Chapter 11 - Small Network(WLAN).pptx

Full Transcript

Chapter 11:

Small Network
Lucky Makhoere

CCNA Routing and Switching
Routing and Switching Essentials v6.0
 Securing Devices
Basic Security Practices
Securing Devices
 Encrypt passwords.
 Require minimum
length passwords.
 Block brute force
attacks.
 Use Banner
Message.
 Set EXEC timeout.

Presentation_ID © 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential 2
 Securing Devices
Enable SSH

Presentation_ID © 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential 3
 Introduction to Networks

Chapter 11:
Bringing it all Together

11.0 Introduction
11.1 Create and Grow
11.2 Keeping the Network Safe
11.3 Basic Network Performance
11.4 Managing IOS Configuration Files
11.5 Integrated Routing Services
Presentation_ID © 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential 4
 Integrated Router
Multi-function Device
Multi-function Device
 Incorporates a switch, router, and wireless access point.
 Provides routing, switching and wireless connectivity.
 Linksys wireless routers, are simple in design and used in home
networks
Cisco Integrated Services Router (ISR) product family offers a wide
range of products, designed for small office to larger networks.

Presentation_ID © 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential 5
 Integrated Router
Wireless Capability
 Wireless Mode – Most integrated wireless routers support 802.11b,
802.11g and 802.11n.
 Service Set Identifier (SSID) – Case-sensitive, alpha-numeric name
for your home wireless network.
 Wireless Channel – RF spectrum can be divided up into channels.
Linksys Wireless Settings

Presentation_ID © 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential 6
 Integrated Router
Basic Security of Wireless
 Change default values
 Disable SSID broadcasting
 Configure Encryption using WEP or WPA
 Wired Equivalency Protocol (WEP) - Uses pre-configured
keys to encrypt and decrypt data. Every wireless device
allowed to access the network must have the same WEP key
entered.
 Wi-Fi Protected Access (WPA) – Also uses encryption keys
from 64 bits up to 256 bits. New keys are generated each time
a connection is established with the AP; therefore, more
secure.

Presentation_ID © 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential 7
 Integrated Router
Configuring the Integrated Router
Step 1 - Access the router by cabling a computer to one of the router’s
LAN Ethernet ports.
Step 2 - The connecting device will automatically obtain IP addressing
information from Integrated Router.
Step 3 - Change default username and password and the default Linksys
IP address for security purposes.

Initial Access to the Router

Presentation_ID © 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential 8
 Integrated Router
Enabling Wireless
Step 1 - Configure the wireless mode
Step 2 - Configure the SSID
Step 3 - Configure RF channel
Step 4 - Configure any desired security encryption

Presentation_ID © 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential 9
 Integrated Router
Configure a Wireless Client
 The wireless client
configuration settings
must match that of the
wireless router.
SSID
Security Settings
Channel
 Wireless client software
can be integrated into the
device operating system
or stand alone,
downloadable, wireless
utility software.

Presentation_ID © 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential 10
 Introduction to Networks

Chapter 11:
Bringing it all Together

11.0 Introduction
11.1 Create and Grow
11.2 Keeping the Network Safe
11.3 Basic Network Performance
11.4 Managing IOS Configuration Files
11.5 Integrated Routing Services
Presentation_ID © 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential 11
 Devices in a Small Network
Device Selection for a Small Network
Factors to be considered when selecting intermediate devices.

Presentation_ID © 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential 13
 Devices in a Small Network
Design Considerations for a Small Network
 The following should be
included in the network
design:
Secure file and mail
servers in a
centralized location.
Protect the location
by physical and
logical security
measures.
Create redundancy
in the server farm.
Configure redundant
paths to the servers.

Presentation_ID © 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential 17
Growing to Larger Networks
Scaling a Small Network
Important considerations when growing to a larger network:
 Documentation –Physical and logical topology.
 Device inventory – List of devices that use or comprise the network.
 Budget – Itemized IT expense items, including the amount of money
allocated to equipment purchase for that fiscal year.
 Traffic Analysis – Protocols, applications, and services and their
respective traffic requirements should be documented.

