Page 1
8/21/2019 CCDA Arabic
http://slidepdf.com/reader/full/ccda-arabic 1/107
1 | P a g e
ربوث
ؽخ
ى١
ا
اب١خ
٠بد
ا
خ٠
ا
زجوا
جىبد
ا
ي
ؽ
غبي
بخ
بعؼ
ا
ى ب زح
اجوأ ؽ ؼعب
ػ و
عت ه
غبي
ا ا ٠ع
باد
ا
ى
زا
ب١زعا
١
عت
ثىبءح
١خ
ب
ارب
ب
.
٠ك
ى
لأ
ب
أ
١مب
ا
١خ
ا
بح
ا
ا
ا
ة
ا
ثاثخ
..
با
:
٠ؤي
ل؟دا
بث
بح
ا
ب١زبث
لذ
بح
ا
أ
ب١خ
ثبخ
ىث
١ىؤلي
بظ
عح
ا
ا
ا
أ
عأ
ر
ب
ىضح
أ٠ب
٠مخ
ا
ؽأ
ؤؽججذ
ع
ح
خ
١
اد
وض١ح
ز٠بد
جل
ع٠ح
بح
ى
أ
برب
خ
ثب
أ
CCDA..
خ
مخ
إ
أ
أ
أؽت
جء
ا
جل
ع
:ا
ة
ا
ثاثخ
ز
بى
ا
لف
ا
ص
ع
ا
و
بث
أ
اؿ
ا
ا
از
ا
ك
ا
)
ثأ
(ؾ
.
ؾج١ت
اءبأ
ؾزف
وف
ثا
٠
ا
اؿ
٠ى
ا
ز
ا
إاح
ىأ
وب
جاثخ
ا
7
ؽث
لأ
ثب
ضمخ
ا
خ
عأ
أ
ا
ع
بؤث
جبن
ؾجخ
ا
١ث
با
ثا
ا
ب
أ
.
***م
***
ــ
ا
بح
CCDAـ
بزا
Cisco Certified Design Associateب
وب
زر
ب
ؤث
اب
ى١
ا
جىبد
١ر
١خ
...
:بؾزا ل46-18
بجزا ح: 75ل١م
..
١ث
رزاػ
:خ
ا
55
إ
5ا
..
١خ
ا
بح
ام
ا
:
Designing for Cisco Internetwork Solutions (DESGN) v1.2
ثا
ا
ا
٠بح
عبء
ا
زاح
:ـ ـ ـ
ا
٠ز
ا
CCDA١ى
ل
***٠مز
ا ***آ١خ
بى
ا
مزػ
ا
اى
ا
اأ
ى
لأـ
ا
بط
ز١خ
CCDAعا
ا
أؽس
ثاخ
ه
ىز
ب
أ
مزأ
ه
ىزت
ازث
غبي
ا
ثا
ث١خ
ا
ز٠بد
ا
ؽ١ح
ا
خ
بم
ا
Page 2
8/21/2019 CCDA Arabic
http://slidepdf.com/reader/full/ccda-arabic 2/107
2 | P a g e
اؽزا١خ
ب١
ا
جت
ا
ى١
غز
ثػ
ئث
ز١ك
ا
ث
ى
عبم
ا
ا
ى
ار
ز
ا
..
ج
ثػ
لؤ
:ة
ا
زأب
ا
خ
ا
ث
لؤ
خ
بم
ا
١
غء
جؾش
ا اخ
ا ؾ ىزخ١ث
ا خ
بث ػ
ا ى١ ج
ا ػ
ا ء
ا
خ
بث
خ
ا
ا
٠١خ
غ
١ث
ا
خ
بث
..
ثػ
لؤ
ز
ا
ح
ا
ث
ب
ا
ا
ى
أ
٢او
ي
ى
ب
بز
ا زر١ت
مب ١ج
:-
اا
Network Design Methodologies
جىخ
١ر
غ١بد
ابض
ا
Evaluating Organizational Policies and Producers
١١مر١١١
ز
ا
١غز
ا
١ببد
ا
ابض
ا
Examining Customer Requirements
ث
ا
جبد
ز
ؾ
اثا
ا
Characterizing the Existing Network
جىخ
ا
١١ر١
بؾ
ا
ب
ا
ا
Implementing the Design Methodologies
١ز
ا
غ١بد
رج١ك
اب
ا
Network Hierarchiesجىخ
رعبد
اثب
ا
Modular Network Designs
جىخ
١بر
ؽاد
Page 3
8/21/2019 CCDA Arabic
http://slidepdf.com/reader/full/ccda-arabic 3/107
3 | P a g e
ابض
ا
Switching Design Considerationsازجباد
٠ؾر١ز
ا
بز
ا
ا
Campus Design Details
ؽ ١ر ١بربع
ب
ا
ا
Enterprise WAN Solutionsاخ ي جىخ
ؽمز زث بق
ا
ا بؾ
ا
IP addressing
ث ٢ا ( ذ
ز
ا ثروي خ
)
ا بضاRouting Protocols
١عز
ا
(باد
ا
ثرود
)
ا ش
بض
ا
Security
ــا
ا١ا ثااVoice
ــد
ا
***اع
ا
***
Cisco Press/CCDA Flash Card
CCDA Cisco Press Book
Testking updated exam
Page 4
8/21/2019 CCDA Arabic
http://slidepdf.com/reader/full/ccda-arabic 4/107
4 | P a g e
ى١
ا
ث
اي
ا
ى
جأ
CCDA
***ا
ا
***Network Design Methodologies
١ر
غ١بد
خىج
اب
ب
بز
ز
ا
١١خ
ا
مبح
ا
جىبد
ب
١ر
: PDIOOـ
بزا
:
Planning:ب
ثب١عب١زؽا ٠٠ه ١ث ا ٠ب
١
ا
١خ ثبزبء
ا خ
اىج
ا
..
Design:جى
ا
١ربثىج
ا
١ضر
و١١خ
١خ
مز
ا
زبعبد
زا
اي
ج
ا
بز
..
Implementation: ع ح
ا أ
١ز
ا ؾ
١ز
ا ث ه
بو
ؾ١ؾخ
ا
٠مخ
بث
١ضر
ر
ئا
لا
اث
بن
أ
بب
بو
إا
أب
١
١ز
ا
إ ربف أ از٠ غت ١زاعح
١١ضز
بث ر ح
ا بزبث ب عت ب
١ضر
..
Operation:١ز
ا
بء
ج
ا
ج
١خ
ا
زو١ت
ات١وز
ا
١خ
إ
غز
١
ا
ؾ
ا
ىث
لا
ا
أ
..
Optimization:
١خ
بض
ا
إ
ي
ال
بعؼ
ا
زو١ت
ا
ث
ه
جىبد
ا
بء
ثزر
زؾ
ا
وب
ا
أ
ابء
ج
أ
جل
رؾ١ؾب
١ؾب
زث
مر
بز
بث
جىخ
ا
ؽصب
أأ
ب
إ
زر
..
اي
ا
:
What does the P stand for in the PDIOO life cycle?
(ؾ
ا
١
٠ي
ا
ب
P
ا
PDIOO)؟
غاة
ا
:
In the PDIOO life cycle, P stands for planning. D is design; I is
implementation; O is operation; and O is optimization.
Design Methodology
Page 5
8/21/2019 CCDA Arabic
http://slidepdf.com/reader/full/ccda-arabic 5/107
5 | P a g e
١ز
ا
غ١بد
اد
بص
بن
دبىج
ا
١ر
١١خ
ا
مبح
ا
زمخ
١وؤز
بث
ج
ا
ا
ضر
وح
ابمثب
:
- Identify Customer Requirements :١
ا
جبد
ز
٠ؾر
..
- Characterize the Existing Network:١
مز
ا بؽ١خ
ا ١خ
ؾ
ا جىخ ا
..
- Design the topology and Network Solutions:جى
ا
ي
ؽ
٠خ
١ر
..
- Plan the implementation:١ضز
١ز
ا
..
- Build a Pilot:م
ا
ب١
ا
بء
ث٠
ا
جل
مزؽخ
ا
١بز
ا
و
أ
ثب
ا
١ىت
ث
ا١خ
ى
زر
ف
ا
..
- Document the Design:١ز
ا
رص١ك
..
- Implement and Verify:١ز
ب
خ
ج
ا
١ضز
ا
..
-Monitor and Redesign:بإ
الجخ
از
ا١
..
اي
ا
(1):
Cisco recommends that a particular design methodology be used. This
methodology follows and is derived from PDIOO. What is the first of
the design methodology's eight steps?
(١
ر
ك
١ز
ا
غ١بد
اد
أ
١ىب
وخ
PDIOO)
(غاة
ا
8):
The first step in the design methodology is to identify the customer
requirements.
( اي
ا2):
Cisco recommends that you follow a specific design methodology when
designing a network. This methodology consists of eight steps.What is
the last step in this recommended design methodology?
(١
ر
ك
١ز
ا
غ١بد
اد
آ
١ىب
وخ
PDIOO)
(غاة
ا
2):
The last step in the design methodology is to monitor and potentiallyredesign portions of the network.
Page 6
8/21/2019 CCDA Arabic
http://slidepdf.com/reader/full/ccda-arabic 6/107
6 | P a g e
ROI: Return On Investment
بضزا
ب
ع
ا
ؼ
ا
اا
ظ
بء
إ
بز
CCVP١بد
مزث
ب
ا
ـ
ا
IP TelephonyVoice over IP ..
رج١ك
١ضر
١غ
ا
ب
ا
ثبغ٠ا
صا
ب
م
ا
زاك
ا
١ز
ا
ا
جىخ
ربعب١زؽا١ر
١خ
مز
١ع
بضزأ
بن
ب
ح
ا
٠ب
١جو
ى١
بز
بث
أصب
ب
ح
خ
ىر
أ؟ج
١ز
جىح
Top-Down Design Approach
ح
ا
ز٠١١مخ
اا
-ا
جىبد
ا
١ر
١خ
زخ
ا
ق
ا
إؽ
١
ا
اؽز١بعبد
بزبث
ه
بزبث دب١
مز
ا ١ر رؤر ص ب١عب١زؽا
..
