I just passed the CCNA Security 640-553.
Obviously I can't go into the specifics - but its worth mentioning some highlights.
Lots on Zone Based Firewalls (being able to interpret zone-pairs -> policies -> class maps)
Layer 2 port security
Intimate understanding of how Phase 1 / 2 works in IPSEC. You should be able to teach this to a layman.
I had a couple questions on SSL VPNs (not sure if they were 'future' questions).
I used the Sybex study guide along with Jemery's CBT videos.
Good Luck
Tuesday, June 22, 2010
Sunday, June 13, 2010
Subnetting - Memory Dump Cheat Sheet
There are times when a subnet calculator may not be available - Apocalypse and for your CCNA.
So during an Apocalypse - if you decide that you need to be able to subnet you only need to remember how to create this cheat sheet. Using this table - you can ultimately solve all subnetting problems.
Then you must fill in the Bits column, starting from 1 to 8 bits (per octet).
Then you can fill in the Bits Borrowed, 2n (hosts/networks) column by simply doing the math. What is 2 to the power specified by the Bits (borrowed) row.
The next part is a little tricky. You must simply rewrite the 2n (hosts/networks) column into the Interval column in reverse order but skip 256 as this interval really means the interval is the whole octet. Think about what your doing, is 256 valid? so skip it.
Lastly, for the mask column - sum the intervals up as you go.
Now why do all this?
If you know what the mask is you can determine what the interval is. For example: 10.11.12.13 255.255.248.0
We can match 248 to the interval 8 in the third octet. Using this interval we can find the IP range. The nearest lower multiple of 8 in the third octet from 12 is 8. So the network address is 10.11.8.0. The next network address is an interval of 8 in the 3rd octet, so the next network address is 10.11.16.0. The broadcast address is then 1 less, 10.11.15.255. Knowing both the network and broadcast address we can determine the IP range as 10.11.8.1 - 10.11.15.254.
If we were to use CIDR notation, 10.11.12.13/21. We can determine how many bits we have borrowed. 8 (first octet) + 8 (second octet) + 5 (third octet). Using the table we can match 5 bits borrowed to the interval 8 and continue as we did before.
Lastly, we can solve problems like how many hosts do we have or many many networks do we have. 150.160.170.180/20 is a class B address. From the 16 bits associated with class B we have borrowed an additional 4 bits. The formula for networks is 2 n. So we find 4 and go to the 2 n column to find that we can have 16 subnets. We have 12 out of 32 bits left for hosts. To determine our hosts we use the formula 2 n - 2. But our table is not big enough. We simply extend it out by multiplying by 2 until it is big enough.
And now we know that we can support 4094 hosts in each subnet.
This is a tool that you can easily use during the CCNA as you can write it down on the provided paper as soon as you start your test.
Hopefully you find this helpful - let me know if you have any questions.
So during an Apocalypse - if you decide that you need to be able to subnet you only need to remember how to create this cheat sheet. Using this table - you can ultimately solve all subnetting problems.
| Bits (borrowed) | 2n(host/networks) | Interval | Mask |
|---|---|---|---|
| 1 | 2 | 128 | 128 |
| 2 | 4 | 64 | 192 |
| 3 | 8 | 32 | 224 |
| 4 | 16 | 16 | 240 |
| 5 | 32 | 8 | 248 |
| 6 | 64 | 4 | 252 |
| 7 | 128 | 2 | 254 |
| 8 | 256 | 1 | 255 |
Remembering how to create this table is not as hard as it looks. First you must remember the columns. Bits Borrowed, 2n (hosts/networks), Interval, and Mask.
Then you must fill in the Bits column, starting from 1 to 8 bits (per octet).
Then you can fill in the Bits Borrowed, 2n (hosts/networks) column by simply doing the math. What is 2 to the power specified by the Bits (borrowed) row.
The next part is a little tricky. You must simply rewrite the 2n (hosts/networks) column into the Interval column in reverse order but skip 256 as this interval really means the interval is the whole octet. Think about what your doing, is 256 valid? so skip it.
Lastly, for the mask column - sum the intervals up as you go.
Now why do all this?
If you know what the mask is you can determine what the interval is. For example: 10.11.12.13 255.255.248.0
We can match 248 to the interval 8 in the third octet. Using this interval we can find the IP range. The nearest lower multiple of 8 in the third octet from 12 is 8. So the network address is 10.11.8.0. The next network address is an interval of 8 in the 3rd octet, so the next network address is 10.11.16.0. The broadcast address is then 1 less, 10.11.15.255. Knowing both the network and broadcast address we can determine the IP range as 10.11.8.1 - 10.11.15.254.
If we were to use CIDR notation, 10.11.12.13/21. We can determine how many bits we have borrowed. 8 (first octet) + 8 (second octet) + 5 (third octet). Using the table we can match 5 bits borrowed to the interval 8 and continue as we did before.
Lastly, we can solve problems like how many hosts do we have or many many networks do we have. 150.160.170.180/20 is a class B address. From the 16 bits associated with class B we have borrowed an additional 4 bits. The formula for networks is 2 n. So we find 4 and go to the 2 n column to find that we can have 16 subnets. We have 12 out of 32 bits left for hosts. To determine our hosts we use the formula 2 n - 2. But our table is not big enough. We simply extend it out by multiplying by 2 until it is big enough.
| Bits (borrowed) | 2n(host/networks) | Interval | Mask |
|---|---|---|---|
| 1 | 2 | 128 | 128 |
| 2 | 4 | 64 | 192 |
| 3 | 8 | 32 | 224 |
| 4 | 16 | 16 | 240 |
| 5 | 32 | 8 | 248 |
| 6 | 64 | 4 | 252 |
| 7 | 128 | 2 | 254 |
| 8 | 256 | 1 | 255 |
| 9 | 512 | ||
| 10 | 1024 | ||
| 11 | 2048 | ||
| 12 | 4096 |
And now we know that we can support 4094 hosts in each subnet.
This is a tool that you can easily use during the CCNA as you can write it down on the provided paper as soon as you start your test.
Hopefully you find this helpful - let me know if you have any questions.
Subscribe to:
Posts (Atom)