CCNA 2.0 All-in-One Exam Guide (Exam 640-507) (Book/CD-ROM)

( 1 )

Overview

All-in-One is all you need! This authoritative reference offers complete coverage of all material on the Cisco(r) Certified Network Associate exam (640-507). You'll find exam objectives at the beginning of each chapter,helpful exam tips,end-of-chapter practice questions,and photographs and illustrations. The bonus CD-ROM contains practice tests,hundreds of questions,and LearnKey(tm) video clips. This comprehensive guide not only helps you pass the CCNA certification exams,but ...
See more details below
Available through our Marketplace sellers.
Other sellers (Hardcover)
  • All (14) from $1.99   
  • New (3) from $55.99   
  • Used (11) from $1.99   
Close
Sort by
Page 1 of 1
Showing 1 – 2 of 3
Note: Marketplace items are not eligible for any BN.com coupons and promotions
$55.99
Seller since 2014

Feedback rating:

(26)

Condition:

New — never opened or used in original packaging.

Like New — packaging may have been opened. A "Like New" item is suitable to give as a gift.

Very Good — may have minor signs of wear on packaging but item works perfectly and has no damage.

Good — item is in good condition but packaging may have signs of shelf wear/aging or torn packaging. All specific defects should be noted in the Comments section associated with each item.

Acceptable — item is in working order but may show signs of wear such as scratches or torn packaging. All specific defects should be noted in the Comments section associated with each item.

Used — An item that has been opened and may show signs of wear. All specific defects should be noted in the Comments section associated with each item.

Refurbished — A used item that has been renewed or updated and verified to be in proper working condition. Not necessarily completed by the original manufacturer.

New
2001 Other New with seald CD enclosed. Little stain on top edge of book

Ships from: Geneva, IL

Usually ships in 1-2 business days

  • Canadian
  • International
  • Standard, 48 States
  • Standard (AK, HI)
  • Express, 48 States
  • Express (AK, HI)
$155.00
Seller since 2014

Feedback rating:

(164)

Condition: New
Brand new.

Ships from: acton, MA

Usually ships in 1-2 business days

  • Standard, 48 States
  • Standard (AK, HI)
Page 1 of 1
Showing 1 – 2 of 3
Close
Sort by
Sending request ...

Overview

All-in-One is all you need! This authoritative reference offers complete coverage of all material on the Cisco(r) Certified Network Associate exam (640-507). You'll find exam objectives at the beginning of each chapter,helpful exam tips,end-of-chapter practice questions,and photographs and illustrations. The bonus CD-ROM contains practice tests,hundreds of questions,and LearnKey(tm) video clips. This comprehensive guide not only helps you pass the CCNA certification exams,but will also serve as an invaluable on-the-job reference.

Get Certified with Help from this Authoritative Exam Preparation Tool Prepare to pass the Cisco Certified Network Associate exam with this comprehensive exam preparation tool. Written by an expert in network technologies training,this authoritative resource covers everything you need to know to pass the challenging CCNA 2. 0 exam. Inside,you'll find exam objectives at the beginning of each chapter,helpful exam tips,end-of-chapter practice questions,and hundreds of photographs and illustrations. This comprehensive guide not only helps you pass CCNA Exam 640-507,but also teaches you how to be an expert Cisco networking associate.

Get full details on all exam topics,including:

  • The OSI model and network topologies
  • Ethernet,Token Ring,and FDDI access methods
  • Layer 2 devices,NIC,bridges and LAN switches
  • Network protocols,including TCP/IP and IPX/SPX
  • IP Addressing & Subnetting
  • Routing protocols,such as RIP,IGRP,OSPF,and EIGRP
  • Router configuration and IOS backup and restoration
  • Novell NetWare IPX routing
  • Access control lists
  • LAN switching,VLANs,and STP
  • WAN encapsulationmethods—HDLC,PPP,LAPB,Frame Relay,and ISDN

The CD-ROM features:

  • Hundreds of all-original questions in an adaptive test engine
  • Several practice tests
  • Video clips
  • Useful tools and utilities
Read More Show Less

Product Details

  • ISBN-13: 9780072129984
  • Publisher: McGraw-Hill Companies, The
  • Publication date: 4/27/2001
  • Series: All in One Certification Series
  • Pages: 1096
  • Product dimensions: 7.67 (w) x 9.39 (h) x 2.44 (d)

Read an Excerpt

Chapter 15: Access Control Lists—Managing Network Traffic and Resources

In the last chapters, we've looked at techniques for configuring routers to provide con-nectivity and access within our Internetwork. Probably as important is how we secure this same Internetwork and control access of individuals and networks that have no business being there or that present a risk to the network. Network operating systems provide a level of control and security with user-level security and passwords on devices; of course, physically securing key components to the extent possible is still our first responsibility.

Routers provide another tool that allows data filtering and allows or denies access based on a predefined list of criteria. At the heart of this filtering is a router feature called access control lists (ACLs) or often just access lists. Access lists can block a single host's access to a resource, or it can selectively provide filtering to a variety of IP resources. Access lists are a starting point for adding security and traffic management to your network, but they cannot protect your network by themselves. Devices like firewalls and proxy servers, as well as password management, physical security, and solid administrative policies, should be used to augment them.