Presentation_ID © 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential 21
 Introduction to Networks

Chapter 11:
Bringing it all Together

11.0 Introduction
11.1 Create and Grow
11.2 Keeping the Network Safe
11.3 Basic Network Performance
11.4 Managing IOS Configuration Files
11.5 Integrated Routing Services
Presentation_ID © 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential 24
 Network Device Security Measures
Threats to Network Security
Categories of Threats to Network Security

Presentation_ID © 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential 25
 Network Device Security Measures
Physical Security
Four classes of physical threats are:
 Hardware threats – Physical damage to servers, routers,
switches, cabling plant, and workstations
 Environmental threats – Temperature extremes (too hot or too
cold) or humidity extremes (too wet or too dry)
 Electrical threats – Voltage spikes, insufficient supply voltage
(brownouts), unconditioned power (noise), and total power loss
 Maintenance threats – Poor handling of key electrical
components (electrostatic discharge), lack of critical spare parts,
poor cabling, and poor labeling

Presentation_ID © 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential 26
 Network Device Security Measures
Types of Security Vulnerabilities
Vulnerabilities -
Types of Security Technology
Weaknesses:
 Technological
 Configuration
 Security policy

Presentation_ID © 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential 27
 Vulnerabilities and Network Attacks
Viruses, Worms and Trojan Horses
 Virus – Malicious software that is attached to another program to
execute a particular unwanted function on a workstation.
 Trojan horse – An entire application written to look like something
else, when in fact it is an attack tool.
 Worms – Worms are self-contained programs that attack a system
and try to exploit a specific vulnerability in the target. The worm
copies its program from the attacking host to the newly exploited
system to begin the cycle again.

Presentation_ID © 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential 28
 Vulnerabilities and Network Attacks
Reconnaissance Attacks

Presentation_ID © 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential 29
 Vulnerabilities and Network Attacks
Access Attacks

Presentation_ID © 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential 30
 Vulnerabilities and Network Attacks
Access Attacks (Cont.)

Presentation_ID © 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential 31
 Vulnerabilities and Network Attacks
Denial of Service Attacks (DoS)

Presentation_ID © 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential 32
 Mitigating Network Attacks
Backup, Upgrade, Update, and Patch
Antivirus software can detect most viruses and many Trojan horse
applications and prevent them from spreading in the network.
 Keep current with
the latest versions
of antivirus
software.
 Install updated
security patches.

Presentation_ID © 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential 33
 Mitigating Network Attacks
Authentication, Authorization, and Accounting
Authentication, Authorization, and Accounting (AAA, or “triple A”)
 Authentication – Users and administrators must prove their identity.
Authentication can be established using username and password
combinations, challenge and response questions, token cards, and
other methods.
 Authorization – Determines which resources the user can access
and the operations that the user is allowed to perform.
 Accounting – Records what the user accessed, the amount of time
the resource is accessed, and any changes made.

Presentation_ID © 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential 34
 Mitigating Network Attacks
Firewalls
A Firewall resides Firewalls
between two or more
networks. It controls
traffic and helps prevent
unauthorized access.
Methods used are:
 Packet Filtering
 Application Filtering
 URL Filtering
 Stateful Packet
Inspection (SPI) –
Incoming packets must
be legitimate
responses to requests
from internal hosts.

Presentation_ID © 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential 35
 Mitigating Network Attacks
Endpoint Security
 Common endpoints are
Common Endpoint Devices
laptops, desktops,
servers, smart phones,
and tablets.
 Employees must follow
the companies
documented security
policies to secure their
devices.
 Policies often include
the use of anti-virus
software and host
intrusion prevention.

Presentation_ID © 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential 36
 Securing Devices
Introduction to Securing Devices
 Part of network security is securing devices, including end devices
and intermediate devices.
 Default usernames and passwords should be changed
immediately.
 Access to system resources should be restricted to only the
individuals that are authorized to use those resources.
 Any unnecessary services and applications should be turned off
and uninstalled, when possible.
 Update with security patches as they become available.

