

router ospf 10

router rip

network 10.0.0.0

network 10.2.3.0 255.255.255.0 area 0

network 10.2.3.0 0.0.0.255 area0

network 10.2.3.0 0.0.0.255 area 0

How does STP prevent forwarding loops at OSI layer 2?

TTL

MAC address forwarding

Collision avoidance

Port blocking

An engineer must configure inter-switch VLAN communication between a Cisco switch and a third-party switch. Which action should be taken?

Configure IEEE 802.1p

Configure IEEE 802.1q

Configure ISL

Configure DSCP

Which encryption mode is used when a packet is sent from a site-to-site VPN connection where the source and destination IP address portion of a packet are unencrypted?

PPTP

Secure Shell

Transport

PPPoE

Which of the following are characteristics of a public cloud implementation? (Choose two.)

It is owned and maintained by one party, but it is shared among multiple organizations.

It enables an organization to fully customize how it deploys network resources.

It provides services that are accessed over the Internet.

It is a data center on the public Internet that maintains cloud services for only one company.

It supports network resources from a centralized third-party provider and privately owned virtual resources.

Which AI subset is primarily concerned with enabling machines to interpret and understand visual data, such as images and videos?

DNA Authoritative zones

DNS Authoritative zones

Computer vision

Network Resolution Protocol

What is the primary benefit of using AIOps in network management?

It enhances automation and enables proactive monitoring and issue resolution.

Computer vision.

Network Resolution Protocol.

AIOps Helps determine network issues faster.

Answers to Assessment Test

C. Next-generation firewalls (NGFWs) perform deep packet inspection (DPI). See Chapter 1 for more information.

C. The collapsed core architecture, a simplified version of the three-tire model, is ideal for small- to medium-sized companies. Smaller institutions gain the advantage of using a collapsed core network while retaining the same benefits of a three-tier model. Small organizations, which often need help to afford the hardware and human resources to run a network, can benefit greatly from the collapsed core model, as it requires less oversight and reduces cost; in a traditional three-tier campus network, the core layer is typically a complex and expensive piece of hardware. The collapse core architecture eliminates this layer, reducing both cost and complexity. See Chapter 1 for more information.

C. Simplicity: Point-to-point communication links require minimal expertise to install and maintain. Quality: Point-to-point communication links usually offer high quality service, if they have adequate bandwidth. The dedicated capacity removes latency or jitter between the endpoints. Availability: Constant availability is essential for some applications, such as e-commerce. Point-to-point communication links provide permanent, dedicated capacity, which is required for VoIP or Video over IP. See Chapter 1 for more information.

C. The core layer in the Cisco borderless switched network design is the key to this implementation. See Chapter 1 for more information.

C, D. The following are the differences:

Cat 5:

Frequency: Up to 100 MHz

Bandwidth: 100 Mbps (Fast Ethernet)

Max Distance: 100 meters (328 feet)

Cat 5e:

Frequency: Up to 100 MHz

Bandwidth: 1 Gbps (Gigabit Ethernet)

Max Distance: 100 meters (328 feet)

Cat 6:

Frequency: Up to 250 MHz

Bandwidth: 10 Gbps (10 Gigabit Ethernet)

Max Distance: 55 meters (180 feet) for 10 Gbps; 100 meters (328 feet) for 1 Gbps

Cat 6a:

Frequency: Up to 500 MHz

Bandwidth: 10 Gbps (10 Gigabit Ethernet)

Max Distance: 100 meters (328 feet)

Cat 7:

Frequency: Up to 600 MHz

Bandwidth: 10 Gbps (10 Gigabit Ethernet)

Max Distance: 100 meters (328 feet)

Cat 8:

Frequency: Up to 2 GHz

Bandwidth: 25/40 Gbps (25/40 Gigabit Ethernet)

Max Distance: 30 meters (98 feet)

See Chapter 2 for more information.

A, C, D. The collision will invoke a backoff algorithm on all systems, not just those involved. See Chapter 2 for more information.

B. Dynamic Host Configuration Protocol (DHCP) provides IP configuration to hosts. See Chapter 3 for more information.

A. Technically, a recursive DNS search is the authoritative source for an address lookup for the exam. However, it is not the authoritative source but rather a middleman communicating with authoritative DNS servers to find an IP address. See Chapter 3 for more information.

C. The allocation of RFC 1918 permits full Network layer connectivity among all hosts inside an enterprise and among all public hosts. There is little cost of using private Internet address space. See Chapter 3 for more information.

C. The control connection uses very simple rules for communication. Through a control connection, we can transfer a line of a command or a line of a response at a time. The control connection is made between the control processes. The control connection remains connected during the entire interactive FTP session.