١عز
ا ١خ
ر بم
بن صصخ
خم٠ا :
Page 7
8/21/2019 CCDA Arabic
http://slidepdf.com/reader/full/ccda-arabic 7/107
7 | P a g e
-Careful analysis of Customer Requirements:١ل
ا
١
ؾز
ا١
ا
جبد
ز
..
-Use an Open System Interconnection – OSI model as a guide:ازا
٠
OSI١
ا
و
..
-Gather additional Data about the Network:جى
ا
ؽي
إب١خ
بد
ب١ث
ع
..
ا
م٠
أ
Top-Down Design Approach
خ
بم
بث
أي
لزب
ؤر
ا ق
اــث ١زر بأ إ
:
- Involve meeting Customer Requirements :١
ا
اؽز١بعبد
ج
ر١جو
ىث
ع
..
- Provides Cclients a straightforward "Picture" of the network:٠ر
١ج
ا
اؾخ
ا
ح
ا
ء
اىج
خ
..
- Typically meets the client's current and future requirements:ثبمر
١خ
بؾ
ا
ث
ا
جبد
زخ١
جمز
ا
..
Bottom-Up Design Approach
ا٠مخ
ز١١خ
ا
ح
ا
-ا
ب
ت
بث
زر
٠مخ
ا
غ
ر
أ
١ه
٠غت
١
ل
لذ
ا
ى٠خ١
بزؽا
ثخ
١ز
ا
٠ز
اا
.
اي
ا
:
What is an advantage to the use of the top-down design approach?
(
بح
ا
اب
ز١١خ
ا
ح
ا
٠مخ
ازا
-ا؟
)
غاة
ا
:
the top-down approach to designing the network features several
potential advantages, including the following:
- Centers around meeting customer requirements
- Provides for an easy-to-comprehend "picture" of the network to
clients
- Typically meets the client's current and future requirements by
incorporating scalability
Page 8
8/21/2019 CCDA Arabic
http://slidepdf.com/reader/full/ccda-arabic 8/107
8 | P a g e
Decision Tables
ام
ا عاي
عاي جزر أ ز١رؾزبط
ا ارجببد ه
بح اما(Design
Engagements)
ع
بح
١باد
بن
ى٠
ب
بح
ز
١بر
بء
إ
جىخ
ا
بء
ث
زح
..
ؾبة
غاي
ا
رؾزبط
جىبد
ا
١ر
:
-Routing Protocol:ا
زع١باد
..
-Type of Security:١
ب
ا
بأ
أ
..-Physical Topologies:
ع١ب
ج
ا١ب٠١
ا
..
عاي
بء
ث
أب١خ
١خ
بز
ا
١بد
ز
اام
ا
:
-Decide where the use of decision tables is appropriate and required:
ما
ا
عاي
زر
٠أ
ام
ا
برا
ىث
..
-Gather all possible options:ؽ
خ
رؾذ
ىر
ز
ا
اؽزبد
و
ع١بز
ا
..
-Create a table of requirements and Options:
ؾ
ا
عي
بء
ث
اؽز١بعبد
..
اي
ا
(1):
What is the purpose of a decision table?
ف
ا
ماادعب
ا
(غاة
ا
8):
A decision table allows you to make a systematic decision when multiplepotential solutions exist for a given problem.
( اي
ا2):
Give a specific example of when a decision table might prove useful in a
design engagement.
Page 9
8/21/2019 CCDA Arabic
http://slidepdf.com/reader/full/ccda-arabic 9/107
9 | P a g e
(أ
١ا
ى٠
أ
مااد
ا
غي
٠ى
ؽ١ش
بض١ز
ا
..)
(غاة
ا
2):
You might use a decision table when deciding on the following:
- Routing protocol
- Type of security
- Physical topology
- WAN technology
- Switching technology
- Redundancy methods
***ز
ا٠بع
٠بؽ
ؾ
بزا
أ٠خ
اي
ا
***
ز
Page 10
8/21/2019 CCDA Arabic
http://slidepdf.com/reader/full/ccda-arabic 10/107
10 | P a g e
***بض
ا
ا
***
Evaluating Organizational Policies and Producers
١غز
ا ١ببد
ا ١١مر١١١
ز
ا
Network Organization Module
جىخ
١١خ
ز
ا
ؽح
ا
ؽح
أىج
ا
خ
ىر
جىخ
١١خ
ز
ا
ؽح
١١خ
ز
ا
١خ
ا
:
ا
بىز
ا
:أ
Vertical Inegration..
ىر
وخ
١خ
ا
ا
ا
١خ
ج
ىر
ؽح
ا
١
جز
٠
ى١
ب
بأ
ى٠ ط
ا ا و ه
ب
ا إ ثل
بزبث دب خ
١ زبع١خ
ا
و
غر
ب٠خ
ا
خ
١ى
ا
زن
ؽا
ف
ي
ا
عأ
بلبد
ا
أ ١ر خ
ى بر ب
ا ا ١اد
ا أ زبط
ا ١لر
.
ما بىزا ..Horizontal Integrationصب١ب:
١
ا
ب
ؽح
ا
حز
وبأ
خ
ز
ثغبد
اد
ل
ح
زؼ
٠ك
بوخ
ا
أاف
رؾم١ك
ع
بث
ر
خ
زو
ا
.
اي
ا
:
Why is a network organization model based on vertical integration
often less beneficial than a horizontal integration model?
غاة
ا
:
In an organizational model that is based on vertical integration, almost
all of the production comes from within the organization. Based upon
the horizontal integration model, modern internetworking leveragespartnerships with entities outside the organization. These partnerships
can dramatically increase competitive advantage.
Page 11
8/21/2019 CCDA Arabic
http://slidepdf.com/reader/full/ccda-arabic 11/107
11 | P a g e
ؽح
ا ب
٠
٢ا :أب
١ج
ا ب
ا
Ecosystem Model..
ــ
بزا
Ecological System
Ecosystem model calls upon horizontal integration wherever necessary
for the achievement of business objectives
بىز
ا ١جا ب
ا ١ث ص١ك
ا ثاز
ا
خ ري
غ
ا ما.
ث ب
زا ١خ
مز
ا ؾبد
ا أب رل٠ ؤي ب ب لخ ثبح ؽ١ش
غبد
زر
وض١ح
ؾبد
بن
أ
ألي
!!خ
١
أغبد
ب
ف
ا
أ
٠زا اب ثب
ا١ث ا ٠ب
١
ا ك٠٠
.
أ خ
ا ب٠خ جىخ ىاؤ
ا
... (Network Organization Architecture
Component)
جىخ
ا
ب٠خ
مر
network organizational architecture componentsإ
:
- Application. (١جر).
- Enabling Network Solutions. ( ١رىج
ا
ي
).
- Prerequisite Systems. (
ا
).- Network Infrastructure, including intelligent network services
(content networking, storage networking, VoIP). (١ جىخ ثب
زؾز١خ
ا ١خ
ج
ا
ا
ج
د
ا
م
٠ز
ا
أعح
ض
جىخ
ا
و١خ
ا
ي
ؾ
اىج
)
اي
ا
:
Name at least two of the network organizational architecture
components.
غاة
ا
:
The network organizational architectures components include:
- Applications
- Enabling Network Solutions
- Prerequisite systems
Page 12
8/21/2019 CCDA Arabic
http://slidepdf.com/reader/full/ccda-arabic 12/107
12 | P a g e
- Network infrastructure including intelligent network services (Content
Networking, Storage Networking, and Voice over IP)
Organizational Policies
١ببد
ا١١
ز
ا
ا
ا اف
ي
زر با دبب١
ابب١
ا أ :رؾم١مب
1- Common legal and regularity policies. (١١
ز
ا
١خ
ا
١ببد
ا
).
2- Organizationally specific policies. (١
زث ؾح
ا ١ببد
ا)
صر زا ؾح
ا ١ببد
ا
خ
ضا ىج
ا ١ر
١جو ىث
:
Vendor preferences, technology preferences, and employment policies( ٠ا ب١زاجب
ا خ
ا م١بد
ز
ا خ
بغ
ا ا ١ز
ا ١ببد
)
اي
ا
:
Name an organizationally-specific policy that could dramatically impact
network design decisions.
غاة
ا
:
Examples of organizationally-specific policies that could impact
network design decisions include vendor preferences, technologypreferences, and employment policies.
Page 13
8/21/2019 CCDA Arabic
http://slidepdf.com/reader/full/ccda-arabic 13/107
13 | P a g e
Organizational Procedures
١١خ
ز
ا
اعاءاد
جزربلأ
زؾ٠
ا
١
ز
ا
ى١
ا
١
ا
غ
ا
١١خ
ز
ا
خاعاءاد
ز
ز٠ك
ا
ض
-اؾ٠
أ
١ز
ا
٠غت
بز
بث
خ
ا
جخبثبد
بث
ثلخ
ا
ح
جز٠
خ
ز
ا
اااد
١ث
زمخ
ا
بد
١ث
..
ي
بر
أ
١ب
٠غت
جىخ
ا
٠أ٠ب
وخ
ا
أ
خ
ا
اف
:
1- Functionality. (١
ا
).
2- Scalability. (١ب١م
ا
).
3- Availability. (ز
ا
).
4- Performance. (اا
)
5- Manageability. (اا
).
6- Efficiency. (ىبء
ا
).
١ث
أب
اعت
ا
بم
ا
أ
أ
اعاءاد
بر
جىخ
١ر
بء
ث
بجزا
ث
خ
ا
اف
ي
١جو
ىث
بر٠
.