Presentation_ID © 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential 37
 Securing Devices
Passwords Weak and Strong Passwords

Presentation_ID © 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential 38
 Securing Devices
Passwords
Weak and Strong Passwords

Presentation_ID © 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential 39
 Introduction to Networks

Chapter 11:
Bringing it all Together

11.0 Introduction
11.1 Create and Grow
11.2 Keeping the Network Safe
11.3 Basic Network Performance
11.4 Managing IOS Configuration Files
11.5 Integrated Routing Services
Presentation_ID © 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential 40
 Ping
Interpreting ICMP Messages
 ! – indicates
receipt of an
ICMP echo reply
message
. – indicates a
time expired
while waiting for
an ICMP echo
reply message
 U – an ICMP
unreachable
message was
received

Presentation_ID © 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential 41
 Ping
Leveraging Extended Ping
The Cisco IOS offers an "extended" mode of the ping command:
R2# ping
Protocol [ip]:
Target IP address: 192.168.10.1
Repeat count :
Datagram size :
Timeout in seconds :
Extended commands [n]: y
Source address or interface: 10.1.1.1
Type of service :

Presentation_ID © 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential 42
 Ping
Network Baseline
Baseline with ping

Presentation_ID © 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential 43
 Ping
Network Baseline (Cont.)

Presentation_ID © 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential 44
 Tracert
Interpreting Tracert Messages

Presentation_ID © 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential 45
 Show Commands
Common Show Commands Revisited
The status of nearly every process or function of the router can be
displayed using a show command.

Frequently used show commands:
show running-config
show interfaces
show arp
show ip route
show protocols
show version

Presentation_ID © 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential 46
 Show Commands
Viewing Router Settings With Show Version
Cisco IOS Version
System Bootstrap

Cisco IOS Image

CPU and RAM

Number and Type of
Physical Interfaces

Amount of NVRAM

Amount of Flash

Configuration Register

Presentation_ID © 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential 47
 Show Commands
Viewing Switch Settings With Show Version

show version Command

Presentation_ID © 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential 48
 Host and IOS Commands
ipconfig Command Options
 ipconfig – Displays
ip address, subnet
mask, default gateway.
 ipconfig /all –
Also displays MAC
address.
 ipconfig
/displaydns –
Displays all cached dns
entries in a Windows
system.

Presentation_ID © 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential 49
 Host and IOS Commands
arp Command Options
arp Command Options

Presentation_ID © 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential 50
 Host and IOS Commands
show cdp neighbors Command
Options
show cdp neighbors command provides information about each
directly connected CDP neighbor device.

Presentation_ID © 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential 51
 Host and IOS Commands
Using show ip interface brief Command
show ip interface brief command-used to verify the status
of all network interfaces on a router or a switch.

Presentation_ID © 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential 52
 Securing Devices
Basic Security Practices
Securing Devices
 Encrypt passwords.
 Require minimum
length passwords.
 Block brute force
attacks.
 Use Banner
Message.
 Set EXEC timeout.

Presentation_ID © 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential 53
 Securing Devices
Enable SSH

Presentation_ID © 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential 57
 Introduction to Networks

Chapter 11:
Bringing it all Together

11.0 Introduction
11.1 Create and Grow
11.2 Keeping the Network Safe
11.3 Basic Network Performance
11.4 Managing IOS Configuration Files
11.5 Integrated Routing Services
Presentation_ID © 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential 60
 Router and Switch File Systems
Router File Systems
show file systems command – Lists all of the available file
systems on a Cisco 1941 route.
The asterisk (*) indicates this is the current default file system.

Presentation_ID © 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential 61
 Router and Switch File Systems
Switch File Systems
show file systems command – Lists all of the available file
systems on a Catalyst 2960 switch.

Presentation_ID © 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential 62
 Backup and Restore Configuration Files
Backup and Restore Using Text Files
Saving to a Text File in Tera Term

Presentation_ID © 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential 63
 Backup and Restore Configuration Files
Backup and Restore Using TFTP
 Configuration files can be stored on a Trivial File Transfer Protocol
(TFTP) server.
 copy running-config tftp – Save running configuration to a tftp
server.
 copy startup-config tftp – Save startup configuration to a tftp
server.

Presentation_ID © 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential 64
 Backup and Restore Configuration Files
Using USB Interfaces on a Cisco Router
 USB flash drive must be formatted in a FAT16 format.
 Can hold multiple copies of the Cisco IOS and multiple router
configurations.
 Allows administrator to easily move configurations from router to
router.

