What is difference Between standard and extended ACLs ?

Standard: 1.In standard access-list the range area is 0-99 2. In standard access-list we can filter the packet after Routing. And it will apply on destination router. 3. Its depend only on source ip address. 4. Standard access list basically used to filter packets by IP address 5. When you enable standard access-list it will block entire thing Extended: 1.In case of extended access-list the range area is 100-199 2. In case of extended access list we can filter the packet Before routing, and it will applied on source router, 3. Its depend on source ip, destination ip, port and protocol 4. Extended access list is used to filter packets based on address, protocol & port no. 5. Extended access-list can block every port like ftp, telnet etc.

What is difference between STP (Spanning Tree Protocol) & VTP (Vlan Trunking Protocol)?
STP : 1. STP stops networking loops 2. The Spanning tree protocol (STP) is a link layer network protocol that ensures a loop-free topology for any bridged LAN. 3. STP is a loop-prevention bridge-to-bridge protocol. Its main purpose is to dynamically maintain a loop-free network. It does this by sending out Bridge Protocol Data Units (BPDUs), discovering any loops in the topology, and blocking one or more redundant links. VTP: 1. VTP is a vlan trunking protocol. It is use for manage large no of vlan. It is a layer 2 protocol. 2. VTP controls the trunking protocol. This is used for transferring vlan information from one vlan to another vlan.

What is VPN?
Implementing a VPN, a company can provide access to the internal private network to clients around the world at any location with access to the public Internet. IPSEC VPN port no: Port Type of VPN UDP 500 Ipsec, TCP 1723 PPTP/L2TP, TCP 443 SSL

What is IPsec (Internet Protocol Security)?

IPsec works on the network Layer of the OSI Model-securing all data that travels between the two endpoints without an association to any specific application. When connected on an IPSec VPN the client computer is Virtually a full member of the network, able to see and potentially access the entire network. IPSec is a set of IP extensions that provide security services, such as encryption, authentication, and data integrity. IPSec is typically used with a VPN.

What is SSL (Secure Sockets Layer)?

SSL for remote access is based on a simple concept: use the encryption and authentication capabilities built into every web browser to provide secure remote access to corporate. SSL is Secured Socket Layer. SSL is used to establish a secured and an encrypted connection between a server and the browser. SSL is most commonly seen in payment and banking web sites. To create a SSL connection, a SSL certificate needs to be created. If the website has a SSL certificate installed, a small icon is displayed in the tool bar to make customers confident that the site is secured.

What is Trusted and Untrusted Networks? Trusted networks: Such Networks allow data to be transferred transparently. The machines using a trusted network are usually administered by an Administrator to ensure that private and secured data is not leaked. Access to this network is limited. Computers using trusted networks are more secured and confidential because of strong firewalls. Untrusted networks: Such networks are usually administered by the owners. They can allow improper access to sensitive or personal data. These machines are usually separate. Such machines could me more prone to attacks.