ACLs are powerful tools but are understood fully by few people; take the time necessary to master the skills involved. Proficiency in building and debugging access lists is one of the skills that can distinguish you from the masses.


NOTE: ACLs use a feature called wildcard masks that will be considerably easier to understand if you have mastered IP addressing and subnet masks. If you are not comfortable with subnet masks, you might want to review this topic first—or at least review it if you get stuck.

Access Control Lists (ACLs)

ACLs are a series of sequentially processed permit or deny statements that can be used to filter data traffic for many purposes. Each ACL statement includes a criterion definition that is used to determine whether the permit or deny statement is implemented. This criterion could be as simple as a source address for the packet, or it could be an elaborate combination based on data frame segments such as the source address, destination address, protocol used by the source and/or destination, and/or the TCP/UDP port number used. Since version 12.0, such criteria can also be time and date sensitive.

With skill, planning, and practice we should be able to define very specific limited criteria. For example, we can block all access to a network by a host or group of hosts based exclusively on their source address. Or, we could choose to limit Web browsing to selected servers during certain hours while still allowing unlimited FTP and e-mail access.

We have examples of similar processes in our noncomputer lives. Filing income taxes in the United States is one example. If you look at the "Who must file?" information on the cover of any of the tax-form instructions, you will see a list of conditions. If you meet any one of the conditions, you must file a report. Each condition is very specific; if you match one or more criteria, you are in. In Washington State, a jury summons has a short access list that asks four questions. If you answer no to any one, you are excluded from the pool. Your desire or interest in participating is not one of the questions.

Why Use ACLs

We will start by looking at ACLs from the perspective of limiting access to an interface and therefore resources beyond that interface. This is probably the most common type of ACL and is often where users are first introduced to the concepts and technology. As you continue in the field, you will discover that some form of access list is used for many other things. Some of the uses for ACLs include:
  • Managing routing traffic ACLs can be used to filter routing updates. They can block entire protocols from updating over an interface, or they can selectively filter the contents of a routing update limiting information about certain networks.
  • Adjusting the routing metric ACLs can be used to adjust the routing metric for particular routes, thereby changing the likelihood that a route will be used.
  • Determining "interesting" traffic In Dial on Demand Routing (DDR) ACLs are used to determine what is "interesting" traffic that will cause a modem or ISDN device to open a connection with another device. This interesting traffic could be defined by an ACL as a protocol-like IP, or it could be a specific application, such as e-mail. The designated interesting traffic will cause the link to open and remain open as long as interesting traffic is present. This can greatly reduce the use and cost of metered services.
  • Defining traffic ACLS can be used to define the traffic that another command will use. For example the debug IP packet command monitors all IP traffic on the device. If a reference to an ACL is added, then the ACL can specify which IP traffic to monitor.
  • Priority queuing ACLs can be used to create priority queuing for processing packets, thereby giving preference to certain types of traffic based on protocol or application.
  • Limiting access ACLs can provide the base-level security for network resources by limiting access to parts of the network. This security aspect could apply to keeping outside hosts out of the network entirely or preventing certain network hosts from accessing specific network segments. An ACL applied to the interface connecting the network to the Internet might block all access into the network that does not originate from within the network. This allows local users to browse the Internet but does not allow outsiders to initiate a connection into your network.
In each case, the basic ACL itself will be the same and use the same structures that we are going to cover. What will vary in each case is how and with which commands the ACLs are implemented.

Keep in mind that, like all good things, access lists can be overused, and they can be used incorrectly, causing more harm to the network's performance than you might imagine. Since ACLs have to be processed by the CPU on every packet, good minimalist design is essential to accomplish the goal while preserving router resources. A poorly designed access list can hurt network performance and still fail to meet the original objective.

Note that devices like the Catalyst 6500 process ACLs in hardware, and therefore, the device incurs no loss of performance whatsoever.

ACLs and Network Protocols

ACLs are network-protocol specific. Each upper-level protocol (IP, IPX, AppleTalk) has its own access list structures and options, but if you understand one, you should not have a difficult time with another. Just as running multiple protocols requires more resources, such as memory and CPU usage, multiple access lists will affect those same resources. Some protocols, like IPX, refer to ACLs as filters, particularly in output displays such as show IPX interfaces.

ACLs are numbered or named. If numbered, the number indicates the protocol used; if named, the ACL explicitly identifies the protocol supported. It is possible to have multiple ACLs per protocol on a particular router, each with its own unique number or name. In the case of IP and IPX ACLs, it is possible to apply up to two ACLs on a particular interface: one inbound and one outbound. With other protocols, you apply only one ACL to an interface, which filters both inbound and outbound packets.

For the CCNA exam, you will need to be familiar with the basics of IP access lists, so we will concentrate on those. But in the initial discussions of general topics, such as naming and numbering access lists, we will discuss IP and IPX together. As we develop our skills, we will concentrate on IP features.

