printable format

e-mail to a friend
Exam Reviews e
comment on articl

640-801: The New CCNA Exam More Exams

Andy Barkl walks you through the latest incarnation of Cisco's
Certified Network Associate exam.
by Andy Barkl
August 2003 — Once again, Cisco Systems has updated their popular
CCNA Exam (CCNA
Exam
#640-801)
Vendor Cisco
Went live on June 30.
Available at Prometric and
Status
Pearson Vue testing
centers worldwide.
"Will test your knowledge
of extending switched
Reviewer's networks with VLANS,
Rating determining IP routes,
managing IP traffic with
access lists,."
55 to 65 questions (three
simulation), 90 minute
Test
time limit, apx. score of
Information
849 needed to pass. Cost:
$125 (U.S.).
Those who want to earn
Who Should
to earn their CCNA in one
Take This
attempt (others can take
Exam?
the new two-exam option).
Test
Click here
Objectives
a must! For most simulator-based questions, you are presented with a network scenario,
required to configure or troubleshoot one or more routers, save and verify your work. The
simulator behaves very much like the real thing and includes limited support for abbreviated,
editing and help commands.
Securing Networks
with PIX and ASA
(SNPA 642-522)
Cisco’s IPS Exam
(#642-532): Get
Your Network
Secure
Securing Virtual
Private Networks
(642-511)
Securing Cisco
Network Devices
(642-551)
entry-level certification
exam, the Cisco
Certified Network
Associate (CCNA) exam.
I recently took the
updated exam and
received 56 questions in
90 minutes with a
passing score of 849.
There were three router
simulator questions,
many multiple choice
questions and a few
drag-and-drop
questions.
The exam engine itself is
slow when it comes to
switching between the
simulator-based
questions and the
standard multiple-choice
questions -- patience is

Having taken the 407, 507 and 607 versions, I can say that while the exam objectives haven't
changed significantly with this latest update, much of the content is new and improved (minus
the extensive OSI topics). New networking topics include DDR and configuring register
settings. You'll want to download the official exam objectives from Cisco's Web sitehere.

With 640-801, the objective categories have been simplified into four areas: Planning &
Designing, Implementation & Operation, Troubleshooting and Technology. Following is an
overview of each section plus advice on where to focus your studies.

Objective Area #1: Planning & Designing

Under this general heading you'll find these topics listed:

• Design a simple LAN using Cisco technology.

• Design an IP addressing scheme to meet design requirements.
• Select an appropriate routing protocol based on user requirements
• Design a simple internetwork using Cisco technology.
• Develop an access list to meet user specifications.
• Choose WAN services to meet customer requirements.

-- advertisement (story continued below) --

Whoa! They use the word design quite a few times here. Even so, compared to the new Cisco
Certified Design Administrator (CCDA) exam (reviewed here), the design questions pale in
comparison.

Key to this section is knowing how to plan, assign, configure, subnet and troubleshoot IP
addresses. You must have a thorough understanding of the classes of IP addresses, their
starting and ending ranges, default subnet masks, the minus 2 rule, how to figure and identify
the first host, last host and broadcast address of any subnet, along with calculating the mask
for a required number of networks or hosts or both. You really need to have subnetting down
cold before walking into the exam booth or you could find yourself short on time to finish all
the questions! If you don't feel comfortable with subnetting, start practicing now. A popular
resource for learning to subnet is the aptly named LearnToSubnet.com.

Here's a technique used to help calculate the subnet: 256 minus the subnet mask. For
example, the address 192.168.0.22 255.255.255.240 is on the 192.168.0.16 subnet with
subnets of 16, 32, 48, and so on. The first assignable address is 17, and the broadcast is 31.

Tip: Know how to convert binary to decimal and hex.

The other LAN design topics in this objective area deal with defining network congestion
problems and how to prevent them. You should know the features and benefits of full-duplex
Ethernet, as well as the limitations. Data can travel at 10Mbps or 100Mbps and with full-duplex
transmission, data can travel simultaneously in both directions. However, there are distance
limitations of 100 meters, cabling type restrictions of category 5, and the need for network
switches.

RIP version 1 and IGRP are classful distance-vector routing protocols. RIP uses the metric hop
count; IGRP uses a combination of bandwidth and delay. One method used to prevent loops
with distance-vector routing protocols is split-horizon. Spilt-horizon states that a learned route
will never be sent back in the direction in which it was learned.

Tip: RIP, RIP version 2 and IGRP have many methods of prevent routing loops: split-horizon,
poison-reverse, maximum hop count and hold-down timers.

OSPF is a link state-based routing protocol, EIGRP is a hybrid of both distance vector and link
state, and they support classless routing. EIGRP also supports the IP, IPX and Appletalk
protocols, with a separate process and table for each.p>

A bigger part of the CCNA exam is usually access lists. They don't appear much later in your
Cisco certification studies, so Cisco hits you hard with them on the CCNA. Be very familiar with
the structure, operation, verification and modification of both standard and extended access
lists. Know the ranges used for IP standard and extended lists (1-99 for standard IP, 101-199
for extended IP). Know the rules for applying access lists: one list per interface, per direction,
per protocol!

