Modul ICND 2

Interconnecting Cisco Networking Devices Part 2

Modul ICND 2

Interconnecting Cisco Networking Devices Part 2

ICND2: Interconnecting Network Devices, part 2 is the second  out of  two parts for network professionals to take to prepare for the Cisco Certified Network Associate (CCNA) exam.

Course ICND2 contains the curriculum of CCNA3 and CCNA4 modules.

In the course of CCNA3, the participant will become familiar with the basic and more advanced methods of switching in LAN networks. The logical segmentation by VLAN networks, configuration and synchronization (via the VTP protocol) on switches from Cisco, as well as the routing between VLANs, will be explained to the participant. The 802.1q VLAN tagging method will be explained. EtherChannel technology demonstrates the mechanism of connecting multiple physical links to increase transmission speeds. The principles of redundant networks will be covered, from design to avoiding central points of failure with FHRP protocols. Finally, a switching loop prevention mechanism - the STP family of protocols - will be discussed in depth.

Moving on from the switching technologies in CCNA3, the main focus of the CCNA4 module is dedicated to network security.

The student will learn to use standard and extended access lists to filter network traffic. The vulnerability of the second layer to various forms of attacks will be revealed, be it attacks on the MAC and ARP table, or on the DHCP service without adequate security. One of the most used today's technologies for secure access are VPN networks, in which theoretical and practical training focuses on the GRE protocol and the secure network suite - IPSec. It continues with IPv6, where, in addition to the operation, allocation and configuration of IPv6 addresses, the differences in static and dynamic routing compared to IPv4 are explained. Routing is completed with a theoretical and practical introduction to the world of the external routing protocol - BGP.

Course options

Day form (online):

MON - FRI from 08:00 AM to 4:00 PM

(min. number of participants: 4)

Distant form (online):

MON - FRI from 04:00 PM to 8:00 PM

Saturday from 8:00 AM to 4:00 PM

(min. number of participants: 4)

icon Learn more

Prerequisites for training

For successful completion of this course, modules CCNA3 and CCNA3 are required to be completed or at least have knowledge and skills at their level.

Benefits of the study

  • Access to study materials in electronic form 24/7
  • Study materials are available in slovak and english mutation
  • Access to electronic book (e-book)
  • Online access to the state of the art labs on real Cisco devices 24/7
  • Online access to many state of the art exercises in Cisco Packet Tracer network simulator
  • Option to graduate in Cisco Networking Academy Program free of charge
  • Option to obtain internationally recognized certificates from Cisco
  • Option to obtain reference letter from Cisco
  • Option to lend computer hardware for free during the study
  • Option of individual consultations with a lecturer beyond the scope of the study

Course overview

Chapter 1: Ethernet, VLAN, DTP

  • Ethernet as a technology, frame header.
  • The switch – how it works in the network, how it learns MAC addresses, how it switches frames.
  • Frame switching methods - store and forward switching, cut-through switching, fragment-free switching.
  • Hardware equipment of switches – fixed, modular and stackable configuration.
  • What are VLANs, benefits in segmentation and configuration on Cisco switches.
  • Routing between VLANs – router-on-a-stick, routing on multilayer switches.
  • 1Q protocol (trunk) – how is tag added into the frame, transmission of tagged frames between switches in VLAN networks, 802.1Q header and its fields.
  • Dynamic Trunking Protocol (DTP) – configuration modes (static, dynamic), DTP frame header and its fields.
  • Description of possible attacks on VLAN networks, prevention.
  • Hierarchical network model, description of core layer (backbone), distribution and access layers.

Chapter 2: VTP protocol, etherchannel

  • EtherChannel - connecting multiple physical lines into one logical port.
  • Protocols of etherchannel – PAgP and LACP.
  • Advantages and limitations of port grouping.
  • Configuring and troubleshooting channel groups.
  • Synchronization of VLAN database – VTP protocol.
  • VTP versions.
  • VTP modes: server, client, banner.
  • VTP domain.
  • VTP pruning.
  • VTP configuration and troubleshooting.