The data connection uses very complex rules, as data types can vary. The data connection is made between data transfer processes. The data connection opens when a command is issued to transfer files and closes when the files are transferred. See chapter 3 for more information.

A. 256 – 192 = 64, so 64 is our block size. Just count in increments of 64 to find our subnet: 64 + 64 = 128. 128 + 64 = 192. The subnet is 128, the broadcast address is 191, and the valid host range is the numbers in between, or 129–190. See Chapter 4 for more information.

A. Class A addressing provides 22 bits for host subnetting. Class B provides 16 bits, but only 14 are available for subnetting. Class C provides only 6 bits for subnetting. See Chapter 4 for more information.

B, D. The mask 255.255.254.0 (/23) used with a Class A address means that there are 15 subnet bits and 9 host bits. The block size in the third octet is 2 (256–254), so this makes the subnets in the interesting octet 0, 2, 4, 6, etc., all the way to 254. The host 10.16.3.65 is in the 2.0 subnet. The next subnet is 4.0, so the broadcast address for the 2.0 subnet is 3.255. The valid host addresses are 2.1 through 3.254. See Chapter 4 for more information.

B. For the CCNA objectives, whenever you see congestion or slow speeds on an Ethernet interface, it typically is a duplex issue. See Chapter 5 for more information.

B. If you can ping a remote network, that is the best test for routing. See Chapter 5 for more information.

B. The best answer is show ip interface brief, which shows the interfaces, VLANs (if used), and IP addresses and their layer 1 and 2 status. See Chapter 5 for more information.

C. If you save a configuration and reload the router and it comes up either in setup mode or as a blank configuration, chances are the configuration register setting is incorrect. See Chapter 8 for more information.

D. The license boot module command installs a right-to-use license feature on a router. See Chapter 8 for more information.

D. IS-IS has a single administrative distance (trustworthiness), and BGP uses 20 for external routes and 200 for internal routes. See Chapter 9 for more information.

B, C. Link state uses more routing processing and memory but less bandwidth than distance vector. Also, link state must have a good network design to function and converge. See Chapter 9 for more information.

B, D, E. In order for two OSPF routers to create an adjacency, the Hello and Dead timers must match, be configured into the same area, and be in the same subnet. See Chapter 10 for more information.

A. The process starts by sending out Hello packets. Every listening router will then add the originating router to the neighbor database. The responding routers will reply with all of their Hello information so that the originating router can add them to its own neighbor table. At this point, the routers will have reached the 2-way state. Note that only certain routers will advance to this. See Chapter 10 for more information.

B, G. To enable OSPF, you must first start OSPF using a process ID. The number is irrelevant; choose a number from 1 to 65,535, and you’re good to go. After starting the OSPF process, you must configure interfaces on which to activate OSPF using the network command with wildcards and an area specification. Option F is wrong because there must be a space after the parameter area and before you list the area number. See Chapter 10 for more information.

D. Port blocking prevents traffic from getting stuck going in circles between other ports on a layer 2 switched network. See Chapter 12 for more information.

B. VLAN trunking offers two options: ISL and 802.1Q. ISL is Cisco-proprietary and rarely used today, while 802.1Q is standards-based and supported by multiple vendors. See Chapter 13 for more information.

C. In the context of VPNs (virtual private networks), when the source and destination IP address portion of a packet is unencrypted while the actual payload of the packet is encrypted, it is using transport mode encryption. Transport mode encrypts only the data portion (payload) of the IP packet, leaving the header (which includes the source and destination IP addresses) unencrypted. This is often used in site-to-site VPNs where the devices at the ends of the VPN tunnel are responsible for the IP header information. See Chapter 14 for more information.

A, C. A public cloud is a type of computing where resources are offered by a third-party provider via the internet and shared by organizations and individuals who want to use or purchase them. It is owned and maintained by one party, but it is shared among multiple organizations. Option E is incorrect because it describes a hybrid cloud model, not a public cloud model. A hybrid cloud is a type of cloud computing that combines on-premises, private cloud, and third-party public cloud services with orchestration between the platforms. This allows data and applications to be shared between them. Therefore, although a hybrid cloud includes aspects of a public cloud, it also includes private, on-premises infrastructure, which is not a characteristic of a public cloud. See Chapter 14 for more information.

C. Computer vision is a specialized subset of AI that focuses on enabling machines to see and interpret visual information from the world around them. It involves analyzing and understanding images, videos, and other visual inputs to perform tasks such as object detection, facial recognition, and image classification. This capability is crucial in applications like autonomous vehicles, security systems, and image-based diagnostics in healthcare. See Chapter 15 for more information.