Access lists can be confusing. Your best bet is to review the Cisco white paper here if you feel
you need to brush up.

In many instances, CCNAs are called upon to recommend WAN link connection types, so know
your primary WAN protocols and preferred use. Frame relay is a packet-switching protocol; it is
widely supported and readily available. Most of the ISDN theory-based questions are gone from
this version of the exam, but they have been replaced by implementation and configuration
questions (I'll address these later in this review). Don't forget about PPP as a supporting WAN
protocol, as well as its authentication methods -- PAP uses clear-text, while CHAP supports
many encrypted forms of network authentication without sending the password.

Objective Area #2: Implementation & Operations

This area covers the following topics:

• Configure routing protocols given user requirements.

• Configure IP addresses, subnet masks, and gateway addresses on routers and hosts.
• Configure a router for additional administrative functionality.
• Configure a switch with VLANS and inter-switch communication.
• Implement a LAN.
• Customize a switch configuration to meet specified network requirements.
• Manage system image and device configuration files.
• Perform an initial configuration on a router.
• Perform an initial configuration on a switch.
• Implement access lists.
• Implement simple WAN protocols.

Routers can be configured for network routes and discovery via routing protocols. Manually
configured, connected and static routes are usually preferred since they have some of the
lowest administrative distances. For the exam, remember when viewing the routing table of a
Cisco router, you will see two values in brackets -- such as [100/2] -- which indicates the
administrative distance and hop count or other metric. Also indicated next to each route in the
table is whether it is a connected route (C), static route (S), or was learned dynamically via a
routing protocol (with designations such as R for RIP and I for IGRP).

RIP and IGRP are fairly simple to configure. For RIP the IOS command would be router
rip followed by the network statement. For IGRP it is router igrp 10, which includes an
autonomous system number, followed by a network statement.

Tip: When an interface is configured for passive routing, the interface will accept but not
advertise network routes.

Once again, this section of the exam relies heavily on your knowledge of subnetting. You may
be presented with a simple network diagram consisting of subnets, routers and hosts, and be
asked to identify the proper assignment of IP addresses. Read each and every address
carefully as the answer may not always be obvious!

Every CCNA should understand what happens within a Cisco switch and the bridging functions
of a network. You'll want to be familiar with STP (Spanning Tree Protocol), VLANs, and the
switching methods cut-through and store-and-forward. Cut-through switching is a preferred
method when media collisions are low and latency at the switch cannot be tolerated. Store-
and-forward, on the other hand, is needed when media collisions are high and a higher latency
is acceptable.

VLANs have become a popular implementation method to connect network clients and their
preferred servers logically, through the switched networks, without having to connect them to
the same physical switch. The network administrator generally configures vLANs within the
switches. They offer levels of security and control plus limit network broadcast traffic, much
like routers.

Referring back to the Cisco white paper mentioned earlier (link above), using extended access
lists you can deny telnet traffic to a router's interface; for example, ip access-list 101 deny
tcp any any eq telnet (don't forget to also add a permit statement such as ip access-
list 101 permit ip any any or all traffic will be denied). You would then apply the access
list to the filtered interface: ip access-group 101 in.

There are many things to configure to prepare an interface for a frame relay connection, and
you should be intimately familiar with all of them. Memorize the different frame relay, DLCI
configurations and LMI types. Frame relay encapsulation types are cisco and ietf with cisco
being the default. DLCIs are locally significant and only represent the connection identifier from
the router to the frame switch. LMI types are ansi, cisco and q933a. When there is a mismatch
between two routers, communication will not take place.

ISDN and DDR configuration is new to the CCNA list of topics--not ISDN as a protocol, but as a
complete understanding of how to configure ISDN and dial-on-demand routing (DDR). To begin
with, here is a great reference for
study: http://www.cisco.com/warp/public/793/access_dial/ddr_dialer_profile.html.

Be sure you understand the components and commands of a dialer profile and the order of
configuration:

isdn switch-type type

ppp authentication type
interface BRI0 (ip address, encapsulation ppp, dialer pool-member 1)
interface dialer0 (ip address address mask, encapsulation ppp,
dialer pool 1, dialer string xxxxxxx, ppp authentication type).

Objective Area #3: Troubleshooting

For this objective area, Cisco expects you to know how to:

• Utilize the OSI model as a guide for systematic network troubleshooting.

• Perform LAN and VLAN troubleshooting.
 • Troubleshoot routing protocols.
• Troubleshoot IP addressing and host configuration.
• Troubleshoot a device as part of a working network.
• Troubleshoot an access list.
• Perform simple WAN troubleshooting.

The OSI model is a no-brainer: How could any network guru possible get through an average
day without knowing the OSI model? If you're not familiar with it yet, the OSI 7-layer
reference model from the top is Application, Presentation, Session, Transport, Network, Data
Link and Physical layers. The numbering starts from the bottom (physical layer is number 1).
Knowing the layer names and their order is crucial. Some people like to use an anagram to
help. One of my favorites is (from the bottom up) Please Do Not Throw Sausage Pizza Away.