Access List Basics

There are two types of access lists: standard and extended. Standard access lists are the simpler of the two and use only the source addresses as the criteria to make decisions about whether a packet will be permitted or denied access. Extended access lists do exactly what the name implies: They extend the capabilities of the access list by using several criteria in the decision process.

We will start our coverage by looking at some access list basics that apply to both standard and extended lists. We will then look at the specifics of the standard access list and move on to the more complex extended lists. Much of the basic "why" and "how" of access lists will be covered in this section or in the next section, where we expand on the standard list. Subsequent sections will cover extend lists.

Access List Numbering

Initially, access lists were numbered to allow multiple lines to be grouped together even if they were entered at different times. The number also created a short and specific reference to the list that could be used when the list was implemented. Each access list must have a unique number, and all lines within the access list must use that same number. Figure 15-1 shows our test lab from Chapters 12-14 with a host added to the Ethernet LAN of router A. The next few paragraphs describe a simple standard access to prevent that host from reaching the Ethernet LAN on router X, 192.168.5.0.

The following lines show a simple two-line standard access list that prevents a particular host, 192.168.1.10, from accessing any devices on the 192.168.5.0 network. Both lines were created in global configuration mode and are the appropriate lines from the show run output....

Read More Show Less

Table of Contents

Chapter 1: Networking Introduction and Standards.
Chapter 2: OSI Model-Layer 1.
Chapter 3: Topology and Access Methods.
Chapter 4: OSI Model-Layer 2.
Chapter 5: OSI Model-Layer 3.
Chapter 6: OSI Model-Layer 4.
Chapter 7: OSI Model-Layers 5, 6, and 7.
Chapter 8: Servers and Network Operating Systems.
Chapter 9: IP Addressing and Subnetting.
Chapter 10: LAN Design.
Chapter 11: Elements of Routing.
Chapter 12: Router Basics and Router Setup.
Chapter 13: Router Configuration.
Chapter 14: Novell NetWare.
Chapter 15: Access Control Lists-Managing Network Traffic and Resources.
Chapter 16: LAN Switching.
Chapter 17: Introduction to Wide Area Networks.
Chapter 18: PPP.
Chapter 19: ISDN.
Chapter 20: Frame Relay.
Chapter 21: Evolving Internet Connectivity.
Chapter 22: WAN Design.
Appendix A: Router Configurations.
Read More Show Less

Customer Reviews

Average Rating 3
( 1 )
Rating Distribution

5 Star

(0)

4 Star

(0)

3 Star

(1)

2 Star

(0)

1 Star

(0)

Your Rating:

Your Name: Create a Pen Name or

Barnes & Noble.com Review Rules

Our reader reviews allow you to share your comments on titles you liked, or didn't, with others. By submitting an online review, you are representing to Barnes & Noble.com that all information contained in your review is original and accurate in all respects, and that the submission of such content by you and the posting of such content by Barnes & Noble.com does not and will not violate the rights of any third party. Please follow the rules below to help ensure that your review can be posted.

Reviews by Our Customers Under the Age of 13

We highly value and respect everyone's opinion concerning the titles we offer. However, we cannot allow persons under the age of 13 to have accounts at BN.com or to post customer reviews. Please see our Terms of Use for more details.

What to exclude from your review:

Please do not write about reviews, commentary, or information posted on the product page. If you see any errors in the information on the product page, please send us an email.

Reviews should not contain any of the following:

  • - HTML tags, profanity, obscenities, vulgarities, or comments that defame anyone
  • - Time-sensitive information such as tour dates, signings, lectures, etc.
  • - Single-word reviews. Other people will read your review to discover why you liked or didn't like the title. Be descriptive.
  • - Comments focusing on the author or that may ruin the ending for others
  • - Phone numbers, addresses, URLs
  • - Pricing and availability information or alternative ordering information
  • - Advertisements or commercial solicitation

Reminder:

  • - By submitting a review, you grant to Barnes & Noble.com and its sublicensees the royalty-free, perpetual, irrevocable right and license to use the review in accordance with the Barnes & Noble.com Terms of Use.
  • - Barnes & Noble.com reserves the right not to post any review -- particularly those that do not follow the terms and conditions of these Rules. Barnes & Noble.com also reserves the right to remove any review at any time without notice.
  • - See Terms of Use for other conditions and disclaimers.
Search for Products You'd Like to Recommend

Recommend other products that relate to your review. Just search for them below and share!

Create a Pen Name

Your Pen Name is your unique identity on BN.com. It will appear on the reviews you write and other website activities. Your Pen Name cannot be edited, changed or deleted once submitted.

 
Your Pen Name can be any combination of alphanumeric characters (plus - and _), and must be at least two characters long.

Continue Anonymously
Sort by: Showing 1 Customer Reviews
  • Anonymous

    Posted May 5, 2003

    Numerous Errors

    Many errors in the test questions in both the book and the CD that are indicative of very poor proof reading.

    Was this review helpful? Yes  No   Report this review
Sort by: Showing 1 Customer Reviews

If you find inappropriate content, please report it to Barnes & Noble
Why is this product inappropriate?
Comments (optional)