What is classful & Classless routing? Classful routing : Routing Protocol that do not send subnet mask information when a route update is sent out. All devices in the network must use the same subnet mask Eg : RIP V1 Classless routing : Routing that sends subnet mask information in the routing updates. Classless routing allows VLSM (Variable Length Subnet Masking) Eg : RIP V2 EIGRP & OSPF. What is meant by port blocking within LAN?Restricting the users from accessing a set of services within the local area network is called port blocking. Generally port blocking (here its logical ports) meant that blocking the particular port(s) in a gateway level to avoid the access from outside world. But Port blocking (here its physical ports) is bit differs in LAN segment. In LAN port blocking means blocking the physical ports like USB removable devices floppy DVD/CD-ROM Windows Mobile PDAs and smart phones and transferred via COM and LPT ports FireWire PCMCIA WiFi and Bluetooth adapters and many other plug-andplay devices. The OSI Model (Open Systems Interconnection) The OSI model is a layered model that has been standardized for defining network communications. The OSI model breaks the complex process of network communications into seven distinct layers, each with it own distinct responsibilities. As shown in Figure 3-1, the seven layers of the OSI model are as follows: The application layer (Layer 7) Primarily responsible for interfacing with the end user . Some common application layer protocols, services, and applications are as follows: Messaging gateways Post Office Protocol (POP3), Simple Mail Transfer Protocol (SMTP) Newsgroup, instant messaging and Internet Relay Chat (IRC) protocol applications. Applications such as Forte Agent or Microsoft Messenger are used to communicate between systems using protocols such as Network News Transport Protocol (NNTP).WWW applications. Applications such as Firefox, Microsoft Internet Explorer, Apache Web Server, and Internet Information Services provide web-based access to and from resources The presentation layer (Layer 6) The presentation layer is responsible for presenting data to/from the application and session layers in a format that is understood by the respective layer. Some common protocols at the presentation layer are as follows: Graphics formats. Formats that handle the display and presentation of graphical data such as Joint Photographic Experts Group (JPEG), Graphics Interface Format (GIF), and Bitmap (BMP). Sound and movie formats. Formats such as Windows Media File (WMF), Digital Video Express (DiVX), and Moving Pictures Experts Group Layer-3 Audio (MP3) provide a means to translate and present sound and audio files across the network. The session layer (Layer 5) Primarily responsible for dialog and session control functions between systems Some examples of session layer protocols are as follows: Remote procedure calls A client/server redirection mechanism for requesting data from and executing procedures on a remote system (the server) from a requesting system (the client).NetBIOS An application programming interface (API) typically used on Microsoft systems to provide for remote network access to resources and data. Structured Query Language (SQL) SQL provides the mechanisms and methods for connecting to, querying and retrieving remote data, typically from a database. The transport layer (Layer 4) Primarily responsible for the formatting and handling of the transport of data between systems. The transport layer is primarily responsible for the formatting and handling of the transport of data in a transparent manner. The transport layer provides an application independent method of delivering data across the network while doing so in such a manner as to ensure that the data can be properly put back together on the receiving end. This process is known as segmentation and reassembly, and in fact the data that is received from the higher layers are known as segments. Some examples of transport layer protocols are TCP and UDP, both of which are defined in greater detail later in this chapter. The network layer (Layer 3) Primarily responsible for logical addressing Two common protocols that reside at the network layer are these: Internet Protocol (IP) IP uses a hierarchal addressing scheme to identify hosts regardless of physical location. Because IP is hierarchal in nature, using subnets to define hosts that are local to each other, it scales to be able to provide a global addressing scheme and has become the de facto method of logical addressing across the Internet as well as within most organizations. Internetwork Packet Exchange (IPX) IPX is used primarily on legacy Novell networks. IPX provides for logical addressing through the use of network and host addresses.

The data link layer (Layer 2) primarily responsible for physical addressing. Some common protocols that exist at the data link layer are as follows: Institute of Electrical and Electronics Engineers (IEEE)802.2 This protocol defines the interface between the network layer and the underlying network architecture. IEEE 802.2 is sometimes referred to as the logical link control (LLC) sublayer of the data link layer. IEEE 802.3 This protocol defines how the frames are transmitted and received on the physical media and defines the physical addressing that will be used to identify hosts. IEEE 802.3 is sometimes referred to as the MAC sublayer of the data link layers because it controls how the data will be transmitted on the media. The physical layer (Layer 1) Primarily responsible for the physical transport of the data on the network Some examples of physical layer protocols are as follows:10BASE-T 10BASE-T is a form of Ethernet communications across twisted pair cables at 10 Mbps.100BASE-TX 100BASE-TX is similar to 10BASE-T but defines the communications of Ethernet at 100 Mbps, typically using Category 5 or greater twisted-pair cabling. What is ARP ? Address Resolution Protocol (ARP) is an IP service that was developed to map physical addresses to logical addresses. This resolution is required because hosts need to be able to physically address the data frames at Layer 2 to the appropriate destination. In most cases, the hosts only know each other by IP address. Consequently, ARP functions by broadcasting on the local subnet for the host that has the IP address that needs to be resolved. Because it is a broadcast, all hosts will process the packet, but only the host that actually has that IP address will respond with its MAC address, thereby allowing the original source to properly address the packet both logically by IP address and physically by MAC address. Types of Routing

Fundamentally, there are three types of routing: Static routing

Default routing Dynamic routing

Static routing is the process of an administrator manually entering, maintaining, updating, and removing the routes that a router is configured with. Static routing is a time-consuming process and in most cases should not be used. Notable exceptions to this are in small networks or in the network perimeter, as discussed in Chapter 9, "Where Firewalls Fit in a Network." Default routing, also known as the route of last resort, provides a mechanism to configure a client or router with what is known as its default gateway. Default routing essentially says, "If you cannot figure out how to route this packet to the appropriate network, send it to the default gateway." Default routing is typically implemented on host systems because they generally do not need to know about every subnet on the network. In addition, default routing is commonly used on routers within an organization to point to the router that provides Internet connectivity. This ensures that all data destined for a network that is not defined on the internal network is directed to the Internet, without the organization needing to have routes to the entire Internet on all of their internal routers.

