640-811: CCNA, The Second Chapter
Proving your expertise in internetworking doesn't have to be hard. Cisco's latest exam combination will let you obtain your CCNA credential in two steps. Here we review the second exam.
by Andy Barkl
8/27/2003 -- Cisco Systems' new exam, Interconnecting Cisco Networking Devices (ICND), is one of two tests you need to pass to achieve a CCNA certification. The other is INTRO, which is reviewed here. (If you'd prefer to take one giant step instead of two smaller steps, you can also tackle 640-801, which encompasses the content from both of these exams. I've reviewed that here.)
I recommend that you tackle the CCNA INTRO exam prior to ICND, even though INTRO has the higher exam number. Cisco recommends the same order.
Although the official exam objectives page suggests that you'll receive between 55 and 65 questions, I only received 42. I was given 60 minutes for the test. The passing score is 849.
 |
|
|
| Exam |
|
|
|
#640-811: Interconnecting Cisco Networking Devices (ICND) |
|
| Vendor |
|
|
|
Cisco |
|
| Status |
|
|
|
Live. Available at Pearson Vue and Prometric testing centers worldwide. |
|
| Reviewer's Rating |
|
|
|
"This new exam will test your knowledge of basic router troubleshooting, VLANs, IOS commands, the OSI model and subnetting." |
|
| Test Information |
|
|
|
55 to 65 questions, 60 minute time limit. Cost: $100 (U.S.). |
|
| Who Should Take This Exam? |
|
|
|
Candidates for CCNA; must take in conjuction with #641-821INTRO exam. Current CCNAs may use this exam to recertify. |
|
|
| Test Objectives |
|
|
|
Click here |
|
|
|
|
|
|
|
|
|
|
|
|
|
My version of the exam had two router simulators and many multiple-choice-type questions: the exam always designated the number of choices possible. Having taken the CCNA 407, 507, 607 and 801 exams, I found this exam much easier. It consists of coverage of these topics: router troubleshooting, VLANs, IOS commands, the OSI model, and subnetting.
The exam engine is slow when it comes to switching between the simulator-based questions and the standard multiple-choice questions. Patience is a must! For most simulator-based questions, you're presented with a network of three routers, required to find the problem, reconfigure one or more routers, verify and save your work. The simulator behaves very much like the real thing and includes limited support for abbreviated, editing and help commands.
The 640-811 exam includes these four core areas; Planning and Design, Implementation and Operations, Troubleshooting, and Technology Environments, as listed on the official objectives page. In this article, I address these four core areas and the objectives under each to help you prepare for this exam.
Planning and Design
Within this topic you'll find the word design used frequently. Don't be alarmed by this because this exam is by no means the new CCDA exam reviewed here. Exam objectives here include:
- Design or modify a simple LAN using Cisco products
- Design an IP addressing scheme
- Select an appropriate routing protocol
- Develop an access list to meet user specifications
- Choose WAN protocols to meet design requirements.
For this first set of objectives Figure 1 shows a generic network diagram to make my points clear.
Figure 1. A network diagram to test your internetworking mettle.
In Figure number 1, you're required to choose the best IP subnet design. Your choices are:
- 192.168.98.0 255.255.255.0
- 192.168.98.0 255.255.255.192
- 192.168.98.0 255.255.255.240
- 192.168.98.0 255.255.255.252
So which would you choose and why? The correct answer is 192.168.98.0 255.255.255.240, because there are five networks (don't forget the two networks between the routers) and at least three hosts per network, counting the switch and its management IP address. With this choice, you have a total of 14 networks or subnets and 14 hosts per network. The key here is to multiply by twos -- 2, 4, 8, 16, using four bits beyond the default 24 for a class C. Assuming the minus-two rule here, you'd have 16-2=14 for both networks and hosts.
| Additional Information |
|
Loads of resources on the market will help you prepare and practice for passing the CCNA exams. One such favorite resource of mine is free, authoritative and recommended by many others: Cisco.com.
Once at Cisco.com, you'll want to spend time with the reference guides and technology white papers available in the Documentation site or CCO (Cisco Connection Online) found here.
