Networking packages Books

Book SynopsisOmar Santos is a cybersecurity thought leader with a passion for driving industry-wide initiatives to enhance the security of critical infrastructures. Omar is the lead of the DEF CON Red Team Village, the chair of the Common Security Advisory Framework (CSAF) technical committee, the founder of OpenEoX, and board member of the OASIS Open standards organization. Omar's collaborative efforts extend to numerous organizations, including the Forum of Incident Response and Security Teams (FIRST) and the Industry Consortium for Advancement of Security on the Internet (ICASI).   Omar is a renowned expert in ethical hacking, vulnerability research, incident response, and AI security. He employs his deep understanding of these disciplines to help organizations stay ahead of emerging threats. His dedication to cybersecurity has made a significant impact on businesses, academic institutions, law enforcement agencies, and other entities striving to bolster thTable of ContentsPreface.. . . . . . . . . . . . . . . . . xvii 1 Historical Overview of Artificial Intelligence (AI) and Machine Learning (ML).. . . . . . . . . . . . 1 The Story of Eva. . . . . . . . . . . . . 2 The Origins.. . . . . . . . . . . . . . 3 Advancements of Artificial Intelligence.. . . . . . . . . 5 Understanding AI and ML. . . . . . . . . . . 8 Concluding the Story of Eva.. . . . . . . . . . . 25 Summary. . . . . . . . . . . . . . 26 Test Your Skills. . . . . . . . . . . . . 27 Exercise 1-1: Exploring the Historical Development and Ethical Concerns of AI.. . . . . . . . . . . . 29 Exercise 1-2: Understanding AI and ML. . . . . . . . . 29 Exercise 1-3: Comparison of ML Algorithms.. . . . . . . . 30 Exercise 1-4: Assessing Applications of ML Algorithms. . . . . . 31 2 Fundamentals of AI and ML Technologies and Implementations.. . 33 What Are the Leading AI and ML Technologies and Algorithms?. . . . 34 ChatGPT and the Leading AI and ML Technologies: Exploring Capabilities and Applications.. . . . . . . . . . 43 Understanding the Two Categories of AI: Capability-Based Types and Functionality-Based Types. . . . . . . . 52 Leveraging AI and ML to Tackle Real-World Challenges: A Case Study. . . 53 Reflecting on the Societal and Ethical Implications of AI Technologies.. . 54 Assessing Future Trends and Emerging Developments in AI and ML Technologies.. . . . . . . . . . . . . 56 Summary. . . . . . . . . . . . . . 57 Test Your Skills. . . . . . . . . . . . . 59 Exercise 2-1: Algorithm Selection Exercise: Matching Scenarios with Appropriate Machine Learning Techniques.. . . . . . . . 61 Exercise 2-2: Exploring AI and ML Technologies.. . . . . . . 63 Exercise 2-3: Capabilities and Benefits of AI-Optimized Hardware.. . . 63 Exercise 2-4: Understanding the Two Categories of AI.. . . . . . 64 Exercise 2-5: Future Trends and Emerging Developments in AI and ML Technologies. . . . . . . . . . . . . . 64 3 Generative AI and Large Language Models.. . . . . . . 65 Introduction to Generative AI and LLMs. . . . . . . . 66 Large Language Models (LLMs): Revolutionizing Natural Language Processing (NLP). . . . . . . . . . . 88 Hugging Face.. . . . . . . . . . . . . 95 Auto-GPT: A Revolutionary Step in Autonomous AI Applications. . . . 97 Summary. . . . . . . . . . . . . . 98 Test Your Skills. . . . . . . . . . . . . 99 Exercise 3-1: Hugging Face.. . . . . . . . . . . 102 Exercise 3-2: Transformers in AI. . . . . . . . . . 102 Additional Resources. . . . . . . . . . . . 104 4 The Cornerstones of AI and ML Security.. . . . . . . . 105 Recognizing the Need for AI Security.. . . . . . . . . 105 Adversarial Attacks.. . . . . . . . . . . . 107 Data Poisoning Attacks. . . . . . . . . . . 109 OWASP Top Ten for LLMs. . . . . . . . . . . 112 Countermeasures Against Model Stealing Attacks. . . . . . 124 Membership Inference Attacks.. . . . . . . . . . 124 Evasion Attacks.. . . . . . . . . . . . . 130 Model Inversion Attacks.. . . . . . . . . . . 135 Backdoor Attacks. . . . . . . . . . . . . 137 Exploring Defensive Measures.. . . . . . . . . . 137 Summary. . . . . . . . . . . . . . 138 Test Your Skills. . . . . . . . . . . . . 140 Additional Resources. . . . . . . . . . . . 142 5 Hacking AI Systems.. . . . . . . . . . . . 143 Hacking FakeMedAI. . . . . . . . . . . . 143 MITRE ATLAS.. . . . . . . . . . . . . 146 A Deep Dive into the AI and ML Attack Tactics and Techniques.. . . . 147 Exploiting Prompt Injection.. . . . . . . . . . 161 Red-Teaming AI Models. . . . . . . . . . . 162 Summary. . . . . . . . . . . . . . 162 Test Your Skills. . . . . . . . . . . . . 163 Exercise 5-1: Understanding the MITRE ATT&CK Framework.. . . . 166 Exercise 5-2: Exploring the MITRE ATLAS Framework.. . . . . . 166 6 System and Infrastructure Security. . . . . . . . . 167 The Vulnerabilities and Risks Associated with AI Systems and Their Potential Impact. . . . . . . . . . . . 167 AI BOMs. . . . . . . . . . . . . . 176 Data Security Vulnerabilities.. . . . . . . . . . 177 Cloud Security Vulnerabilities.. . . . . . . . . . 179 Secure Design Principles for AI Systems.. . . . . . . . 182 AI Model Security.. . . . . . . . . . . . 183 Infrastructure Security for AI Systems. . . . . . . . . 184 Threat Detection and Incident Response for AI Systems.. . . . . 190 Additional Security Technologies and Considerations for AI Systems. . . 193 Summary. . . . . . . . . . . . . . 195 Test Your Skills. . . . . . . . . . . . . 196 Additional Resources. . . . . . . . . . . . 197 7 Privacy and Ethics: Navigating Privacy and Ethics in an AI-Infused World.. . . . . . . . . . . . . 199 Why Do We Need to Balance the Benefits of AI with the Ethical Risks and Privacy Concerns?.. . . . . . . . . . 200 What Are the Challenges Posed by AI in Terms of Privacy Protection, and What Is the Importance of Privacy and Ethics in AI Development and Deployment?. . . . . . . . . 201 The Dark Side of AI and ChatGPT: Privacy Concerns and Ethical Implications. . . . . . . . . . . . 203 Data Collection and Data Storage in AI Algorithms: Potential Risks and Ethical Privacy Concerns. . . . . . . . 206 The Moral Tapestry of AI and ChatGPT.. . . . . . . . 212 Preserving Privacy, Unleashing Knowledge: Differential Privacy and Federated Learning in the Age of Data Security.. . . . . . 223 Harmony in the Machine: Nurturing Fairness, Diversity, and Human Control in AI Systems.. . . . . . . . . . 224 Real-World Case Study Examples and Fictional Stories of Privacy Breaches in AI and ChatGPT.. . . . . . . . . 226 Summary. . . . . . . . . . . . . . 232 Test Your Skills. . . . . . . . . . . . . 234 Exercise 7-1: Privacy Concerns and Ethical Implications of AI. . . . 237 Exercise 7-2: Ethical Privacy Concerns in Data Collection and Storage by AI Algorithms.. . . . . . . . . . . . . 238 Exercise 7-3: Balancing Autonomy and Privacy in the Age of AI. . . . 238 Exercise 7-4: Safeguarding Privacy and Ethical Frontiers.. . . . . 239 8 Legal and Regulatory Compliance for AI Systems.. . . . . 241 Legal and Regulatory Landscape.. . . . . . . . . 242 Compliance with AI Legal and Regulatory Data Protection Laws. . . 245 Intellectual Property Issues in Conversational AI.. . . . . . 247 Unraveling Liability and Accountability in the Age of AI. . . . . 249 Ethical Development and Deployment of AI Systems: Strategies for Effective Governance and Risk Management.. . . . . . 252 International Collaboration and Standards in AI. . . . . . . 255 Future Trends and Outlook in AI Compliance.. . . . . . . 257 Unleashing the Quantum Storm: Fictional Story on AI Cybersecurity, Quantum Computing, and Novel Cyberattacks in Oxford, 2050. . . . 260 Summary. . . . . . . . . . . . . . 261 Test Your Skills. . . . . . . . . . . . . 263 Exercise 8-1: Compliance with Legal and Regulatory Data Protection Laws.. . . . . . . . . . . . 266 Exercise 8-2: Understanding Liability and Accountability in AI Systems. . . . . . . . . . . . . . 266 Exercise 8-3: International Collaboration and Standards in AI.. . . . 267 Test Your Skills Answers and Solutions. . . . . . . . . 269 9780138268459, TOC, 1/4/2024

Read more less

Book SynopsisImplement maximum control, security, and compliance processes in Azure cloud environments In Microsoft Azure Security Infrastructure, three leading experts show how to plan, deploy, and operate Microsoft Azure with outstanding levels of control, security, and compliance. You’ll learn how to prepare infrastructure with Microsoft’s integrated tools, prebuilt templates, and managed services–and use these to help safely build and manage any enterprise, mobile, web, or Internet of Things (IoT) system. The authors guide you through enforcing, managing, and verifying robust security at physical, network, host, application, and data layers. You’ll learn best practices for security-aware deployment, operational management, threat mitigation, and continuous improvement–so you can help protect all your data, make services resilient to attack, and stay in control no matter how your cloud systems evolve. Three Microsoft Azure experts show you how to: • Understand cloud security boundaries and responsibilities • Plan for compliance, risk management, identity/access management, operational security, and endpoint and data protection • Explore Azure’s defense-in-depth security architecture • Use Azure network security patterns and best practices • Help safeguard data via encryption, storage redundancy, rights management, database security, and storage security • Help protect virtual machines with Microsoft Antimalware for Azure Cloud Services and Virtual Machines • Use the Microsoft Azure Key Vault service to help secure cryptographic keys and other confidential information • Monitor and help protect Azure and on-premises resources with Azure Security Center and Operations Management Suite • Effectively model threats and plan protection for IoT systems • Use Azure security tools for operations, incident response, and forensic investigationTable of ContentsChapter 1 Cloud security Cloud security considerations Compliance Risk management Identity and access management Operational security Endpoint protection Data protection Shared responsibility Cloud computing Distributed responsibility in public cloud computing Assume breach and isolation Azure security architecture Azure design principles Chapter 2 Identity protection in Azure Authentication and authorization Azure hierarchy Role-Based Access Control On-premises integration Azure AD Connect Federation Suspicious activity identification Identity protection User risk policy Sign-in risk policy Notification enabling Vulnerabilities Multi-Factor Authentication Azure Multi-Factor Authentication implementation Azure Multi-Factor Authentication option configuration Chapter 3 Azure network security Anatomy of Azure networking Virtual network infrastructure Network access control Routing tables Remote access (Azure gateway/point-to-site VPN/ RDP/Remote PowerShell/SSH) Cross-premises connectivity Network availability Network logging Public name resolution Network security appliances Reverse proxy Azure Network Security best practices Subnet your networks based on security zones Use Network Security Groups carefully Use site-to-site VPN to connect Azure Virtual Networks Configure host-based firewalls on IaaS virtual machines Configure User Defined Routes to control traffic Require forced tunneling Deploy virtual network security appliances Create perimeter networks for Internet-facing devices Use ExpressRoute Optimize uptime and performance Disable management protocols to virtual machines Enable Azure Security Center Extend your datacenter into Azure Chapter 4 Data and storage security Virtual machine encryption Azure Disk Encryption Storage encryption File share wire encryption Hybrid data encryption Authentication Wire security Data at rest Rights management Database security Azure SQL Firewall SQL Always Encrypted Row-level security Transparent data encryption Cell-level encryption Dynamic data masking Chapter 5 Virtual machine protection with Antimalware Understanding the Antimalware solution Antimalware deployment Antimalware deployment to an existing VM Antimalware deployment to a new VM n

Read more less

Book SynopsisMatt Bishop is a professor in the Department of Computer Science at the University of California at Davis. His main research interest is the analysis of vulnerabilities in computer systems, including modeling them, building tools to detect vulnerabilities, and ameliorating or eliminating them. He works in the areas of network security, including the study of denial of service attacks and defenses, policy modeling, software assurance testing, resilience, and formal modeling of access control. He was co-chair of the Joint Task Force that developed the Cybersecurity Curricula 2017: Curriculum Guidelines for Post-Secondary Degree Programs in Cybersecurity, released in December 2017. He earned his Ph.D. in computer science from Purdue University in 1984.Table of ContentsPreface xxix Acknowledgments xlv About the Author xlix Part I: Introduction 1 Chapter 1: An Overview of Computer Security 3 1.1 The Basic Components 3 1.2 Threats 6 1.3 Policy and Mechanism 9 1.4 Assumptions and Trust 11 1.5 Assurance 12 1.6 Operational Issues 16 1.7 Human Issues 20 1.8 Tying It All Together 22 1.9 Summary 24 1.10 Research Issues 24 1.11 Further Reading 25 1.12 Exercises 25 Part II: Foundations 29 Chapter 2: Access Control Matrix 31 2.1 Protection State 31 2.2 Access Control Matrix Model 32 2.3 Protection State Transitions 37 2.4 Copying, Owning, and the Attenuation of Privilege 42 2.5 Summary 44 2.6 Research Issues 44 2.7 Further Reading 44 2.8 Exercises 45 Chapter 3: Foundational Results 49 3.1 The General Question 49 3.2 Basic Results 51 3.3 The Take-Grant Protection Model 56 3.4 Closing the Gap: The Schematic Protection Model 68 3.5 Expressive Power and the Models 81 3.6 Comparing Security Properties of Models 94 3.7 Summary 101 3.8 Research Issues 102 3.9 Further Reading 102 3.10 Exercises 103 Part III: Policy 107 Chapter 4: Security Policies 109 4.1 The Nature of Security Policies 109 4.2 Types of Security Policies 113 4.3 The Role of Trust 115 4.4 Types of Access Control 117 4.5 Policy Languages 118 4.6 Example: Academic Computer Security Policy 126 4.7 Security and Precision 131 4.8 Summary 136 4.9 Research Issues 136 4.10 Further Reading 137 4.11 Exercises 138 Chapter 5: Confidentiality Policies 141 5.1 Goals of Confidentiality Policies 141 5.2 The Bell-LaPadula Model 142 5.3 Tranquility 161 5.4 The Controversy over the Bell-LaPadula Model 164 5.5 Summary 169 5.6 Research Issues 169 5.7 Further Reading 170 5.8 Exercises 171 Chapter 6: Integrity Policies 173 6.1 Goals 173 6.2 The Biba Model 175 6.3 Lipner’s Integrity Matrix Model 178 6.4 Clark-Wilson Integrity Model 183 6.5 Trust Models 189 6.6 Summary 196 6.7 Research Issues 196 6.8 Further Reading 197 6.9 Exercises 198 Chapter 7: Availability Policies 201 7.1 Goals of Availability Policies 201 7.2 Deadlock 202 7.3 Denial of Service Models 203 7.4 Example: Availability and Network Flooding 215 7.5 Summary 222 7.6 Research Issues 222 7.7 Further Reading 223 7.8 Exercises 224 Chapter 8: Hybrid Policies 227 8.1 Chinese Wall Model 227 8.2 Clinical Information Systems Security Policy 236 8.3 Originator Controlled Access Control 239 8.4 Role-Based Access Control 244 8.5 Break-the-Glass Policies 249 8.6 Summary 250 8.7 Research Issues 250 8.8 Further Reading 251 8.9 Exercises 252 Chapter 9: Noninterference and Policy Composition 255 9.1 The Problem 255 9.2 Deterministic Noninterference 259 9.3 Nondeducibility 271 9.4 Generalized Noninterference 274 9.5 Restrictiveness 277 9.6 Side Channels and Deducibility 280 9.7 Summary 282 9.8 Research Issues 283 9.9 Further Reading 283 9.10 Exercises 285 Part IV: Implementation I: Cryptography 287 Chapter 10: Basic Cryptography 289 10.1 Cryptography 289 10.2 Symmetric Cryptosystems 291 10.3 Public Key Cryptography 306 10.4 Cryptographic Checksums 315 10.5 Digital Signatures 318 10.6 Summary 323 10.7 Research Issues 324 10.8 Further Reading 325 10.9 Exercises 326 Chapter 11: Key Management 331 11.1 Session and Interchange Keys 332 11.2 Key Exchange 332 11.3 Key Generation 341 11.4 Cryptographic Key Infrastructures 343 11.5 Storing and Revoking Keys 353 11.6 Summary 359 11.7 Research Issues 360 11.8 Further Reading 361 11.9 Exercises 362 Chapter 12: Cipher Techniques 367 12.1 Problems 367 12.2 Stream and Block Ciphers 370 12.3 Authenticated Encryption 377 12.4 Networks and Cryptography 381 12.5 Example Protocols 384 12.6 Summary 410 12.7 Research Issues 411 12.8 Further Reading 411 12.9 Exercises 413 Chapter 13: Authentication 415 13.1 Authentication Basics 415 13.2 Passwords 416 13.3 Password Selection 418 13.4 Attacking Passwords 426 13.5 Password Aging 434 13.6 Challenge-Response 438 13.7 Biometrics 441 13.8 Location 445 13.9 Multifactor Authentication 446 13.10 Summary 448 13.11 Research Issues 449 13.12 Further Reading 450 13.13 Exercises 451 Part V: Implementation II: Systems 453 Chapter 14: Design Principles 455 14.1 Underlying Ideas 455 14.2 Principles of Secure Design 457 14.3 Summary 466 14.4 Research Issues 466 14.5 Further Reading 467 14.6 Exercises 468 Chapter 15: Representing Identity 471 15.1 What Is Identity? 471 15.2 Files and Objects 472 15.3 Users 473 15.4 Groups and Roles 475 15.5 Naming and Certificates 476 15.6 Identity on the Web 484 15.7 Anonymity on the Web 490 15.8 Summary 501 15.9 Research Issues 502 15.10 Further Reading 503 15.11 Exercises 504 Chapter 16: Access Control Mechanisms 507 16.1 Access Control Lists 507 16.2 Capabilities 518 16.3 Locks and Keys 526 16.4 Ring-Based Access Control 531 16.5 Propagated Access Control Lists 533 16.6 Summary 535 16.7 Research Issues 535 16.8 Further Reading 536 16.9 Exercises 536 Chapter 17: Information Flow 539 17.1 Basics and Background 539 17.2 Nonlattice Information Flow Policies 542 17.3 Static Mechanisms 548 17.4 Dynamic Mechanisms 562 17.5 Integrity Mechanisms 566 17.6 Example Information Flow Controls 567 17.7 Summary 574 17.8 Research Issues 574 17.9 Further Reading 575 17.10 Exercises 576 Chapter 18: Confinement Problem 579 18.1 The Confinement Problem 579 18.2 Isolation 582 18.3 Covert Channels 594 18.4 Summary 619 18.5 Research Issues 620 18.6 Further Reading 620 18.7 Exercises 622 Part VI: Assurance 625 Contributed by Elisabeth Sullivan and Michelle Ruppel Chapter 19: Introduction to Assurance 627 19.1 Assurance and Trust 627 19.2 Building Secure and Trusted Systems 634 19.3 Summary 645 19.4 Research Issues 645 19.5 Further Reading 646 19.6 Exercises 647 Chapter 20: Building Systems with Assurance 649 20.1 Assurance in Requirements Definition and Analysis 649 20.2 Assurance during System and Software Design 662 20.3 Assurance in Implementation and Integration 685 20.4 Assurance during Operation and Maintenance 695 20.5 Summary 696 20.6 Research Issues 696 20.7 Further Reading 697 20.8 Exercises 698 Chapter 21: Formal Methods 699 21.1 Formal Verification Techniques 699 21.2 Formal Specification 702 21.3 Early Formal Verification Techniques 705 21.4 Current Verification Systems 713 21.5 Functional Programming Languages 721 21.6 Formally Verified Products 722 21.7 Summary 723 21.8 Research Issues 724 21.9 Further Reading 725 21.10 Exercises 725 Chapter 22: Evaluating Systems 727 22.1 Goals of Formal Evaluation 727 22.2 TCSEC: 1983-1999 730 22.3 International Efforts and the ITSEC: 1991-2001 737 22.4 Commercial International Security Requirements: 1991 742 22.5 Other Commercial Efforts: Early 1990s 744 22.6 The Federal Criteria: 1992 744 22.7 FIPS 140: 1994-Present 746 22.8 The Common Criteria: 1998-Present 749 22.9 SSE-CMM: 1997-Present 765 22.10 Summary 768 22.11 Research Issues 769 22.12 Further Reading 769 22.13 Exercises 770 Part VII: Special Topics 773 Chapter 23: Malware 775 23.1 Introduction 775 23.2 Trojan Horses 776 23.3 Computer Viruses 780 23.4 Computer Worms 790 23.5 Bots and Botnets 793 23.6 Other Malware 796 23.7 Combinations 803 23.8 Theory of Computer Viruses 803 23.9 Defenses 808 23.10 Summary 820 23.11 Research Issues 820 23.12 Further Reading 821 23.13 Exercises 822 Chapter 24: Vulnerability Analysis 825 24.1 Introduction 825 24.2 Penetration Studies 827 24.3 Vulnerability Classification 845 24.4 Frameworks 849 24.5 Standards 864 24.6 Gupta and Gligor’s Theory of Penetration Analysis 868 24.7 Summary 873 24.8 Research Issues 874 24.9 Further Reading 875 24.10 Exercises 876 Chapter 25: Auditing 879 25.1 Definition 879 25.2 Anatomy of an Auditing System 880 25.3 Designing an Auditing System 884 25.4 A Posteriori Design 893 25.5 Auditing Mechanisms 897 25.6 Examples: Auditing File Systems 900 25.7 Summary 910 25.8 Research Issues 911 25.9 Further Reading 912 25.10 Exercises 913 Chapter 26: Intrusion Detection 917 26.1 Principles 917 26.2 Basic Intrusion Detection 918 26.3 Models 920 26.4 Architecture 942 26.5 Organization of Intrusion Detection Systems 948 26.6 Summary 954 26.7 Research Issues 954 26.8 Further Reading 955 26.9 Exercises 956 Chapter 27: Attacks and Responses 959 27.1 Attacks 959 27.2 Representing Attacks 960 27.3 Intrusion Response 971 27.4 Digital Forensics 987 27.5 Summary 996 27.6 Research Issues 997 27.7 Further Reading 998 27.8 Exercises 999 Part VIII: Practicum 1003 Chapter 28: Network Security 1005 28.1 Introduction 1005 28.2 Policy Development 1006 28.3 Network Organization 1011 28.4 Availability 1026 28.5 Anticipating Attacks 1027 28.6 Summary 1028 28.7 Research Issues 1028 28.8 Further Reading 1029 28.9 Exercises 1030 Chapter 29: System Security 1035 29.1 Introduction 1035 29.2 Policy 1036 29.3 Networks 1042 29.4 Users 1048 29.5 Authentication 1053 29.6 Processes 1055 29.7 Files 1061 29.8 Retrospective 1066 29.9 Summary 1068 29.10 Research Issues 1068 29.11 Further Reading 1069 29.12 Exercises 1070 Chapter 30: User Security 1073 30.1 Policy 1073 30.2 Access 1074 30.3 Files and Devices 1080 30.4 Processes 1087 30.5 Electronic Communications 1092 30.6 Summary 1094 30.7 Research Issues 1095 30.8 Further Reading 1095 30.9 Exercises 1096 Chapter 31: Program Security 1099 31.1 Problem 1099 31.2 Requirements and Policy 1100 31.3 Design 1104 31.4 Refinement and Implementation 1111 31.5 Common Security-Related Programming Problems 1117 31.6 Testing, Maintenance, and Operation 1141 31.7 Distribution 1146 31.8 Summary 1147 31.9 Research Issues 1147 31.10 Further Reading 1148 31.11 Exercises 1148 Part IX: Appendices 1151 Appendix A: Lattices 1153 A.1 Basics 1153 A.2 Lattices 1154 A.3 Exercises 1155 Appendix B: The Extended Euclidean Algorithm 1157 B.1 The Euclidean Algorithm 1157 B.2 The Extended Euclidean Algorithm 1158 B.3 Solving ax mod n = 1 1160 B.4 Solving ax mod n = b 1161 B.5 Exercises 1161 Appendix C: Entropy and Uncertainty 1163 C.1 Conditional and Joint Probability 1163 C.2 Entropy and Uncertainty 1165 C.3 Joint and Conditional Entropy 1166 C.4 Exercises 1169 Appendix D: Virtual Machines 1171 D.1 Virtual Machine Structure 1171 D.2 Virtual Machine Monitor 1171 D.3 Exercises 1176 Appendix E: Symbolic Logic 1179 E.1 Propositional Logic 1179 E.2 Predicate Logic 1184 E.3 Temporal Logic Systems 1186 E.4 Exercises 1188 Appendix F: The Encryption Standards 1191 F.1 Data Encryption Standard 1191 F.2 Advanced Encryption Standard 1196 F.3 Exercises 1205 Appendix G: Example Academic Security Policy 1207 G.1 Acceptable Use Policy 1207 G.2 University of California Electronic Communications Policy 1212 G.3 User Advisories 1234 G.4 Electronic Communications—Allowable Use 1241 Appendix H: Programming Rules 1247 H.1 Implementation Rules 1247 H.2 Management Rules 1249 References 1251 Index 1341