Dynamic routing functions almost exactly like static routing does, but the information is automatically provided through the use of routing protocols. These routing protocols replace all the manual requirements of static routing, which makes dynamic routing the routing method of choice for large or complex network environments. We will look at dynamic routing in more detail in a later section of this chapter.

Different Classes of Routing Protocols Although each routing protocol has its own specific functionality, they can all be generally classified as falling into three categories: Distance vector Distance vector routing protocols are relatively simplistic in design and tend to use a "distance" to determine the best path. The distance is measured by counting how many times a packet goes through a router, known as a hop, until it arrives at the destination network. The smaller the hop count, the shorter and better the route. Distance vector routing protocols receive routing information from neighbors that they believe to be correct but do not verify. If a neighbor router claims that it can deliver data to a network, it is accepted as being accurate and correct. Because the source router has not independently verified the accuracy of this information, distance vector protocol routing is frequently referred to as "routing by rumor." Link state Link-state routing protocols are more complex than distance vector protocols and can take into account information such as the network topology, bandwidth between routers, and congestion. Whereas distance vector protocols know only what they are told, link-state routing protocols typically build routing tables consisting of information about the entire topology, allowing each router to know how every other router is interconnected, thus allowing that information to be used for routing decisions. Because of this additional information, link-state routing protocols are known as being more intelligent than distance vector protocols, but they typically require more CPU and memory resources than distance vector protocols. Hybrid routing protocols use functionality from both distance vector and link-state routing protocols, attempting to leverage the best aspects of each while eliminating the drawbacks. Hybrid routing protocols are typically proprietary protocols such as the Cisco Enhanced Interior Gateway Routing Protocol (EIGRP). Telnet : Telnet is used to provide remote console connections over TCP port 23. Telnet is an insecure protocol, which means that the data being transmitted is not encrypted, rather it is done so in cleartext. FTP: FTP is File Transfer Protocol. It used to exchange files on the internet. To enable the data transfer FTP uses TCP/IP, FTP is most commonly used to upload and download files from the internet. FTP can be invoked from the command prompt or some graphical user interface. FTP also allows to update (delete, rename, move, and copy) files at a server. It uses a reserved port no 21. TFTP: Although it is common to think of TFTP and FTP as practically the same because of the names, nothing could be further from the truth. TFTP is a completely self-contained protocol in no way associated with FTP. Whereas FTP can navigate directory structures and authenticate access, TFTP is unauthenticated and requires exact paths to transmit or receive data. In addition, TFTP uses UDP port 69 for connection establishment, and then performs the file transfer using two random UDP high ports. Because of the unreliable nature of TFTP, as well as the lack of authentication or robust file system navigation capabilities, TFTP tends to be used for small or specialized forms of file transfer such as transferring router and firewall configurations and operating systems. IGMP: Internet Group Management Protocol, allows internet hosts to multicast. i.e. to send messages to a group of computers. There may be a group of internet hosts interested to multicast. IGMP allows router to determine which host groups have members on a given network segment. It helps to establish group memberships. It is commonly used for streamlining videos and gaming. The protocol can be implemented both as a host side and router side. The host side is responsible to notify its membership in a group. The notification is made to a local router. This local router (router side) in turn sends out queries. SNMP: Simple Network Management Protocol is typically used for managing the network. Managing the network includes managing the nodes present in the network. These nodes may be server, routers, bridges and hubs. SNMP agents are used to achieve this. Managing the network is essential because it helps to monitor network performance, detect network faults or failures, audit network usage etc. the SNMP messages like TRAP, GET or SET may be invoked by network elements or network management system.

IP CLASSES Class A 1.0.0.1 to 126.255.255.254Supports 16 million hosts on each of 127 networks. Class B 128.1.0.1 to 191.255.255.254Supports 65,000 hosts on each of 16,000 networks. Class C 192.0.1.1 to 223.255.254.254Supports 254 hosts on each of 2 million networks. Class D 224.0.0.0 to 239.255.255.255Reserved for multicast groups.