اي
ا
:
The network that a designer recommends should help the organization
achieve its business goals. This is accomplished by adhering to the
network's guidelines, such as scalability, manageability, and efficiency.
Name at least two additional guidelines.
غاة
ا
:
The network should contribute to all of the organizational goals by
adhering to the following:
- Functionality
- Scalability
- Availability
- Performance
Page 14
8/21/2019 CCDA Arabic
http://slidepdf.com/reader/full/ccda-arabic 14/107
14 | P a g e
- Manageability
- Efficiency
ز
***بض
ا
ا***
Examining Customer Requirements
١
ا
جبد
ز
ؾ
ا
ح
ا
:
Determine Organizational Goals
١١خ
ز
ا
ااف
٠ؾر
١خ
بض
ا
ح
ا
:
Examine all organizational constraint (Budget Personnel, Policies and
Scheduling)
١م
ا
بجزاغ
ا
١ببد
ا با خ١
ا١
١١خ
ز
ا
ضخ
بض
ا
ح
ا
:
Examine planned applications and Network Services (security, QoS
management and high availabilityض دبم١جز
ا جىخ ا بازجب بد
ا بد عح
ا بأ أ١
ب
ا اح
ح
اثا
ا
:
Determine Technical goals (improve performance, improve security,
improve reliability, decrease downtime, modernize technologies,
improve scalability and simplify management)
ااف
٠ؾرخىج
بث
ضمخ
ا
١ؾر
بد
ا
بأ
أ
١ؾر
ااء
١ؾر
ب
١خ
مز
ا
١جر
م١ب١خ
ا
جىخ
بث
ز
ا
١ؾر
١بد
مز
ا
٠ر
جىخ
ا
ل
١
مرحاإ
جىخ
ا
ح
اب
ا
:
Examine technical constraints (existing equipments, bandwidth
availability, application compatibility and personal qualifications)
Page 15
8/21/2019 CCDA Arabic
http://slidepdf.com/reader/full/ccda-arabic 15/107
15 | P a g e
زج١ك
ا
رام١خ
بق
ا
ر
١خ
بؾ
ا
اعح
١خ
مز
ا
١م
ا
بجزابا
د
اي
ا
:
What is an example of a question that should be asked regarding the
scope of a network design?
غاة
ا
:
Following are possible questions that should be asked during a scope
analysis:
- Is the design for a single network segment?
- Is the design for a single network module?- Is the design for a subset of the overall network?
- Is the design for the entire network?
- Is the design's purpose to add a single network function?
- Is the design's purpose to add entire network functionality?
اي
ا
:
Which of the OSI (Open System Interconnection) model layers deals
with the design of routing and addressing issues?
غاة
ا
:
The OSI (Open System Interconnection) model's network layer designs
routing and addressing issues. The OSI model's application layer
includes the design of voice over IP, for example. Physical and data link
layer design decisions include fiber versus copper and ATM versus
Frame Relay, for example.
اي
ا
:After you determine the organizational goals during the design
engagement, what should you do next?
غاة
ا
:
After determining the organizational goals, you should determine the
Page 16
8/21/2019 CCDA Arabic
http://slidepdf.com/reader/full/ccda-arabic 16/107
16 | P a g e
organizational constraints.
اي
ا
:
After you determine the technical goals during the design engagement,
what should you do next?
غاة
ا
:
After determining the technical goals, you should determine the
technical constraints.
اي
ا
:Provide an example of a organizational goal that might be discovered
during the design engagement.
غاة
ا
:
The following are examples of organizational goals:
- Increase revenue
- Increase profits
- Shorten development cycles
- Increase competitiveness
- Add new customers
- Enhance productivity
- Improve customer service
- Improve customer satisfaction
- Improve the sharing of data inside and outside of the organization
اي
ا
:
Provide an example of an organizational constraint.
غاة
ا
:
The following are examples of organizational constraints:
- Budget
Page 17
8/21/2019 CCDA Arabic
http://slidepdf.com/reader/full/ccda-arabic 17/107
17 | P a g e
- Personnel
- Policies
- Scheduling
اي
ا
:
Provide an example of a planned application in a design engagement.
غاة
ا
:
Planned applications for an organization might include the following:
- E-mail
- Groupware
- Voice networking- WWW
- Video on Demand
- Database
اي
ا
:
Provide an example of a planned network service in a design
engagement.
غاة
ا
:
Planned network services might include:
- Security
- QoS (quality of service)
- Network Management
- High Availability (Service Level Offerings)
- IP Multicast
اي
ا
:Provide several examples of technical goals that an organization might
possess.
غاة
ا
:
Following are examples of technical goals that an organization might
Page 18
8/21/2019 CCDA Arabic
http://slidepdf.com/reader/full/ccda-arabic 18/107
18 | P a g e
possess:
- Simplify network management
- Improve scalability
- Replace legacy equipment
- Improve availability
- Increase security
- Improve performance
- Improve reliability
اي
ا
:
Provide an example of a technical constraint that might be discovered
during a design engagement.
غاة
ا
:The following are examples of technical constraints that might be
discovered:
- Legacy equipment
- Bandwidth availability
- Application compatibility
- Personnel Qualifications
ز
Page 19
8/21/2019 CCDA Arabic
http://slidepdf.com/reader/full/ccda-arabic 19/107
19 | P a g e
***اث
ا
ا
***
Characterizing the Existing Network
جىخ
ا
١١رخ١
بؾ
ا
ا
ؾز٠بد
:
General Steps to Characterizing Existing Networks
١١ر
بء
صأ
ثب
ا
اعت
ا
ضصخ
ا
اد
ا١
بؾ
ا
جىخ
ا
Network Auditing
جىخ
ا
ؽبثبد
اعخ
Network Auditing Recommendations
بخ ثاعخ
ا ز١بد
ابثبؽىج
ا
Manual Network Auditing Modules
ؽاد
١
ا
زل١ك
اىج
ا
Automated Network Auditing Modules
ؽاد
٢ا
زل١ك
اىج
ا
Network Traffic Analysis
جىخ
ا
بد
رك
١
ؾر
Summary Report
ـــــــ٠ــــمز
ا
Page 20
8/21/2019 CCDA Arabic
http://slidepdf.com/reader/full/ccda-arabic 20/107
20 | P a g e
اد
ا
ب
م٠
ا
١ا
بؾ
ا
جىخ
ا
ب١خ
٠ؾز
١بد
اخ
ه
ف
ا
ؽت
ز٠ب
١ب
و
ازي
مبخ
ا
جىخ
ا
بد
ى
١
ا
جبد
ز
..
ج١خ
ا
مخ
ا
ي
إدب
ى
١١ر
٠ؾر
١١خ
اد
صصخ
بن
أ
مي
جىخ
ا١
بؾ
ا
:
ح
اا
:
Collect input from network customersثد
بخ
ا
بد
ا
ع
Inputsبز
ا
ي
ه
١
ا
جىخ
:
Network Topology
جىخ
ا
ع١خ
ج
Network Services
جىبد
ا
Network Solutions and applications
جىخ
ا ي
ؽربم١جر
Expected Network Functionality
جخ
ا
زل١خ
ا
Identify Network Modules
ؽاد
١١رىج
ا
١خ
بض
ا
ح
ا
:
Perform Network Auditجىخ
ا
رل١ك
أاء
ضخ
بض
ا ح
ا
:
Perform Traffic Analysis
بد
ا
رك
١
ؾر
أاء
Page 21
8/21/2019 CCDA Arabic
http://slidepdf.com/reader/full/ccda-arabic 21/107
21 | P a g e
اي
ا
:
Name at least one step in which a designer should engage when
characterizing the existing customer network.
غاة
ا
:
Following are the three general steps a designer should engage in when
characterizing the existing network:
- Collect customer input- Perform a network audit
- Perform traffic analysis
Network Auditing
جىخ
ا
ؽبثبد
اعخ
ب
أأب
ب
ب١
ر
بد
رل١ك
بثمخ
ا
اد
ا
ر
ب
اعخ
رى
ف
بوأ
صصخ
ىر
جىخ
ا
ؽبثبد
اعخ
١خ
جمز
ا
خ
ؽ
ب
بز
ا
:
1- Hardware/Software Specifics
بز
ا جاابد
ا
2- Configurations
اعح
جىر١خ
ا
3- Usage Data
ازا
بازبي
ب١ج
ا
اي
ا
:
List four components a network designer should collect during the
network audit of an existing network.
Page 22
8/21/2019 CCDA Arabic
http://slidepdf.com/reader/full/ccda-arabic 22/107
22 | P a g e
غاة
ا
:
The network audit of the existing network might include the following
components:
- Detailed list of devices in the network
- Hardware specifications of devices in the network - Software specifications of devices in the network
- Device configurations
- Output from various auditing tools
- Expandability information for devices
- Utilization statistics for devices
Network Auditing Recommendations
ز١بد
اىج
ا
ؽبثبد
ثاعخ
بخ
ا
Leverage existing auditing tools
أاد رل١ك ازا ثبغ٠ا بابثبؾ
ا اعخ
Introduce additional tools as needed
ؽت
إب١خ
أاد
٠مرعبؾ
ا
Minor changes to the network might be necessary to collect the required
data; log these changes and reverse when complete
ثخ
ا
بد
ب١ج
ا
غ
٠خ
رى
ل
جىخ
ا
إ
٠خ
بض
ا
ز١١اد
ادا١١ز
ا
غر
خ
بو
ىر
ب
ىر
Automated auditing approaches should be employed in large networks
ىج١ا٢ااد
ا
جىبد
ا
زر
خ
Page 23
8/21/2019 CCDA Arabic
http://slidepdf.com/reader/full/ccda-arabic 23/107
23 | P a g e
Create summary reports based on detailed information
بد
ا
ثبزبء
٠مر
بء
ث١
١ز
ا
اي
ا
:
Name at least one network auditing recommendation.