Read more less

Book SynopsisJoseph Muniz is an architect and security researcher in the Cisco Security Sales and Engineering Organization. He is driven by making the world a safer place through education and adversary research. Joseph has extensive experience in designing security solutions and architectures as a trusted advisor for top Fortune 500 corporations and the U.S. government. Joseph is a researcher and industry thought leader. He speaks regularly at international conferences, writes for technical magazines, and is involved with developing training for various industry certifications. He invented the fictitious character of Emily Williams to create awareness around social engineering. Joseph runs The Security Blogger website, a popular resource for security and product implementation. He is the author and contributor of several publications including titles ranging from security best practices to exploitation tactics. When Joseph is not using technology, you can find himTable of ContentsPreface Chapter 1: Introducing Security Operations and the SOC Introducing the SOCFactors Leading to a Dysfunctional SOCCyberthreatsInvesting in SecurityThe Impact of a BreachEstablishing a Baseline The Impact of ChangeFundamental Security Capabilities Signature Detection Behavior Detection Anomaly Detection Best of Breed vs. Defense in DepthStandards, Guidelines, and Frameworks NIST Cybersecurity Framework ISO 3100:2018 FIRST Service Frameworks Applying FrameworksIndustry Threat Models The Cyber Kill Chain Model The Diamond Model MITRE ATT&CK Model Choosing a Threat ModelVulnerabilities and Risk Endless VulnerabilitiesBusiness ChallengesIn-House vs. Outsourcing Services Advantages Services Disadvantages Hybrid ServicesSOC ServicesSOC Maturity Models SOC Maturity Assessment SOC Program MaturitySOC Goals Assessment Defining Goals SOC Goals Ranking Threats Ranking SOC Goals Assessment SummarizedSOC Capabilities Assessment Capability Maps SOC Capabilities Gaps Analysis Capability Map Next StepsSOC Development MilestonesSummaryReferencesChapter 2: Developing a Security Operations Center Mission Statement and Scope Statement Developing Mission and Scope Statements SOC Scope StatementDeveloping a SOCSOC Procedures Designing ProceduresSecurity Tools Evaluating Vulnerabilities Preventive Technologies Detection Technologies Mobile Device Security ConcernsPlanning a SOC Capacity Planning Developing a Capacity PlanDesigning a SOC Facility Physical SOC vs. Virtual SOC SOC Location SOC Interior SOC Rooms SOC Computer Rooms SOC LayoutsNetwork Considerations Segmentation Logical Segmentation Choosing Segmentation Client/Server Segmentation Active Directory Segmentation Throughput Connectivity and RedundancyDisaster RecoverySecurity Considerations Policy and Compliance Network Access Control EncryptionInternal Security Tools Intrusion Detection and Prevention Network Flow and Capturing Packets Change Management Host SystemsGuidelines and Recommendations for Securing Your SOC Network Tool CollaborationSOC Tools Reporting and Dashboards Throughput and Storage Centralized Data ManagementSummaryReferencesChapter 3: SOC Services Fundamental SOC Services SOC ChallengesThe Three Pillars of Foundational SOC Support Services Pillar 1: Work Environment Pillar 2: People Pillar 3: Technology Evaluating the Three Pillars of Foundational SOC Support ServicesSOC Service Areas FIRST’s CSIRT Developing SOC Service Areas In-House Services vs. External Services Contracted vs. Employee Job RolesSOC Service Job Goals Resource PlanningService Maturity: If You Build It, They Will ComeSOC Service 1: Risk Management Four Responses to Risk Reducing Risk Addressing RiskSOC Service 2: Vulnerability Management Vulnerability Management Best Practice Vulnerability Scanning Tools Penetration TestingSOC Service 3: Compliance Meeting Compliance with AuditsSOC Service 4: Incident Management NIST Special Publication 800-61 Revision 2 Incident Response Planning Incident Impact PlaybooksSOC Service 5: Analysis Static Analysis Dynamic AnalysisSOC Service 6: Digital ForensicsSOC Service 7: Situational and Security Awareness User TrainingSOC Service 8: Research and DevelopmentSummaryReferencesChapter 4: People and Process Career vs. JobDeveloping Job Roles General Schedule Pay Scale IT Industry Job Roles Common IT Job RolesSOC Job Roles Security Analyst Penetration Tester Assessment Officer Incident Responder Systems Analyst Security Administrator Security Engineer Security Trainer Security Architect Cryptographer/Cryptologist Forensic Engineer Chief Information Security OfficerNICE Cybersecurity Workforce Framework Nice Framework ComponentsRole TiersSOC Services and Associated Job Roles Risk Management Service Vulnerability Management Service Incident Management Service Analysis Service Compliance Service Digital Forensics Service Situational and Security Awareness Service Research and Development ServiceSoft Skills Evaluating Soft Skills SOC Soft SkillsSecurity Clearance RequirementsPre-InterviewingInterviewing Interview Prompter Post InterviewOnboarding Employees Onboarding RequirementsManaging PeopleJob RetentionTraining Training MethodsCertificationsCompany CultureSummaryReferencesChapter 5: Centralizing Data Data in the SOC Strategic and Tactical Data Data Structure Data Types Data ContextData-Focused Assessment Data Assessment Example: Antivirus Threat Mapping Data Applying Data Assessments to SOC ServicesLogs Log Types Log FormatsSecurity Information and Event Management SIEM Data Processing Data Correlation Data Enrichment SIEM Solution Planning SIEM TuningTroubleshooting SIEM Logging SIEM Troubleshooting Part 1: Data Input SIEM Troubleshooting Part 2: Data Processing and Validation SIEM Troubleshooting Examples Additional SIEM FeaturesAPIs Leveraging APIs API Architectures API ExamplesBig Data Hadoop Big Data Threat FeedsMachine Learning Machine Learning in Cybersecurity Artificial Intelligence Machine Learning ModelsSummaryReferencesChapter 6: Reducing Risk and Exceeding ComplianceWhy Exceeding CompliancePolicies Policy Overview Policy Purpose Policy Scope Policy Statement Policy Compliance Related Standards, Policies, Guidelines, and Processes Definitions and Terms HistoryLaunching a New Policy Steps for Launching a New PolicyPolicy Enforcement Certification and AccreditationProcedures Procedure DocumentTabletop Exercise Tabletop Exercise Options Tabletop Exercise Execution Tabletop Exercise Format Tabletop Exercise Template ExampleStandards, Guidelines, and Frameworks NIST Cybersecurity Framework ISO/IEC 27005 CIS Controls ISACA COBIT 2019 FIRST CSIRT Services Framework Exceeding ComplianceAudits Audit Example Internal Audits External Auditors Audit ToolsAssessments Assessment Types Assessment Results Assessment Template Vulnerability Scanners Assessment Program WeaknessesPenetration Test NIST Special Publication 800-115 Additional NIST SP 800-115 Guidance Penetration Testing Types Penetration Testing PlanningIndustry Compliance Compliance RequirementsSummaryReferencesChapter 7: Threat Intelligence Threat Intelligence Overview Threat DataThreat Intelligence Categories Strategic Threat Intelligence Tactical Threat Intelligence Operational Threat Intelligence Technical Threat IntelligenceThreat Intelligence Context Threat ContextEvaluating Threat Intelligence Threat Intelligence Checklist Content Quality Testing Threat IntelligencePlanning a Threat Intelligence Project Data Expectations for Strategic Threat Intelligence Data Expectations for Tactical Threat Intelligence Data Expectations for Operational Threat Intelligence Data Expectations for Technical Threat IntelligenceCollecting and Processing Intelligence Processing Nontechnical Data Operational Data and Web Processing Technical Processing Technical Threat Intelligence Resources Actionable Intelligence Security Tools and Threat IntelligenceFeedbackSummaryReferencesChapter 8: Threat Hunting and Incident Response Security IncidentsIncident Response LifecyclePhase 1: Preparation Assigning Tasks with Playbooks Communication Third-Party Interaction Law Enforcement Law Enforcement Risk Ticketing Systems Other Incident Response Planning Templates Phase 1: Preparation SummaryPhase 2: Detection and Analysis Incident Detection Core Security Capabilities Threat Analysis Detecting Malware Behavior Infected Systems Analyzing Artifacts Identifying Artifact Types Packing Files Basic Static Analysis Advanced Static Analysis Dynamic Analysis Phase 2: Detection and Analysis SummaryPhase 3: Containment, Eradication, and Recovery Containment Responding to Malware Threat Hunting Techniques Eradicate RecoveryDigital Forensics Digital Forensic Process First Responder Chain of Custody Working with Evidence Duplicating Evidence Hashes Forensic Static Analysis Recovering Data Forensic Dynamic Analysis Digital Forensics Summary Phase 3: Containment, Eradication, and Recovery SummaryPhase 4: Post-Incident Activity Post-Incident Response Process Phase 4: Post-Incident Response SummaryIncident Response Guidelines FIRST Services FrameworksSummaryReferencesChapter 9: Vulnerability Management Vulnerability Management Phase 1: Asset Inventory Phase 2: Information Management Phase 3: Risk Assessment Phase 4: Vulnerability Assessment Phase 5: Report and Remediate Phase 6: Respond and RepeatMeasuring Vulnerabilities Common Vulnerabilities and Exposures Common Vulnerability Scoring System CVSS StandardsVulnerability Technology Vulnerability Scanners Currency and Coverage Tuning Vulnerability Scanners Exploitation Tools Asset Management and Compliance Tools Network Scanners and Network Access Control Threat Detection ToolsVulnerability Management Service Scanning Services Vulnerability Management Service Roles Vulnerability Evaluation ProceduresVulnerability Response Vulnerability Accuracy Responding to Vulnerabilities Cyber Insurance Patching Systems Residual Risk Remediation Approval Reporting ExceptionsVulnerability Management Process SummarizedSummaryReferencesChapter 10: Data Orchestration Introduction to Data Orchestration Comparing SIEM and SOAR The Rise of XDRSecurity Orchestration, Automation, and Response SOAR Example: PhantomEndpoint Detection and Response EDR Example: CrowdStrikePlaybooks Playbook Components Constructing Playbooks Incident Response Consortium Playbook Examples: Malware OutbreakAutomation Automating Playbooks Common Targets for Automation Automation Pitfalls Playbook WorkflowDevOps Programming Data Management Text-File Formats Common Data Formats Data ModelingDevOps Tools DevOps Targets Manual DevOps Automated DevOps DevOps Lab Using Ansible Ansible PlaybooksBlueprinting with Osquery Running OsqueryNetwork Programmability Learning NetDevOps APIs NetDevOps ExampleCloud Programmability Orchestration in the Cloud Amazon DevOps SaaS DevOpsSummaryReferencesChapter 11: Future of the SOC All Eyes on SD-WAN and SASE VoIP Adoption As Prologue to SD-WAN Adoption Introduction of SD-WAN Challenges with the Traditional WAN SD-WAN to the Rescue SASE Solves SD-WAN Problems SASE Defined Future of SASEIT Services Provided by the SOC IT Operations Defined Hacking IT Services IT Services Evolving Future of IT ServicesFuture of Training Training Challenges Training Today Case Study: Training I Use Today Free Training Gamifying Learning On-Demand and Personalized Learning Future of TrainingFull Automation with Machine Learning Machine Learning Machine Learning Hurdles Machine Learning Applied Training Machine Learning Future of Machine LearningFuture of Your SOC: Bringing It All Together Your Future Facilities and Capabilities Group Tags Your Future SOC Staff Audits, Assessments, and Penetration Testing Future Impact to Your Services Hunting for Tomorrow’s ThreatsSummaryReferences9780135619858 TOC 3/24/2021

Read more less

Book SynopsisWith its lively, conversational tone and practical focus, this new edition mixes applied and theoretical aspects for a solid introduction to cryptography and security, including the latest significant advancements in the field.Table of Contents1 Overview Secure Communications. Cryptographic Applications 2 Classical Cryptosystems. Shift Ciphers. Affine Ciphers. The Vigen`ere Cipher. Substitution Ciphers. Sherlock Holmes. The Playfair and ADFGX Ciphers. Block Ciphers. Binary Numbers and ASCII. One-Time Pads. Pseudo-random Bit Generation. LFSR Sequences. Enigma. Exercises. Computer Problems. 3 Basic Number Theory. Basic Notions. Solving ax + by = d. Congruences. The Chinese Remainder Theorem. Modular Exponentiation. Fermat and Euler. Primitive Roots. Inverting Matrices Mod n. Square Roots Mod n. Legendre and Jacobi Symbols. Finite Fields. Continued Fractions. Exercises. Computer Problems. 4 The Data Encryption Standard Introduction. A Simplified DES-Type Algorithm. Differential Cryptanalysis. DES. Modes of Operation. Breaking DES. Meet-in-the-Middle Attacks. Password Security. Exercises. 5 AES: Rijndael The Basic Algorithm. The Layers. Decryption. Design Considerations. 6 The RSA Algorithm The RSA Algorithm. Attacks on RSA. Primality Testing. Factoring. The RSA Challenge. An Application to Treaty Verification. The Public Key Concept. Exercises. Computer Problems 7 Discrete Logarithms Discrete Logarithms. Computing Discrete Logs. Bit Commitment Diffie-Hellman Key Exchange. ElGamal Public Key Cryptosystems. Exercises. Computer Problems. 8 Hash Functions Hash Functions. A Simple Hash Example. The Secure Hash Algorithm. Birthday Attacks. Multicollisions. The Random Oracle Model. Using Hash Functions to Encrypt. 9 Digital Signatures RSA Signatures. The ElGamal Signature Scheme. Hashing and Signing. Birthday Attacks on Signatures. The Digital Signature Algorithm. Exercises. Computer Problems. 10 Security Protocols Intruders-in-the-Middle and Impostors. Key Distribution. Kerberos Public Key Infrastructures (PKI). X.509 Certificates. Pretty Good Privacy. SSL and TLS. Secure Electronic Transaction. Exercises. 11 Digital Cash Digital Cash. Exercises. 12 Secret Sharing Schemes Secret Splitting. Threshold Schemes. Exercises. Computer Problems. 13 Games Flipping Coins over the Telephone. Poker over the Telephone. Exercises. 14 Zero-Knowledge Techniques The Basic Setup. The Feige-Fiat-Shamir Identification Scheme. Exercises. 15 Information Theory Probability Review. Entropy. Huffman Codes. Perfect Secrecy. The Entropy of English. Exercises. 16 Elliptic Curves The Addition Law. Elliptic Curves Mod n. Factoring with Elliptic Curves. Elliptic Curves in Characteristic 2. Elliptic Curve Cryptosystems. Identity-Based Encryption. Exercises. Computer Problems. 17 Lattice Methods Lattices. Lattice Reduction. An Attack on RSA. NTRU. Exercises 18 Error Correcting Codes Introduction. Error Correcting Codes. Bounds on General Codes. Linear Codes. Hamming Codes. Golay Codes. Cyclic Codes. BCH Codes. Reed-Solomon Codes. The McEliece Cryptosystem. Other Topics. Exercises. Computer Problems. 19 Quantum Techniques in Cryptography A Quantum Experiment. Quantum Key Distribution. Shor’s Algorithm. 4 Exercises. Mathematica Examples Maple Examples MATLAB Examples Further Reading Bibliography Index