Class E 240.0.0.0 to 254.255.255.254Reserved for future use, or Research and Development Purposes. What is IGP (Interior Gateway Protocol)? Any protocol used by an internetwork to exchange routing data within an autonomous system. E.g. RIP, IGRP and OSPF. What is EGP (Exterior Gateway Protocol)? It is the protocol the routers in neighboring autonomous systems use to identify the set of networks that can be reached within or via each autonomous system. What is Autonomous System? A group of Networks under mutual administration that share the same routing methodology. Autonomous Systems are subdivided by Areas and must be assigned an individual 16-bit number by the IANA. What is BGP (Border Gateway Protocol)? It is a protocol used to advertise the set of networks that can be reached within an autonomous system. BGP enables this information to be shared with the autonomous system. This is newer than EGP (Exterior Gateway Protocol). What is Gateway-to-Gateway protocol? It is a protocol formerly used to exchange routing information between Internet core routers. What is difference between layer 2 Switch and Layer 3 Switch ? There is only one big difference between layer 2 and layer 3 switches is that we are able to do routing in internetworking with Layer 3 switches which is not possible to do with layer 2 Layer 2 is do the routing function with the Mac address (ie peer to peer delivery) Layer 3 is do the routing function with the ip address (process to process delivery) The layer2, data link layer is responsible for moving frames From one hop (node) to the next. Whereas in layer3 i.e. network Layer is responsible for the delivery of individual packets From source host to destination host. What is difference Between Bridges and Switches 1. 2. 3. 4. 5. 6. Bridges are software based, while switches are hardware based A switch can be viewed as a multiport bridge. There can be only one spanning tree instance per bridge, while switches can have many Switches have a higher number of ports than most bridges. Bridges and switches learn MAC address by examining the source address of each frame received. Both bridges and switches make forwarding decisions on layer 2 address.

What is difference between half-duplex and full-duplex ? Half duplex mode enables networking devices to send data one-way at a time, means both networking devices cannot send data at the same time. Its like walkie-talkie, only one person can talk at a time. Let's talk about full duplex, it enables two networking devices to send data at the same time and it improves network performance. Its like making a call to your friend by using telephone or cell phone, both of you can talk and listen at the same time. What is APIPA? APIPA, also known as Automatic Private IP Addressing, is a feature used in Windows operating systems. It comes into action only when DHCP (Dynamic Host Configuration Protocol) servers are available. When the DHCP client first comes on, it will try to establish a connection with the DHCP server in order to get an IP address. It is when this server is (or at a later point becomes) unavailable, that APIPA will kick in.

As the client is unable to connect with the server, APIPA will automatically try to configure itself with an IP address from an specially reserved range. (This reserved IP address range goes from 169.254.0.0 to 169.254.255.255).

What are the Difference types of Backup? Normal Incremental Differential Copy Daily - Backup up the files you select and marks the files as backed up. - Backup the files that changed since the last backup, and marks the files as baked up. - Backup the files that changed since the last backup, but dont mark the files as backup up. - Backup the files you select, but doesnt mark the files as backup up. - Backup the file that changed that day, but doesnt mark the files as backed up.

Whats the difference between Local, global and universal groups? Domain local groups assign access permissions to global domain groups for local domain resources. Global group provide access to resources in other trusted domain. Universal groups grant access to resources in all trusted domain.

Show commands Show run Show ip interface brief Show cdp neighbor Show controllers serial 0/0/0 Show ip protocol

Other commands Write erase (erase startup-conifg) Reload Service password Service password encrypting Exec-timeout 0 0 Logging synchronous Banner motd $

Show interface description

Description NAME OF DESCRIPTION No ip domain-lookup

Show ip ospf neighbor

Route ospf 1 Network 192.168.1.0 0.0.0.255 area 0 default-information originate (for default internet)

Whats a Frame Relay? Frame relay is high speed data communication technology that operates at the physical and data link layers of the OSI model. Frame relay uses frames for data transmission in a network. What is an IP Address? An IP address is a unique identifier of a computer or network device on the local area network, WAN or on internet. Every host computer on the internet must have a unique IP address. IP addresses on the internet are usually assigned by the local ISPs to which users are connected What is Subnet Mask? A subnet mask is used to determine the number of networks and the number of host computers. Every class of the IP address uses the different range of the subnet mask. Subnet masks allow the IP based networks to be divided into the sub networks for performance and security purposes. Repeater: Also called a regenerator, it is an electronic device that operates only at physical layer. It receives the signal in the network before it becomes weak, regenerates the original bit pattern and puts the refreshed copy back in to the link. Bridges: These operate both in the physical and data link layers of LANs of same type. They divide a larger network in to smaller segments. They contain logic that allow them to keep the traffic for each segment separate and thus are repeaters that relay a frame only the side of the segment containing the intended recipent and control congestion. Routers: They relay packets among multiple interconnected networks (i.e. LANs of different type). They operate in the physical, data link and network layers. They contain software that enable them to determine which of the several possible paths is the best for a particular transmission. Gateways: They relay packets among networks that have different protocols (e.g. between a LAN and a WAN). They accept a packet formatted for one protocol and convert it to a packet formatted for another protocol before forwarding it. They operate in all seven layers of the OSI model. Difference between the communication and transmission. Transmission is a physical movement of information and concern issues like bit polarity, synchronization, clock etc. Communication means the meaning full exchange of information between two communication media. What is Frame Relay service? Frame Relay is a digital connection-oriented data service that sends packets of data, called frames, over the network. This frame of data is transmitted through the network and checked for errors. Frame Relay is designed for cost-efficient data transmission for intermittent traffic between local area networks (LAN -toLAN) and between end-points in a wide area network (WAN). It's a data network service bundled with leased line access for transmitting data between remote networks. what is the difference between collision domain ?