Chapter 3: Network redundancy, FHRP protocols

  • Explanation of proper network design without central points of failure, gateway redundancy by FHRP protocols (HSRP, VRRP, GLBP).
  • HSRP - properties, concepts of active and backup router.
  • HSRP – selection process for active and standby roles.
  • HSRP – interface tracking, configuration.
  • HSRP – equal load distribution between multiple gateways.
  • HSRP – configuration and troubleshooting.
  • VRRP – characteristics, selection process for master and backup roles.
  • VRRP – configuration and troubleshooting.
  • GLBP – characteristics, roles in GLBP group.

Chapter 4: STP protocol (PVST+, RPVST+)

  • STP operation, root bridge selection and elements that affect it.
  • Variations – PVST+, RPVST+.
  • STP data unit – BPDU (explanation of selected header fields).
  • Sequential check flow to detect current best BPDU frames.
  • Port roles and states of PVST+ and RPVST+ variations.
  • RPVST+ and faster convergence using the quick-shake method.
  • Protection against unauthorized devices intervention in the STP topology.
  • Protection against unauthorized devices connecting to the STP topology.
  • Modification of STP topology calculations.
  • Configuration and troubleshooting of individual STP variations.

Chapter 5: Access Control Lists (ACL), security of LAN networks

  • An introduction to access lists as a tool for filtering network traffic.
  • Division of access lists into standard and extended.
  • Differences between standard and extended access list.
  • Configuring and troubleshooting access lists.
  • Explanation of various forms of protection against LAN attacks, such as Dynamic ARP Inspection (ARP), IP DHCP Snooping/Spoofing, DHCP starvation, STP attack, double VLAN tagging.
  • Protection of switched ports (port security) on the switch against unauthorized MAC addresses.
  • LAN security configuration and troubleshooting.

Chapter 6: VPN

  • Introduction to virtual networks.
  • VPN division: static and dynamic VPN.
  • GRE protocol – properties, working principle.
  • Configuration and troubleshooting of GRE protocol.
  • Security of virtual networks - confidentiality, integrity, authorization, authentication and packet replay protection.
  • IPSec protocol system - theoretical introduction, explanation of concepts, packet transfer methods.
  • Tunnel, transport mode.
  • ESP and AH headers.
  • Packet security algorithms.
  • Basic configuration of packet security with the IPSec framework.

Chapter 7: Internet Protocol in version 6 (IPv6)

  • Identification of the appropriate protocol addressing scheme in LAN and WAN networks.
  • Technological requirements for using the protocol, comparison with IPv4.
  • Address types, notation.
  • Methods of migration from IPv4 to IPv6 (dual-stack, tunneling, NAT64).
  • Dynamic allocation of IPv6 addresses: SLAAC, stateless DHCP, stateful DHCP.
  • Static routing in an IPv6 environment, changes compared to IPv4.
  • Description of dynamic routing changes in an IPv6 environment.
  • Configuring and troubleshooting static routes.
  • RIPNG configuration and troubleshooting.
  • EIGRPv6 configuration and troubleshooting.
  • OSPFv3 configuration and troubleshooting.

Chapter 8: Border Gateway Protocol (BGP)

  • Overview of the differences between IGP protocols and EGP.
  • Basic properties and operation of the BGP protocol.
  • Definition of autonomous system, administrative domain.
  • Assignment of a unique number by the IANA authority within the autonomous system.
  • Path-vector algorithm.
  • Network attributes and their influence on the decision-making process of choosing the best paths.
  • BGP packets.
  • Formation of iBGP/eBGP neighbor relations.
  • Basic configuration of neighbor relationships and network advertisements in BGP.
  • Troubleshooting BGP configuration.

Chapter 9: Module overview, preparation for the final exam

  • Preparation for theoretical exam.
  • Preparation for practice exam.

Module ICND2 is the second  out of  two parts for network professionals to take to prepare for the Cisco Certified Network Associate (CCNA) exam.

Our partners

Diebold Nixdorf
GlobalLogic
Soitron
Deutsche Telekom IT Solutions