Read more less

Book SynopsisPramod Nair is a Lead Security Architect at Cisco Systems focusing on service providers. During his 20 years of experience in the industry, Pramod has worked in multiple areas, including research and development, designing end-to-end mobile networks, and technical consulting on military and defense projects. Among other responsibilities in his current role within Cisco, Pramod leads 5G Security Architecture, driving its adoption globally, and has been instrumental in architecting secure next-generation networks for customers across the globe. He is a regular speaker on the subject at large conferences and industry events. Pramod is an active member of the security community. His role is to help mobile network providers, service providers, industry verticals, the national security and defense sectors, and other agencies dedicated to securing critical infrastructures. He is also deeply involved with industry trade organizations, has co-chaired the 5G secTable of ContentsForeword xv Preface xvi Acknowledgments xxi About the Author xxii Part I Evolution of Cellular Technologies to 5G, Security Enhancements, and Challenges Chapter 1: Evolution from 4G to 5G 2 Mobile Network Evolution from 4G to 5G.. . . . . . . . . . . . . . . . . . 4 Key 5G Features in 3GPP Releases.. . . . . . . . . . . . . . . . . . . . 18 Key 5G Advanced Features.. . . . . . . . . . . . . . . . . . . . . . . 20 Summary.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21 Acronym Key.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22 References.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24 Chapter 2: Deployment Modes in 5G 26 5G NSA and SA Deployments.. . . . . . . . . . . . . . . . . . . . . . 27 5G Time-Sensitive Networks.. . . . . . . . . . . . . . . . . . . . . . . 42 5G Local Area Network–Type Service.. . . . . . . . . . . . . . . . . . . 44 Private 5G/Non-Public Networks.. . . . . . . . . . . . . . . . . . . . . 46 Summary.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 52 Acronym Key.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 52 References.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 54 Chapter 3: Securing 5G Infrastructure 56 3GPP 5G Security Enhancements.. . . . . . . . . . . . . . . . . . . . . 57 Security Challenges in 5G. . . . . . . . . . . . . . . . . . . . . . . . 74 Summary.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 77 Acronyms Key.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 79 References.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 80 Part II Securing 5G Architectures, Deployment Modes, and Use Cases Chapter 4: Securing RAN and Transport Deployments in 5G 82 5G RAN and Transport Threats. . . . . . . . . . . . . . . . . . . . . . 84 Securing 5G RAN and Transport.. . . . . . . . . . . . . . . . . . . . . 92 Real Scenario Case Study: Examples of Threat Surfaces and Their Mitigation. . 125 Summary.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 136 Acronym Key.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 138 References.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 140 Chapter 5: Securing MEC Deployments in 5G 142 Service Provider Network-Based MEC.. . . . . . . . . . . . . . . . . . 144 Enterprise Network-Based MEC.. . . . . . . . . . . . . . . . . . . . . 145 MEC Deployment Models.. . . . . . . . . . . . . . . . . . . . . . . . 146 Threat Surfaces in 5G MEC Deployments.. . . . . . . . . . . . . . . . . 154 Securing 5G MEC.. . . . . . . . . . . . . . . . . . . . . . . . . . . 178 Real Scenario Case Study: MEC Threats and Their Mitigation.. . . . . . . . . 217 Summary.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 228 Acronym Key.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 231 References.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 233 Chapter 6: Securing Virtualized 5G Core Deployments 234 A Brief Evolution of Virtualization in Telecommunications.. . . . . . . . . . . 235 Threats in Virtualized 5G Packet Core Deployments.. . . . . . . . . . . . . 240 Securing Virtualized 5G Packet Core Deployments.. . . . . . . . . . . . . 257 Real Scenario Case Study: Virtualized 5GC Threats and Mitigation.. . . . . . . 281 Summary.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 290 Acronym Key.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 294 References.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 296 Chapter 7: Securing Network Slice, SDN, and Orchestration in 5G 298 Network Slicing and Its Enablers—SDN and Orchestration. . . . . . . . . . 299 Threat Surfaces in 5G Network Slice, SDN, and Orchestration Deployments.. . . 309 Mitigation of Threats.. . . . . . . . . . . . . . . . . . . . . . . . . . 327 Real Scenario Case Study: Threats in the 5G Network Slice, SDN, and Orchestration Deployments and Their Mitigation. . . . . . . . . . . . . 355 Summary.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 369 Key Acronyms.. . . . . . . . . . . . . . . . . . . . . . . . . . . . 372 References.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 374 Chapter 8: Securing Massive IoT Deployments in 5G 376 Massive IoT–Based Threats in 5G.. . . . . . . . . . . . . . . . . . . . 380 Securing mIoT Deployments in 5G Networks.. . . . . . . . . . . . . . . . 391 Real Scenario Case Study: mIoT Threats and Their Mitigation.. . . . . . . . . 414 Summary.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 418 Key Acronyms.. . . . . . . . . . . . . . . . . . . . . . . . . . . . 420 References.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 422 Chapter 9: Securing 5G Use Cases 424 Secure 5G Smart Factory and Manufacturing. . . . . . . . . . . . . . . . 425 Critical Infrastructure.. . . . . . . . . . . . . . . . . . . . . . . . . . 437 5G Vehicle-to-Everything (5G-V2X).. . . . . . . . . . . . . . . . . . . . 447 Standards and Associations.. . . . . . . . . . . . . . . . . . . . . . . 463 Summary.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 465 Key Acronyms.. . . . . . . . . . . . . . . . . . . . . . . . . . . . 465 References.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 467 Part III End-to-End 5G Security Architecture and Prioritizing Security Investments Chapter 10: Building Pragmatic End-to-End 5G Security Architecture 468 Foundations of 5G Security.. . . . . . . . . . . . . . . . . . . . . . . 470 Key Tenets of 5G Security Architecture.. . . . . . . . . . . . . . . . . . 472 Summary.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 497 Acronyms Key.. . . . . . . . . . . . . . . . . . . . . . . . . . . . 498 References.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 501 Chapter 11: Prioritizing 5G Security Investments 502 Method of Prioritizing Security Controls.. . . . . . . . . . . . . . . . . . 505 Summary.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 532 Acronyms Key.. . . . . . . . . . . . . . . . . . . . . . . . . . . . 533 References.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 534 Part IV Emerging Discussions Chapter 12: 5G and Beyond 536 Adoption and Adaptability of 5G and Evolving Technologies.. . . . . . . . . 537 Convergence of Wi-Fi and Evolving Cellular Technologies.. . . . . . . . . . 539 Use of AI and ML in Securing 5G and Evolving Networks.. . . . . . . . . . . 543 Crypto Agility in 5G and Evolving Technologies.. . . . . . . . . . . . . . . 546 Summary.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 548 Acronym Key.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 548 References.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 550 9780137457939, TOC, 10/27/2021

Read more less

Book SynopsisIvo Pinto, CCIE No. 57162 (R&S, Security, and Data Center), CISSP, is a Solutions Architect with many years of experience in the fields of multicloud, automation, and enterprise and data center networking. Ivo has worked at Cisco in different roles and different geographies, and he has led the architecture creation and deployment of many automated global-scale solutions for Fortune 50 companies that are in production today. In his latest role, he is responsible for multicloud innovation at the Customer Experience CTO office. Ivo is the founder of IT OnTrack (www.itontrack.com), a provider of services to young professionals who are looking to further their careers in IT. Ivo has authored Cisco white papers and multiple Cisco exam questions. Follow Ivo on LinkedIn @ivopinto01.Table of Contents Introduction xvii Chapter 1 Types of Network Automation 1 Data-Driven Automation 2 Task-Based Automation 11 End-to-End Automation 16 Tools 22 Summary 39 Review Questions 40 Chapter 2 Data for Network Automation 43 The Importance of Data 43 Data Formats and Models 44 Methods for Gathering Data 66 Summary 84 End Notes 84 Review Questions 85 Chapter 3 Using Data from Your Network 87 Data Preparation 87 Data Visualization 100 Data Insights 104 Case Studies 112 Summary 116 Review Questions 117 Chapter 4 Ansible Basics 119 Ansible Characteristics 119 Installing Ansible 120 Variables 126 Playbooks 131 Conditionals 133 Loops 136 Handlers 140 Executing a Playbook 143 Roles 149 Summary 152 Review Questions 153 Chapter 5 Using Ansible for Network Automation 155 Interacting with Files 155 Interacting with Devices 160 Interacting with APIs 187 Case Studies 189 Summary 195 Review Questions 196 Chapter 6 Network DevOps 199 What NetDevOps Is 199 NetDevOps Tools 214 How to Build Your Own NetDevOps Environment 228 Case Studies 233 Summary 238 Review Questions 238 Chapter 7 Automation Strategies 241 What an Automation Strategy Is 241 Why You Need an Automation Strategy 250 How to Build Your Own Automation Strategy 251 How to Use an Automation Strategy 268 Summary 270 Review Questions 271 Appendix A Answers to Review Questions 273 TOC, 9780137455928, 10/5/2021

Read more less

Book SynopsisCindy Green-Ortiz is a Cisco senior security architect, cybersecurity strategist, architect, and entrepreneur. She works in the Customer Experience, Global Enterprise Segment for Cisco. She holds the CISSP, CISM, CSSLP, CRISC, PMP, and CSM Certifications, along with two degreesa BS-CIS Magna Cum Laude and AS-CIS with Honors. She has been with Cisco for 6+ years. Cindy has been in the cybersecurity field for 40 years, where she has held D-CIO, D-CISO, and Corporate Security Architecture Leadership roles, founding two technology businesses as CEO. Cindy is a Cisco Chairman's Club winner (Club Cisco). She is an active blogger for Cisco and has published whitepapers for Cisco and the US Department of Homeland Security. She has spoken to many groups, including PMI International Information Systems & Technology Symposium-Cybersecurity Keynote; Cisco SecCon, and Cisco Live. Cindy is President Emeritus and serves now as the treasurer of Charlotte InfraGard and cofounder of Table of ContentsForeword Introduction Part I: Concepts 1. Overview of Zero Trust (ZT): It's a Journey 2. Cisco Zero Trust: Security Capability Requirements 3. Zero Trust Reference Architecture and Enclave Design 4. Security Capability Use Cases 5. Segmentation Part II: Implementation 6. Segmentation Methods: Pros and Cons 7. Segmentation Foundational Functions and Applications (CMDB, App Inv, VLAN, Host Naming) 8. Map Functions to Segments / Implement Solutions 9. Test and Monitor ZT Segmentation and Solutions (LLD / SVS) - Phased Conclusion (Journey) Afterword Bibliography Acknowledgements

Read more less

Book SynopsisMatthew Baker, Brandon Beck, Doron Chosnek, Jason McGee, Sean McKeown, Bradley TerEick, and Mohit Vaswani are Solutions Architects within the Cisco Cloud Infrastructure & Software Group who are passionate about helping customers build high-value hybrid cloud and multi-cloud solutions. Every day, they work directly with Cisco customers and partners to combine Cisco, third-party, open-source, and public cloud technologies to achieve key business objectives.Table of Contents Foreword xviii Introduction xix Chapter 1 Intersight Foundations 1 Introduction 1 Intersight Architecture 1 Licensing 21 Summary 21 References 21 Chapter 2 Security 23 Introduction 23 Connectivity 23 Claiming 24 Role-Based Access Control (RBAC) 26 Audit Logs 28 Data Security 29 Security Advantages 30 Summary 31 References 31 Chapter 3 Infrastructure Operations 33 Introduction 33 Device Health and Monitoring 33 Linking Intelligence Feeds 38 Integrated Support 47 Infrastructure Configuration 50 ITSM Integration 54 UCS Director Integration 56 Summary 61 References 61 Chapter 4 Server Operations 63 Introduction 63 Supported Systems 63 Server Actions 64 Server Deployment 69 Server Policies 69 ID Pools 70 Domain Management 73 Firmware Updates 80 Summary 83 Reference 83 Chapter 5 Network Operations 85 Introduction 85 Policy-Driven Network Infrastructure 85 Summary 90 Reference 90 Chapter 6 Storage Operations 91 Introduction 91 HyperFlex 92 Deploying HyperFlex Clusters 101 Managing HX Clusters 105 Traditional Storage Operations 113 Summary 116 References 116 Chapter 7 Virtualization Operations 117 Introduction 117 Claiming a vCenter Target 118 Claiming an AWS Target 120 Contextual Visibility 121 Contextual Operations 130 Virtualization Orchestration 132 Summary 134 Reference 134 Chapter 8 Kubernetes 135 Introduction 135 Intersight Kubernetes Service 136 Benefits of IKS 138 Cluster Management 139 Intersight Workload Engine 161 Summary 165 References 166 Chapter 9 Workload Optimization 167 Introduction 167 Users and Roles 169 Targets and Configuration 170 The Supply Chain 172 Actions 174 Groups and Policies 175 Planning and Placement 180 The Public Cloud 182 Summary 185 References 185 Chapter 10 Orchestration 187 Introduction 187 Automation and Orchestration 187 Intersight Orchestration 188 Use Cases 200 Summary 203 Chapter 11 Programmability 205 Introduction 205 Client SDKs 209 Authentication and Authorization 210 Crawl, Walk, Run 213 Advanced Usage 237 Next Steps: Use Cases 244 Summary 255 References 255 Chapter 12 Infrastructure as Code 257 Introduction 257 What Is Infrastructure as Code? 258 HashiCorp Terraform 262 Intersight and Infrastructure as Code 263 IST and Intersight Cloud Orchestrator 272 Summary 273 9780137937288, TOC, 10/3/2022

Read more less

Book SynopsisCisco Networking Academy is an innovative Cisco education initiative that delivers information and communication technology skills to improve career and economic opportunities around the world. The Academy provides online courses, interactive tools, and lab activities to prepare individuals for information technology and networking careers in virtually every industry. Table of ContentsIntroduction xxxiii Chapter 1 Introduction to Personal Computer Hardware 1 Objectives 1 Key Terms 1 Introduction to Personal Computers (1.0) 5 Personal Computer Safety (1.1) 5 What Is in a Computer? (1.1.1) 5 Electrical and ESD Safety (1.1.2) 6 PC Components (1.2) 7 Case and Power Supplies (1.2.1) 7 Motherboards (1.2.2) 13 CPUs and Cooling Systems (1.2.3) 18 Memory (1.2.4) 20 Adapter Cards and Expansion Slots (1.2.5) 27 Hard Disk Drives and SSDs (1.2.6) 31 Optical Storage Devices (1.2.7) 35 Ports, Cables, and Adapters (1.2.8) 37 Input Devices (1.2.9) 46 Output Devices (1.2.10) 54 Computer Disassembly (1.3) 58 The Technician's Toolkit (1.3.1) 58 Computer Disassembly (1.3.2) 58 Summary (1.4) 60 Practice 60 Check Your Understanding Questions 61 Chapter 2 PC Assembly 65 Objectives 65 Key Terms 65 Introduction to PC Assembly (2.0) 67 Assemble the Computer (2.1) 67 General and Fire Safety (2.1.1) 67 Open the Case and Connect the Power Supply (2.1.2) 68 Install the Motherboard Components (2.1.3) 71 Install Internal Drives (2.1.4) 75 Install the Adapter Cards (2.1.5) 80 Select Additional Storage (2.1.6) 87 Install the Cables (2.1.7) 90 Summary (2.2) 95 Practice 96 Check Your Understanding Questions 96 Chapter 3 Advanced Computer Hardware 101 Objectives 101 Key Terms 101 Introduction to Advanced Computer Hardware (3.0) 104 Boot the Computer (3.1) 104 POST, BIOS, CMOS, and UEFI (3.1.1) 105 BIOS/UEFI Configuration (3.1.2) 110 Electrical Power (3.2) 113 Wattage and Voltage (3.2.1) 113 Power Fluctuation and Protection (3.2.2) 115 Advanced Computer Functionality (3.3) 117 CPU Architectures and Operation (3.3.1) 117 RAID (3.3.2) 122 Ports, Connectors, and Cables (3.3.3) 125 Monitors (3.3.4) 142 Computer Configuration (3.4) 146 Upgrade Computer Hardware (3.4.1) 147 Protecting the Environment (3.5) 152 Safe Disposal of Equipment and Supplies (3.5.1) 153 Summary (3.6) 155 Practice 156 Check Your Understanding Questions 156 Chapter 4 Preventive Maintenance and Troubleshooting 161 Objectives 161 Key Terms 161 Introduction (4.0) 162 Preventive Maintenance (4.1) 162 PC Preventive Maintenance Overview (4.1.1) 162 Troubleshooting Process (4.2) 165 Troubleshooting Process Steps (4.2.1) 165 Common Problems and Solutions for PCs (4.2.2) 174 Apply Troubleshooting Process to Computer Components and Peripherals (4.2.3) 182 Summary (4.3) 186 Practice 186 Check Your Understanding Questions 186 Chapter 5 Networking Concepts 191 Objectives 191 Key Terms 191 Introduction (5.0) 194 Network Components and Types (5.1) 194 Types of Networks (5.1.1) 194 Internet Connection Types (5.1.2) 202 Networking Protocols, Standards, and Services (5.2) 208 Transport Layer Protocols (5.2.1) 208 Application Port Numbers (5.2.2) 213 Wireless Protocols (5.2.3) 217 Network Services (5.2.4) 222 Network Devices (5.3) 233 Basic Network Devices (5.3.1) 233 Security Devices (5.3.2) 239 Other Network Devices (5.3.3) 244 Network Cables (5.4) 248 Network Tools (5.4.1) 248 Copper Cables and Connectors (5.4.2) 253 Fiber Cables and Connectors (5.4.3) 259 Summary (5.5) 265 Practice 266 Check Your Understanding Questions 266 Chapter 6 Applied Networking 271 Objectives 271 Key Terms 271 Introduction (6.0) 273 Device to Network Connection (6.1) 273 Network Addressing (6.1.1) 273 Configure a NIC (6.1.2) 290 Configure a Wired and Wireless Network (6.1.3) 296 Firewall Settings (6.1.4) 309 IoT Device Configuration (6.1.5) 317 The Basic Networking Troubleshooting Process (6.2) 319 Applying the Troubleshooting Process to Networking (6.2.1) 319 Network Problems and Solutions (6.2.2) 323 Summary (6.3) 328 Practice 328 Packet Tracer Activities 329 Check Your Understanding Questions 329 Chapter 7 Laptops and Other Mobile Devices 333 Objectives 333 Key Terms 333 Introduction (7.0) 336 Characteristics of Laptops and Other Mobile Devices (7.1) 336 Mobile Device Overview (7.1.1) 337 Laptop Components (7.1.2) 344 Laptop Display Components (7.1.3) 349 Laptop Configuration (7.2) 353 Power Settings Configuration (7.2.1) 353 Wireless Configuration (7.2.2) 355 Laptop Hardware and Component Installation and Configuration (7.3) 359 Expansion Slots (7.3.1) 359 Replacing Laptop Components (7.3.2) 365 Other Mobile Device Hardware Overview (7.4) 369 Other Mobile Device Hardware (7.4.1) 369 Specialty Mobile Devices (7.4.2) 373 Network Connectivity and Email (7.5) 377 Wireless and Cellular Data Networks (7.5.1) 377 Bluetooth (7.5.2) 383 Configuring Email (7.5.3) 387 Mobile Device Synchronization (7.5.4) 392 Preventive Maintenance for Laptops and Other Mobile Devices (7.6) 397 Scheduled Maintenance for Laptops and Other Mobile Devices (7.6.1) 397 Basic Troubleshooting Process for Laptops and Other Mobile Devices (7.7) 400 Applying the Troubleshooting Process to Laptops and Other Mobile Devices (7.7.1) 400 Common Problems and Solutions for Laptops and Other Mobile Devices (7.7.2) 404 Summary (7.8) 410 Practice 411 Check Your Understanding Questions 411 Chapter 8 Printers 415 Objectives 415 Key Terms 415 Introduction (8.0) 417 Common Printer Features (8.1) 417 Characteristics and Capabilities (8.1.1) 417 Printer Connections (8.1.2) 421 Printer Type Comparison (8.2) 425 Inkjet Printers (8.2.1) 425 Laser Printers (8.2.2) 431 Laser Printing Process (8.2.3) 435 Thermal Printers and Impact Printers (8.2.4) 442 Virtual Printers (8.2.5) 444 3D Printers (8.2.6) 446 Installing and Configuring Printers (8.3) 450 Installing and Updating a Printer (8.3.1) 450 Configuring Options and Default Settings (8.3.2) 452 Optimizing Printer Performance (8.3.3) 454 Sharing Printers (8.4) 456 Operating System Settings for Sharing Printers (8.4.1) 456 Print Servers (8.4.2) 459 Maintaining and Troubleshooting Printers (8.5) 462 Printer Preventive Maintenance (8.5.1) 462 Inkjet Printer Preventive Maintenance (8.5.2) 464 Laser Printer Preventive Maintenance (8.5.3) 464 Thermal Printer Preventive Maintenance (8.5.4) 465 Impact Printer Preventive Maintenance (8.5.5) 467 3D Printer Preventive Maintenance (8.5.6) 468 Applying the Troubleshooting Process to Printers (8.5.7) 469 Problems and Solutions (8.5.8) 472 Summary (8.6) 476 Practice 477 Check Your Understanding Questions 477 Chapter 9 Virtualization and Cloud Computing 481 Objectives 481 Key Terms 481 Introduction (9.0) 482 Virtualization (9.1) 482 Virtualization (9.1.1) 482 Client-Side Virtualization (9.1.2) 486 Cloud Computing (9.2) 491 Cloud Computing Applications (9.2.1) 491 Cloud Services (9.2.2) 492 Summary (9.3) 497 Practice 497 Check Your Understanding Questions 498 Chapter 10 Windows Installation 503 Objectives 503 Key Terms 503 Introduction (10.0) 505 Modern Operating Systems (10.1) 505 Operating System Features (10.1.1) 505 Customer Requirements for an Operating System (10.1.2) 510 Operating System Upgrades (10.1.3) 514 Disk Management (10.2) 518 Disk Management (10.2.1) 518 Install Windows (10.3) 524 Basic Windows Installation (10.3.1) 524 Custom Installation Options (10.3.2) 526 Windows Boot Sequence (10.3.3) 533 Summary (10.4) 537 Practice 537 Check Your Understanding Questions 538 Chapter 11 Windows Configuration 541 Objectives 541 Key Terms 542 Introduction (11.0) 547 Windows Desktop and File Explorer (11.1) 547 Comparing Windows Versions (11.1.1) 548 The Windows Desktop (11.1.2) 550 Windows Task Manager (11.1.3) 555 Windows File Explorer (11.1.4) 558 Configure Windows with Control Panels (11.2) 567 Control Panel Utilities (11.2.1) 568 User and Account Control Panel Items (11.2.2) 576 Network and Internet Control Panels (11.2.3) 580 Display Settings and Control Panel (11.2.4) 590 Power and System Control Panels (11.2.5) 593 Hardware and Sound Control Panels (11.2.6) 600 Clock, Region, and Language (11.2.7) 604 Programs and Features Control Panels (11.2.8) 609 Other Control Panels (11.2.9) 611 System Administration (11.3) 615 Administrative Tools (11.3.1) 615 System Utilities (11.3.2) 624 Disk Management (11.3.3) 632 Application Installation and Configuration (11.3.4) 640 Command-Line Tools (11.4) 649 Using Windows CLI (11.4.1) 649 File System CLI Commands (11.4.2) 655 Disk CLI Commands (11.4.3) 670 Task and System CLI Commands (11.4.4) 674 Other Useful CLI Commands (11.4.5) 679 Windows Networking (11.5) 683 Network Sharing and Mapping Drives (11.5.1) 683 Sharing Local Resources with Others (11.5.2) 688 Configure a Wired Network Connection (11.5.3) 691 Configure a Wireless Network Interface in Windows (11.5.4) 698 Remote Access Protocols (11.5.5) 699 Remote Desktop and Assistance (11.5.6) 701 Common Preventive Maintenance Techniques for Operating Systems (11.6) 702 OS Preventive Maintenance Plan (11.6.1) 702 Backup and Restore (11.6.2) 706 Basic Troubleshooting Process for Windows Operating Systems (11.7) 709 Applying Troubleshooting Process to Windows Operating Systems (11.7.1) 709 Common Problems and Solutions for Windows Operating Systems (11.7.2) 713 Advanced Troubleshooting for Windows Operating Systems (11.7.3) 718 Summary (11.8) 723 Practice 724 Check Your Understanding Questions 726 Chapter 12 Mobile, Linux, and macOS Operating Systems 731 Objectives 731 Key Terms 731 Introduction (12.0) 733 Mobile Operating Systems (12.1) 733 Android vs. iOS (12.1.1) 733 Mobile Touch Interface (12.1.2) 739 Common Mobile Device Features (12.1.3) 746 Methods for Securing Mobile Devices (12.2) 762 Passcode Locks (12.2.1) 763 Cloud-Enabled Services for Mobile Devices (12.2.2) 766 Software Security (12.2.3) 771 Linux and macOS Operating Systems (12.3) 775 Linux and macOS Tools and Features (12.3.1) 775 Linux and macOS Best Practices (12.3.2) 790 Basic CLI Commands (12.3.3) 795 Basic Troubleshooting Process for Mobile, Linux, and macOS Operating Systems (12.4) 806 Applying the Troubleshooting Process to Mobile, Linux, and macOS Operating Systems (12.4.1) 806 Common Problems and Solutions for Other Operating Systems (12.4.2) 810 Summary (12.5) 818 Practice 818 Check Your Understanding Questions 819 Chapter 13 Security 823 Objectives 823 Key Terms 823 Introduction (13.0) 826 13.1 Security Threats (13.1) 826 Malware (13.1.1) 827 Preventing Malware (13.1.2) 832 Network Attacks (13.1.3) 837 Social Engineering Attacks (13.1.4) 842 Security Procedures (13.2) 846 Security Policy (13.2.1) 846 Protecting Physical Equipment (13.2.2) 847 Protecting Data (13.2.3) 854 Data Destruction (13.2.4) 860 Securing Windows Workstations (13.3) 862 Securing a Workstation (13.3.1) 862 Windows Local Security Policy (13.3.2) 868 Managing Users and Groups (13.3.3) 873 Windows Firewall (13.3.4) 881 Web Security (13.3.5) 889 Security Maintenance (13.3.6) 898 Wireless Security (13.4) 901 Configure Wireless Security (13.4.1) 901 Basic Troubleshooting Process for Security (13.5) 916 Applying the Troubleshooting Process to Security (13.5.1) 916 Common Problems and Solutions for Security (13.5.2) 920 Summary (13.6) 923 Practice 924 Packet Tracer Activity 925 Check Your Understanding Questions 925 Chapter 14 The IT Professional 929 Objectives 929 Key Terms 929 Introduction (14.0) 932 Communication Skills and the IT Professional (14.1) 932 Communication Skills, Troubleshooting, and Professional Behavior (14.1.1) 932 Working with a Customer (14.1.2) 934 Professional Behavior (14.1.3) 936 The Customer Call (14.1.4) 939 Operational Procedures (14.2) 941 Documentation (14.2.1) 942 Change Management (14.2.2) 948 Disaster Prevention and Recovery (14.2.3) 951 Ethical and Legal Considerations (14.3) 955 Ethical and Legal Considerations in the IT Profession (14.3.1) 955 Legal Procedures Overview (14.3.2) 960 Call Center Technicians (14.4) 964 Call Centers, Level One and Level Two Technicians (14.4.1) 964 Basic Scripting and the IT Professional (14.4.2) 969 Summary (14.5) 978 Practice 979 Check Your Understanding Questions 979 Appendix A Answers to “Check Your Understanding” Questions 985 Glossary 1007 9780138166106 TOC 6/14/2023

