Professional Documents
Culture Documents
Instructor
Foryanto Jaya Wiguna
Formal Education:
§ 2007: Bachelor of Computer System, Esa Unggul University (S1)
§ 2000 : Diploma of Technic Control, Bogor of Agricultural Institute (A.Md)
Working Experiences
§ 2000 – 2001 : IT System Support, PT. Sarijaya Permana Sekuritas
§ 2001 – 2003 : System Administrator, PT. Cakrawala Dunia Pariwisata Indonesia
§ 2003 – 2006 : System Administrator (Linux, Windows and Network), PT. TorGanda
§ 2006 – 2007 : System Administrator (Linux, Windows and Network), PT. BDA+ Design
§ 2007 – 2012 : Post and Pre Sales Network, PT. Metrocom Global Solusi
§ 2012 – 2013 : Pre Sales Network, PT. Sisindokom Lintas Buana
§ 2013 – Now : Trainer Cisco, Juniper at many Training Centers
§ 2013 – Now : Free Lancer as IT Consultant at many Companies
§ 2013 – Now : IT Network Consultant , CV. Multi Kreasindo
Professional Certifications
HP-AIS, Extreme Network Associate (ENA), CCNA, CCNP (Routing-Switching and Voice), CCIE-Written
(Routing-Switching),JNCIA-JUNOS, JNICIS-ENT, JNCIP-DC, JNCIA-Cloud, Fortinet NSE1, NSE2, NSE3
HandPhone/WhatsApp : +62-81382734574
e-mail : foryanto@gmail.com
Linkedin : linkedin.com/in/foryantojwiguna/
Course Structure
- Module 1: Network Fundamentals
- Module 2: Network Access
- Module 3: IP Connectivity
- Module 4: IP Services
- Module 5: Security Fundamentals
- Module 6: Automation and Programmability
Course Focus
• Objectives are to gain the knowledge and pass the exam – both which will help to achieve IT career goals
• Network Fundamentals – routers, switches, cabling, TCP and UDP, IPv4 and IPv6
• Network Access – VLANs and trunking, EtherChannel
• IP Connectivity – IP routing, OSPFv2
• IP Services – NTP, DHCP, QoS, SNMP
• Security Fundamentals – VPNs, wireless security, port security
• Automation and Programmability – REST APIs, Puppet, Chef, JSON, SDN
• Additional Materials:
- https://learningnetwork.cisco.com/s/certification-exam-tutorials
- https://learningnetwork.cisco.com/s/learning-plan-detail-
standard?ltui__urlRecordId=a1c3i0000005hsQAAQ<ui__urlRedirect=learning-plan-detail-standard
Exam Details
- Required exam 200-301
- Number of questions 120
- Question types: Multiple Choice (single and multiple answers), drag-and-drop, Sim, Simlet, Testlet
- Length of test 120 minutes
- Recommended experience – Good grasp of networking fundamentals - One or more years of hands-on
experience working in a junior network administrator/ network support technician job role with Cisco
network equipment
- Passing score – not published by Cisco but approximately 800-850 out of 1000
- Specialized CCNA certification exams are retired as of Feb 24th 2020
• Added topics include Next generation firewalls and IPS, Spine-Leaf, Cloud, more detailed wireless
infrastructure, first hop redundancy protocol, TFTP/FTP, expanded security infrastructure, automation and
programmability
• Removed topics include OSI model, VTP, switch stack, EIGRP, BGP, GRE, WAN access
Cisco CCNA
200-301
• Lesson 3: Compare physical interface and cabling • Lesson 10: Verify IP parameters for Client OS
types
(Windows, Mac OS, Linux)
• Lesson 3: Compare physical interface and cabling • Lesson 10: Verify IP parameters for Client OS
types
(Windows, Mac OS, Linux)
• Core
• ‘Center’ of network
• High availability, minimal latency and fast convergence
• Aggregation point for all other areas of network
• Layer 2 / Layer 3
• Distribution / aggregation
• Aggregates traffic from all nodes and uplinks from the access layer
• Perform routing, access lists, security devices
• Layer 2 / Layer 3
• Access / Edge
• Point of entry into the network for end user devices
• Layer 2
Module 1: Network Fundamentals
Lesson 2: Describe characteristics of network topology
architectures
2 tier (Collapsed Core)
• Combines core and distribution layers, usually
in a single device
• Usually deployed for a smaller size company or
branch office
• Reduces costs by not having to purchase
separate hardware
• Distribution layer can also sometime be
referred to as the aggregation layer
Module 1: Network Fundamentals
Lesson 2: Describe characteristics of network topology
architectures
Spine-leaf
• Spine
• Connects to each leaf
• Spines do not connect to each other
• Leaf
• Connects to each spine
• Leafs do not connect to each other
• Traffic always traverses the same number of
devices which keeps latency predictable
• Fully redundant connectivity
• Top-of-rack switching
• The actual rack in the data center where devices
are installed
• Each leaf switch would sit a the top of the rack
• Servers would sit below the leaf and be wired to
connect to it
Module 1: Network Fundamentals
Lesson 2: Describe characteristics of network topology
architectures
WAN
• Connects networks that are in different local
calling areas
• Lease data communication circuits from a public
carrier
• Can be national or international
• Demarcation point (DMARC)
• Physical point at which a telecommunications
company’s public network ends and the
customer’s private network begins.