For this exam, I recommend you read and understand each of these chapters of the Internetworking Technology Handbook: 1-7, 10, 12, 13, 26, 31, 41, and 46 found here. Honestly, how much easier and cheaper can it get? This resource will help you keep the costs of your studies down (along with many other recommendations in the "IT Certification on the Cheap" guide sold here.)
When deciding which study guides will prepare you for the new CCNA 640-811 exam, keep in mind that the exam objectives are only a subset of the exam. If you've already started your studying using one of the many popular study guides on the market, you should be able to match the objectives from this exam to chapters in your book. For example, in the Cisco Press Cisco CCNA Exam #640-607 Certification Guide (ISBN 1-58720-055-4), you should study chapters 7-13 for this exam and the remainder (1-6) for the INTRO 640-821 exam.
You should also pick up a router simulator or real router to prepare for the router simulator questions. Cisco uses a router simulator in their exams developed by the Cisco Networking Academy program. It also offers a sample on its Web site. Many third-party products on the market are similar. You can view and even demo a copy of the official Cisco exam simulator here.
Last, spend a few minutes reviewing, "My Top 10 Study Tips for Cisco's 640-607 CCNA Exam," by Karen Robertson-Kidd, found here. - A.B.
|
|
|
|
Next question: What are the network and host IP address assignments? If you use the number 256 and subtract the mask 240, your remainder is 16. This yields the network addresses 16, 32, 48, 64, and so on. The final network is 16 less than the mask of 240 or 224. For the host addresses, if you count in binary with the four bits, 0001, 0010, 0011, 0100, and so on, this yields the host addresses for the first network 16 of decimal: 17, 18, 19, 20.
Learning to subnet IP addresses is confusing for most; if you don't have a firm grasp on it prior to the exam, chances are you'll fail. I recommend this as the number one resource for practicing subnetting: http://www.LearnToSubnet.com.
Routing protocol questions on this exam were few, but don't forget RIP and IGRP support classful routing. IGRP and RIP are routing protocols; IP is a routed protocol.
Tip: IGRP requires an autonomous system number assignment when configured; RIP doesn't. For example; router igrp 10.
Access lists can be tricky, and the exam questions are many in this exam. I suggest you use the reference here before attempting the exam.
When evaluating an access list, and deciding what it will and won't allow, you must read carefully. Also, don't forget the rules! For example:
access-list 101 deny any 192.168.98.51 eq 20
access-list 101 deny any 192.168.98.51 eq 21
Referring back to Figure 1, if this access list were applied to the E0 port outbound of Router B, what would be the effect and why? Here are your choices:
- no FTP traffic from any host to host B
- no FTP traffic from host B to any host
- no traffic will be allowed to pass through E0
- all traffic will be allowed to pass through E0
The answer is: No traffic will be allowed to pass through E0. This is because there's no permit statement of any kind in this access list. Remember the rules of access lists as defined in the above reference!
WAN protocols on this exam may include Frame Relay and ISDN. There are many things to consider when preparing an interface for a frame relay connection, and you should be intimately familiar with them. For the exam, you'll want to know and memorize the frame relay encapsulations, DLCI configurations and LMI types. Frame relay encapsulation types are cisco and ietf with cisco being the default. When there's a mismatch between two routers, communication won't take place. DLCIs are locally significant and only represent the connection identifier from the router to the frame switch. LMI types are: ansi, cisco and q933a.
Tip: When configuring an interface for frame relay, the physical interface is assigned encapsulation. The subinterfaces are where you configure things such as point-to-point and IP addresses.
ISDN-type questions may include supported speeds and the use and need for DDR (Dial on Demand Routing). For more information on ISDN and DDR, I recommend the resource here.
Tip: Each ISDN B channel supports a maximum speed of 64Kbps.
Implementation and Operation
In this topic you'll find these exam objectives:
- Configuration of routing protocols
- IP addresses, masks and gateways
- VLANs
- Access lists
- WAN protocols
You may be tested on a few of the basic IOS commands. See table 1 below for details.