Read more less

Book SynopsisCisco Networking Academy is an innovative Cisco education initiative that delivers information and communication technology skills to improve career and economic opportunities around the world. The Academy provides online courses, interactive tools, and lab activities to prepare individuals for information technology and networking careers in virtually every industry.Table of ContentsChapter 1 Communication in a Connected World 1 This chapter contains no labs or packet tracers. Chapter 2 Network Components, Types, and Connections 3 This chapter contains no labs or packet tracers. Chapter 3 Wireless and Mobile Networks 5 This chapter contains no labs or packet tracers. Chapter 4 Build a Home Network 7 4.4.4. Packet Tracer–Configure a Wireless Router and Clients 7 Chapter 5 Communication Principles 13 This chapter contains no labs or packet tracers. Chapter 6 Network Media 15 This chapter contains no labs or packet tracers. Chapter 7 The Access Layer 17 This chapter contains no labs or packet tracers. Chapter 8 The Internet Protocol 19 8.1.2 Packet Tracer–Connect to a Web Server 19 Chapter 9 IPv4 and Network Segmentation 21 This chapter contains no labs or packet tracers. Chapter 10 IPv6 Addressing Formats and Rules 23 This chapter contains no labs or packet tracers. Chapter 11 Dynamic Addressing with DHCP 25 11.2.3 Packet Tracer–Configure DHCP on a Wireless Router 25 Chapter 12 Gateways to Other Networks 29 12.2.2 Packet Tracer–Examine NAT on a Wireless Router 29 Chapter 13 The ARP Process 33 13.1.3 Packet Tracer–Identify MAC and IP Addresses 33 Reflection Questions 35 Chapter 14 Routing Between Networks 37 14.3.3 Packet Tracer–Observe Traffic Flow in a Routed Network 37 14.3.4 Packet Tracer–Create a LAN 41 Reflection Question 43 Chapter 15 TCP and UDP 45 This chapter contains no labs or packet tracers. Chapter 16 Application Layer Services 47 16.1.5 Packet Tracer–The Client Interaction 47 16.4.3 Packet Tracer–Observe Web Request 49 16.5.3 Packet Tracer–Use FTP Services 51 16.6.4 Packet Tracer–Use Telnet and SSH 54 Chapter 17 Network Testing Utilities 57 17.1.3 Packet Tracer–Use the ipconfig Command 57 17.1.6 Packet Tracer–Use the ping Command 58 Chapter 18 Network Design 61 18.2.3 Lab–View Wireless and Wired NIC Information 61 Reflection Questions 63 Chapter 19 Cloud and Virtualization 65 19.2.3 Lab–Install Linux in a Virtual Machine and Explore the GUI 65 Reflection Question 68 Chapter 20 Number Systems 69 This chapter contains no labs or packet tracers. Chapter 21 Ethernet Switching 71 21.1.4 Lab–Determine the MAC Address of a Host 71 Reflection Questions 72 21.2.6 Lab–Install Wireshark 74 21.2.7 Lab–Use Wireshark to Examine Ethernet Frames 77 Reflection Question 83 Chapter 22 Network Layer 85 This chapter contains no labs or packet tracers. Chapter 23 IPv4 Address Structure 87 This chapter contains no labs or packet tracers. Chapter 24 Address Resolution 89 24.1.9 Packet Tracer–Examine the ARP Table 89 24.1.10 Lab–View ARP Traffic in Wireshark 93 Reflection Questions 99 Chapter 25 IP Addressing Services 101 25.1.8 Lab–Observe DNS Resolution 101 Reflection Question 105 Chapter 26 Transport Layer 107 26.8.1 Packet Tracer–TCP and UDP Communications 107 Chapter 27 The Cisco IOS Command Line 113 27.2.6 Packet Tracer–Navigate the IOS 113 27.3.3 Packet Tracer–Use Cisco IOS Show Commands 118 Chapter 28 Build a Small Cisco Network 121 28.1.4 Packet Tracer–Implement Basic Connectivity 121 28.2.4 Packet Tracer–Configure Initial Router Settings 124 28.3.6 Packet Tracer–Configure SSH 128 28.4.5 Packet Tracer–Troubleshoot Default Gateway Issues 130 Chapter 29 ICMP 133 29.2.6 Packet Tracer–Verify IPv4 and IPv6 Addressing 133 29.2.7 Packet Tracer–Use Ping and Traceroute to Test Network Connectivity 136 29.3.1 Packet Tracer–Use ICMP to Test and Correct Network Connectivity 140 Chapter 30 Physical Layer 143 This chapter contains no labs or packet tracers. Chapter 31 Data Link Layer 145 This chapter contains no labs or packet tracers. Chapter 32 Routing at the Network Layer 147 This chapter contains no labs or packet tracers. Chapter 33 IPv6 Addressing 149 33.4.6 Packet Tracer–Configure IPv6 Addressing 149 33.5.4 Lab–Identify IPv6 Addresses 152 Reflection Questions 155 Chapter 34 IPv6 Neighbor Discovery 157 34.1.4 Packet Tracer–IPv6 Neighbor Discovery 157 Reflection Questions 161 Chapter 35 Cisco Switches and Routers 163 This chapter contains no labs or packet tracers. Chapter 36 Troubleshoot Common Network Problems 165 36.4.10 Lab–Troubleshoot Using Network Utilities 165 Reflection Questions 169 Chapter 37 Network Support 171 37.2.7 Packet Tracer–Connect a Network Based on a Network Diagram 171 37.2.12 Packet Tracer–Use CDP to Map a Network 174 37.2.13 Packet Tracer–Troubleshooting Challenge–Document the Network 178 Reflection Questions 180 37.4.9 Lab–Verify Address with a Subnet Calculator 182 37.5.3 Lab–Install Wireshark 184 37.5.4 Lab–Use Network Tools to Learn About a Network 186 Reflection Question 193 Appendix A: Allowing ICMP Traffic Through a Firewall 193 37.5.6 Packet Tracer–Troubleshooting Challenge - Use Documentation to Solve Issues 195 Chapter 38 Cybersecurity Threats, Vulnerabilities, and Attacks 199 38.2.11 Lab–Explore Social Engineering Techniques 199 Chapter 39 Network Security 203 39.2.13 Packet Tracer–Configure Access Control 203 39.6.16 Packet Tracer–Configure Basic Wireless Security 207 9780138293727, TOC, 10/9/23

Read more less

Book Synopsis

Read more less

Book SynopsisCCENT Practice and Study Guide is designed with dozens of exercises to help you learn the concepts and configurations crucial to your success with the Interconnecting Cisco Networking Devices Part 1 (ICND1 100-101) exam. The author has mapped the chapters of this book to the first two Cisco Networking Academy courses in the CCNA Routing and Switching curricula, Introduction to Networks and Routing and Switching Essentials. These courses cover the objectives of the Cisco Certified Networking Entry Technician (CCENT) certification. Getting your CCENT certification means that you have the knowledge and skills required to successfully install, operate, and troubleshoot a small branch office network. As a Cisco Networking Academy student or someone taking CCENT-related classes from professional training organizations, or college- and university-level networking courses, you will gain a detailed understanding of routing by successfully completing all the exercises in this book.Each chapter is designed with a variety of exercises, activities, and scenarios to help you: · Review vocabulary · Strengthen troubleshooting skills · Boost configuration skills · Reinforce concepts · Research and analyze topicsTable of Contents Part I: Introduction to Networks CHAPTER 1 Exploring the Network 1 Globally Connected 1 Vocabulary Exercise: Matching 2 Completion Exercise 3 LANs, WANs, and the Internet 3 Completion Exercise 3 Classify and Identify Network Components 5 Compare LANs and WANs 6 Vocabulary Exercise: Matching 7 The Network as a Platform 8 Classify Network Architecture Requirements 8 The Changing Network Environment 10 Completion Exercise 10 Network Security Terminology 11 CHAPTER 2 Configuring a Network Operating System 13 IOS Bootcamp 13 Completion Exercise 13 Accessing a Cisco IOS Device 14 Navigating the IOS Matching Exercise 15 Basic Device Configuration 16 Applying a Basic Configuration 16 CHAPTER 3 Network Protocols and Communications 19 Rules of Communication 19 Vocabulary Exercise: Matching 20 Network Protocols and Standards 21 Protocol Definitions: Matching 21 Mapping the Protocols of the TCP/IP Suite 22 Explore the Purpose of Standards Organizations 22 OSI Reference Model Layers: Matching 24 TCP/IP Model Layers: Matching 24 Mapping the Layers of the OSI and TCP/IP Models 25 Moving Data in the Network 26 Data Encapsulation and the PDUs 26 The Role of Addressing in Network Communications 27 CHAPTER 4 Network Access 29 Physical Layer Protocols 29 Completion Exercise 29 Vocabulary Exercise: Matching 31 Network Media 32 Copper Cabling Completion Exercise 32 Compare UTP, STP, and Coaxial Characteristics 32 UTP Cabling Completion Exercise 33 UTP Cable Pinouts 34 Fiber-Optic Cabling Completion Exercise 34 Compare Single-Mode and Multimode Fiber 35 Wireless Media Completion Exercise 36 Data Link Layer Protocols 37 The Sublayers of the Data Link Layer 37 Label the Generic Frame Fields 37 Identify the Data Link Layer Standards Organization 37 Media Access Control 38 Topologies and Access Methods Completion Exercise 38 Label the Ethernet Frame Fields 39 Label the PPP Frame Fields 40 Label the 802.11 Wireless Frame Fields 40 CHAPTER 5 Ethernet 41 Ethernet Protocol 41 Ethernet Operation Completion Exercise 41 Identify the Ethernet Frame Attributes: Matching 42 Comparing Decimal, Binary, and Hexadecimal Digits 43 Address Resolution Protocol 43 Completion Exercise 43 Identify the MAC and IP Addresses 44 LAN Switches 45 Building the MAC Address Table 45 Switching Concepts Completion Exercise 46 Comparing Switch Forwarding Methods 47 Forward the Frame 47 Layer 3 Switching Concepts Completion Exercise 50 Layer 3 Switch Configuration 51 CHAPTER 6 Network Layer 53 Network Layer Protocols 53 The Processes of the Network Layer 53 Characteristics of the IP Protocol 53 Fields of the IPv4 Packet: Matching 55 Fields of the IPv6 Packet: Matching 55 Routing 56 How a Host Routes Packets Completion Exercise 56 Routing Table Entry: Matching 58 Routers 58 Identify Router Components 58 Router Boot Process Exercise 59 Interpreting the show version Command Exercise 60 Configuring a Cisco Router 60 Basic Router Configuration Exercise 60 Applying a Basic Configuration 62 Verifying Basic Router Configuration 63 CHAPTER 7 Transport Layer 65 Transport Layer Protocols 65 Transportation of Data Completion Exercise 65 Introducing TCP and UDP 66 TCP and UDP 66 TCP Communication 67 UDP Communication 69 TCP or UDP, That Is the Question 69 CHAPTER 8 IP Addressing 71 IPv4 Network Addresses 71 IPv4 Address Structure 71 IPv4 Subnet Mask 72 The Last Nonzero Octet 73 ANDing to Determine the Network Address 73 IPv4 Unicast, Broadcast, and Multicast 74 Types of IPv4 Addresses 74 IPv6 Network Addresses 75 Representing IPv6 Addresses 76 Identify IPv6 Address Types 77 IPv6 Unicast Addresses 80 The 3-1-4 Rule 80 Static Configuration of Global Unicast Addressing 81 Dynamic Configuration of Global Unicast Addressing 81 IPv6 Multicast Addresses 82 Connectivity Verification 83 ICMP Message Types 83 Testing the Path 83 CHAPTER 9 Subnetting IP Networks 85 Subnetting an IPv4 Network 85 Subnetting in Four Steps 85 Subnetting Example 85 Determine How Many Bits to Borrow 85 Determine the New Subnet Mask 86 Determine the Subnet Multiplier 86 List the Subnets, Host Ranges, and Broadcast Addresses 87 Subnetting Scenario 1 87 Subnetting Scenario 2 87 Subnetting Scenario 3 88 VLSM Addressing Schemes 88 VLSM Review 89 VLSM Addressing Design Exercises 90 Exercise 1 91 Exercise 2 92 Exercise 3 93 Exercise 4 93 Design Considerations for IPv6 94 Subnetting an IPv6 Network 95 IPv6 Subnetting Practice 95 IPv6 Subnetting Scenario 1 95 IPv6 Subnetting Scenario 2 96 IPv6 Subnetting Scenario 3 96 CHAPTER 10 Application Layer 97 Application Layer Protocols 97 OSI and TCP/IP Model Comparison 97 Application and Presentation Protocols and Standards 98 How Application Protocols Interact with End-User Applications 98 Well-Known Application Layer Protocols and Services 99 Web and Mail Services 99 IP Addressing Services 100 File Sharing Services 102 The Message Heard Around the World 103 CHAPTER 11 It’s a Network 105 Create and Grow 105 Devices in a Small Network 105 Protocols in a Small Network 106 Growing to Larger Networks 107 Keeping the Network Safe 107 Network Device Security Measures 107 Vulnerabilities and Network Attacks 108 Mitigating Network Attacks 109 Securing Devices 110 Basic Network Performance 110 Using the ping Command 111 Tracing a Route 111 show Commands 112 Managing IOS Configuration Files 114 Integrated Routing Services 116 Part II: Routing and Switching Essentials CHAPTER 12 Introduction to Switched Networks 117 LAN Design 117 LAN Design Principles 117 Selecting Switch Hardware 119 The Switched Environment 120 Frame Forwarding Methods and Terminology 120 Building the MAC Address Table 120 Collision and Broadcast Domains 122 CHAPTER 13 Basic Switching Concepts and Configuration 125 Basic Switch Configuration 125 Switch Boot Sequence 125 Half-Duplex, Full-Duplex, and Auto-MDIX 125 Configure a Switch with Initial Settings 126 Basic Configuration Tasks 127 Applying a Basic Configuration 127 Verifying Basic Switch Configuration 129 Switch Security: Management and Implementation 129 Configuring SSH 129 Common Security Attacks 131 Configuring Port Security 132 Configuring NTP 134 NTP Commands 134 CHAPTER 14 VLANs 135 VLAN Segmentation 135 Overview of VLANs 135 VLANs in a Multiswitched Environment 136 VLAN Implementations 137 VLAN Configuration Exercise 137 Practice VLAN Configuration 141 VLAN Trunk Configuration Exercise 141 Practice Trunk Configuration 142 Dynamic Trunking Protocol 143 Troubleshoot VLANs and Trunks 144 VLAN Security and Design 146 Switch Spoofing Attack 146 Double-Tagging Attack 147 PVLAN Edge 147 CHAPTER 15 Routing Concepts 149 Initial Configuration of a Router 149 Functions of a Router 149 External Router Features 152 Topology and Addressing Documentation 154 Configure and Verify Dual-Stack IPv4 and IPv6 Addressing 156 Routing Decisions 161 Path Determination 162 Concept of Administrative Distance Exercise 164 Switching Packets Between Networks 164 Router Operation 165 Analyze the Routing Table 165 Directly Connected, Static, and Dynamic Routes 167 CHAPTER 16 Inter-VLAN Routing 171 Inter-VLAN Routing Configuration 171 Types of Inter-VLAN Routing 171 Configuring Inter-VLAN Routing 172 Troubleshoot Inter-VLAN Routing 174 Inter-VLAN Troubleshooting Scenarios 174 Layer 3 Switching 176 Layer 3 Switching Operation 176 Configuring Static Routes on a Catalyst 2960 177 Layer 3 Switching Troubleshooting Scenarios 179 CHAPTER 17 Static Routing 183 Static Routing Implementation 183 Static Routing Overview 183 Identify Types of Static Routes 184 Configure Static and Default Routes 185 Configuring IPv4 Static and Default Routes 185 B1 and B2 Routing Strategy 186 Configuring IPv6 Static and Default Routes 187 B1 and B2 Routing Strategy 187 Review of CIDR and VLSM 188 Classful Addressing 189 CIDR and Route Summarization 189 Summary Route Calculation Scenario 1 190 Summary Route Calculation Scenario 2 191 Summary Route Calculation Scenario 3 191 Configure Summary and Floating Static Routes 191 Configure IPv4 Summary Routes 192 Configure IPv6 Summary Routes 192 Configure Floating Static Routes 194 Troubleshoot Static and Default Route Issues 195 IPv4 Static and Default Route Implementation 195 IPv6 Static and Default Route Implementation 195 CHAPTER 18 Routing Dynamically 197 Dynamic Routing Protocols 197 Dynamic Routing Protocol Operation 197 Compare Static and Dynamic Routing 197 From Cold Start to Convergence 198 Dynamic Routing Protocols Classification Chart 200 Routing Protocols Characteristics 201 Comparing Routing Protocol Characteristics 202 Distance Vector Dynamic Routing 202 Distance Vector Operation and Terminology 202 Comparing RIP and EIGRP 204 RIP and RIPng Routing 204 Configuring RIPv2 204 Configuring RIPng 206 Link-State Dynamic Routing 208 Link-State Routing Protocol Operation 208 Building the Link-State Database 210 Using Link-State Routing Protocols 214 The Routing Table 214 Identifying Elements of the Routing Table 214 Dynamically Learned IPv4 Routes 215 The IPv4 Route Lookup Process 217 Routing Table Lookup Chart 217 Routing Table Lookup Exercise 218 Analyze an IPv6 Routing Table 219 CHAPTER 19 Single-Area OSPF 221 Characteristics of OSPF 221 OSPF Terminology 222 OSPF Concepts 223 OSPF Operation 224 Configuring Single-Area OSPFv2 227 The Router ID 228 Single-Area OSPFv2 Basic Configuration Scenario 229 Adjusting OSPF Cost 231 The Reference Bandwidth 231 The Default Interface Bandwidth 232 Modifying the OSPF Cost Metric 232 Verify the OSPF Configuration 233 Configure Single-Area OSPFv3 233 Comparing OSPFv2 and OSPFv3 233 Configuring OSPFv3 234 Verifying OSPFv3 236 CHAPTER 20 Access Control Lists 237 IP ACL Operation 237 Standard Versus Extended IPv4 ACLs 237 Calculating Wildcard Masks 237 Wildcard Mask in Operation 238 Guidelines for ACL Creation 239 Guidelines for ACL Placement 240 Standard IPv4 ACLs 240 Configuring Standard IPv4 ACLs 241 Modifying IPv4 ACLs 244 Securing vty Ports with a Standard IPv4 ACL 245 Extended IPv4 ACLs 245 Configuring Extended IPv4 ACL Statements 245 Extended ACL Configuration Scenarios 246 Evaluating Extended IPv4 ACL Statements 247 Extended ACL Quiz 248 Troubleshoot ACLs 251 IPv6 ACLs 252 Comparing IPv4 and IPv6 ACLs 252 Configuring IPv6 ACLs 252 CHAPTER 21 DHCP 255 Dynamic Host Configuration Protocol v4 255 DHCPv4 Operation 255 Configuring a Cisco Device as a DHCPv4 Server 256 Configuring a Router to Relay DHCPv4 Requests 258 Configuring a Router as a DHCPv4 Client 259 Troubleshooting DHCPv4 259 Dynamic Host Configuration Protocol v6 260 SLAAC and DHCPv6 260 Configuring a Router as a Stateless DHCPv6 Server 262 Configuring a Router as a Stateful DHCPv6 Server 263 CHAPTER 22 Network Address Translation for IPv4 265 NAT Operation 265 NAT Characteristics 265 Configuring NAT 267 Configuring Static NAT 267 Configuring Dynamic NAT 268 Configuring Port Address Translation 269 A Word About Port Forwarding 272 Configuring NAT and IPv6 272 Troubleshooting NAT 273 9781587133459, TOC, 11/22/2013