Presentation_ID © 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential 65
 Backup and Restore Configuration Files
Backup and Restore Using USB
Backup to USB Drive

Presentation_ID © 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential 66
 11.5 WLAN VS Wi-Fi

Presentation_ID © 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential 67
Background (1 of 2)
 In many respects, the IEEE 802.11b wireless LAN (WLAN)
standard is similar to that for classic IEEE 802.3 (Ethernet)
LANs
 Similarities:
LAN with limited geographic coverage
multiple stations, with 48-bit MAC addresses
shared transmission medium (broadcast technology)
CSMA-based Medium Access Control protocol
comparable data rates (11 Mbps vs 10 Mbps)

Presentation_ID © 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential 68
 Background (2 of 2)
 But there are also many distinct differences:
wireless (air interface) versus wired (coax)
wireless propagation environment (multipath)
higher error rate due to interference, etc.
successful frames are ACKed by receiver
mobile stations versus fixed stations
half-duplex versus full-duplex operation
“hidden node” and “exposed node” problems
potential asymmetries of links
CSMA/CA versus CSMA/CD
multiple data transmission rates (1, 2, 5.5, 11)

Presentation_ID © 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential 69
 Some WiFi Features
 Infrastructure mode vs “ad hoc” mode
 Access Point (AP) sends “beacon frames”
Mobiles choose AP based on signal strength
 Multiple channel access protocols supported
CSMA/CA (DCF); PCF; RTS/CTS
 MAC-layer can provide error control, retransmission,
rate adaptation, etc.
 Direct Sequence Spread Spectrum (DSSS)
signal spread across 14 22-MHz channels

Presentation_ID © 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential 70
Access Method (1 of 2)
802.11 MAC services append 48-bit physical addresses to frame to identify source and
destination
The use of the same physical addressing scheme as other Ethernet networks allows easy
combination with other IEEE networks
Wireless devices are not designed to simultaneously transmit and receive
802.11 standards specify the use of CSMA/CA (Carrier Sense Multiple Access with
Collision Avoidance) procedures to access a shared medium
Uses ACK packets to verify every transmission and requires more overhead than 802.3
RTS/CTS (Request to Send/Clear to Send) protocol ensures packets are not inhibited by
other transmissions
RTS/CTS decreases network efficiency, but can be efficient for large transmission
packets

Jill West, CompTIA Network+ Guide to Networks, 9th Edition. © 2022 Cengage. All Rights Reserved. May not be
scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part.
Presentation_ID © 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential 71
Access Method (2 of 2)

Figure 6-13 CSMA/CA uses ACK
messages to confirm successful
transmission

Jill West, CompTIA Network+ Guide to Networks, 9th Edition. © 2022 Cengage. All Rights Reserved. May not be
scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part.
Presentation_ID © 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential 72
 Where Does Wireless RF Live?

ISM (Industrial, Scientific, Medical) band

902-928 MHz 2400-2483.5 MHz 5725-5850 MHz

Old Wireless 802.11/802.11b,g 802.11a
Bluetooth
Cordless Phones
Home RF
Baby Monitors
Microwave Ovens

Presentation_ID © 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential 73
 Protocol Stack View

Telnet, FTP, Email, Web, etc. Application
Presentation

Session
TCP, UDP Transport

IP, ICMP, IPX Network

Logical Link Control - 802.2
(Interface to the upper layer protocols)
MAC
Data Link
Wireless lives at 802.3, 802.5, 802.11
Layers 1 & 2
only!
Physical Layer Convergence Protocol
Physical
LAN: 10BaseT, 10Base2, 10BaseFL
WLAN: FHSS, DSSS, IR
Presentation_ID © 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential 74
 Wireless Cells

Access Point
coverage
area is called a
“Cell”
11 Mbps bandwidth Access Point
“shared” by all Channel 6
devices ESSID: NAI
in the Cell! Range per Access
Point is 100m

In Canada/US, there are eleven 802.11 channels
Only channels 1, 6 and 11 are non-overlapping
Computers can roam between cells

Presentation_ID © 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential 75
 Multiple Wireless APs

1
1
6

1
11 1
1

Presentation_ID © 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential 76
 Medium Access Control (MAC)

Carrier Sense Multiple Access with Collision Avoidance

How CSMA-CA works:
Device wanting to transmit senses the medium (Air)
If medium is busy - defers
If medium is free for certain period (DIFS) - transmits

tency can increase if “air” is very busy! Device
as hard time finding “open air” to send frame!
* DIFS - Distributed Inter-Frame Space (approx 128 µs)