Knowing where the most common network devices operate in the OSI model is also a must. At
the physical layer there is the cabling of the network, repeaters, and hubs. The data link layer
includes bridges and switches, and routers operate at the network layer.

Tip: A switch is a multi-port bridge.

As a CCNA, you need to understand protocol operation and at which layer each function. This
exam focuses only on TCP/IP. From the physical layer up, there are protocols, such as V.35 and
RS-232, that define the physical connection and signaling on the wire. At the data link layer
protocols such as Ethernet, token-ring and FDDI are responsible for defining the network
topology and data communication standards .

At the network layer, there is IP, ICMP ARP. At the transport layer, there is TCP and UDP. UDP is
fast and efficient but does not provide guaranteed delivery and retransmission like TCP. TCP is
more commonly used at this layer by many upper-layer protocols and applications. TCP uses
windowing, buffering and acknowledgments for flow control. Skipping over the session and
presentation layers for brevity, the application layer contains Telnet, FTP, TFTP, SMTP, and
many other application-type protocols.

Troubleshooting IP addresses, subnet masks, and gateways requires knowledge of subnetting.

You may be presented with a simple network diagram consisting of subnets, routers and hosts,
and be asked to identify the incorrect assignment of IP addresses. You might also find a
question relating to configuration of access lists. Remember the rules from above as well as the
following: If you created an access list with various deny statements and no permit, you would
prohibit the routing of all traffic on the applied interface. Remember there is the explicit deny
at the end of each access list.

Tip: Ping, traceroute and show ip route can be used to troubleshoot connectivity
problems.

Understanding how to perform the password recovery procedure on a Cisco router is must-
have knowledge for the CCNA. Remember that on the 2500 series routers, the
command config-register 0x2102 returns the bits from 0x2142, which were changed in the
rommon mode using the command o/r for password recovery.

Objective Area #4: Technology

Under this final heading you'll find these topics listed:

• Describe network communications using layered models.

• Describe the Spanning Tree process.
• Compare and contrast key characteristics of LAN environments.
• Evaluate the characteristics of routing protocols.
 • Evaluate TCP/IP communication process and its associated protocols.
• Describe the components of network devices.
• Evaluate rules for packet control.
• Evaluate key characteristics of WANs.

Spanning tree protocol (STP) is enabled by default on all Cisco switches. Along with STA
(Spanning Tree Algorithm), it avoids switched network loops. STP allows exchange of bridge
protocol data units (BPDUs) by the switches to choose a Root bridge (switch, in this case) and
determine where the network loops are present. Then the STA requires switches responsible
for creating loops place their redundant port or ports in a blocked state preventing network
loops. There are five port states possible: blocking, listening, learning, forwarding and
disabled.

Tip: The listening state is where the port determines whether or not it should participate in the
forwarding of frames. The learning state is when the port learns MAC addresses that are added
to the forwarding database.

Remember, routers divide networks into different broadcast domains for controlling client and
server network broadcast traffic. Switches and bridges create or divide collision domains.

HDLC is the default Cisco router serial interface encapsulation type and is only understood by
other Cisco routers using Cisco's HDLC.

Tip: ISDN supports a faster call setup than traditional analog modems.

PPP is an authentication method; using chap is preferred since the password is never sent
across the wire. The configuration command is username username password password, where
username is the hostname of the peer router. Note: passwords must be identical at both ends
and the hostname and password are case sensitive.

Preparation Tips
When deciding which study guides will fully prepare you for the new CCNA 640-801 exam,
keep in mind that while the objectives have been reorganized, the knowledge tested really
hasn't changed much from the previous CCNA exam 640-607. Therefore, if you have already
started your studying, continue on with your existing 607 study guides and materials. You
should also pickup a router simulator or a real router to prepare for the router simulator
questions. Cisco uses a router simulator in their exams developed by the Cisco Networking
Academy program You can view and even demo a copy of the official Cisco exam
simulator here. Many third-party offerings are very similar to this product.

That wraps it up for the version of the CCNA exam. Remember, if you still feel overwhelmed,
you can now obtain this certification through a process of two exams by passing both the
INTRO (640-821) and ICND (640-811) exams (both of which we'll review on this site shortly).
Good luck!

Have you taken this exam? Rate it below!

Andy Barkl, CCNP, CCDP, CISSP, MCT, MCSE:Security, MCSA:Security, A+, CTT+, i-Net+,
Network+, Security+, Server+, CNA, has over 19 years of experience in the IT field. He's the
owner of MCT & Associates LLC, a technical training and consulting firm in Phoenix, Arizona. He
spends much of his time in the classroom but has also been responsible for many Microsoft
Windows 2000, Exchange 2000, and Cisco networking deployments for many clients across
Arizona. He's also the online editor for MCPMag.com, TCPMag.com, CertCities.com, and a
contributing author and editor for Sybex and Cisco Press. He hosts a multitude of exam
preparation chats monthly on MCPmag.com, TCPmag.com and CertCities.com. You can reach
him at andy.barkl@wetrainit.com.