Collision domain is the group of hosts in which collision can occur but broadcast domain conists of all the groups of hosts that can proceed the broadcast frame. Broadcast domain may be collision domain but Collision domain may not be broadcast domain

What are major types of networks and explain? * Server-based network * Peer-to-peer network Peer-to-peer network, computers can act as both servers sharing resources and as clients using the resources. Server-based networks provide centralized control of network resources and rely on server computers to provide security and network administration What is BPDU ? "Bridge Protocol Data Unit", is a Media Access Control ( MAC ) bridge management protocol. BPDUs are data messages sent across Local Area Networks ( LAN ) to detect loops in a network topology. BPDU contains information about ports, switches, addresses, port priority, etc). BPDU uses what is called Spanning Tree Protocol (STP) which is a management protocol that gathers information on other switches in a network. Switches allow different nodes of a network to communicate directly with one another in a smooth and efficient manner. If loops are found in a network topology the potential exist for duplicate messages, so loops are removed by shutting down the particular bridge interface and placing the redundant switch port in a backup. what is the difference between collision domain Collision domain is the group of hosts in which collision can occur but broadcast domain conists of all the groups of hosts that can proceed the broadcast frame. Broadcast domain may be collision domain but Collision domain may not be broadcast domain. Difference between TCP and UDP There are two types of internet protocol (IP) traffic, and both have very different uses. TCP(Transmission Control Protocol). TCP is a connection-oriented protocol, a connection can be made from client to server, and from then on any data can be sent along that connection. Reliable - when you send a message along a TCP socket, you know it will get there unless the connection fails completely. If it gets lost along the way, the server will re-request the lost part. This means complete integrity, things don't get corrupted. Ordered - if you send two messages along a connection, one after the other, you know the first message will get there first. You don't have to worry about data arriving in the wrong order. Heavyweight - when the low level parts of the TCP "stream" arrive in the wrong order, resend requests have to be sent, and all the out of sequence parts have to be put back together, so requires a bit of work to piece together. UDP(User Datagram Protocol). A simpler message-based connectionless protocol. With UDP you send messages(packets) across the network in chunks. Unreliable - When you send a message, you don't know if it'll get there, it could get lost on the way. Not ordered - If you send two messages out, you don't know what order they'll arrive in. Lightweight - No ordering of messages, no tracking connections, etc. It's just fire and forget! This means it's a lot quicker, and the network card / OS have to do very little work to translate the data back from the packets. What is DNS? DNS means Domain Name System is a database system or internet service that translates Domain name into IP address. There are two Zone: Forward zone: It translates the host name into IP address. Revers Zone: It translates the IP address into Host Name. What is DHCP? Dynamic Host Configuration Protocol automatically assign IP address to the client machines with are connected to the network. It also configures other network setting like Subnet mask, Default gateway and DNS.

What is Subnet Mask? Subnetting means Banking of network in to small sub networks by using subnet mask. A subnet mask allows you to identify which part of an IP address is reserved for the network, and which part is available for host use. What is Firewall? A firewall is a program or hardware device that filters the information coming through the Internet connection into your private network or computer system. If an incoming packet of information is flagged by the filters, it is not allowed through.

What is a Port? A port number is a way to identify a specific process to which an Internet or other network message is to be forwarded when it arrives at a server. There are two types are port we are using For the Transmission Control Protocol and the User Datagram Protocol, a port number is a 16-bit integer that is put in the header appended to a message unit. This port number is passed logically between clients. What is the range of Port numbers allowed? 0 to 1023 - Only special companies like Apple QuickTime, MSN, SQL Services, Gopher Services and other prominent services have these port numbers. 1024 to 49151 - Registered ports; meaning they can be registered to specific protocols by software corporations. 49152 to 65536 - Dynamic or private ports; meaning that they can be used by just about anybody.