Table 1. IOS commands used to configure and implement routing protocols, IP addresses, masks and access lists
| IP access-group xxx out|in |
Applies an access list to an interface |
| IP address xxx.xxx.xxx.xxx xxx.xxx.xxx.xxx |
Assigns an IP address to an interface |
| Ping ip address |
Tests connectivity |
| Show ip interface |
Displays the IP address and subnet mask for an interface |
| Show running-config |
Displays the contents of RAM |
| Show startup-config |
Displays the contents of NVRAM |
| Show version |
Displays the IOS version and configuration register value |
| Router IGRP xx |
Enables the IGRP routing process and assigns autonomous system number |
| Router RIP |
Enables the RIP routing process |
Tip: To display the interface an access list is applied to, use the IOS command show ip interface or show running-config.
Configuring IP addresses, subnet masks and gateways requires absolute knowledge of subnetting. You may be presented with a simple network diagram consisting of subnets, routers and hosts and be asked to identify the proper assignment of IP addresses. Read each address carefully -- the answer may not always be obvious!
Referring to Figure 1 once more, let's say the network is configured according to table 2.
Table 2. Network configuration.
|
Host A
|
Host B |
Host C |
IP Address
192.168.98.19 |
IP Address
192.168.98.35 |
IP Address
192.168.98.51 |
Subnet Mask
255.255.255.192 |
Subnet Mask
255.255.255.192 |
Subnet Mask
255.255.255.192 |
Gateway
192.168.98.17 |
Gateway
192.168.98.33 |
Gateway
192.168.98.49 |
Are the IP addresses, subnet masks and gateway addresses valid? Why or why not? If you subtract the mask of 192 from the number 256, the remainder is 64. This would yield the network numbers 64 and 128. That's only two networks. Three are required! So the subnet mask for each host should be 255.255.255.240.
Troubleshooting
Under this core heading, you'll find these exam objectives:
- Use of the OSI model for troubleshooting
- Troubleshooting of routing protocols, IP addresses and access lists
The two simulator questions I received on this exam fell under this heading. Finding a router's faulty configuration can take some work; but if you follow a few simple rules, and use proven techniques, you'll get there! When you're presented with a network diagram as shown in Figure 1, and the problem statement is failed communication between two or more hosts, first connect to each router, and use the command show ip route. This will usually verify the problem is routing related as indicated by the lack of complete routing tables. The problem is usually either an incorrectly configured interface IP address or mask or it's routing protocol network numbers. Make the required correction, verify and save your work!
Tip: Use the show running-config command to verify configuration of interface IP addresses, masks and routing protocol network numbers.
The OSI 7 layer reference model includes these layers: Application, Presentation, Session, Transport, Network, Data Link and Physical. The numbering starts from the bottom (the physical layer is number 1). Knowing the layer names and their order is crucial. Some people like to use an anagram to help. One of my favorites is: Please Do Not Throw Sausage Pizza Away.
Knowing where the most common network devices operate in the OSI model is also a must. At the physical layer is the cabling of the network, repeaters and hubs. The data link layer includes bridges and switches. Routers operate at the network layer.
Tip: A switch is a multi-port bridge.
The Cisco router password recovery procedure requires you follow exact steps to save the original NVRAM contents. If the following IOS command isn't issued during the procedure, you'll lose its contents: copy running-config startup-config.
Tip: To connect a workstation to a router directly, you would use a crossover cable.
You need to understand protocol operations and at which layer each functions. This exam focuses only on TCP/IP. From the physical layer up, there are protocols that define the physical connection and signaling on the wire such as V.35 and RS-232. At the data link layer there are also protocols responsible for defining the network topology and data communication standards such as ethernet, token-ring and FDDI.
At the network layer, there's IP, and at the transport layer TCP. TCP is commonly used at this layer by many upper-layer protocols and applications providing end to end delivery.
Table 3, below, lists common protocols and their corresponding OSI layer.
Table 3. Common protocols and the OSI layer where they reside.
| Protocol |
Layer |
| FTP |
Application |
| HTTP |
Application |
| SMTP |
Application |
| IGRP |
Transport |
| RIP |
Transport |
Tip: CHAP authentication is a one-way process using a three-way handshake.