• Customer Premise Equipment (CPE) – The first
piece of customer equipment that will receive the
carriers connection
• CSU/DSU – Channel service unit / Data service
unit – device between Demarc and CPE – provides
clocking of the line to the router
Module 1: Network Fundamentals
Lesson 2: Describe characteristics of network topology
architectures
WAN – Connection Bandwidth
Type Information Bandwidth
DS0 Basic digital signaling rate, 1 DS0 = 1 voice/data line 64 Kbps
T1 Also known as a DS1, 24 DS0 circuits bundled 1.544 Mbps
E1 European equivalent of a T1, 30 DS0 circuits bundled 2.048 Mbps
T3 Also known as a DS3, 28 DS1 circuits bundled 44.736 Mbps
OC-3 Optical Carrier – Fiber – 3 DS3 circuits bundled 155.52 Mbps
OC-12 Optical Carrier – Fiber – 4 OC3 circuits bundled 622.08 Mbps
OC-48 Optical Carrier – Fiber – 4 OC12 circuits bundled 2488.32 Mbps
Module 1: Network Fundamentals
Lesson 2: Describe characteristics of network topology
architectures
Small office/home office (SOHO)
• Generally for a single worker or a very small
number of workers
• Connectivity is through services such as DSL or
cable for Internet access
• Uses virtual private network (VPN) to connect
over the Internet to corporate network
• SOHO Router – Device that connects to the
Internet and is usually equipped with many
functions - switch, wireless, firewall, etc
Module 1: Network Fundamentals
Lesson 2: Describe characteristics of network topology
architectures
On-premises and cloud
• On-premises - Corporate IT infrastructure
equipment is on-site, usually at a data center the
company owns
• Cloud – company utilizes another companies IT
infrastructure is a separate data center (providers
are AWS, Microsoft Azure, etc)
• Provides access to data anywhere anytime
• Streamlines IT operations by only purchasing
necessary services
• Decreases the need for onsite IT equipment
• Very scalable – can increase/decrease quickly
Module 1: Network Fundamentals
• Lesson 1: Explain the role and function of network • Lesson 8: Configure and verify IPv6 addressing and
components prefix
• Lesson 3: Compare physical interface and cabling • Lesson 10: Verify IP parameters for Client OS
types
(Windows, Mac OS, Linux)
• Coaxial/RG-6
• routers television signals and is standard for Cable TV (CATV)
• Twinaxial
• “Twinax” similar to coax but with two inner conductors and used
for application data
Module 1: Network Fundamentals
Lesson 3: Compare physical interface and cabling types
Copper
• Termination standards
• TIA/EIA-568A
• TIA/EIA-568B
• Fiber
• 100Base-FX (IEEE 802.3u) – a version of Fast Ethernet that uses multi-mode optical fiber. Up to 412 meters long.
• 100BASE-SX – Less expensive version of 100Base-FX using LED optics. Distance limited to 300 meters.
• 1000Base-SX (IEEE 802.3z) – 1 Gigabit Ethernet running over multimode fiber-optic cable. 220-550 meters depending on cable type
• 1000Base-LX (IEEE 802.3z) – 1 Gigabit Ethernet running over single-mode fiber. Distance of 5 kilometers. Using multi-mode distance is 550 meters.