غاة
ا
:
Network auditing recommendations include:
- Leverage existing auditing tools, if such tools exist.
- Introduce additional tools as needed.- Minor changes to the network might be necessary for collecting the
required data; when complete, log these changes and reverse.
- Automated auditing approaches should be employed in large
networks.
- Create summary reports based on detailed information.
Page 24
8/21/2019 CCDA Arabic
http://slidepdf.com/reader/full/ccda-arabic 24/107
24 | P a g e
Manual Network Auditing Modules
ؽاد
١
ا
زل١ك
اىج
ا
ب
١
ا
زل١ك
ا
١ز١بأ
١زم
بن
:
ا
مخ
ا
:
Monitoring Commands on devices:
اعح
ي
اا
١الجخ
بز
ا
:
اي
بغ
ا
: Routers (عب
ا
)
اا
:
Show tech-support
Show processes CPU
Show processes memory
بض
ا
بغ
ا
: Switches (ب
ا
)
اا
:
Show version
Show running-config
Show tech-support
ش
بض
ا
بغ
ا
: PIX (ب
ا
اغ
ا
)
اا
:
Show version
Write terminal
Page 25
8/21/2019 CCDA Arabic
http://slidepdf.com/reader/full/ccda-arabic 25/107
25 | P a g e
١خ
بض
ا
مخ
ا
:
Scripting tools to collect information in large networks
غ
ااد
ىج١وزبثخ
ا
جىبد
ا
بد
ا
Automated Network Auditing Modules
جىخ
ا
ؽاد
٢ا
زل١ك
ا
ي
صص
ثاظ
:
CiscoWorksCisco Secure Scanner
Third Party: HP Open View, Visio
اي
ا
:
You are interested in using a Cisco network-auditing tool that can
provide topology information and details about hardware and software
configurations in an automated fashion. What tool should you use?
غاة
ا
:
CiscoWorks provides dynamic topology information for Cisco devices
through use of the Campus Manager application. Campus Manager can
work in conjunction with Resource Manager Essentials, which provides
details about hardware and software configurations.
اي
ا
:
You are performing a manual network audit of an existing customer
network. What command should you use on a Cisco router to determine
the exact version of IOS that is in place and the hardware modules thatare installed?
غاة
ا
:
You should use the show version command to determine the exact
version of software and the network modules in use. The show version
Page 26
8/21/2019 CCDA Arabic
http://slidepdf.com/reader/full/ccda-arabic 26/107
26 | P a g e
command also provides the amount of uptime for the device.
اي
ا
:
ou are performing a manual network audit of an existing customer
network. What command should you use on a Cisco router to determine
the extent of CPU utilization?
غاة
ا
:
You should use the show processes cpu command to gain valuable
information about device CPU utilization. To increase the effectiveness
of this command, consider examining the output over a period of
samples. Also, to view non-zero processes, use show processes cpu |exclude 0.0.
Page 27
8/21/2019 CCDA Arabic
http://slidepdf.com/reader/full/ccda-arabic 27/107
27 | P a g e
Network Traffic Analysis
جىخ
ا
بد
رك
١
ؾر
بؾ
صصخ
ي
:
Cisco IOS Manual Analysis
ض
:
NBAR
NetFlow
Cisco Analysis Products
ض
:
Flow Collector
Network Analyzer
Third Party
ض
:
Sniffer
Network Monitor
EtherPeek
اي
ا
:You are engaged in a manual analysis of network traffic in an existing
customer network. You would like to rely on IOS-based tools and,
specifically, you would like to display statistics for all interfaces that are
broken down by protocol and an average 30-second bit rate. What tool
should you use?
Page 28
8/21/2019 CCDA Arabic
http://slidepdf.com/reader/full/ccda-arabic 28/107
28 | P a g e
غاة
ا
:
Thanks to the NBAR Protocol Discovery feature, the Cisco IOS NBAR
tool provides such statistics.
Summary Report
زمـــ٠ـــ
اــ
ع
زظ
ب
خ
زؾ٠١
بؾ
ا
جىخ
بث
بخ
ا
بد
ا
رل١ك
..
زؾ٠
أ
زب٠غت
ا
:
1- Describe the required software features
ث
ا
جاظ
ا
١اد
2- Describes Possible Problems
خ
زؾ
ا
(ؽصب
زلخ
ا
وب
)
3- Identify actions necessary for modifying networks
اخ
اد
ا
١رىج
ا
٠ز
4- Influence the customer regarding the requirements and changes
جبد
ز
ا
ث
١
ا
ثبغ٠ا
١صؤز
اىج
بث
بخ
ا
ز١اد
ا
اي
ا
:
Based on a characterization of the existing customer network, name at
least two components that should be included in the summary report.
غاة
ا
:
The summary report document should summarize the results of
characterizing the existing network. It should do the following:
Page 29
8/21/2019 CCDA Arabic
http://slidepdf.com/reader/full/ccda-arabic 29/107
29 | P a g e
- Describe the required software features
- Describe possible problems
- Identify actions needed to modify the network
- Influence the customer in terms of requirements and changes
ز١ك
بث ١غ
رب١
ر ءب إ با إ
ز
***ب
ا
ا
***
Implementing the Design Methodologies غ١بد
ز١رج١ك
ا
ا
ؾز٠بد
:
Introduction
مخ
ا
Pilot versus Prototype
ط
ثبم
ب١
Documenting the Design
ز١رص١ك
ا
Network Hierarchies
١خ
ى١
أ
جىرعبد
ا
مخ
ا
:
ج
ا
زى
مخ
ا
ا
رص١ك
١خ
جىخا٠خ
ا
١مر
١خ
ص
جىخ
ا
اأ
إ
Phasesا
ب
و
خ
ى
و
ز١بد
ا
بجزا
١ث
ا
ث .١مز
ا زص١ك
ا ١خ
ج
:
Page 30
8/21/2019 CCDA Arabic
http://slidepdf.com/reader/full/ccda-arabic 30/107
30 | P a g e
ز١بد
ا ر ثأ recommendationsاب ١خ
٠خب
ا
ا
جىخ
ا
بء
ث
:
If there are multiple complex implementation steps, implement each
separately (advantages include easier rollback and troubleshooting
reduction)
رؾزبط
مح
اد
ا
ع
عت
بز
بث
١١
بو
١
ؾر
إىث
ب
١ض
ب
ؽ
١
اؽح
ى
خ
ب
ؽ
ر
ح
ز
ا
وب
ا
١
مر
ا
ا
خ
ز
رج١مب
اؽح
If there are not multiple complex steps, proceed with implementation as
an entirety
ب
١ضر
ز٠
اؽح
خ
ب
أ
غر
ث١خ
ا
ذ
بو
بإا
اي
ا
:
Why is it beneficial to implement each step of the design separately if
the steps are complex?
غاة
ا
:
It is beneficial to implement each complex step of the design separately
for two main reasons:
- To reduce troubleshooting in the event of failures
- To reduce the time to roll-back in the result of failure
زج١ك
ا
١ضز
ا
Implementationأا
ببث
ىز٠
Phases
ىز٠
و
اد
Stepsو
ب
ا
زؾر
أ
٠غت
ح
:
Description
ا
Reference to appropriate Design Documents
١ز
ا
زص١ك
ع
Page 31
8/21/2019 CCDA Arabic
http://slidepdf.com/reader/full/ccda-arabic 31/107
31 | P a g e
Detailed Implementation Guidelines
خ
ا
زج١ك
ا
١بد
ر
Detailed Rollback Guidelines
خ
ا
ع١خ
ا
١بد
ر
Estimated Time for Required Implementation
١
ز
ة
ا
ا
٠مر
اي
ا
:
A network design implementation should consist of several phases, each
of which should consist of separate steps. Name at least two components
that each step should contain.
غاة
ا
:
Each step should contain the following elements:
- Description
- Reference to appropriate design documents
- Detailed implementation guidelines
- Detailed roll-back guidelines
- Estimated time required for implementation
Pilot versus Prototype
ط
ثبم
ب١
ب
و
١ع
ا
٠
ف
ا١
ر
١خ
ا
جل
١
ا
بأ
١ضز
ز٠
ث
أب٠أ
١ب
ىح
وئصجبد
ز٠
Pilot Network
Tests and verifies the design before the network is lunched
ق
ا
١ل
١ز
ا
خ
ث
ؾ
ا
Prototype Network
Test and verifies a redesign in an isolated network before applying it to
the existing network
ي
ا
١ز
ا
إصجبد
ؾم١جر
جل
مبخ
ا
جىخ
ا
ىث١
Page 32
8/21/2019 CCDA Arabic
http://slidepdf.com/reader/full/ccda-arabic 32/107
32 | P a g e
اي
ا
:
You are interested in proving your design concept to the customer of
your design engagement. You are planning on testing and verifying the
redesign in an isolated network at your facility. What is this type of
proof of concept called?
غاة
ا
:
When you test and verify a redesign in an isolated network, you areengaging in what is called a prototype network.
A pilot network tests and verifies the design before it is launched.
Documenting the Design
١ز
ا
رص١ك
رص١ك بب
ث
اثا
اؽزا١خ
لخ
ه
١ز
ا
ؽا
أ
أ
١ز
ا
ب
رص١ك
أ٠خ
١
بأ
ىث
ب
ا
ع
عت
بز
بث١ز
:
Introduction
مخ
ا
Design Requirements
جبد
ز١ز
ا
Existing Network Infrastructure
جىخ
زؾز١خ
ا
١خ
ج
ا١
بؾ
ا
Design
١ز
ا
Proof of Conceptازبث
ه
(ىح
ا
بثم١١إصجبد
ا
١ع
ا
ؽأ
)
Implementation Plan
١ضر
ا
Appendices
ؾك
ع
:ؽك
ا
Page 33
8/21/2019 CCDA Arabic
http://slidepdf.com/reader/full/ccda-arabic 33/107
33 | P a g e
اي
ا
:
Name at least four components you should include in the final design
document.