Read more less

Book Synopsis IT Essentials v6 Companion Guide supports the Cisco Networking Academy IT Essentials version 6 course. The course is designed for Cisco Networking Academy students who want to pursue careers in IT and learn how computers work, how to assemble computers, and how to safely and securely troubleshoot hardware and software issues. As CompTIA Approved Quality Content, the course also helps you prepare for the CompTIA A+ certification exams 220-901 and 220-902. Students must pass both exams to earn the CompTIA A+ certification. The features of the Companion Guide are designed to help you study and succeed in this course: Chapter objectives–Review core concepts by answering the focus questions listed at the beginning of each chapter. Key terms–Refer to the updated lists of networking vocabulary introduced, and turn to the highlighted terms in context. Course section numbering–Follow along with the course heading numbers to easily jump online to complete labs, activities, and quizzes referred to within the text. Check Your Understanding Questions and Answer Key–Evaluate your readiness with the updated end-of-chapter questions that match the style of questions you see on the online course quizzes. This icon in the Companion Guide indicates when there is a hands-on Lab to do. All the Labs from the course are compiled and published in the separate book, IT Essentials v6 Lab Manual. Practicing and performing all these tasks will reinforce the concepts and help you become a successful PC technician. Table of Contents Chapter 1 Introduction to the Personal Computer System Chapter 2 Introduction to Lab Procedures and Tool Use Chapter 3 Computer Assembly Chapter 4 Overview of Preventive Maintenance Chapter 5 Windows Installation Chapter 6 Windows Configuration and Management Chapter 7 Networking Concepts Chapter 8 Applied Networking Chapter 9 Laptops and Mobile Devices Chapter 10 Mobile, Linux, and OS X Operating Systems Chapter 11 Printers Chapter 12 Security Chapter 13 The IT Professional Appendix A Answers to “Check Your Understanding” Questions Glossary

Read more less

Book SynopsisIntroduction to Networks v6 Course Booklet Your Cisco Networking Academy® Course Booklet is designed as a study resource you can easily read, highlight, and review on the go, wherever the Internet is not available or practical: · The text is extracted directly, word-for-word, from the online course so you can highlight important points and take notes in the “Your Chapter Notes” section. · Headings with the exact page correlations provide a quick reference to the online course for your classroom discussions and exam preparation. · An icon system directs you to the online curriculum to take full advantage of the images embedded within the Networking Academy online course interface and reminds you to do the labs, interactive activities, packet tracer activities, watch videos, and take the chapter quizzes. The Course Booklet is a basic, economical paper-based resource to help you succeed with the Cisco Networking Academy online course. Related titles: Introduction to Networks v6 Labs & Study Guide Book: 978-1-58713-361-9 Introduction to Networks v6 Companion Guide Book: 978-1-58713-360-2 eBook: 978-0-13-465563-5 CCNA Routing and Switching Portable Command Guide, Fourth Edition Book: 978-1-58720-588-0 eBook: 978-0-13-446617-0Table of ContentsChapter 0 Course Introduction 1 0.0 Welcome to Introduction to Networks 1 0.0.1 Message to the Student 1 0.0.1.1 Welcome 1 0.0.1.2 A Global Community 1 0.0.1.3 More Than Just Information 1 0.0.1.4 How We Teach 2 0.0.1.5 Practice Leads to Mastery 2 0.0.1.6 Mind Wide Open 2 0.0.1.7 Engineering Journals 2 0.0.1.8 Explore the World of Networking 2 0.0.1.9 Create Your Own Worlds 3 0.0.1.10 How Packet Tracer Helps Master Concepts 3 0.0.1.11 Course Overview 3 Chapter 1 Explore the Network 5 1.0 Introduction 5 1.0.1.1 Exploring the Network 5 1.0.1.2 Class Activity - Draw Your Concept of the Internet 5 1.1 Globally Connected 6 1.1.1 Networking Today 6 1.1.1.1 Networks in Our Daily Lives 6 1.1.1.2 Technology Then and Now 6 1.1.1.3 No Boundaries 6 1.1.1.4 Networks Support the Way We Learn 7 1.1.1.5 Networks Support the Way We Communicate 7 1.1.1.6 Networks Support the Way We Work 8 1.1.1.7 Networks Support the Way We Play 8 1.1.1.8 Lab - Researching Network Collaboration Tools 8 1.1.2 Providing Resources in a Network 9 1.1.2.1 Networks of Many Sizes 9 1.1.2.2 Clients and Servers 9 1.1.2.3 Peer-to-Peer 9 1.2 LANs, WANs, and the Internet 10 1.2.1 Network Components 10 1.2.1.1 Overview of Network Components 10 1.2.1.2 End Devices 10 1.2.1.3 Intermediary Network Devices 10 1.2.1.4 Network Media 11 1.2.1.5 Network Representations 11 1.2.1.6 Topology Diagrams 11 1.2.1.7 Activity - Network Component Representations and Functions 12 1.2.2 LANs and WANs 12 1.2.2.1 Types of Networks 12 1.2.2.2 Local Area Networks 12 1.2.2.3 Wide Area Networks 13 1.2.3 The Internet, Intranets, and Extranets 13 1.2.3.1 The Internet 13 1.2.3.2 Intranets and Extranets 13 1.2.4 Internet Connections 14 1.2.4.1 Internet Access Technologies 14 1.2.4.2 Home and Small Office Internet Connections 14 1.2.4.3 Businesses Internet Connections 15 1.2.4.4 Packet Tracer - Help and Navigation Tips 15 1.2.4.5 Packet Tracer - Network Representation 15 1.3 The Network as a Platform 16 1.3.1 Converged Networks 16 1.3.1.1 Traditional Separate Networks 16 1.3.1.2 The Converging Network 16 1.3.1.3 Lab — Researching Converged Network Services 16 1.3.2 Reliable Network 16 1.3.2.1 Network Architecture 16 1.3.2.2 Fault Tolerance 17 1.3.2.3 Scalability 17 1.3.2.4 Quality of Service 17 1.3.2.5 Security 18 1.3.2.6 Activity - Reliable Networks 18 1.4 The Changing Network Environment 18 1.4.1 Network Trends 18 1.4.1.1 New Trends 18 1.4.1.2 Bring Your Own Device 19 1.4.1.3 Online Collaboration 19 1.4.1.4 Video Communication 19 1.4.1.5 Cloud Computing 20 1.4.2 Networking Technologies for the Home 20 1.4.2.1 Technology Trends in the Home 20 1.4.2.2 Powerline Networking 20 1.4.2.3 Wireless Broadband 21 1.4.3 Network Security 21 1.4.3.1 Security Threats 21 1.4.3.2 Security Solutions 22 1.4.3.3 Activity - Network Security Terminology 23 1.4.4 Network Architecture 23 1.4.4.1 Cisco Network Architecture 23 1.4.4.2 CCNA 24 1.4.4.3 Lab - Researching IT and Networking Job Opportunities 24 1.5 Summary 24 1.5.1 Conclusion 24 1.5.1.1 Class Activity — Draw Your Concept of the Internet Now 24 1.5.1.2 Warriors of the Net 25 1.5.1.3 Exploring the Network 25 Chapter 2 Configure a Network Operating System 27 2.0 Introduction 27 2.0.1.1 Configure a Network Operating System 27 2.0.1.2 Class Activity - It Is Just an Operating System 27 2.1 IOS Bootcamp 28 2.1.1 Cisco IOS 28 2.1.1.1 Operating Systems 28 2.1.1.2 Purpose of OS 28 2.1.2 Cisco IOS Access 29 2.1.2.1 Access Methods 29 2.1.2.2 Terminal Emulation Programs 29 2.1.2.3 Activity - Accessing Devices 30 2.1.3 Navigate the IOS 30 2.1.3.1 Cisco IOS Modes of Operation 30 2.1.3.2 Primary Command Modes 30 2.1.3.3 Configuration Command Modes 30 2.1.3.4 Navigate Between IOS Modes 31 2.1.4 The Command Structure 32 2.1.4.1 Basic IOS Command Structure 32 2.1.4.2 IOS Command Syntax 32 2.1.4.3 IOS Help Features 32 2.1.4.4 Hotkeys and Shortcuts 33 2.1.4.5 Video Demonstration — Hotkeys and Shortcuts 33 2.1.4.6 Packet Tracer - Navigating the IOS 33 2.1.4.7 Lab - Establishing a Console Session with Tera Term 33 2.2 Basic Device Configuration 34 2.2.1 Hostnames 34 2.2.1.1 Device Names 34 2.2.1.2 Configure Hostnames 34 2.2.2 Limit Access to Device Configurations 35 2.2.2.1 Secure Device Access 35 2.2.2.2 Configure Passwords 35 2.2.2.3 Encrypt Passwords 35 2.2.2.4 Banner Messages 36 2.2.2.5 Syntax Checker - Limiting Access to a Switch 36 2.2.3 Save Configurations 36 2.2.3.1 Save the Running Configuration File 36 2.2.3.2 Alter the Running Configuration 37 2.2.3.3 Capture Configuration to a Text File 37 2.2.3.4 Packet Tracer - Configuring Initial Switch Settings 38 2.3 Address Schemes 38 2.3.1 Ports and Addresses 38 2.3.1.1 IP Addresses 38 2.3.1.2 Interfaces and Ports 39 2.3.2 Configure IP Addressing 39 2.3.2.1 Manual IP Address Configuration for End Devices 39 2.3.2.2 Automatic IP Address Configuration for End Devices 40 2.3.2.3 Switch Virtual Interface Configuration 40 2.3.2.4 Syntax Checker - Configuring a Switch Virtual Interface 40 2.3.2.5 Packet Tracer - Implementing Basic Connectivity 41 2.3.3 Verifying Connectivity 41 2.3.3.1 Interface Addressing Verification 41 2.3.3.2 End-to-End Connectivity Test 41 2.3.3.3 Lab - Building a Simple Network 41 2.3.3.4 Lab - Configuring a Switch Management Address 41 2.4 Summary 42 2.4.1 Conclusion 42 2.4.1.1 Class Activity - Tutor Me 42 2.4.1.2 Packet Tracer - Skills Integration Challenge 42 2.4.1.3 Configure a Network Operating System 42 Chapter 3 Network Protocols and Communications 45 3.0 Introduction 45 3.0.1.1 Network Protocols and Communications 45 3.0.1.2 Class Activity - Designing a Communications System 45 3.1 Rules of Communication 46 3.1.1 The Rules 46 3.1.1.1 Communication Fundamentals 46 3.1.1.2 Rule Establishment 46 3.1.1.3 Message Encoding 47 3.1.1.4 Message Formatting and Encapsulation 47 3.1.1.5 Message Size 48 3.1.1.6 Message Timing 48 3.1.1.7 Message Delivery Options 49 3.2 Network Protocols and Standards 49 3.2.1 Protocols 49 3.2.1.1 Rules that Govern Communications 49 3.2.1.2 Network Protocols 50 3.2.1.3 Protocol Interaction 50 3.2.2 Protocol Suites 51 3.2.2.1 Protocol Suites and Industry Standards 51 3.2.2.2 Development of TCP/IP 51 3.2.2.3 TCP/IP Protocol Suite 51 3.2.2.4 TCP/IP Communication Process 52 3.2.2.5 Activity - Mapping the Protocols of the TCP/IP Suite 52 3.2.3 Standard Organizations 52 3.2.3.1 Open Standards 52 3.2.3.2 Internet Standards 53 3.2.3.3 Electronics and Communications Standard Organizations 53 3.2.3.4 Lab - Researching Networking Standards 54 3.2.4 Reference Models 54 3.2.4.1 The Benefits of Using a Layered Model 54 3.2.4.2 The OSI Reference Model 55 3.2.4.3 The TCP/IP Protocol Model 55 3.2.4.4 OSI Model and TCP/IP Model Comparison 55 3.2.4.5 Activity - Identify Layers and Functions 56 3.2.4.6 Packet Tracer - Investigating the TCP/IP and OSI Models in Action 56 3.3 Data Transfer in the Network 56 3.3.1 Data Encapsulation 56 3.3.1.1 Message Segmentation 56 3.3.1.2 Protocol Data Units 57 3.3.1.3 Encapsulation Example 57 3.3.1.4 De-encapsulation 57 3.3.1.5 Activity - Identify the PDU Layer 57 3.3.2 Data Access 57 3.3.2.1 Network Addresses 57 3.3.2.2 Data Link Addresses 58 3.3.2.3 Devices on the Same Network 58 3.3.2.4 Devices on a Remote Network 59 3.4 Summary 60 3.4.1 Conclusion 60 3.4.1.1 Lab - Installing Wireshark 60 3.4.1.2 Lab - Using Wireshark to View Network Traffic 60 3.4.1.3 Class Activity - Guaranteed to Work! 61 3.4.1.4 Network Protocols and Communications 61 Chapter 4 Network Access 63 4.0 Introduction 63 4.0.1.1 Network Access 63 4.0.1.2 Class Activity — Managing the Medium 63 4.1 Physical Layer Protocols 63 4.1.1 Physical Layer Connection 63 4.1.1.1 Types of Connections 63 4.1.1.2 Network Interface Cards 64 4.1.2 Purpose of the Physical Layer 65 4.1.2.1 The Physical Layer 65 4.1.2.2 Physical Layer Media 65 4.1.2.3 Physical Layer Standards 65 4.1.2.4 Lab - Identifying Network Devices and Cabling 66 4.1.3 Physical Layer Characteristics 66 4.1.3.1 Functions 66 4.1.3.2 Bandwidth 67 4.1.3.3 Throughput 68 4.1.3.4 Types of Physical Media 68 4.1.3.5 Activity - Physical Layer Terminology 68 4.2 Network Media 69 4.2.1 Copper Cabling 69 4.2.1.1 Characteristics of Copper Cabling 69 4.2.1.2 Copper Media 69 4.2.1.3 Unshielded Twisted-Pair Cable 70 4.2.1.4 Shielded Twisted-Pair Cable 70 4.2.1.5 Coaxial Cable 70 4.2.1.6 Copper Media Safety 71 4.2.1.7 Activity - Copper Media Characteristics 71 4.2.2 UTP Cabling 71 4.2.2.1 Properties of UTP Cabling 71 4.2.2.2 UTP Cabling Standards 72 4.2.2.3 UTP Connectors 72 4.2.2.4 Types of UTP Cable 73 4.2.2.5 Testing UTP Cables 73 4.2.2.6 Cable Pinouts 74 4.2.2.7 Lab - Building an Ethernet Crossover Cable 74 4.2.3 Fiber-Optic Cabling 74 4.2.3.1 Properties of Fiber-Optic Cabling 74 4.2.3.2 Fiber Media Cable Design 74 4.2.3.3 Types of Fiber Media 75 4.2.3.4 Fiber-Optic Connectors 75 4.2.3.5 Testing Fiber Cables 76 4.2.3.6 Fiber versus Copper 76 4.2.3.7 Activity - Fiber Optics Terminology 76 4.2.4 Wireless Media 76 4.2.4.1 Properties of Wireless Media 76 4.2.4.2 Types of Wireless Media 77 4.2.4.3 Wireless LAN 78 4.2.4.4 Packet Tracer — Connecting a Wired and Wireless LAN 78 4.2.4.5 Lab - Viewing Wired and Wireless NIC Information 78 4.3 Data Link Layer Protocols 78 4.3.1 Purpose of the Data Link Layer 78 4.3.1.1 The Data Link Layer 78 4.3.1.2 Data Link Sublayers 79 4.3.1.3 Media Access Control 79 4.3.1.4 Providing Access to Media 80 4.3.1.5 Data Link Layer Standards 80 4.4 Media Access Control 81 4.4.1 Topologies 81 4.4.1.1 Controlling Access to the Media 81 4.4.1.2 Physical and Logical Topologies 81 4.4.2 WAN Topologies 82 4.4.2.1 Common Physical WAN Topologies 82 4.4.2.2 Physical Point-to-Point Topology 82 4.4.2.3 Logical Point-to-Point Topology 82 4.4.3 LAN Topologies 83 4.4.3.1 Physical LAN Topologies 83 4.4.3.2 Half and Full Duplex 83 4.4.3.3 Media Access Control Methods 84 4.4.3.4 Contention-Based Access — CSMA/CD 84 4.4.3.5 Contention-Based Access — CSMA/CA 85 4.4.4 Data Link Frame 85 4.4.4.1 The Frame 85 4.4.4.2 Frame Fields 85 4.4.4.3 Activity — Generic Frame Fields 86 4.4.4.4 Layer 2 Address 86 4.4.4.5 LAN and WAN Frames 87 4.5 Summary 88 4.5.1 Conclusion 88 4.5.1.1 Class Activity — Linked In! 88 4.5.1.2 Network Access 88 Chapter 5 Ethernet 91 5.0 Introduction 91 5.0.1.1 Ethernet 91 5.0.1.2 Class Activity - Join My Social Circle! 91 5.1 Ethernet Protocol 92 5.1.1 Ethernet Frame 92 5.1.1.1 Ethernet Encapsulation 92 5.1.1.2 MAC Sublayer 93 5.1.1.3 Ethernet Evolution 93 5.1.1.4 Ethernet Frame Fields 94 5.1.1.5 Activity - MAC and LLC Sublayers 94 5.1.1.6 Activity - Ethernet Frame Fields 94 5.1.1.7 Lab - Using Wireshark to Examine Ethernet Frames 94 5.1.2 Ethernet MAC Addresses 94 5.1.2.1 MAC Address and Hexadecimal 94 5.1.2.2 MAC Address: Ethernet Identity 95 5.1.2.3 Frame Processing 95 5.1.2.4 MAC Address Representations 96 5.1.2.5 Unicast MAC Address 96 5.1.2.6 Broadcast MAC Address 97 5.1.2.7 Multicast MAC Address 97 5.1.2.8 Lab - Viewing Network Device MAC Addresses 97 5.2 LAN Switches 98 5.2.1 The MAC Address Table 98 5.2.1.1 Switch Fundamentals 98 5.2.1.2 Learning MAC Addresses 98 5.2.1.3 Filtering Frames 99 5.2.1.4 Video Demonstration - MAC Address Tables on Connected Switches 99 5.2.1.5 Video Demonstration - Sending a Frame to the Default Gateway 99 5.2.1.6 Activity - Switch It! 100 5.2.1.7 Lab - Viewing the Switch MAC Address Table 100 5.2.2 Switch Forwarding Methods 100 5.2.2.1 Frame Forwarding Methods on Cisco Switches 100 5.2.2.2 Cut-Through Switching 101 5.2.2.3 Memory Buffering on Switches 101 5.2.2.4 Activity - Frame Forwarding Methods 102 5.2.3 Switch Port Settings 102 5.2.3.1 Duplex and Speed Settings 102 5.2.3.2 Auto-MDIX 103 5.3 Address Resolution Protocol 103 5.3.1 MAC and IP 103 5.3.1.1 Destination on Same Network 103 5.3.1.2 Destination Remote Network 104 5.3.1.3 Packet Tracer — Identify MAC and IP Addresses 105 5.3.2 ARP 105 5.3.2.1 Introduction to ARP 105 5.3.2.2 ARP Functions 105 5.3.2.3 Video Demonstration — ARP Request 106 5.3.2.4 Video Demonstration — AR