Technology
Under this final topic, you'll find these exam objectives:
- Describe the spanning tree process
- Evaluate characteristics of LAN environments, routing protocols and the rules of packet control
The Spanning Tree Protocol (STP) enabled by default on all Cisco switches, includes the spanning-tree algorithm (STA). It is used between network switches to preserve the benefits of redundant loops while eliminating their problems. The STA designates a loop-free subset of the network's topology by placing switch ports that, if active, would create loops into a standby, blocking condition. Blocking switch ports can be activated in the event of a primary link failure, providing a new path through the network.
Tip: Remember, Routers divide networks into different broadcast domains for controlling broadcast traffic. Switches and bridges create or divide collision domains.
When evaluating VLANs, normally each VLAN is assigned a different subnet. In most cases, a network with many subnets will probably have many VLANs. This also means that a host in one VLAN can't PING a host in another unless routing exists! Switches and VLANs enable a network administrator to assign users to broadcast domains based upon the user's job requirements. This provides a high level of flexibility and includes the following advantages: segmentation of broadcast domains to create more bandwidth, additional security by isolating users with bridge technologies, and deployment flexibility based upon job function rather than physical placement.
| New Self-Study Books Out by Cisco Press |
|
Cisco Press, a partnership between Cisco Systems and Pearson Education, has released several new books intended for self-study on the new CCNA exams.
CCNA ICND Exam Certification Guide (ISBN 1-58720-083-X) and CCNA INTRO Exam Certification Guide (ISBN 1-58720-094-5) both retail for $39.95. Both run about 600 pages and are written by Wendell Odom, a CCIE who teaches for Skyline Computer. You can buy a two-volume library (ISBN 1-58720-095-3) that includes both books for $59.95.
The first book, INTRO, encompasses networking fundamentals, the operation of Cisco devices, LAN switching (the basics, including cabling and standards), TCP/IP (specifically IP addressing and subnetting, basic router configuration and an introduction to dynamic routing protocols), as well as remote access technologies.
The second book, ICND, covers LAN switching, TCP/IP, WANs (specifically, leased lines, ISDN and frame relay) and network security.
The volumes provide open ended questions at the end of each chapter, as well as a simulated exam on a CD. If you lack practice equipment, the CD also includes a version of Boson Software's NetSim, network simulation software with several lab exercises and lab scenarios.
No doubt, other publishers (particularly Sybex) will release competitive titles to help you prepare for the CCNA exams. Those titles will round out your understanding of the technology. But these two volumes are a sound place to begin your studies. - D.S.
|
|
|
|
Routed protocols such as IP, are transported by routing protocols across an internetwork. Routing protocols, on the other hand, such as RIP and IGRP, are protocols that implement routing algorithms. Simply put, routing protocols are used by routers to build tables used in determining path selection of routed protocols
That wraps it up for this exam review. Mastering Cisco technologies can be an interesting exercise for your brain. I've always found that pursuing the knowledge required for passing one of Cisco's exams has taught me a great deal about the ins and outs of internetworking. That, in turn, makes my job more interesting, since I understand much more about what's going on "under the hood." Cisco wants to tempt you to tackle the tests yourself by breaking the CCNA exam into two more easily digested parts. As a Cisco titleholder, I encourage you to be wooed. The ride is fascinating. Good luck!
Have you taken this exam? Post your rating below!
Andy Barkl, CCNP, CCDP, CISSP, MCT, MCSE:Security, MCSA:Security, A+, CTT+, i-Net+, Network+, Security+, Server+, CNA, has over 19 years of experience in the IT field. He's the owner of MCT & Associates LLC, a technical training and consulting firm in Phoenix, Arizona. He spends much of his time in the classroom but has also been responsible for many Microsoft Windows 2000, Exchange 2000, and Cisco networking deployments for many clients across Arizona. He's also the online editor for MCPMag.com, TCPMag.com, CertCities.com, and a contributing author and editor for Sybex and Cisco Press. He hosts a multitude of exam preparation chats monthly on MCPmag.com, TCPmag.com and CertCities.com. You can reach him at .
More articles by Andy Barkl:
|