غاة
ا
:
The final design document should include the following components:
- Introduction
- Design Requirements
- Existing Network Infrastructure
- Design
Network Hierarchies
أ
جىرعبد
ا
١خ
ى١
ؾ
جىخ
ا
١خ
ى١
خ
ز
ا
زم١اد
ا
ع
ب
٠مز
ى١
عبخ
ل
ح
خ
ز
ابد
١خ
ج
ىح
زج١ك
ر
ا
ا
١جو
ىث
١ر
بز
ا
ى
ا
١
رط
:
Access Layer:
ي
ا :جمخ
زرب٠زؾ
إ
ي
ا
إ
١ز
ا
٠ز
ب
ا
بأ
أ
:ض
جىبد
ا
Security ب
AuthenticationL2 Switching بجر
ه
ازا١خ
١خ
ؾ
ا
جىبد
ا
VLANL3 Switchingث
ث
زر
Remotely
Distribution Layer:
ز٠جمخ
ا
:
بثمخ
ا
جمخ
ا
ذ
بو
ز
ا
جىخ
ا
)ب
(ثب
إ
ي
١ز
١رؼ
ؽخ
Core Layer:
١١خ
ا :اجمخ
ت
ث
ا
م
ام
١
ؾر
١خ
ع
١خ
ب
ثبد
ززر
أ٠ب
جىخ
ا
اأ
١بد
بد
ا
Page 34
8/21/2019 CCDA Arabic
http://slidepdf.com/reader/full/ccda-arabic 34/107
34 | P a g e
ز
***ب
ا
ا
***
Network Hierarchies
جىخرعبد
مخ
ا
ربئث
لؤ
ى
ب
ا
ا
ا
ا
ػ
رخ
ا
جث
م
ا
ا
وزبة
خ
ا
CCDA/CCDP Flash Cardجث
ب
ا
Network Hierarchies
جىخ
ا
١خ
ى١
أ
رعبد
ع
ب
٠مز
ى١
عبخ
ؾ
جىخ
ا
١خ
ى١
خ
ز
ا
زم١اد
ر
ا
ا
١جو
ىث
١ر
ل
ح
خ
ز
ابد
١خ
ج
ىح
زج١ك
بز
ا
ى
ا
١
رط
:
Page 35
8/21/2019 CCDA Arabic
http://slidepdf.com/reader/full/ccda-arabic 35/107
35 | P a g e
جىح
ا
رط
ضصخ
ا
جمبد
٠ز
ا
١خ
١جر
Access Layer:
جمخ
ا
:
أ : ض دبىج
ا ؾز٠بد إ ي
ا إ ١ز
ا ٠ز زرب
ا بأSecurity
ب
AuthenticationL2 Switching
بجر
١خ ازا١خ
ؾ
ا جىبد
اVLANL3 Switchingث ث
زرRemotely
ي
ا جمخ ــح
ا ١خ
مر ع اؼ
IPT
Page 36
8/21/2019 CCDA Arabic
http://slidepdf.com/reader/full/ccda-arabic 36/107
36 | P a g e
Distribution Layer:
ز٠ج
ا
مخ
:
بثمخ
ا
جمخ
ا
ذ
بو
ز
ا
جىخ
ا
)ب
(ثب
إ
ي
١ز
١رؼ
ؽخ
Error!
جمخ
رؼ
ح
خ
ا
ب
آ
ػ
ر
وب
٠ز
ا١زمج
ا
ث
Core Layer:
١١خ
ا :اجمخ
أ٠ب
جىخ
ا
اأ
١بد
ت
ث
ا
م
ام
١
ؾر
١خ
ع
١خ
ب
ثبد
ززر
بد
ا
Page 37
8/21/2019 CCDA Arabic
http://slidepdf.com/reader/full/ccda-arabic 37/107
37 | P a g e
١خ
اب١خ بد
بث جىخ ا ٠زث زخ
ا ١١خ
ا جمخ
ر١ب ٠ؾزبطح
جبد
ز
٠زاك
ب
ب١خ
ز
لخ
إ١
ا
اي
ا
:
What are the three layers of the Cisco hierarchical network model?
غاة
ا
This Cisco hierarchical network model consists of three layers, which
include the following:
- Access layer
- Distribution layer
- Core layer
اي
ا
Which layer of the Cisco hierarchical network model features speed asits biggest focus?
غاة
ا
The core layer is most concerned with speed. In fact, security and other
such measures are typically not employed in this layer to ensure that
packets move as quickly as possible.
Page 38
8/21/2019 CCDA Arabic
http://slidepdf.com/reader/full/ccda-arabic 38/107
38 | P a g e
اي
ا
Which layer of the Cisco hierarchical network model is most likely to
feature Quality of Service controls?
غاا
The distribution layer most often features QoS measures. This ensures
that certain types of traffic take precedence over other types of traffic.
اي
ا
Redundancy is most important at which layer of the Cisco hierarchical
network model?
غاة
ا
Redundancy is critical at the core layer of the Cisco hierarchical
network model. This ensures that failures do not have a major impact
on network connectivity. While this is the correct certification response,remember that redundancy can be critical at all layers of the model-
especially the distribution layer.
اي
ا
At which layer of the Cisco hierarchical network model are you most
likely to find authentication to take place?
غاة
ا
The access layer frequently features authentication to ensure that
network users are actually permitted to use the network. While this is
the optimal certification response, understand that authentication also
takes place in the distribution layer, especially in the case of VPNs.
اي
ا
Which layer of the Cisco hierarchical network model is most likely to
feature Layer 2 switching?
غاة
ا
The access layer of the Cisco network hierarchal model most often
features Layer 2 switching. These are low-cost switches that provide full
duplex network access to clients.
اي
ا
Which layer of the Cisco hierarchical network model is most likely to
feature Layer 3 switching?
Page 39
8/21/2019 CCDA Arabic
http://slidepdf.com/reader/full/ccda-arabic 39/107
39 | P a g e
غاة
ا
The distribution layer of the Cisco hierarchical network model often
features Layer 3 switching. This permits packets to be routed to other
areas of the network or beyond
.
ز
Page 40
8/21/2019 CCDA Arabic
http://slidepdf.com/reader/full/ccda-arabic 40/107
40 | P a g e
***بث
ا
ا
***
Modular Network Designs
١بر داؽخىج
ا ؾز٠بد
:
Introduction
مخ
ا
Classification for Enterprise Composite Network Module
جىخ
١
رو
Sub-Classification for Enterprise Composite Network Module
١
رز
آ
و
ا
١
Introduction
مخ
ا
ا
زؾ٠
أ
رؼ
ؽ
وب
جىبد
ا
١ر
خ
بث
أ١خ
ا
خ
أ
ثب
ؤث
خ
بى
زؾر
أ٠ب
ب
أ
غ٠
ح
ا
عح
ا
ظ
و
ز١ذ
اخ
ا
٠زؾزبعب
ز
ا
لذ
ا
خ
ا
اؾخ
ا
بث
جىخ
بء
ج
ازؾ
ا
١خ
ا
Classification for Enterprise Composite Network Module
وت
جىخ
١
ر
Error!
Page 41
8/21/2019 CCDA Arabic
http://slidepdf.com/reader/full/ccda-arabic 41/107
41 | P a g e
١
ز
ر١ؾ١خ
وح
جىخ
بلأ
صصخ
ىز٠
١
ز
ا
ا
١١خ
Enterprise Campus
ل
ا
وؤث
ا
ي
ا
١ز
ل
ىث
ب
ج
Enterprise Edge
ؾبخ
ا
ا
ف
ا
ز٠
١وؾز
ا
١ز
ا
ذ
ز
ا
:جىخ
ا
بأ
أ
أ
بؽ١خ
ال
Mobile
Usersث ١ز
ا
Remote Users
Service Provider Edge
ا ؽبخ ف
ا بق
ا
اخ
جىخ
ا
از
ز
WAN
Page 42
8/21/2019 CCDA Arabic
http://slidepdf.com/reader/full/ccda-arabic 42/107
42 | P a g e
1-Management Module
2-Building Access Module
3-Building Distribution Module
4-Campus Backbone Module
5-Server Farm Module
6-Edge Distribution Module
Enterprise Campus Table
غي
ا8ب
ال
ا ث
1-E-commerce Module
2-Internet Connectivity Module
3-Remote Access/VPN Module
4-Campus Backbone Module
5-WAN ModuleEnterprise Edge Table
غي
ا
2ث
ب
ابؾ
ا
ا
ف
ا
1-ISP Module
2-Public Switched Telephone Network (PSTN) Module
3-Frame Relay/ATM/PPP Module
Service Provider Edge Table
غي
ا
3
ا
ؽبخ
ا
ثف
ب
ا
اي
ا
What are the Enterprise Composite Network Model's three main
functional areas?
غاة
ا
The three main functional areas of the Enterprise Composite Network
Model are:
- Enterprise Campus
- Enterprise Edge- Service Provider Edge
اي
ا
What are the four major modules that make up the Enterprise Campus
Page 43
8/21/2019 CCDA Arabic
http://slidepdf.com/reader/full/ccda-arabic 43/107
43 | P a g e
major functional area of the Enterprise Composite Network model?
غاة
ا
The Enterprise Campus major functional area consists of the following
modules:
- Campus Infrastructure
- Network Management
- Server Farm
- Edge Distribution
Sub-Classification for Enterprise Composite Network Module
ب
آ
و
ا
١
ز
١
ر
إ
ع
بثيغ
ا
8
ىز٠
ل
أ
غ
Campus Infrastructureا
ىز٠
ث
Campus Network
Building Distribution
Building Access
ر
وب
ىج
رط
ؽ
Network Management Module
زؾ٠
ج
ا
Incursion Detection
System Logging
TAC ACS+/RADIUS Authentication
Network Monitoring
Server Farm
زؾ٠
ج
ا
ا
E-mail
DATABASE
DNS
١أ
Edge Distribution
اي
ا
What are the three submodules of the Campus Infrastructure module of
Page 44
8/21/2019 CCDA Arabic
http://slidepdf.com/reader/full/ccda-arabic 44/107
44 | P a g e
the Enterprise Composite Network Model?