Read more less

Book SynopsisThe only authorized Lab Manual for the Cisco Networking Academy CCNP Version 7 SWITCH course A CCNP certification equips students with the knowledge and skills needed to plan, implement, secure, maintain, and troubleshoot converged enterprise networks. The CCNP certification requires candidates to pass three 120-minute exams–ROUTE 300-101, SWITCH 300-115, TSHOOT 300-135–that validate the key competencies of network engineers. The Cisco Networking Academy curriculum consists of three experience-oriented courses that employ industry-relevant instructional approaches to prepare students for professional-level jobs: CCNP ROUTE: Implementing IP Routing, CCNP SWITCH: Implementing IP Switching, and CCNP TSHOOT: Maintaining and Troubleshooting IP Networks. This course teaches students how to implement, monitor, and maintain switching in converged enterprise campus networks. Students will learn how to plan, configure, and verify the implementation of complex enterprise switching solutions. The course also covers the secure integration of VLANs, WLANs, voice, and video into campus networks. Comprehensive labs emphasize hands-on learning and practice to reinforce configuration skills. The 15 comprehensive labs in this manual emphasize hands-on learning and practice to reinforce configuration skills. Table of Contents Chapter 1: Fundamentals Review Lab 1-1 Preparing the Switch. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1 Chapter 2: Network Design Fundamentals No labs in this chapter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8 Chapter 3: Campus Network Architecture Lab 3-1 Static VLANS, Trunking, and VTP. . . . . . . . . . . . . . . . . . . . . . . . . . 9 Lab 3-2 EtherChannel. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 28 Chapter 4: Spanning-tree In-depth Lab 4-1 Implement Spanning Tree Protocols . . . . . . . . . . . . . . . . . . . . . . . . 38 Lab 4-2 Multiple Spanning Tree . . . . . . . . . . . . . . . . . . . . . . . . . . . 59 Chapter 5: InterVLAN Routing Lab 5-1 Inter-VLAN Routing. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 70 Lab 5-2 DHCP. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .. . . . . . . . . . . . . . . . . . . 81 Chapter 6: First Hop Redundancy Lab 6-1 First Hop Redundancy Protocols - HSRP and VRRP. . . . . . . . . . . . . . . . . . 88 Lab 6-2 Hot Standby Router Protocol for IPV6. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 107 Lab 6-3 Gateway Load Balancing Protocol (GLBP) . . . . . . . . . . . . . . . . . . . 118 Chapter 7: Network Management Lab 7-1 Synchronizing Campus Network Devices using Network Time Protocol (NTP). .. 138 Lab 7-2 Configure Campus Network Devices to Support Simple Network Management Protocol (SNMPv3). . . . . . . 151 Chapter 8: Switching Features and Technologies Lab 8-1 IP Service Level Agreements and Remote SPAN in a Campus Environment. . .. . 162 Chapter 9: High-Availability No labs in this chapter . . . . . . . . . . . . . 177 Chapter 10: Campus Network Security Lab 10-1 Securing Layer 2 Switches. . . . . . . . 178 Lab 10-2 Securing VLANs . . . . . . . . .. . . . . . . . . 201

Read more less

Book SynopsisRouting and Switching Essentials v6 Course Booklet Your Cisco Networking Academy Course Booklet is designed as a study resource you can easily read, highlight, and review on the go, wherever the Internet is not available or practical: · The text is extracted directly, word-for-word, from the online course so you can highlight important points and take notes in the “Your Chapter Notes” section. · Headings with the exact page correlations provide a quick reference to the online course for your classroom discussions and exam preparation. · An icon system directs you to the online curriculum to take full advantage of the images embedded within the Networking Academy online course interface and reminds you to do the labs, interactive activities, packet tracer activities, watch videos, and take the chapter quizzes. The Course Booklet is a basic, economical paper-based resource to help you succeed with the Cisco Networking Academy online course. Related titles: Routing and Switching Essentials v6 Companion Guide book: 978-1-58713-428-9 eBook: 978-0-13-466965-6 Routing & Switching Essentials v6 Labs & Study Guide book: 978-1-58713-426-5 CCNA Routing and Switching Portable Command Guide, Fourth Edition book: 978-1-58720-588-0 eBook: 978-0-13-446617-0Table of ContentsChapter 0 Course Introduction 1 0.0 Welcome to Routing and Switching Essentials 1 0.0.1 Message to the Student 1 0.0.1.1 Welcome 1 0.0.1.2 A Global Community 1 0.0.1.3 More Than Just Information 1 0.0.1.4 How We Teach 2 0.0.1.5 Practice Leads to Mastery 2 0.0.1.6 Mind Wide Open 2 0.0.1.7 Engineering Journals 2 0.0.1.8 Explore the World of Networking 2 0.0.1.9 Create Your Own Worlds 2 0.0.1.10 How Packet Tracer Helps Master Concepts 3 0.0.1.11 Course Overview 3 Chapter 1 Routing Concepts 5 1.0 Introduction 5 1.0.1.1 Routing Concepts 5 1.0.1.2 Activity — Do We Really Need a Map? 5 1.1 Router Initial Configuration 6 1.1.1 Router Functions 6 1.1.1.1 Characteristics of a Network 6 1.1.1.2 Why Routing? 7 1.1.1.3 Routers Are Computers 7 1.1.1.4 Routers Interconnect Networks 8 1.1.1.5 Routers Choose Best Paths 8 1.1.1.6 Packet Forwarding Mechanisms 9 1.1.1.7 Activity — Identify Router Components 10 1.1.1.8 Packet Tracer — Using Traceroute to Discover the Network 10 1.1.1.9 Lab — Mapping the Internet 10 1.1.2 Connect Devices 10 1.1.2.1 Connect to a Network 10 1.1.2.2 Default Gateways 11 1.1.2.3 Document Network Addressing 12 1.1.2.4 Enable IP on a Host 12 1.1.2.5 Device LEDs 13 1.1.2.6 Console Access 13 1.1.2.7 Enable IP on a Switch 14 1.1.2.8 Activity — Document an Addressing Scheme 14 1.1.2.9 Packet Tracer — Documenting the Network 14 1.1.3 Router Basic Settings 14 1.1.3.1 Configure Basic Router Settings 14 1.1.3.2 Configure an IPv4 Router Interface 15 1.1.3.3 Configure an IPv6 Router Interface 15 1.1.3.4 Configure an IPv4 Loopback Interface 16 1.1.3.5 Packet Tracer — Configuring IPv4 and IPv6 Interfaces 17 1.1.4 Verify Connectivity of Directly Connected Networks 17 1.1.4.1 Verify Interface Settings 17 1.1.4.2 Verify IPv6 Interface Settings 18 1.1.4.3 Filter Show Command Output 19 1.1.4.4 Command History Feature 19 1.1.4.5 Packet Tracer — Configuring and Verifying a Small Network 20 1.1.4.6 Lab — Configuring Basic Router Settings with IOS CLI 20 1.2 Routing Decisions 20 1.2.1 Switching Packets Between Networks 20 1.2.1.1 Router Switching Function 20 1.2.1.2 Send a Packet 21 1.2.1.3 Forward to the Next Hop 21 1.2.1.4 Packet Routing 22 1.2.1.5 Reach the Destination 23 1.2.1.6 Activity — Match Layer 2 and Layer 3 Addressing 23 1.2.2 Path Determination 23 1.2.2.1 Routing Decisions 23 1.2.2.2 Best Path 24 1.2.2.3 Load Balancing 24 1.2.2.4 Administrative Distance 25 1.2.2.5 Activity — Order the Steps in the Packet Forwarding Process 25 1.2.2.6 Activity — Match the Administrative Distance to the Route Source 25 1.3 Router Operation 25 1.3.1 Analyze the Routing Table 25 1.3.1.1 The Routing Table 25 1.3.1.2 Routing Table Sources 26 1.3.1.3 Remote Network Routing Entries 27 1.3.1.4 Activity — Interpret the Content of a Routing Table Entry 27 1.3.2 Directly Connected Routes 27 1.3.2.1 Directly Connected Interfaces 27 1.3.2.2 Directly Connected Routing Table Entries 27 1.3.2.3 Directly Connected Examples 28 1.3.2.4 Directly Connected IPv6 Example 28 1.3.2.5 Packet Tracer — Investigating Directly Connected Routes 29 1.3.3 Statically Learned Routes 29 1.3.3.1 Static Routes 29 1.3.3.2 Static Route Examples 29 1.3.3.3 Static IPv6 Route Examples 30 1.3.4 Dynamic Routing Protocols 31 1.3.4.1 Dynamic Routing 31 1.3.4.2 IPv4 Routing Protocols 31 1.3.4.3 IPv4 Dynamic Routing Examples 31 1.3.4.4 IPv6 Routing Protocols 32 1.3.4.5 IPv6 Dynamic Routing Examples 32 1.4 Summary 32 1.4.1.1 Activity — We Really Could Use a Map! 32 1.4.1.2 Routing Concepts 33 Chapter 2 Static Routing 35 2.0 Introduction 35 2.0.1.1 Static Routing 35 2.0.1.2 Activity — Which Way Should We Go 35 2.1 Implement Static Routes 36 2.1.1 Static Routing 36 2.1.1.1 Reach Remote Networks 36 2.1.1.2 Why Use Static Routing? 36 2.1.1.3 When to Use Static Routes 37 2.1.1.4 Activity — Identify the Advantages and Disadvantages of Static Routing 37 2.1.2 Types of Static Routes 37 2.1.2.1 Static Route Applications 37 2.1.2.2 Standard Static Route 38 2.1.2.3 Default Static Route 38 2.1.2.4 Summary Static Route 38 2.1.2.5 Floating Static Route 38 2.1.2.6 Activity — Identify the Type of Static Route 39 2.2 Configure Static and Default Routes 39 2.2.1 Configure IPv4 Static Routes 39 2.2.1.1 ip route Command 39 2.2.1.2 Next-Hop Options 40 2.2.1.3 Configure a Next-Hop Static Route 40 2.2.1.4 Configure a Directly Connected Static Route 41 2.2.1.5 Configure a Fully Specified Static Route 41 2.2.1.6 Verify a Static Route 42 2.2.2 Configure IPv4 Default Routes 43 2.2.2.1 Default Static Route 43 2.2.2.2 Configure a Default Static Route 43 2.2.2.3 Verify a Default Static Route 43 2.2.2.4 Packet Tracer — Configuring IPv4 Static and Default Routes 44 2.2.2.5 Lab — Configuring IPv4 Static and Default Routes 44 2.2.3 Configure IPv6 Static Routes 44 2.2.3.1 The ipv6 route Command 44 2.2.3.2 Next-Hop Options 44 2.2.3.3 Configure a Next-Hop Static IPv6 Route 45 2.2.3.4 Configure a Directly Connected Static IPv6 Route 46 2.2.3.5 Configure a Fully Specified Static IPv6 Route 46 2.2.3.6 Verify IPv6 Static Routes 47 2.2.4 Configure IPv6 Default Routes 47 2.2.4.1 Default Static IPv6 Route 47 2.2.4.2 Configure a Default Static IPv6 Route 47 2.2.4.3 Verify a Default Static Route 48 2.2.4.4 Packet Tracer — Configuring IPv6 Static and Default Routes 48 2.2.4.5 Lab — Configuring IPv6 Static and Default Routes 48 2.2.5 Configure Floating Static Routes 48 2.2.5.1 Floating Static Routes 48 2.2.5.2 Configure an IPv4 Floating Static Route 49 2.2.5.3 Test the IPv4 Floating Static Route 49 2.2.5.4 Configure an IPv6 Floating Static Route 49 2.2.5.5 Packet Tracer — Configuring Floating Static Routes 50 2.2.6 Configure Static Host Routes 50 2.2.6.1 Automatically Installed Host Routes 50 2.2.6.2 Configure IPv4 and IPv6 Static Host Routes 50 2.3 Troubleshoot Static and Default Route 51 2.3.1 Packet Processing with Static Routes 51 2.3.1.1 Static Routes and Packet Forwarding 51 2.3.2 Troubleshoot IPv4 Static and Default Route Configuration 51 2.3.2.1 Troubleshoot a Missing Route 51 2.3.2.2 Solve a Connectivity Problem 52 2.3.2.3 Packet Tracer — Troubleshooting Static Routes 53 2.3.2.4 Lab — Troubleshooting Static Routes 53 2.4 Summary 53 2.4.1.1 Activity — Make It Static 53 2.4.1.2 Static Routing 54 Chapter 3 Dynamic Routing 57 3.0 Introduction 57 3.0.1.1 Dynamic Routing 57 3.0.1.2 How Much Does This Cost 57 3.1 Dynamic Routing Protocols 58 3.1.1 Dynamic Routing Protocol Overview 58 3.1.1.1 Dynamic Routing Protocol Evolution 58 3.1.1.2 Dynamic Routing Protocol Components 59 3.1.2 Dynamic versus Static Routing 59 3.1.2.1 Static Routing Uses 59 3.1.2.2 Static Routing Advantages and Disadvantages 60 3.1.2.3 Dynamic Routing Protocols Uses 60 3.1.2.4 Dynamic Routing Advantages and Disadvantages 60 3.1.2.5 Activity — Compare Static and Dynamic Routing 60 3.2 RIPv2 61 3.2.1 Configuring the RIP Protocol 61 3.2.1.1 Router RIP Configuration Mode 61 3.2.1.2 Advertise Networks 61 3.2.1.3 Verify RIP Routing 62 3.2.1.4 Enable and Verify RIPv2 62 3.2.1.5 Disable Auto Summarization 63 3.2.1.6 Configure Passive Interfaces 63 3.2.1.7 Propagate a Default Route 64 3.2.1.8 Packet Tracer — Configuring RIPv2 64 3.2.1.9 Lab — Configuring Basic RIPv2 64 3.3 The Routing Table 64 3.3.1 Parts of an IPv4 Route Entry 64 3.3.1.1 Routing Table Entries 64 3.3.1.2 Directly Connected Entries 65 3.3.1.3 Remote Network Entries 66 3.3.1.4 Activity — Identify Parts of an IPv4 Routing Table Entry 66 3.3.2 Dynamically Learned IPv4 Routes 66 3.3.2.1 Routing Table Terms 66 3.3.2.2 Ultimate Route 66 3.3.2.3 Level 1 Route 67 3.3.2.4 Level 1 Parent Route 67 3.3.2.5 Level 2 Child Route 67 3.3.2.6 Activity — Identify Parent and Child IPv4 Routes 67 3.3.3 The IPv4 Route Lookup Process 67 3.3.3.1 Route Lookup Process 67 3.3.3.2 Best Route = Longest Match 68 3.3.3.3 Activity — Determine the Longest Match Route 69 3.3.4 Analyze an IPv6 Routing Table 69 3.3.4.1 IPv6 Routing Table Entries 69 3.3.4.2 Directly Connected Entries 69 3.3.4.3 Remote IPv6 Network Entries 70 3.3.4.4 Activity — Identify Parts of an IPv6 Routing Table Entry 70 3.4 Summary 70 3.4.1.1 IPv6 — Details, Details... 70 3.4.1.2 Dynamic Routing 71 Chapter 4 Switched Networks 73 4.0 Introduction 73 4.0.1.1 Switched Networks 73 4.0.1.2 Sent or Received Instructions 73 4.1 LAN Design 74 4.1.1 Converged Networks 74 4.1.1.1 Growing Complexity of Networks 74 4.1.1.2 Elements of a Converged Network 74 4.1.1.3 Cisco Borderless Networks 75 4.1.1.4 Hierarchy in the Borderless Switched Network 75 4.1.1.5 Access, Distribution, and Core Layers 76 4.1.1.6 Activity - Identify Switched Network Terminology 77 4.1.2 Switched Networks 77 4.1.2.1 Role of Switched Networks 77 4.1.2.2 Form Factors 77 4.1.2.3 Activity - Identify Switch Hardware 78 4.2 The Switched Environment 78 4.2.1 Frame Forwarding 78 4.2.1.1 Switching as a General Concept in Networking and Telecommunications 78 4.2.1.2 Dynamically Populating a Switch MAC Address Table 79 4.2.1.3 Switch Forwarding Methods 80 4.2.1.4 Store-and-Forward Switching 80 4.2.1.5 Cut-Through Switching 81 4.2.1.6 Activity — Frame Forwarding Methods 81 4.2.1.7 Activity — Switch It! 81 4.2.2 Switching Domains 81 4.2.2.1 Collision Domains 81 4.2.2.2 Broadcast Domains 82 4.2.2.3 Alleviating Network Congestion 82 4.2.2.4 Activity — Circle the Domain 83 4.3 Summary 83 4.3.1.1 It's Network Access Time 83 4.3.1.2 Basic Switch Configurations 83 4.3.1.3 Switched Networks 83 Chapter 5 Switch Configuration 87 5.0 Introduction 87 5.0.1.1 Switch Configuration 87 5.0.1.2 Activity — Stand By Me 87 5.1 Basic Switch Configuration 88 5.1.1 Configure a Switch with Initial Settings 88 5.1.1.1 Switch Boot Sequence 88 5.1.1.2 Recovering From a System Crash 89 5.1.1.3 Switch LED Indicators 89 5.1.1.4 Preparing for Basic Switch Management 90 5.1.1.5 Configuring Basic Switch Management Access with IPv4 91 5.1.1.6 Lab - Basic Switch Configuration 91 5.1.2 Configure Switch Ports 92 5.1.2.1 Duplex Communication 92 5.1.2.2 Configure Switch Ports at the Physical Layer 92 5.1.2.3 Auto-MDIX 93 5.1.2.4 Verifying Switch Port Configuration 93 5.1.2.5 Network Access Layer Issues 94 5.1.2.6 Troubleshooting Network Access Layer Issues 95 5.2 Switch Security 96 5.2.1 Secure Remote Access 96 5.2.1.1 SSH Operation 96 5.2.1.2 Configuring SSH 96 5.2.1.3 Verifying SSH 97 5.2.1.4 Packet Tracer - Configuring SSH 98 5.2.2 Switch Port Security 98 5.2.2.1 Secure Unused Ports 98 5.2.2.2 Port Security: Operation 98 5.2.2.3 Port Security: Violation Modes 100 5.2.2.4 Port Security: Configuring 100 5.2.2.5 Port Security: Verifying 100 5.2.2.6 Ports in Error Disabled State 101 5.2.2.7 Packet Tracer - Configuring Switch Port Security 101 5.2.2.8 Packet Tracer - Troubleshooting Switch Port Security 101 5.2.2.9 Lab - Configuring Switch Security Features 102 5.3 Summary 102 5.3.1.1 Activity — Switch Trio 102 5.3.1.2 Packet Tracer - Skills Integration Challenge 102 5.3.1.3 Switch Configuration 102 Chapter 6 VLANs 107 6.0 Introduction 107 6.0.1.1 VLANs 107 6.0.1.2 Class Activity — Vacation Station 107 6.1 VLAN Segmentation 108 6.1.1 Overview of VLANs 108 6.1.1.1 VLAN Definitions 108 6.1.1.2 Benefits of VLANs 108 6.1.1.3 Types of VLANs 109 6.1.1.4 Voice VLANs 110 6.1.1.5 Packet Tracer — Who Hears the Broadcast? 111 6.1.2 VLANs in a Multi-Switched Environment 111 6.1.2.1 VLAN Trunks 111 6.1.2.2 Controlling Broadcast Domains with VLANs 111 6.1.2.3 Tagging Ethernet Frames for VLAN Identification 112 6.1.2.4 Native VLANs and 802.1Q Tagging 113 6.1.2.5 Voice VLAN Tagging 113 6.1.2.6 Activity — Predict Switch Behavior 114 6.1.2.7 Packet Tracer — Investigating a VLAN Implementation 114 6.2 VLAN Implementations 114 6.2.1 VLAN Assignment 114 6.2.1.1 VLAN Ranges on Catalyst Switches 114 6.2.1.2 Creating a VLAN 115 6.2.1.3 Assigning Ports to VLANs 116 6.2.1.4 Changing VLAN Port Membership 116 6.2.1.5 Deleting VLANs 117 6.2.1.6 Verifying VLAN Information 117 6.2.1.7 Packet Tracer — Configuring VLANs 117 6.2.2 VLAN Trunks 118 6.2.2.1 Configuring IEEE 802.1Q Trunk Links 118 6.2.2.2 Resetting the Trunk to Default State 118 6.2.2.3 Verifying Trunk Configuration 119 6.2.2.4 Packet Tracer — Configuring Trunks 119 6.2.2.5 Lab — Configuring VLANs and Trunking 119 6.2.3 Troubleshoot VLANs and Trunks 119 6.2.3.1 IP Addressing Issues with VLAN 119 6.2.3.2 Missing VLANs 120 6.2.3.3 Introduction to Troubleshooting Trunks 120 6.2.3.4 Common Problems with Trunks 121 6.2.3.5 Incorrect Port Mode 121 6.2.3.6 Incorrect VLAN List 122 6.2.3.7 Packet Tracer — Troubleshooting a VLAN Implementation — Scenario 1 122 6.2.3.8 Packet Tracer — Troubleshooting a VLAN