Presentation_ID © 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential 77
 MAC Protocol (Cont’d)

source dest others
“Air” is
free DIFS

NAV: defer access
for DIFS
time
send data
period
frame All other
devices
SIFS must
defer
Receive ack while
ACK “air” is
that frame busy
was
Every frame is acked - except broadcast and multicast
received
intact!
* SIFS - Short Inter-Frame Space (approx 28 µs)
Presentation_ID © 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential 78
 MAC-Layer Retransmission
 If no ACK received “right away”, then the sender
retransmits the frame again at the MAC layer
indicates frame (or ACK) was lost/corrupted
very short timeout (e.g., 1 msec)
exponential backoff (doubling) if repeated loss
 Typically recovers before TCP would notice
 Max retransmission limit (e.g., 8)
 May do MAC-layer rate adaptation or frame
fragmentation if channel error rate is high

Presentation_ID © 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential 79
 Other MAC Protocols Supported

 Point Coordination Function (PCF)
AP polls stations in turn to see if frames to send
useful for real-time traffic
 Request-To-Send/Clear-To-Send (RTS/CTS)
reservation-based approach (ask permission)
useful for very large frames
useful for solving the “hidden node” problem
request asks for clearance (permission) to send
request also indicates time required for transmit

Presentation_ID © 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential 80
 Frames: Wired and Wireless Network

Presentation_ID © 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential 81
 Frame Formats
 Two frame formats available:
long preamble
short preamble
 Configuration option for NIC and AP

 Variable-size frames (max 2312 data bytes)

 16-bit Cyclic Redundancy Code (CRC) for error
checking of frames

Presentation_ID © 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential 82
 Frame Format (Long Preamble)

Long Preamble = 144 bits
Interoperable with older 802.11 devices
Entire Preamble and 48 bit PLCP Header sent at 1 Mbps
Transmitted at 1 Mbps

Signal
16 bit Speed Service Length 16 bit Payload
128 bit Preamble Start 1,2,5.5 (unused) of CRC
Payload 0-2312 bytes
(Long) ,11
Frame Mbps
Delimiter
Transmitted at X
Mbps

Presentation_ID © 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential 83
 Frame Format (Short Preamble)

Short Preamble = 72 bits
Preamble transmitted at 1 Mbps
PLCP Header transmitted at 2 Mbps
more efficient than long preamble

Transmitted Transmitted Transmitted
at at at
1 Mbps 2 Mbps X Mbps
Signal
16 bit Speed Service Length 16 bit Payload
56 bit of
Preamble
Start 1,2,5.5 (unused)
Payload
CRC 0-2312 bytes
,11
Frame Mbps
Delimiter

Presentation_ID © 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential 84
Even More Features
 Power Management
mobile nodes can “sleep” to save power
AP will buffer frames until client requests them
AP can use virtual bitmap field in beacons to indicate which stations
have data waiting
 Security
Wired Equivalent Privacy (WEP)
not very secure at all!

Presentation_ID © 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential 85
Summary
 IEEE 802.11b (WiFi) is a wireless LAN technology that is
rapidly growing in popularity
 Convenient, inexpensive, easy to use
 Growing number of “hot spots” everywhere
airports, hotels, bookstores, Starbucks, etc
 Many deployments now have IEEE 802.11g (54 Mbps) or
IEEE 802.11a (also 54 Mbps)
 Some deployments have IEEE 802.11n (> 100 Mbps)
 U of C WLAN has about 1000 WiFi Access Points (APs)

Presentation_ID © 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential 86
Section 6.1
New Terms and Commands
 Subnetting
 Classful Boundary
 Classless Subnetting
 Magic number
 Variable Length Subnet
Mask (VLSM)
 Global Routing Prefix

Presentation_ID © 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential 87
 11.6 Summary

Presentation_ID © 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential 88
 Chapter 11: Summary
In this chapter, you learned:
 Good network design incorporates reliability, scalability, and
availability.
 Networks must be secured from viruses, Trojan horses, worms and
network attacks.
 The importance of documenting Basic Network Performance.
 How to test network connectivity using ping and traceroute.
 How to use IOS commands to monitor and view information about
the network and network devices.
 How to backup configuration files using TFTP or USB.
 Home networks and small business often use integrated routers,
which provide the functions of a switch, router and wireless access
point.

Presentation_ID © 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential 89
Presentation_ID © 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential 90