غاة
ا
The Enterprise Composite Network Model's Campus Infrastructure
module consists of the following three submodules:
- Building Access
- Building Distribution
- Campus Backbone
اي
ا
The Network Management module is a module of the Enterprise
Campus major functional area. Name at least three functions that this
module performs.
غاة
ا
The Network Management module can perform the following functions
for an organization:
- Intrusion detection
- System logging
- Authentication
- Network monitoring
- Configuration management
- Terminal services (remote control)
اي
ا
Name at least three examples of servers that might be found in the
Enterprise Campus major functional area's Server Farm module.
غاة
ا
Many types of servers can exist in the Server Farm module of the
Enterprise Campus major functional area. Some of these servers
include:
- E-mail- Application
- File and Print
- DNS (Domain Name System)
- Database
- IP Telephony
Page 45
8/21/2019 CCDA Arabic
http://slidepdf.com/reader/full/ccda-arabic 45/107
45 | P a g e
ـ
جخ
بث
أب
Enterprise Edge
عي
اؼ
ىب
2
ىز٠
E-commerce Module
زؾر
ز
ا
Web Server
Application Server
Database Server
Firewall
Internet Connectivity Module
ىزر
SMTP
DNS
FTP
HTTP
Remote Access/VPN Module
ىزر
VPN Connection
Dailin concentrator
VPN Concentrator
Firewalls
Layer 2 Switches
WAN Module
ىزر
زؾم١ك
ض
ا
٠مخ
ا
اخ
ا
جىبد
ا
ث
ا
١خ
آ
Page 46
8/21/2019 CCDA Arabic
http://slidepdf.com/reader/full/ccda-arabic 46/107
46 | P a g e
أب
جخ
بث
Service Provider Edge Table
عي
اؼ
ىب
3ىز٠
ISP Module
ىجر١خ
ا
جىخ
ا
إ
١ز
بث
بخ
ا
Public Switched Telephone Network (PSTN) Module
جىخ
ي
ؽ
خ
ارب
ا
ISDN
ANALOG
WIRLESS TELEPHONY
Frame Relay/ATM/PPP Module
١ز
ا
اخ
ا
جىبد
ا
ث
ا
خ
ا
١خ
بض
ا
جمخ
ا
ثبد
اي
ا
What is the purpose of the Enterprise Campus major functional area's
Edge Distribution module?
غاة
ا
The Edge Distribution module of the Enterprise Campus major
functional area aggregates the connectivity from the Enterprise Edge
and routes the traffic into the Campus Backbone submodule.
اي
ا
What are the four modules that comprise the Enterprise Edge
functional area of the Enterprise Composite Network module?
غاة
ا
The four modules that comprise the Enterprise Edge functional area of
the Enterprise Composite Network module are
- E-commerce
- Internet Connectivity
- Remote Access and VPN
- WAN
Page 47
8/21/2019 CCDA Arabic
http://slidepdf.com/reader/full/ccda-arabic 47/107
47 | P a g e
اي
ا
What are the three modules that are commonly found in the Service
Provider Edge functional area?
غاة
ا
Three modules that are commonly found in the Service Provider Edge
functional area are
- Internet service provider
- PSTN (public switched telephone network)
- Frame Relay/ATM (Asynchronous Transfer Mode)
ز
Page 48
8/21/2019 CCDA Arabic
http://slidepdf.com/reader/full/ccda-arabic 48/107
48 | P a g e
***بض
ا
ا
***
Switching Design Considerations
٠ؾر١ز
ا إزجباد
Introduction
مخ
ا
Shared versus Switched
جىخ
ا
ث
ق
Network Application Comparison Criteria
ؾعخ
ا
خ
بم
ا
جىخ
ا
رج١مبد
L2 and L3 Design Considerations
١خ
بض
ا
جمخ
ا
١ر
ؤح
ا
ضازجباد
بض
ا
Spanning Tree Protocol
جىخ
ا
١ازاثروي
ؾ
اخ
Introduction
مخ
ا
زر
١بد
مز
ب
ر
٠
و١ىز
ا
ب
لؤز
ا
٠غت
ؽم١١مخ
مج٠
ا
١
ا
ع
بز
بث
ب
اش٠ؾ
ا
ا
جبد
ز
بت
ز٠
ثب
اد
ا
٠ر
أثا
اب
عت
ا
اد
بث
ا
)ب
ؽ
١بد
مز
ا
(٠خ
اجوؤث
لز٠
ز
ا
بف
ا
ب٠خ
ى
ل
ا
١
ا
اد
بث
اح
و
ر١ن
ز
ا
بد
ا
١
ا
ق
جىبد
ا
١ر
اربب
اعت
ا
ا
٠زؾس
١
ا
ب
بب
ث
خ
ز
ا
ز٠
ث
جىخ
ؽ
ؽا
١ر
بن
١
أ
اخ
ج١خ
ب
وض١ح
جىخ
ا
غؽ
١
ا
١ب
ا
ز٠
ز
ا
بد
ا
ؤح
ا١
:Geography
ل
ا
Applications
زج١مبد
ا
Physical Cabling
Page 49
8/21/2019 CCDA Arabic
http://slidepdf.com/reader/full/ccda-arabic 49/107
49 | P a g e
زخ
ا
ثب١ى
ا
Data Link Layer (Shared or Switched)
ث
١بجمخ
ا
Type of Traffic Forwarding
١خ ر
٠ب
ا
اي
ا
Name at least three major campus design decisions that are typical for a
design engagement.
غاة
ا
You must meet several major decision areas when designing scalable
and efficient campus networks. These design considerations might
include the following:
- Geography- Applications
- Transmission media
- Switched or shared
- L2 or L3 switching
اي
ا
Which is more expensive to install and implement as a physical layer
transmission medium: copper or fiber?
غاة
ا
Fiber is more expensive to implement than copper. This is primarily
because strict optical cable coupling requirements must be met.
اي
ا
What is long reach Ethernet, and upon what physical medium does it
rely?
Page 50
8/21/2019 CCDA Arabic
http://slidepdf.com/reader/full/ccda-arabic 50/107
50 | P a g e
غاة
ا
ong Reach Ethernet (LRE) relies upon copper media. As its name
implies, it permits longer distances than traditional Ethernet.
Specifically, it permits runs of up to 1.5 km. It is typically used as a
distribution technology for broadband building access.
Shared versus Switched
جىخ
ا
ث
ق
م٠
بخ
ا
١اد
Switched
Shared
:
Higher Bandwidth Support
١خ
ب
ا
بد
ا
بلبد
ا
Larger Network Diameter Possible
ز٠
خ
ا
جىبد
Additional Layer2 and Layer 3 Services
ضخ
بض
ا
١خ
بض
ا
١زمج
بد
إبخ
High Availability
ا١
ب
ا
ز٠خ
اي
ا
If you should opt for a switched design (as opposed to a shared design)
in your campus network, you achieve the benefit of larger networkdiameters. Why?
Page 51
8/21/2019 CCDA Arabic
http://slidepdf.com/reader/full/ccda-arabic 51/107
51 | P a g e
غاة
ا
Larger network diameters are possible with switched designs because
no collision detection algorithm is necessary.
Network Application Comparison Criteria
ؾعخ
ا
خ
بم
ا
جىخ
ا
رج١مبد
بن
جىخ
ا
١
ؾر
بجزا
جث
أب
عت
بم
Connectivity Type
١خ
ث
ا
Required Throughput
١ز
ا
بق
ا
High Availability
١خ
ب
ا
ز٠خ
ا
Total Network Cost
جىخ
ا
خ
ىر١
ى
ا
L2 and L3 Design Considerations
ؤح
ا
ضازجباد
بض
ا
١خ
بض
ا
جمخ
ا
١ر
What Network Services are required?
بخث
ا
جىبد
ا
بد
What size are the network segments?
١خ
غؽ
جىخ
ا
Page 52
8/21/2019 CCDA Arabic
http://slidepdf.com/reader/full/ccda-arabic 52/107
52 | P a g e
What level of availability is required?
ز٠خ
ا
ز
ا
Spanning Tree Protocol
جىخ
ا ١ثروي
ؾ
اخ١ازا
ىز٠
جىخ
بث
بؾ
ا
ج
ا
١
مر
ي
ا
جروي
ا
ا
ا
اخ
غخ
:
PortFast
BPDU Guard
BPDU Filtering
UplinkFast
BackboneFast
STP Loop Guard
BPDU Skew DetectionUnidirectional Link Detection
Rapid Spanning Tree
Multiple STP
اي
ا
You are interested in performing load sharing in your campus network
design. You are specifically interested in engaging in IP load sharing
between specific ports based on IP addresses. Should you engage in
Layer 2 or Layer 3 switching?
غاة
ا
L3 switching permits load sharing based on IP addresses. Any ports can
be used to implement this sharing behavior. L2 switching permits
limited load sharing based on VLANs across uplink ports only.
اي
ا
You are considering recommending the use of PortFast in a campus
network design. Where is this Spanning Tree protocol enhancement
typically implemented? Why?غاة
ا
PortFast allows for a much faster transition from the blocking state to
the forwarding state for a switch port. Because PortFast should be used
to connect end systems to the network, it is typically implemented in the
campus network's wiring closet (the access layer).
Page 53
8/21/2019 CCDA Arabic
http://slidepdf.com/reader/full/ccda-arabic 53/107
53 | P a g e
اي
ا
You are recommending the use of UplinkFast in a campus network
design. Where is this Spanning Tree protocol enhancement typically
implemented?
غاة
ا
UplinkFast is a wiring closet switch (access layer) technology that
permits the quick failover to an alternate uplink when a direct link
failure is detected.