Read more less

Book SynopsisRouting and Switching Essentials v6 Companion Guide Routing and Switching Essentials v6 Companion Guide is the official supplemental textbook for the Routing and Switching Essentials course in the Cisco Networking Academy CCNA Routing and Switching curriculum. This course describes the architecture, components, and operations of routers and switches in a small network. The Companion Guide is designed as a portable desk reference to use anytime, anywhere to reinforce the material from the course and organize your time. The book’s features help you focus on important concepts to succeed in this course: · Chapter Objectives–Review core concepts by answering the focus questions listed at the beginning of each chapter. · Key Terms–Refer to the lists of networking vocabulary introduced and highlighted in context in each chapter. · Glossary–Consult the comprehensive Glossary with more than 250 terms. · Summary of Activities and Labs–Maximize your study time with this complete list of all associated practice exercises at the end of each chapter. · Check Your Understanding–Evaluate your readiness with the end-ofchapter questions that match the style of questions you see in the online course quizzes. The answer key explains each answer. · How To–Look for this icon to study the steps you need to learn to perform certain tasks. · Interactive Activities–Reinforce your understanding of topics with dozens of exercises from the online course identified throughout the book with this icon. · Packet Tracer Activities–Explore and visualize networking concepts using Packet Tracer exercises interspersed throughout the chapters and provided in the accompanying Labs & Study Guide book. · Videos–Watch the videos embedded within the online course. · Hands-on Labs–Work through all the course labs and additional Class Activities that are included in the course and published in the separate Labs & Study Guide. This book is part of the Cisco Networking Academy Series from Cisco Press. Books in this series support and complement the Cisco Networking Academy curriculum.Table of Contents Introduction Chapter 1 Routing Concepts Chapter 2 Static Routing Chapter 3 Dynamic Routing Chapter 4 Switched Networks Chapter 5 Switch Configuration Chapter 6 VLANs Chapter 7 Access Control Lists Chapter 8 DHCP Chapter 9 NAT for IPv4 Chapter 10 Device Discovery, Management, and Maintenance Appendix A Answers to the “Check Your Understanding” Questions Glossary

Read more less

Book SynopsisScaling Networks v6 Companion Guide is the official supplemental textbook for the Scaling Networks v6 course in the Cisco Networking Academy CCNA Routing and Switching curriculum. The Companion Guide is designed as a portable desk reference to use anytime, anywhere to reinforce the material from the course and organize your time. The book’s features help you focus on important concepts to succeed in this course: · Chapter objectives–Review core concepts by answering the focus questions listed at the beginning of each chapter. · Key terms–Refer to the lists of networking vocabulary introduced and highlighted in context in each chapter. · Glossary–Consult the comprehensive Glossary with more than 250 terms. · Summary of Activities and Labs–Maximize your study time with this complete list of all associated practice exercises at the end of each chapter. · Check Your Understanding–Evaluate your readiness with the end-of-chapter questions that match the style of questions you see in the online course quizzes. The answer key explains each answer. How To–Look for this icon to study the steps you need to learn to perform certain tasks. Interactive Activities–Reinforce your understanding of topics with dozens of exercises from the online course identified throughout the book with this icon. Videos–Watch the videos embedded within the online course. Packet Tracer Activities–Explore and visualize networking concepts using Packet Tracer exercises interspersed throughout the chapters and provided in the accompanying Labs & Study Guide book. Hands-on Labs–Work through all the course labs and additional Class Activities that are included in the course and published in the separate Labs & Study Guide.Table of ContentsIntroduction xx Chapter 1 LAN Design 1 Objectives 1 Key Terms 1 Introduction (1.0.1.1) 3 Campus Wired LAN Designs (1.1) 4 Cisco Validated Designs (1.1.1) 4 The Need to Scale the Network (1.1.1.1) 4 Hierarchical Design Model (1.1.1.2) 6 Expanding the Network (1.1.2) 8 Design for Scalability (1.1.2.1) 8 Planning for Redundancy (1.1.2.2) 10 Failure Domains (1.1.2.3) 11 Increasing Bandwidth (1.1.2.4) 13 Expanding the Access Layer (1.1.2.5) 14 Fine-tuning Routing Protocols (1.1.2.6) 15 Selecting Network Devices (1.2) 17 Switch Hardware (1.2.1) 17 Switch Platforms (1.2.1.1) 17 Port Density (1.2.1.2) 21 Forwarding Rates (1.2.1.3) 22 Power over Ethernet (1.2.1.4) 23 Multilayer Switching (1.2.1.5) 24 Router Hardware (1.2.2) 26 Router Requirements (1.2.2.1) 26 Cisco Routers (1.2.2.2) 27 Router Hardware (1.2.2.3) 28 Managing Devices (1.2.3) 29 Managing IOS Files and Licensing (1.2.3.1) 30 In-Band versus Out-of-Band Management (1.2.3.2) 30 Basic Router CLI Commands (1.2.3.3) 31 Basic Router Show Commands (1.2.3.4) 34 Basic Switch CLI Commands (1.2.3.5) 38 Basic Switch Show Commands (1.2.3.6) 40 Summary (1.3) 43 Practice 44 Check Your Understanding Questions 45 Chapter 2 Scaling VLANs 47 Objectives 47 Key Terms 47 Introduction (2.0.1.1) 48 VTP, Extended VLANs, and DTP (2.1) 48 VTP Concepts and Operation (2.1.1) 49 VTP Overview (2.1.1.1) 49 VTP Modes (2.1.1.2) 50 VTP Advertisements (2.1.1.3) 52 VTP Versions (2.1.1.4) 53 Default VTP Configuration (2.1.1.5) 53 VTP Caveats (2.1.1.6) 55 VTP Configuration (2.1.2) 57 VTP Configuration Overview (2.1.2.1) 57 Step 1–Configure the VTP Server (2.1.2.2) 58 Step 2–Configure the VTP Domain Name and Password (2.1.2.3) 59 Step 3–Configure the VTP Clients (2.1.2.4) 60 Step 4–Configure VLANs on the VTP Server (2.1.2.5) 60 Step 5–Verify That the VTP Clients Have Received the New VLAN Information (2.1.2.6) 62 Extended VLANs (2.1.3) 63 VLAN Ranges on Catalyst Switches (2.1.3.1) 63 Creating a VLAN (2.1.3.2) 65 Assigning Ports to VLANs (2.1.3.3) 66 Verifying VLAN Information (2.1.3.4) 67 Configuring Extended VLANs (2.1.3.5) 69 Dynamic Trunking Protocol (2.1.4) 71 Introduction to DTP (2.1.4.1) 71 Negotiated Interface Modes (2.1.4.2) 72 Troubleshoot Multi-VLAN Issues (2.2) 75 Inter-VLAN Configuration Issues (2.2.1) 75 Deleting VLANs (2.2.1.1) 75 Switch Port Issues (2.2.1.2) 77 Verify Switch Configuration (2.2.1.3) 79 Interface Issues (2.2.1.4) 81 Verify Routing Configuration (2.2.1.5) 82 IP Addressing Issues (2.2.2) 83 Errors with IP Addresses and Subnet Masks (2.2.2.1) 83 Verifying IP Address and Subnet Mask Configuration Issues (2.2.2.2) 85 VTP and DTP Issues (2.2.3) 88 Troubleshoot VTP Issues (2.2.3.1) 88 Troubleshoot DTP Issues (2.2.3.2) 89 Layer 3 Switching (2.3) 89 Layer 3 Switching Operation and Configuration (2.3.1) 90 Introduction to Layer 3 Switching (2.3.1.1) 90 Inter-VLAN Routing with Switch Virtual Interfaces (2.3.1.2) 91 Inter-VLAN Routing with Switch Virtual Interfaces (Con't.) (2.3.1.3) 92 Inter-VLAN Routing with Routed Ports (2.3.1.4) 94 Troubleshoot Layer 3 Switching (2.3.2) 95 Layer 3 Switch Configuration Issues (2.3.2.1) 95 Example: Troubleshooting Layer 3 Switching (2.3.2.2) 96 Summary (2.4) 99 Practice 99 Check Your Understanding Questions 100 Chapter 3 STP 105 Objectives 105 Key Terms 105 Introduction (3.0.1.1) 107 Spanning Tree Concepts (3.1) 108 Purpose of Spanning Tree (3.1.1) 108 Redundancy at OSI Layers 1 and 2 (3.1.1.1) 108 Issues with Layer 1 Redundancy: MAC Database Instability (3.1.1.2) 109 Issues with Layer 1 Redundancy: Broadcast Storms (3.1.1.3) 111 Issues with Layer 1 Redundancy: Duplicate Unicast Frames (3.1.1.4) 113 STP Operation (3.1.2) 114 Spanning Tree Algorithm: Introduction (3.1.2.1) 114 Spanning Tree Algorithm: Port Roles (3.1.2.2) 117 Spanning Tree Algorithm: Root Bridge (3.1.2.3) 119 Spanning Tree Algorithm: Root Path Cost (3.1.2.4) 121 Port Role Decisions for RSTP (3.1.2.5) 124 Designated and Alternate Ports (3.1.2.6) 127 802.1D BPDU Frame Format (3.1.2.7) 128 802.1D BPDU Propagation and Process (3.1.2.8) 131 Extended System ID (3.1.2.9) 136 Varieties of Spanning Tree Protocols (3.2) 140 Overview (3.2.1) 140 Types of Spanning Tree Protocols (3.2.1.1) 140 Characteristics of the Spanning Tree Protocols (3.2.1.2) 141 PVST+ (3.2.2) 143 Overview of PVST+ (3.2.2.1) 143 Port States and PVST+ Operation (3.2.2.2) 144 Extended System ID and PVST+ Operation (3.2.2.3) 146 Rapid PVST+ (3.2.3) 148 Overview of Rapid PVST+ (3.2.3.1) 148 RSTP BPDUs (3.2.3.2) 149 Edge Ports (3.2.3.3) 150 Link Types (3.2.3.4) 152 Spanning Tree Configuration (3.3) 153 PVST+ Configuration (3.3.1) 153 Catalyst 2960 Default Configuration (3.3.1.1) 153 Configuring and Verifying the Bridge ID (3.3.1.2) 154 PortFast and BPDU Guard (3.3.1.3) 156 PVST+ Load Balancing (3.3.1.4) 158 Rapid PVST+ Configuration (3.3.2) 160 Spanning Tree Mode (3.3.2.1) 161 STP Configuration Issues (3.3.3) 163 Analyzing the STP Topology (3.3.3.1) 164 Expected Topology versus Actual Topology (3.3.3.2) 164 Overview of Spanning Tree Status (3.3.3.3) 165 Spanning Tree Failure Consequences (3.3.3.4) 166 Repairing a Spanning Tree Problem (3.3.3.5) 169 Switch Stacking and Chassis Aggregation (3.3.4) 169 Switch Stacking Concepts (3.3.4.1) 169 Spanning Tree and Switch Stacks (3.3.4.2) 170 Summary (3.4) 173 Practice 174 Check Your Understanding Questions 174 Chapter 4 EtherChannel and HSRP 179 Objectives 179 Key Terms 179 Introduction (4.0.1.1) 180 Link Aggregation Concepts (4.1) 181 Link Aggregation (4.1.1) 181 Introduction to Link Aggregation (4.1.1.1) 181 Advantages of EtherChannel (4.1.1.2) 182 EtherChannel Operation (4.1.2) 183 Implementation Restrictions (4.1.2.1) 183 Port Aggregation Protocol (4.1.2.2) 185 Link Aggregation Control Protocol (4.1.2.3) 186 Link Aggregation Configuration (4.2) 188 Configuring EtherChannel (4.2.1) 188 Configuration Guidelines (4.2.1.1) 188 Configuring Interfaces (4.2.1.2) 189 Verifying and Troubleshooting EtherChannel (4.2.2) 191 Verifying EtherChannel (4.2.2.1) 191 Troubleshooting EtherChannel (4.2.2.2) 194 First Hop Redundancy Protocols (4.3) 198 Concept of First Hop Redundancy Protocols (4.3.1) 198 Default Gateway Limitations (4.3.1.1) 198 Router Redundancy (4.3.1.2) 199 Steps for Router Failover (4.3.1.3) 200 First Hop Redundancy Protocols (4.3.1.5) 201 HSRP Operations (4.3.2) 202 HSRP Overview (4.3.2.1) 203 HSRP Versions (4.3.2.2) 204 HSRP Priority and Preemption (4.3.2.3) 204 HSRP States and Timers (4.3.2.4) 205 HSRP Configuration (4.3.3) 206 HSRP Configuration Commands (4.3.3.1) 206 HSRP Sample Configuration (4.3.3.2) 207 HSRP Verification (4.3.3.3) 208 HSRP Troubleshooting (4.3.4) 209 HSRP Failure (4.3.4.1) 209 HSRP Debug Commands (4.3.4.2) 210 Common HSRP Configuration Issues (4.3.4.3) 213 Summary (4.4) 214 Practice 215 Check Your Understanding Questions 216 Chapter 5 Dynamic Routing 219 Objectives 219 Key Terms 219 Introduction (5.0.1.1) 221 Dynamic Routing Protocols (5.1) 222 Types of Routing Protocols (5.1.1) 222 Classifying Routing Protocols (5.1.1.1) 222 IGP and EGP Routing Protocols (5.1.1.2) 224 Distance Vector Routing Protocols (5.1.1.3) 226 Link-State Routing Protocols (5.1.1.4) 226 Classful Routing Protocols (5.1.1.5) 228 Classless Routing Protocols (5.1.1.6) 231 Routing Protocol Characteristics (5.1.1.7) 233 Routing Protocol Metrics (5.1.1.8) 234 Distance Vector Dynamic Routing (5.2) 236 Distance Vector Fundamentals (5.2.1) 236 Dynamic Routing Protocol Operation (5.2.1.1) 236 Cold Start (5.2.1.2) 237 Network Discovery (5.2.1.3) 238 Exchanging the Routing Information (5.2.1.4) 239 Achieving Convergence (5.2.1.5) 241 Distance Vector Routing Protocol Operation (5.2.2) 242 Distance Vector Technologies (5.2.2.1) 242 Distance Vector Algorithm (5.2.2.2) 242 Types of Distance Vector Routing Protocols (5.2.3) 245 Routing Information Protocol (5.2.3.1) 245 Enhanced Interior-Gateway Routing Protocol (5.2.3.2) 246 Link-State Dynamic Routing (5.3) 248 Link-State Routing Protocol Operation (5.3.1) 248 Shortest Path First Protocols (5.3.1.1) 248 Dijkstra's Algorithm (5.3.1.2) 248 SPF Example (5.3.1.3) 249 Link-State Updates (5.3.2) 251 Link-State Routing Process (5.3.2.1) 251 Link and Link-State (5.3.2.2) 252 Say Hello (5.3.2.3) 256 Building the Link-State Packet (5.3.2.4) 257 Flooding the LSP (5.3.2.5) 258 Building the Link-State Database (5.3.2.6) 259 Building the SPF Tree (5.3.2.7) 260 Adding OSPF Routes to the Routing Table (5.3.2.8) 264 Link-State Routing Protocol Benefits (5.3.3) 264 Why Use Link-State Protocols? (5.3.3.1) 264 Disadvantages of Link-State Protocols (5.3.3.2) 265 Protocols That Use Link-State (5.3.3.3) 267 Summary (5.4) 268 Practice 269 Check Your Understanding Questions 269 Chapter 6 EIGRP 273 Objectives 273 Key Terms 273 Introduction (6.0.1.1) 274 EIGRP Characteristics (6.1) 274 EIGRP Basic Features (6.1.1) 274 Features of EIGRP (6.1.1.1) 274 Protocol Dependent Modules (6.1.1.2) 276 Reliable Transport Protocol (6.1.1.3) 278 Authentication (6.1.1.4) 279 EIGRP Packet Types (6.1.2) 279 EIGRP Packet Types (6.1.2.1) 279 EIGRP Hello Packets (6.1.2.2) 280 EIGRP Update and Acknowledgment Packets (6.1.2.3) 281 EIGRP Query and Reply Packets (6.1.2.4) 283 EIGRP Messages (6.1.3) 284 Encapsulating EIGRP Messages (6.1.3.1) 284 EIGRP Packet Header and TLV (6.1.3.2) 285 Implement EIGRP for IPv4 (6.2) 289 Configure EIGRP with IPv4 (6.2.1) 289 EIGRP Network Topology (6.2.1.1) 289 Autonomous System Numbers (6.2.1.2) 291 The router eigrp Command (6.2.1.3) 292 EIGRP Router ID (6.2.1.4) 293 Configuring the EIGRP Router ID (6.2.1.5) 295 The network Command (6.2.1.6) 296 The network Command and Wildcard Mask (6.2.1.7) 298 Passive Interface (6.2.1.8) 300 Verify EIGRP with IPv4 (6.2.2) 302 Verifying EIGRP: Examining Neighbors (6.2.2.1) 302 Verifying EIGRP: show ip protocols Command (6.2.2.2) 304 Verifying EIGRP: Examine the IPv4 Routing Table (6.2.2.3) 306 EIGRP Operation (6.3) 309 EIGRP Initial Route Discovery (6.3.1) 309 EIGRP Neighbor Adjacency (6.3.1.1) 310 EIGRP Topology Table (6.3.1.2) 311 EIGRP Convergence (6.3.1.3) 312 EIGRP Metrics (6.3.2) 313 EIGRP Composite Metric (6.3.2.1) 313 Examining Interface Metric Values (6.3.2.2) 315 Bandwidth Metric (6.3.2.3) 316 Delay Metric (6.3.2.4) 319 How to Calculate the EIGRP Metric (6.3.2.5) 320 Calculating the EIGRP Metric (6.3.2.6) 321 DUAL and the Topology Table (6.3.3) 323 DUAL Concepts (6.3.3.1) 323 Introduction to DUAL (6.3.3.2) 324 Successor and Feasible Distance (6.3.3.3) 324 Feasible Successors, Feasibility Condition, and Reported Distance (6.3.3.4) 326 Topology Table: show ip eigrp topology Command (6.3.3.5) 328 Topology Table: show ip eigrp topology Command (Cont.) (6.3.3.6) 329 Topology Table: No Feasible Successor (6.3.3.7) 332 DUAL and Convergence (6.3.4) 334 DUAL Finite State Machine (FSM) (6.3.4.1) 334 DUAL: Feasible Successor (6.3.4.2) 335 DUAL: No Feasible Successor (6.3.4.3) 338 Implement EIGRP for IPv6 (6.4) 341 EIGRP for IPv6 (6.4.1) 341 EIGRP for IPv6 (6.4.1.1) 341 Compare EIGRP for IPv4 and IPv6 (6.4.1.2) 342 IPv6 Link-local Addresses (6.4.1.3) 344 Configure EIGRP for IPv6 (6.4.2) 345 EIGRP for IPv6 Network Topology (6.4.2.1) 345 Configuring IPv6 Link-local Addresses (6.4.2.2) 347 Configuring the EIGRP for IPv6 Routing Process (6.4.2.3) 349 The ipv6 eigrp Interface Command (6.4.2.4) 350 Verifying EIGRP for IPv6 (6.4.3) 352 IPv6 Neighbor Table (6.4.3.1) 352 The show ip protocols Command (6.4.3.2) 354 The EIGRP for IPv6 Routing Table (6.4.3.3) 355 Summary (6.5) 358 Practice 359 Check Your Understanding Questions 360 Chapter 7 EIGRP Tuning and Troubleshooting 365 Objectives 365 Key Terms 365 Introduction (7.0.1.1) 366 Tune EIGRP (7.1) 366 Automatic Summarization (7.1.1) 366 Network Topology (7.1.1.1) 367 EIGRP Automatic Summarization (7.1.1.2) 369 Configuring EIGRP Automatic Summarization (7.1.1.3) 371 Verifying Auto-Summary: show ip protocols (7.1.1.4) 372 Verifying Auto-Summary: Topology Table (7.1.1.5) 375 Verifying Auto-Summary: Routing Table (7.1.1.6) 376 Summary Route (7.1.1.7) 378 Summary Route (Cont.) (7.1.1.8) 379 Default Route Propagation (7.1.2) 380 Propagating a Default Static Route (7.1.2.1) 380 Verifying the Propagated Default Route (7.1.2.2) 382 EIGRP for IPv6: Default Route (7.1.2.3) 383 Fine-tuning EIGRP Interfaces (7.1.3) 384 EIGRP Bandwidth Utilization (7.1.3.1) 385 Hello and Hold Timers (7.1.3.2) 386 Load Balancing IPv4 (7.1.3.3) 388 Load Balancing IPv6 (7.1.3.4) 390 Troubleshoot EIGRP (7.2) 392 Components of Troubleshooting EIGRP (7.2.1) 392 Basic EIGRP Troubleshooting Commands (7.2.1.1) 392 Components (7.2.1.2) 394 Troubleshoot EIGRP Neighbor Issues (7.2.2) 397 Layer 3 Connectivity (7.2.2.1) 397 EIGRP Parameters (7.2.2.2) 398 EIGRP Interfaces (7.2.2.3) 399 Troubleshoot EIGRP Routing Table Issues (7.2.3) 401 Passive Interface (7.2.3.1) 401 Missing Network Statement (7.2.3.2) 403 Autosummarization (7.2.3.3) 405 Summary (7.3) 410 Practice 411 Check Your Understanding