• 10GBASE-SR (IEEE 802.3ae) - 10 Gigabit Ethernet running over multi-mode fiber. Distance of 26 – 400 meters (Short Range)
• 10GBASE-LR (IEEE 802.3ae) - 10 Gigabit Ethernet running over single-mode fiber. Distance of 10 kilometers (Long Range)
• Wavelength-Division Multiplexing
• Multiple types of signals bidirectional over the same strand of fiber using different wavelengths
• Coarse wavelength division multiplexing (CWDM)
• Four 3.125 Gbit/s carriers over four different wavelengths
• Dense wavelength division multiplexing (DWDM)
• Up to 160 signals for 1.6 Tbit/s total throughput!!
Module 1: Network Fundamentals
Lesson 3: Compare physical interface and cabling types
• Power over Ethernet
• Both power and data can be transmitted over an
Ethernet connection!
• Used for VoIP phones, wireless APs, security
cameras, etc
• PoE (802.3af) – 15.4w power
• PoE+ (802.3at) – up to 25.5w power
• Switch and device need to support the same PoE
standards and switch has finite amount of power
• Can also use a power injector to power a PoE
device
Module 1: Network Fundamentals
• Lesson 1: Explain the role and function of network • Lesson 8: Configure and verify IPv6 addressing and
components prefix
• Lesson 3: Compare physical interface and cabling • Lesson 10: Verify IP parameters for Client OS
types
(Windows, Mac OS, Linux)
• Lesson 3: Compare physical interface and cabling • Lesson 10: Verify IP parameters for Client OS
types
(Windows, Mac OS, Linux)
Layer 6 - Presentation
Layer 5 - Session
Layer 4 - Transport
Layer 3 - Network
Layer 1 - Physical
Module 1: Network Fundamentals
Lesson 5: Compare TCP to UDP
Module 1: Network Fundamentals
Lesson 5: Compare TCP to UDP
• Lesson 3: Compare physical interface and cabling • Lesson 10: Verify IP parameters for Client OS
types
(Windows, Mac OS, Linux)
• Example:
Subnet Mask: 255.255.255.224 (decimal form)
11111111 11111111 11111111 11100000 (binary)
Count the ones = 27
This is a /27 subnet
Module 1: Network Fundamentals
Lesson 6: Configure and verify IPv4 addressing and subnetting
Binary Decimal
Converting from binary value to CIDR
00000000 0
11111111 11111111 11111111 00000000 10000000 128
255.255.255.0 or /24 11000000 192
11100000 224
11111111 11110000 00000000 00000000 11110000 240
255.240.0.0 or /12 11111000 248
11111100 252
11111111 11111111 10000000 00000000 11111110 254
IP 10.1.15.7 /29
Subnet 255.255.255.248
Network 10.1.15.0
Bcast 10.1.15.8
First IP 10.1.15.1
Last IP 10.1.15.7
Module 1: Network Fundamentals
• Lesson 1: Explain the role and function of network • Lesson 8: Configure and verify IPv6 addressing and
components prefix
• Lesson 3: Compare physical interface and cabling • Lesson 10: Verify IP parameters for Client OS
types
(Windows, Mac OS, Linux)
• Lesson 3: Compare physical interface and cabling • Lesson 10: Verify IP parameters for Client OS
types
(Windows, Mac OS, Linux)
Address Assignment
• Static Address Assignment
• Specify all 128 bits manually
• Specify the first 64 bits manually and use
Extended unique identifier (EUI-64) for the
remaining 64 bits
• Device will use the MAC address of its
interface along with adding “FFFE” and
inverting the 7th bit of interface ID to generate
a unique 64-bit interface ID.
• Stateless Autoconfiguration
• DHCPv6 • Extension of DHCPv6
• Similar to IPv4 version and known as stateful • No DHCP server necessary!
autoconfiguration • Uses router advertisement info as well as
• Client will detect a router via neighbor EUI-64
discovery, if router advertisement messages • Designed for devices such as cell phones
contain DHCPv6, client will send out a DHCP and IoT enabled devices
solicit message
Module 1: Network Fundamentals
Lesson 8: Configure and verify IPv6 addressing and prefix
ICMPv6
Similar to ICMP in IPv4 helps with troubleshooting (PING,
traceroute, etc) but has enhancements!
