Showing posts with label CCNA syllabus. Show all posts
Showing posts with label CCNA syllabus. Show all posts


TCP/IP Protocol Suite explained briefly

TCP/IP is based on a four-layer reference model. All protocols that belong to the TCP/IP protocol suite are located in the top three layers of this model.

As shown in the following diagram, each layer of the TCP/IP model corresponds to one or more layers of the seven-layer Open Systems Interconnection (OSI) reference model proposed by the International Organization for Standardization (ISO).


The types of services performed and protocols used at each layer within the TCP/IP model are described in more detail below.

Application: Defines TCP/IP application protocols and how host programs interface with transport layer services to use the network. 
  • Protocols: HTTP, Telnet, FTP, TFTP, SNMP, DNS, SMTP, other application protocols

Transport: Provides communication session management between host computers. Defines the level of service and status of the connection used when transporting data. 
  • Protocols: TCP, UDP, RTP, RSVP

Internetwork: Packages data into IP datagrams, which contain source and destination address information that is used to forward the datagrams between hosts and across networks. Performs routing of IP datagrams. 
  • Protocols: IP, ICMP, ARP, RARP

Network Interface: Specifies details of how data is physically sent through the network, including how bits are electrically signaled by hardware devices that interface directly with a network medium, such as coaxial cable, optical fiber, or twisted-pair copper wire. 
  • Protocols: Ethernet, Token Ring, FDDI, X.25, Frame Relay, RS-232, v.35

The TCP/IP model and related protocols are maintained by the Internet Engineering Task Force (IETF).


If you want to go deep into how each layers function please refer Microsoft's Article


Subnet Addressing / Subnet Masking

By looking at the addressing structures, you can see that even with a Class C address, there are a large number of hosts per network. Such a structure is an inefficient use of addresses if each end of a routed link requires a different network number. It is unlikely that the smaller office LANs would have that many devices. You can resolve this problem by using a technique known as subnet addressing.

Subnet addressing allows us to split one IP network address into smaller multiple physical networks known as subnetworks. Some of the node numbers are used as a subnet number instead. 
A Class B address gives us 16 bits of node numbers translating to 64,000 nodes. Most organizations do not use 64,000 nodes, so there are free bits that can be reassigned. Subnet addressing makes use of those bits that are free, as shown below. 

A Class B address can be effectively translated into multiple Class C addresses. For example, the IP address of is assigned, but node addresses are limited to 255 maximum, allowing eight extra bits to use as a subnet address. The IP address of would be interpreted as IP network address 172.16, subnet number 97, and node number 235. In addition to extending the number of addresses available, subnet addressing provides other benefits. Subnet addressing allows a network manager to construct an address scheme for the network by using different subnets for other geographical locations in the network or for other departments in the organization.
Although the preceding example uses the entire third octet for a subnet address, note that you are not restricted to octet boundaries in subnetting. To create more network numbers, you need only shift some bits from the host address to the network address. For instance, to partition a Class C network number ( into two, you shift one bit from the host address to the network address. The new netmask (or subnet mask) is The first subnet has network number with hosts to, and the second subnet has network number with hosts to

Note: The number is not assigned because it is the broadcast address of the first subnet. The number is not assigned because it is the network address of the second subnet.

Link to download this Doc


Security in Network

What is IT-Security?
IT-Security is not a product, it's a process. Don't think to buy a firewall which solves all your security problems! You always have to ensure good configuration and updates - this should be an integrated process. But you never will reach 100% of security, it's like a bank safe: you can make it difficult to crack, but there will always be somebody, who is able to break it with a lot of resources! Here are the most important components of IT-Security:

Authenticity is about the identity of a subject/object. This can be a user, a process, a system or an information. This is needed for Non Repudiation and Accountability.

This means Data-Integrity, that data was not manipulated or destroyed in an unauthorized way and System-Integrity, that the system is available with the usual performance and was not manipulated with unauthorized access. Integrity is part of Authenticity.

Information should not been seen by unauthorized persons, instances or processes. This means protection of personnel or business-critical data, privacy and anonymity.

Refers to functionality of soft- and hardware ist not altered in any unauthorized way and about secured business continuity.

Non Repudiation/Accountability
Non Repudiation means, that actions of instances (users, processes, systems and information) can be associated with only that instance. Accountability refers to financial transactions and all communication issues.

The usual functionality and behavior of data and systems is secured. This is needed for Integrity and Non Repudiation.


CCNA Certification

CCNA Certification

Cisco Certified Network Associate (CCNA®) validates the ability to install, configure, operate, and troubleshoot medium-size route and switched networks, including implementation and verification of connections to remote sites in a WAN. CCNA curriculum includes basic mitigation of security threats, introduction to wireless networking concepts and terminology, and performance-based skills. This new curriculum also includes (but is not limited to) the use of these protocols: IP, Enhanced Interior Gateway Routing Protocol (EIGRP), Serial Line Interface Protocol Frame Relay, Routing Information Protocol Version 2 (RIPv2),VLANs, Ethernet, access control lists (ACLs).