Read more less

Book SynopsisCisco® ASA All-in-One Next-Generation Firewall, IPS, and VPN Services, Third Edition Identify, mitigate, and respond to today’s highly-sophisticated network attacks. Today, network attackers are far more sophisticated, relentless, and dangerous. In response, Cisco ASA: All-in-One Next-Generation Firewall, IPS, and VPN Services has been fully updated to cover the newest techniques and Cisco technologies for maximizing end-to-end security in your environment. Three leading Cisco security experts guide you through every step of creating a complete security plan with Cisco ASA, and then deploying, configuring, operating, and troubleshooting your solution. Fully updated for today’s newest ASA releases, this edition adds new coverage of ASA 5500-X, ASA 5585-X, ASA Services Module, ASA next-generation firewall services, EtherChannel, Global ACLs, clustering, IPv6 improvements, IKEv2, AnyConnect Secure Mobility VPN clients, and more. The authors explain significant recent licensing changes; introduce enhancements to ASA IPS; and walk you through configuring IPsec, SSL VPN, and NAT/PAT. You’ll learn how to apply Cisco ASA adaptive identification and mitigation services to systematically strengthen security in network environments of all sizes and types. The authors present up-to-date sample configurations, proven design scenarios, and actual debugs–all designed to help you make the most of Cisco ASA in your rapidly evolving network. Jazib Frahim, CCIE® No. 5459 (Routing and Switching; Security), Principal Engineer in the Global Security Solutions team, guides top-tier Cisco customers in security-focused network design and implementation. He architects, develops, and launches new security services concepts. His books include Cisco SSL VPN Solutions and Cisco Network Admission Control, Volume II: NAC Deployment and Troubleshooting. Omar Santos, CISSP No. 463598, Cisco Product Security Incident Response Team (PSIRT) technical leader, leads and mentors engineers and incident managers in investigating and resolving vulnerabilities in Cisco products and protecting Cisco customers. Through 18 years in IT and cybersecurity, he has designed, implemented, and supported numerous secure networks for Fortune® 500 companies and the U.S. government. He is also the author of several other books and numerous whitepapers and articles. Andrew Ossipov, CCIE® No. 18483 and CISSP No. 344324, is a Cisco Technical Marketing Engineer focused on firewalls, intrusion prevention, and data center security. Drawing on more than 16 years in networking, he works to solve complex customer technical problems, architect new features and products, and define future directions for Cisco’s product portfolio. He holds several pending patents. Understand, install, configure, license, maintain, and troubleshoot the newest ASA devices Efficiently implement Authentication, Authorization, and Accounting (AAA) services Control and provision network access with packet filtering, context-aware Cisco ASA next-generation firewall services, and new NAT/PAT concepts Configure IP routing, application inspection, and QoS Create firewall contexts with unique configurations, interfaces, policies, routing tables, and administration Enable integrated protection against many types of malware and advanced persistent threats (APTs) via Cisco Cloud Web Security and Cisco Security Intelligence Operations (SIO) Implement high availability with failover and elastic scalability with clustering Deploy, troubleshoot, monitor, tune, and manage Intrusion Prevention System (IPS) features Implement site-to-site IPsec VPNs and all forms of remote-access VPNs (IPsec, clientless SSL, and client-based SSL) Configure and troubleshoot Public Key Infrastructure (PKI) Use IKEv2 to more effectively resist attacks against VPNs Leverage IPv6 support for IPS, packet inspection, transparent firewalls, and site-to-site IPsec VPNs Table of Contents Introduction Chapter 1 Introduction to Security Technologies Chapter 2 Cisco ASA Product and Solution Overview Chapter 3 Licensing Chapter 4 Initial Setup Chapter 5 System Maintenance Chapter 6 Cisco ASA Services Module Chapter 7 Authentication, Authorization, and Accounting (AAA) Services Chapter 8 Controlling Network Access: The Traditional Way Chapter 9 Implementing Next-Generation Firewall Services with ASA CX Chapter 10 Network Address Translation Chapter 11 IPv6 Support Chapter 12 IP Routing Chapter 13 Application Inspection Chapter 14 Virtualization Chapter 15 Transparent Firewalls Chapter 16 High Availability Chapter 17 Implementing Cisco ASA Intrusion Prevention System (IPS)

Read more less

Book SynopsisInvestigating the Cyber Breach The Digital Forensics Guide for the Network Engineer · Understand the realities of cybercrime and today’s attacks · Build a digital forensics lab to test tools and methods, and gain expertise · Take the right actions as soon as you discover a breach · Determine the full scope of an investigation and the role you’ll play · Properly collect, document, and preserve evidence and data · Collect and analyze data from PCs, Macs, IoT devices, and other endpoints · Use packet logs, NetFlow, and scanning to build timelines, understand network activity, and collect evidence · Analyze iOS and Android devices, and understand encryption-related obstacles to investigation · Investigate and trace email, and identify fraud or abuse · Use social media to investigate individuals or online identities · Gather, extract, and analyze breach data with Cisco tools and techniques · Walk through common breaches and responses from start to finish · Choose the right tool for each task, and explore alternatives that might also be helpful The professional’s go-to digital forensics resource for countering attacks right now Today, cybersecurity and networking professionals know they can’t possibly prevent every breach, but they can substantially reduce risk by quickly identifying and blocking breaches as they occur. Investigating the Cyber Breach: The Digital Forensics Guide for the Network Engineer is the first comprehensive guide to doing just that. Writing for working professionals, senior cybersecurity experts Joseph Muniz and Aamir Lakhani present up-to-the-minute techniques for hunting attackers, following their movements within networks, halting exfiltration of data and intellectual property, and collecting evidence for investigation and prosecution. You’ll learn how to make the most of today’s best open source and Cisco tools for cloning, data analytics, network and endpoint breach detection, case management, monitoring, analysis, and more. Unlike digital forensics books focused primarily on post-attack evidence gathering, this one offers complete coverage of tracking threats, improving intelligence, rooting out dormant malware, and responding effectively to breaches underway right now. This book is part of the Networking Technology: Security Series from Cisco Press®, which offers networking professionals valuable information for constructing efficient networks, understanding new technologies, and building successful careers.Table of ContentsIntroduction xix Chapter 1 Digital Forensics 1 Defining Digital Forensics 3 Engaging Forensics Services 4 Reporting Crime 7 Search Warrant and Law 9 Forensic Roles 13 Forensic Job Market 15 Forensic Training 16 Summary 23 References 24 Chapter 2 Cybercrime and Defenses 25 Crime in a Digital Age 27 Exploitation 31 Adversaries 34 Cyber Law 36 Summary 39 Reference 39 Chapter 3 Building a Digital Forensics Lab 41 Desktop Virtualization 42 VMware Fusion 43 VirtualBox 44 Installing Kali Linux 44 Attack Virtual Machines 52 Cuckoo Sandbox 56 Virtualization Software for Cuckoo 58 Installing TCPdump 58 Creating a User on VirtualBox for Cuckoo 59 Binwalk 60 The Sleuth Kit 61 Cisco Snort 62 Windows Tools 67 Physical Access Controls 68 Storing Your Forensics Evidence 71 Network Access Controls 72 Jump Bag 74 Summary 74 References 75 Chapter 4 Responding to a Breach 77 Why Organizations Fail at Incident Response 78 Preparing for a Cyber Incident 80 Defining Incident Response 81 Incident Response Plan 82 Assembling Your Incident Response Team 84 When to Engage the Incident Response Team 85 Outstanding Items that Often Get Missed with Incident Response 88 Phone Tree and Contact List 88 Facilities 89 Responding to an Incident 89 Assessing Incident Severity 91 Following Notification Procedures 92 Employing Post-Incident Actions and Procedures 93 Identifying Software Used to Assist in Responding to a Breach 93 Trend Analysis Software 94 Security Analytics Reference Architectures 94 Other Software Categories 97 Summary 97 References 98 Chapter 5 Investigations 99 Pre-Investigation 100 Opening a Case 102 First Responder 105 Device Power State 110 Search and Seizure 113 Chain of Custody 118 Network Investigations 121 Forensic Reports 127 Case Summary 129 Example 129 Acquisition and Exam Preparation 129 Example 129 Findings 130 Example 130 Conclusion 130 Example 131 List of Authors 131 Example 131 Closing the Case 132 Critiquing the Case 136 Summary 139 References 139 Chapter 6 Collecting and Preserving Evidence 141 First Responder 141 Evidence 144 Autopsy 145 Authorization 147 Hard Drives 148 Connections and Devices 150 RAID 152 Volatile Data 153 DumpIt 154 LiME 154 Volatility 156 Duplication 158 dd 161 dcfldd 161 ddrescue 162 Netcat 162 Guymager 163 Compression and Splitting 164 Hashing 166 MD5 and SHA Hashing 168 Hashing Challenges 169 Data Preservation 170 Summary 172 References 172 Chapter 7 Endpoint Forensics 173 File Systems 174 Locating Data 178 Unknown Files 180 Windows Registry 182 Deleted Files 185 Windows Recycle Bin 187 Shortcuts 189 Printer Spools 190 Slack Space and Corrupt Clusters 191 Alternate Data Streams 196 Mac OS X 198 OS X Artifacts 199 Log Analysis 202 IoT Forensics 207 Summary 210 References 211 Chapter 8 Network Forensics 213 Network Protocols 214 Security Tools 215 Firewall 219 Intrusion Detection and Prevention System 219 Content Filter 219 Network Access Control 220 Packet Capturing 223 NetFlow 224 Sandbox 225 Honeypot 226 Security Information and Event Manager (SIEM) 228 Threat Analytics and Feeds 229 Security Tool Summary 229 Security Logs 229 Network Baselines 233 Symptoms of Threats 235 Reconnaissance 235 Exploitation 238 Malicious Behavior 242 Beaconing 244 Brute Force 249 Exfiltration 250 Other Indicators 254 Summary 255 References 255 Chapter 9 Mobile Forensics 257 Mobile Devices 258 Investigation Challenges 258 iOS Architecture 259 iTunes Forensics 261 iOS Snapshots 263 How to Jailbreak the iPhone 265 Android 266 PIN Bypass 270 How to Brute Force Passcodes on the Lock Screen 271 Forensics with Commercial Tools 272 Call Logs and SMS Spoofing 274 Voicemail Bypass 275 How to Find Burner Phones 276 SIM Card Cloning 278 Summary 279 Reference 279 Chapter 10 Email and Social Media 281 A Message in a Bottle 281 Email Header 283 Social Media 288 People Search 288 Google Search 293 Facebook Search 297 Summary 304 References 305 Chapter 11 Cisco Forensic Capabilities 307 Cisco Security Architecture 307 Cisco Open Source 310 Cisco Firepower 312 Cisco Advanced Malware Protection (AMP) 313 Cisco Threat Grid 319 Cisco Web Security Appliance 322 Cisco CTA 323 Meraki 324 Email Security Appliance 326 Cisco Identity Services Engine 328 Cisco Stealthwatch 331 Cisco Tetration 335 Cisco Umbrella 337 Cisco Cloudlock 342 Cisco Network Technology 343 Summary 343 Reference 343 Chapter 12 Forensic Case Studies 345 Scenario 1: Investigating Network Communication 346 Pre-engagement 347 Investigation Strategy for Network Data 348 Investigation 350 Closing the Investigation 355 Scenario 2: Using Endpoint Forensics 357 Pre-engagement 357 Investigation Strategy for Endpoints 358 Investigation 359 Potential Steps to Take 360 Closing the Investigation 362 Scenario 3: Investigating Malware 364 Pre-engagement 364 Investigation Strategy for Rogue Files 365 Investigation 365 Closing the Investigation 369 Scenario 4: Investigating Volatile Data 370 Pre-engagement 371 Investigation Strategy for Volatile Data 372 Investigation 373 Closing the Investigation 375 Scenario 5: Acting as First Responder 377 Pre-engagement 377 First Responder Strategy 377 Closing the Investigation 379 Summary 381 References 382 Chapter 13 Forensic Tools 383 Tools 384 Slowloris DDOS Tool: Chapter 2 385 Low Orbit Ion Cannon 386 VMware Fusion: Chapter 3 386 VirtualBox: Chapter 3 387 Metasploit: Chapter 3 388 Cuckoo Sandbox: Chapter 3 389 Cisco Snort: Chapter 3 389 FTK Imager: Chapters 3, 9 390 FireEye Redline: Chapter 3 391 P2 eXplorer: Chapter 3 392 PlainSight: Chapter 3 392 Sysmon: Chapter 3 393 WebUtil: Chapter 3 393 ProDiscover Basics: Chapter 3 393 Solarwinds Trend Analysis Module: Chapter 4 394 Splunk: Chapter 4 394 RSA Security Analytics: Chapter 4 395 IBM’s QRadar: Chapter 4 396 HawkeyeAP: Chapter 4 396 WinHex: Chapters 6, 7 396 OSForensics: Chapter 6 397 Mount Image Pro: Chapter 6 397 DumpIt: Chapter 6 398 LiME: Chapter 6 398 TrIDENT: Chapter 7 398 PEiD: Chapter 7 399 Lnkanalyser: Chapter 7 399 Windows File Analyzer: Chapter 7 399 LECmd: Chapter 7 401 SplViewer: Chapter 7 401 PhotoRec: Chapter 7 402 Windows Event Log: Chapter 7 402 Log Parser Studio: Chapter 7 403 LogRhythm: Chapter 8 403 Mobile Devices 404 Elcomsoft: Chapter 9 404 Cellebrite: Chapter 9 404 iPhone Backup Extractor: Chapter 9 405 iPhone Backup Browser: Chapter 9 405 Pangu: Chapter 9 405 KingoRoot Application: Chapter 9 405 Kali Linux Tools 406 Fierce: Chapter 8 406 TCPdump: Chapter 3 406 Autopsy and Autopsy with the Sleuth Kit: Chapters 3, 6 406 Wireshark: Chapter 8 406 Exiftool: Chapter 7 407 DD: Chapter 6 407 Dcfldd: Chapter 6 408 Ddrescue: Chapter 6 408 Netcat: Chapter 6 408 Volatility: Chapter 6 408 Cisco Tools 408 Cisco AMP 408 Stealthwatch: Chapter 8 409 Cisco WebEx: Chapter 4 409 Snort: Chapter 11 409 ClamAV: Chapter 10 409 Razorback: Chapter 10 410 Daemonlogger: Chapter 10 410 Moflow Framework: Chapter 10 410 Firepower: Chapter 10 410 Threat Grid: Chapter 10 410 WSA: Chapter 10 410 Meraki: Chapter 10 411 Email Security: Chapter 10 411 ISE: Chapter 10 411 Cisco Tetration: Chapter 10 411 Umbrella: Chapter 10 411 Norton ConnectSafe: No Chapter 412 Cloudlock: Chapter 10 412 Forensic Software Packages 413 FTK Toolkit: Chapter 3 413 X-Ways Forensics: Chapter 3 413 OSforensics: Chapter 6 414 EnCase: Chapter 7 414 Digital Forensics Framework (DFF): Chapter 7 414 Useful Websites 414 Shodan: Chapter 1 414 Wayback Machine: Chapter 3 415 Robot.txt files: Chapter 2 415 Hidden Wiki: Chapter 2 415 NIST: Chapter 4 416 CVE: Chapter 4 416 Exploit-DB: Chapter 4 416 Pastebin: Chapters 4, 10 416 University of Pennsylvania Chain of Custody Form: Chapter 6 417 List of File Signatures: Chapter 9 417 Windows Registry Forensics Wiki: Chapter 7 417 Mac OS Forensics Wiki: Chapter 7 417 Miscellaneous Sites 417 Searchable FCC ID Database 418 Service Name and Transport Protocol Port Number Registry 418 NetFlow Version 9 Flow-Record Format 418 NMAP 418 Pwnable 418 Embedded Security CTF 419 CTF Learn 419 Reversing.Kr 419 Hax Tor 419 W3Challs 419 RingZer0 Team Online CTF 420 Hellbound Hackers 420 Over the Wire 420 Hack This Site 420 VulnHub 420 Application Security Challenge 421 iOS Technology Overview 421 Summary 421 9781587145025 TOC 1/10/2017

Read more less

Book Synopsis

Read more less

Book SynopsisThis book presents a selective collection of papers from the 20th International Symposium on Computer and Information Sciences, held in Istanbul, Turkey. The selected papers span a wide spectrum of topics in computer networks, including internet and multimedia, security and cryptography, wireless networks, parallel and distributed computing, and performance evaluation. These papers represent the results of the latest research of academicians from more than 30 countries.

Read more less

Book Synopsis

Read more less