اي
ا
Where would you implement BackboneFast in a campus design?
غاة
ا
BackboneFast allows for a faster convergence following the failure of a
remote link in the topology. BackboneFast must be implemented on allswitches in the campus.
ز
Page 54
8/21/2019 CCDA Arabic
http://slidepdf.com/reader/full/ccda-arabic 54/107
54 | P a g e
***بز
ا
ا
***
Campus Design Details
ؽ
١ر
١بربع
80/20 Rule
جىخ
ا
زي
ا
٠مخ
ا
20/80 Rule
جىخ
ا
زي
١خ
بض
ا
٠مخ
ا
MultiCast
ب
ا
ب١
بد
ا
Quality of Service
بد
ا
عح
Access Layer Considerations
ي
ا جمخ ازجباد
Distribution Layer Considerations
٠ز
ا
جمخ
ازجباد
Core Layer Considerations
١١خ
ا
جمخ
ا
ازجباد
Single L2 VLAN Core Design
جىخ
ا١١
ا
جمخ
ا
ازا١خ
١خ
ؾ
ا
Split L2 Core Design
١١خ
ا
جمخ
ا
١ر
١خ
بض
ا
جمخ
ا
Page 55
8/21/2019 CCDA Arabic
http://slidepdf.com/reader/full/ccda-arabic 55/107
55 | P a g e
L3 Core Design
١١خ
ا
جمخ
ا
ضخ
بض
ا
جمخ
ا
١ر
Dual Path L3 Core Design
ضخ
بض
ا
جمخ
ا
باد
ا
ح
Server Farm Module
جمخ (اا)
Edge Distribution Module
ؽبخ
جمخ
(٠ز
ا
)
Questions and Answers
خ
اثعا
80/20 Rule
جىخ
ا
زي
ا
٠مخ
ا
ىر
بز
بث
١خ
ؾ
ا
جىخ
ا
ا
جىخ
ا
ب
ا
ا
رى
٠مخ
ا
١
زا
Utilizations
ج
ا
بخ
ا
١
بصب
٠ى
لبىج
ا
20/80 Rule
جىخ
ا
زي
١خ
بض
ا
٠مخ
ا
٠مخ
ا
ىا
MultiCast
بد
ا
بد
ا
ب١
جبح
ا
ح
ا
اؾخ
وب
٠ز
١
جمز
ا
ؽا
ب١
ىز٠
بز
بثؤغ
خ
ى
ا
ا
ؾ
جىخ
ا
اإ
:
CGMP: Cisco Group Management Protocol
IGMP Snooping
Page 56
8/21/2019 CCDA Arabic
http://slidepdf.com/reader/full/ccda-arabic 56/107
56 | P a g e
١ح
آ ر
Multicast
Quality of Serviceبد
ا عح
ب١م
م
١خ
ب
ب١م
ز٠
عح
ا
غح
ا
صر
ز
ا
بد
ا
ا
ظ
بر :
Dely
١ؤز
ا
Variable Delay, Jitter
١ؤز
ا١ز
ا
Packet Drop
م
ا
Bandwidth
بق
ا
Access Layer Considerations
ي
ا
جمخ
ازجباد
١ر خ جم ازجباد
ا
:
Number of Ports Requiredثخ
ا
ا
Physical Layer Cabling
ثب١ى
ا
جمخ
Performance Required
١خ
ب
ا
Redundancy Required
بااز٠خ
ا
Speeds Required
بد
ا
Page 57
8/21/2019 CCDA Arabic
http://slidepdf.com/reader/full/ccda-arabic 57/107
57 | P a g e
VLANs and STP Configuration
ازا١خ
١خ
ؾ
ا
جىبد
ا
Additional Features :QoS, Multicast
ا٠ب إب١خ
Distribution Layer Considerations
٠ز
ا جمخ ازجباد
١ر
خ
ازجباد
مج
ا
:
L2 and L3 Switching
١خ
بض
ا
١خ
بض
ا
١زمج
ا٠ز
ا
Performance Required
١خ
ب
ا
Number of Ports Required
ث
ا
ا
Redundancy Required
ز٠خ
ااب
ا
Additional Features :QoS, Multicast
إب١ا٠ب
Manageability Required
جىخ
ا
إاح
Core Layer Considerations١١خ
ا
جمخ
ا
ازجباد
١ر
خ
ازجباد
مج
ا
:
L2 and L3 Switching
١خ
بض
ا
١خ
بض
ا
١زمج
ا٠ز
ا
Page 58
8/21/2019 CCDA Arabic
http://slidepdf.com/reader/full/ccda-arabic 58/107
58 | P a g e
Performance Required
١خ
ب
ا
Number of Ports Required
ثخ
ا
ا
Redundancy Required
ز٠خ
ااب
ا
Single L2 VLAN Core Design
ازا١خ
١خ
ؾ
ا
جىخ
ا
١١ظ
ا
جمخ
ا
١اد
ا
Simple to design and implementRequires single subnet
No STP convergence issues
١ة
ا
(١بد
ا
)
No Broadcast/Multicast control
L3 peering issues in the distribution layer
Split L2 Core Design
جمخ
ا ١ر اضب١خ اجمخ ١١
ا
١ح
ا
Two equal cost paths across the backbone for fast convergence and load
sharing
١خ
ا
No Broadcast/Multicast control
L3 Core Design
جمخ
ا
ضخ
بض
ا
جمخ
ا
١ر١١
ا
١اد
ا
Reduced L3 Peering
ظ
٠١ج
ا ١
مز
ا
Flexible without STP loops
با
خ
١
اىج
ا
د
Page 59
8/21/2019 CCDA Arabic
http://slidepdf.com/reader/full/ccda-arabic 59/107
59 | P a g e
Broadcast/Multicast controls
جىخ
ا
ثء
اث
ىؾز
ا
Scalable
م١ب١خ
ا
Intelligent Network Services Present
و١خ
ا
جىخ
ا
بد
Dual Path L3 Core Design
ضخ
بض
ا
جمخ
ا
باد
ا
ح
ا٠ب
ا
Two equal cost paths to every network destination
باا
ا
خ
ىر
بز
Quick recovery from link failures
بض
ا
ثا
ا
ز١خ
ا
Double link capacity
١١ب
ص
١٠ب
Server Farm Module
(ا
ا
جمخ
)
بجزا
١ث
أب
عت
بم
ا
:
Access control must be in place to secure access
ج١ب
ا ما
ل ر أ عت ثب بخ
ا بد
Connectivity
ث
ا
Edge Distribution Module
جمخ
(٠ز
ا
ؽبخ
)
بجزا
١ث
أب
عت
بم
ا
:
Unauthorized access
IP spoofing
Network reconnaissance
Packet sinffers
Page 60
8/21/2019 CCDA Arabic
http://slidepdf.com/reader/full/ccda-arabic 60/107
60 | P a g e
Questions and Answers
خ
ااثع
اي
ا
You are going to engage in a detailed design of the campus network for
a business client. In which campus modules would performance be the
biggest concern?
غاة
ا
Performance is the greatest concern in the Server Farm module or the
Backbone (Core) module.
اي
ا
You are going to engage in a detailed design of the campus network for
a business client. In which module of the campus would scalability bethe biggest concern?
غاة
ا
Scalability is a large concern for the Access module of the campus
network. This module must be able to easily grow to support additional
users who might require network connectivity.
اي
ا
What is the 80/20 rule of network traffic patterns?
غاة
ا
The 80/20 rule of network traffic flows states that 80% of the traffic
remains within the local workgroup. Only 20% is destined for remote
systems. This is now considered a legacy design because modern
networks feature much more remote resources. The modern traffic
pattern follows a 20/80 rule.
اي
ا
What is the technology described by the following statement:
This is a Cisco proprietary solution implemented in some Cisco switches
that permits the switch to learn multicast receiver registrationinformation from Cisco routers.
غاة
ا
This is a description of the Cisco Group Management Protocol
(CGMP).
Page 61
8/21/2019 CCDA Arabic
http://slidepdf.com/reader/full/ccda-arabic 61/107
61 | P a g e
اي
ا
You are interested in controlling traffic flows in your Enterprise WAN,
which consists of Frame Relay connections between several campus
segments. You want to drop or lower the priority of a frame that resides
outside of a traffic profile that you define. Is this a description of traffic
shaping or traffic policing?
غاة
ا
Traffic policing drops or lowers the priority of frames that fall outside
the policy that you define. You should contrast this with traffic shaping
that controls transmission rates through the buffering of traffic
اي
ا
Name at least two major considerations a network designer should have
when designing the access layer of a campus network.
غاة
ا
The designer should have the following considerations:
- Number of ports required
- Physical layer cabling
- Performance required
- Redundancy required
- Speeds required
- VLANs and STP configuration
- Additional features (QoS, multicast, etc.)
اي
ا
Name at least two major considerations a network designer should have
when designing a campus network's distribution layer.
غاة
ا
The following considerations should be the focus of the distribution
layer module:
- L2 or L3 switching
- Performance required
- Number of ports required
- Redundancy required
- Additional features
Page 62
8/21/2019 CCDA Arabic
http://slidepdf.com/reader/full/ccda-arabic 62/107
62 | P a g e
- Manageability required
اي
ا
Name at least two major considerations a network designer should have
when designing a campus network's core layer.
غاة
ا
The following considerations should be the focus of the core layer
module:
- L2 or L3 switching
- Performance required
- Number of ports required
- Redundancy required
اي
ا
Name at least two options for connecting servers to the network in a
server farm campus module design.
غاة
ا
Servers can connect to the network in several ways, include the
following:
- Single NIC
- Dual NIC
- Server load-balancing switch
اي
ا
Name at least two types of attacks a designer should consider when
designing the Edge Distribution module.