A. AIOps, or artificial intelligence for IT operations, is a key application of AI in network management that enhances automation and allows for proactive monitoring and resolution of network issues. AIOps can analyze large amounts of data in real time, identify potential problems before they escalate, and automatically take corrective actions, thereby improving network reliability and reducing downtime. Unlike traditional reactive approaches, AIOps is designed to be proactive, helping to prevent issues rather than just responding to them. See Chapter 15 for more information.

Chapter 1

Network Fundamentals

THE FOLLOWING CCNA EXAM TOPICS ARE COVERED IN THIS CHAPTER:

1.0 Network Fundamentals

1.1 Explain the role and function of network components

1.1.a Routers

1.1.b L2 and L3 switches

1.1.c Next-generation firewalls and IPS

1.2 Describe characteristics of network topology architectures

1.2.a Two-tier

1.2.b Three-tier

1.2.c Spine-leaf

1.2.d WAN

1.2.e Small office/home office (SOHO)

This chapter is really an internetworking review, focusing on how to connect networks together using Cisco routers and switches. As a heads-up, I’ve written it with the assumption that you have a bit of basic networking knowledge.

That said, there isn’t a whole lot of new material here, but even if you’re a seasoned network professional, you should still read through all the chapters to make sure you get how the objectives are currently covered.

To make sure we’re all on the same page, let’s define exactly what an internetwork is: you create an internetwork when you connect two or more networks via a router and configure a logical network addressing scheme with protocols like IP or IPv6.

The chapter starts by defining local area and small office/home office networks, and then covers network components like routers and switches. Next, I’ll touch on next-generation firewalls and finish the chapter by talking about topology architectures and wide area networks.

To find bonus material, as well as Todd Lammle videos, practice questions, and hands-on labs, please see www.lammle.com/ccna.

Network Components

So, why is it so important to learn Cisco internetworking, anyway?

Networks and networking have grown exponentially over the past 20 years, and understandably so. They’ve had to evolve at light speed to keep up with huge increases in basic mission-critical user needs, from simply sharing data and printers to bigger burdens like multimedia remote presentations, conferencing, and the like. Unless everyone who needs to share network resources is located in the same office space, the challenge is to connect relevant networks so that all users can share the wealth of whatever services and resources they need, on-site or remotely.

LANs and SOHOs

Figure 1.1 shows a basic local area network (LAN) connected via a hub, which is basically an antiquated device that connects wires together and is typically used in small office/home office (SOHO) networks.

FIGURE 1.1 A very basic SOHO network

Keep in mind that a simple SOHO network like this one would be considered one collision domain and one broadcast domain.

Things really can’t get much simpler than this. And yes, though you can still find this configuration in some SOHO networks, even many of those, as well as the smallest business networks are more complicated today.

Routers and Switches

Figure 1.2 shows a network that’s been segmented with a switch, making each network segment that connects to the switch its own separate collision domain. Doing this results in a lot less chaos!

FIGURE 1.2 A switch can break up collision domains.

This is a great start, but I really want you to note that this network is still just one single broadcast domain. This means that we’ve really only reduced our PC’s chaos, not eliminated it.

For example, if there’s some sort of vital announcement that everyone in our network neighborhood needs to hear about, it will definitely still get loud! You can see that the hub used in Figure 1.2 just extended the one collision domain from the switch port. The result is that John received the data from Bob, but, happily, Sally did not, which is good because Bob intended to talk with John directly. If he had needed to send a broadcast instead, everyone, including Sally, would have received it, causing unnecessary congestion.

Here’s a list of some of the things that commonly cause LAN traffic congestion:

Too many hosts in a collision or broadcast domain

Broadcast storms

Too much multicast traffic

Low bandwidth

Adding hubs for connectivity to the network

A bunch of ARP broadcasts

Take another look at Figure 1.2, and make sure you see that I extended the main hub from Figure 1.1 to a switch in Figure 1.2. I did that because hubs don’t segment a network; they just connect network segments. Basically, it’s an inexpensive way to connect a couple of PCs, which can work for really simple home use and troubleshooting, but that’s about it!

As our community grows, we’ll need to add more streets along with traffic control and even some basic security. We’ll get this done by adding routers because these convenient devices are used to connect networks and route packets of data from one network to another. Cisco became the de facto standard for routers because of its unparalleled selection of high-quality router products and fantastic service. Never forget that, by default, routers are basically employed to efficiently break up a broadcast domain—the set of all devices on a network segment that are allowed to hear all