• Lesson 3: Compare physical interface and cabling • Lesson 10: Verify IP parameters for Client OS
types
(Windows, Mac OS, Linux)
• Lesson 3: Compare physical interface and cabling • Lesson 10: Verify IP parameters for Client OS
types
(Windows, Mac OS, Linux)
Manual Configuration
• Access the network interface and input
the IP address, subnet mask, and default
gateway
Dynamic Configuration
• Utilize Dynamic Host Control Protocol
(DHCP) server which has a scope of IP
addresses
• Client reaches out to DHCP server and
gains an IP, subnet mask , and gateway, as
well as potentially other info such as DNS
and NTP
• Preferred method for clients
Module 1: Network Fundamentals
Lesson 10: Verify IP parameters for Client OS
Configure TCP/IP on OS
• Windows 10
• Control panel -> Network and Internet
-> Network and Sharing Center ->
Change adapter settings -> right click
Ethernet -> Properties
• Linux
• (command line) ifconfig eth0
10.10.10.2 netmask 255.255.255.0
• MacOS
• System preferences -> network ->
advanced -> TCP/IP tab
Module 1: Network Fundamentals
Lesson 10: Verify IP parameters for Client OS
• Lesson 3: Compare physical interface and cabling • Lesson 10: Verify IP parameters for Client OS
types
(Windows, Mac OS, Linux)
• Roaming
• When a client moves from one AP to another and stays on the same SSID they ‘roam’
to the other AP
• Is able to keep the same IP address
• This generally happens then they are walking to another area of a building or are on
a device such as a forklift or golf cart
Module 1: Network Fundamentals
Lesson 11: Describe wireless principles
• Encryption Standards
• WiFi Protected Access (WPA) • Personal
• Cisco answer to WEP (which just used a pre-shared key • WPA2/3 using a pre-shared key (PSK)
and not secure)
• Enterprise
• Encryption - Dynamic key exchange using Temporal Key
Integrity Protocol (TKIP) • WPA2/3 using an authentication server
• 802.1x user authentication or pre-shared keys for authentication
• WPA2
• CCMP block cipher mode – Counter mode with cipher
block chaining message authentication code protocol
• AES for encryption
• Message Integrity Check (MIC) with CBC-MAC
• Very secure but it is possible to be brute-forced
• WPA3
• GCMP Block Cipher Mode
• Galois Counter Mode Protocol
• Stronger encryption than WPA2
• AES for encryption
• MIC with Galios Message Authentication Code (GMAC)
• PSK Mutual Authentication (Client and AP)
• Simultaneous Authentication of Equals (SAE)
• Diffee-Hellman key exchange with authentication
Module 1: Network Fundamentals
• Lesson 1: Explain the role and function of network • Lesson 8: Configure and verify IPv6 addressing and
components prefix
• Lesson 3: Compare physical interface and cabling • Lesson 10: Verify IP parameters for Client OS
types
(Windows, Mac OS, Linux)
• Virtual machines
Module 1: Network Fundamentals
Lesson 12: Explain virtualization fundamentals (virtual machines)
Virtual network concepts
• Virtual desktop
• Virtual end user compute device which exists in a
virtualization platform such as VMWare Horizon
View
• Virtual Desktop Infrastructure (VDI) is the overall
system that maintains the virtual desktop
environment
• Many companies embracing this technology
• Give you access to your desktop from anywhere!
• vSwitch
• ensures connections between virtual
machines as well as connecting virtual and
physical networks.
• Located within the virtual host
• Virtual network interface card (vNIC)
• Each Virtual Machine (VM) has a vNIC
Module 1: Network Fundamentals
Lesson 12: Explain virtualization fundamentals (virtual machines)
Virtual network concepts
• Network function virtualization (NFV)
• Collapses multiple network functions into one
virtual host and manage from hypervisor
• Virtual switch, firewall, etc
• Hypervisor
• Hardware, software, or firmware capable of creating
virtual machines and then managing and allocating
resources to them.
• Type 1
• Bare metal hypervisor
• Entire server and OS dedicated to virtualization, hypervisor can
directly access all hardware
• Most common for general use
• Examples include VMWare ESXi, Citrix Xen, Microsoft Hyper-V
• Type 2
• Desktop virtualization
• Runs on top of desktop OS as an application
• Used for IT/Dev testing, minimal features, simple, cheap
• Examples include Vmware Workstation/Fusion, KVM
Module 1: Network Fundamentals
• Lesson 1: Explain the role and function of network • Lesson 8: Configure and verify IPv6 addressing and
components prefix
• Lesson 3: Compare physical interface and cabling • Lesson 10: Verify IP parameters for Client OS
types
(Windows, Mac OS, Linux)