غاة
ا
Designers must be aware of the following types of attacks:
- Unauthorized access
- IP spoofing
- Network reconnaissance- Packet sniffers
اي
ا
Name a disadvantage found with the Single L2 VLAN (virtual LAN)
Core Design.
Page 63
8/21/2019 CCDA Arabic
http://slidepdf.com/reader/full/ccda-arabic 63/107
63 | P a g e
غاة
ا
Disadvantages to the single L2 VLAN core design include the following:
- No broadcast/multicast controls
- L3 peering issues in the distribution layer
اي
ا
Name at least one advantage of the dual-path L3 core design.
غاة
ا
Advantages to this design model include the following:
- Two equal-cost paths to every network destination
- Quick recovery from link failures
- Double link capacity
ز
***
ب
ا
ا
***
Enterprise WAN Solutions
جىخ
ي
ؽقب
ا
اخ
ا
Introduction
مخ
ا
Traditional WAN Technologies
ىى١خ
ا اخ
ا جىبد
ا
Emerging Technologies
جى
ا٠غ
ا
زح
ا
اخ
ا
بد
Application Drivers for WAN selection
جىبد
ا
ب١زا
صر
ز
ا
ا
اا
ا
Windows Size
بح
ا غؽ
Queuing Services
Page 64
8/21/2019 CCDA Arabic
http://slidepdf.com/reader/full/ccda-arabic 64/107
64 | P a g e
بثبد
ا
(
ا
)
WAN Backup Technologies
جىبد
ا
م١خ
ر
ب١زؽا
ا
Introduction
ام
ؽ
ا
ث١ؽ
ا
جأ
ف
١
بث
ىربلأ
أ
ربوث
ؽخ
ى١
ا
ب
ا
بث
بق
ا
اخ
ا
جىبد
ا
ي
ؽ
١ب
٠زؾس
ز
ا
ح
ا١ضز
ا
١خ
م٠خ
ا
ق
ا
صح
ا
ا
بث
ؾ٠ضخ
ا
ق
ا
إخ
ا
بح
ا
غؽ
إ
اخ
ا
جىبد
ا
ب١ز
ب
بجمزا
بد
ا
م
اخ
ا
جىبد
ا
اؽز١ببد
ثب
ا
بد
زؾس
ت
أ
ؤث
ابح
غ٠
ب
بز
بث
١جو
ىث
خ
١
بخ
ىر
ح
ا
١ا
ه
اؤي
ه
ب١زا
بز
ا
ف
بو
ىث
بح
ا
.
Traditional WAN Technologies
ىى١خ
ا
اخ
ا
جىبد
ا
بز
ا
ى
ا
ر
:
Leased Line
عح
ا
ا
Circuit Switching
١ب
جىبضبي
ISDN
Page 65
8/21/2019 CCDA Arabic
http://slidepdf.com/reader/full/ccda-arabic 65/107
65 | P a g e
جىبد
ـضبي
ا
ISDN
Packet Switching
ضبي
:Frame Relay
ر١ؾ١خ جىبح
Frame Relay
Cell Switched
ضبي
: ATM
Page 66
8/21/2019 CCDA Arabic
http://slidepdf.com/reader/full/ccda-arabic 66/107
66 | P a g e
ر١ؾ١خ
جىبح
ث
١خ
ATM
Emerging Technologies
زح
ا
اخ
ا
جىبد
ا٠غ
ا
بز
ا
ى
ا
ر
:
DSL
ل١خ
ا
ا
Long Reach Ethernet
اث
بد
ب١ج
ا
م
زر
بد
خ
رب
ا
خ
١و
٠ر
بغزر خ
ز
١ى
ا85غ١
Page 67
8/21/2019 CCDA Arabic
http://slidepdf.com/reader/full/ccda-arabic 67/107
67 | P a g e
بد
ازبث
١ز
ر١ؾ١خ
ح
LRE
زخ
ا ـاعح
ا ١خ
مر LRE
Cable
ج٠خ
ا
١بف
ا
ثب١و
:١ب
خ
ضأ
ضر
ى١ح
ث
١
Wireless
خ
بو
خ
بم
ب
أ
ل
:ى١خ
ا
جىبد
ا
ا
ا
ر١ؾ١خ
ى١ح
ا
جىبد
Page 68
8/21/2019 CCDA Arabic
http://slidepdf.com/reader/full/ccda-arabic 68/107
68 | P a g e
Application Drivers for WAN selection
ز
ا
ا
ارا
ا
جىبد
ا
ب١زا
ا
أ
أ٠خ
ب١زا
بر١ؼ
جزر
١ب
بزبث
از١بب
٠غت
خ
ا
جىبد
ا
:
Response Time
جىبلذ
ا
أاء
أ
بو
ب
و
٠ب
بو
ب
و
ازغبثخ
ا
Throughput
ز
ا
عخ
بق
ا
جبح
Client
Packet Loss
ا
ل
ب
و
ث
ى
بجب
ر
:بد
ب١ج
ا
ىج
ا
ازما٠خ
وبءح
ا
ب
و
Reliability
رام١خ
١ج٠
جىخ
ب١م
خ
ى
ا
ا
اعاء
جىخ
ا
Windows Sizeغؽب
ا
جىبد
ا
ع
ؼ
- مااربد
٠
ر١جى
ا
خ
ا
ى١خ
ا
ي
جل
ا
acknowledgment
Queuing Services
ثب
ا
(
ا
بد
)
٠مخ
FIFO: First Input First Output
بز
بث
بخ
Hardware
جاظ
ا
ث
أب
Softwareأؽ
ا
:
WFQ
White Fair Queuing
PQ
Priority Queuing
CQ
Custom Queuing
WAN Backup Technologies
جىبد
ا
م١خ
ر
ب١زؽا
ا
بن
ى١
ر
أ
لذ
خ
ا
جىخ
ا
ؽبي
زر
ق
ا
ب
آ
ب
ض
:
Dial Backup Routing
Permanent Secondary WAN Link
Shadow PVC
Page 69
8/21/2019 CCDA Arabic
http://slidepdf.com/reader/full/ccda-arabic 69/107
69 | P a g e
Dial Backup
Internet
اثعا
اي
ا
ISDN falls into which category of traditional WAN technologies?
غاة
ا
ISDN and asynchronous ****** dial-up connections are perfect
examples of circuit-switched traditional WAN technologies.
اي
ا
Which emerging WAN technology offers high-speed data transfers for
the Small Office Home Office (SOHO) WAN site using traditional
telephone copper lines?
غاة
ا
Digital Subscriber Line (DSL) permits high-speed transfers for SOHO
WAN sites. Typically, upload speeds do not equal download speeds,
however. This is true for the most common form of small business,
residential installations of a technology called ADSL (Asynchronous
DSL).
اي
ا
Describe the concept known as jitter.
غاة
ا
Jitter is variable delay that the network experiences. This can be very
damaging for clear voice transmissions. Voice calls are quite intolerant
of variations in the delay within the network.
اي
ا
Which WAN technology is noted for transmission speeds of 15 Mbps?
غاة
ا
Long Reach Ethernet dramatically expands the maximum cable runs
that can be used for transmissions and features a transmission speed of15 Mbps.
اي
ا
Which queuing mechanism supported on Cisco routers features 16
interface output queues and guarantees some level of service to all
Page 70
8/21/2019 CCDA Arabic
http://slidepdf.com/reader/full/ccda-arabic 70/107
70 | P a g e
traffic?
غاة
ا
Custom queuing uses 16 interface output queues. This method of
software queuing provides some level of service to all traffic and is
therefore often considered better than priority queuing, which can
starve some types of traffic.
اي
ا
Name at least two issues that occur when a full mesh Frame Relay
topology is chosen.
غاة
ا
Full mesh Frame Relay topologies do have advantages, but they also
have disadvantages, including the following:
- The large number of virtual circuits can be quite expensive
- Several packets might have to be replicated in the topology
- Configurations can be quite complex
اي
ا
Describe a shadow PVC (permanent virtual circuit) as it is used for
WAN backup.
غاة
ا
A shadow PVC is a secondary permanent virtual circuit that is
implemented from the provider to backup a primary WAN connection.
Typically, there is no charge for this second PVC. Often, a charge for
the second link is levied should usage exceed a certain threshold.
اي
ا
What is the main difference between ADSL (asymmetrical digitalsubscriber line) and SDSL?
غاة
ا
ADSL often features dramatic differences in transmission speeds
upstream and downstream. SDSL features identical speeds upstream
and downstream.
Page 71
8/21/2019 CCDA Arabic
http://slidepdf.com/reader/full/ccda-arabic 71/107
71 | P a g e
اي
ا
Name two of the three different typical wireless implementations.
غاة
ا
Typical implementations of wireless technologies include the following:
- Broadband fixed wireless
- Mobile wireless
- Wireless LAN
اي
ا
What are the two main methods of tunneling private networks over the
public Internet?
غ
اا
The two main methods are:
- IPSec
- GRE
اي
ا
Describe multiprotocol label switching (MPLS).
غاة
ا
With MPLS, packets are labeled for quick and efficient forwarding
through an MPLS network.
ز
Page 72
8/21/2019 CCDA Arabic
http://slidepdf.com/reader/full/ccda-arabic 72/107
72 | P a g e
***
ؾب
ا
ا
***
IP addressing
ث
٢ا
(ذ
ز
ا
ثروي
خ
)
Class Addresses
خ
ا
١
بر
خ
ر
ه
ى١
بزا
ؽت
بف
أ
خ
إ
جروي
ا
:
Class A: First Octet starts with 0:0 to 127
Class B: First Octet starts with 10:128 to 191
Class C: First Octet starts with 110:192 to 223
Class D: First Octet starts with 1110:224 to 239
Class E: First Octet starts with 1111:240 to 255
Page 73
8/21/2019 CCDA Arabic
http://slidepdf.com/reader/full/ccda-arabic 73/107
73 | P a g e
١
ز
ر١ؾ١خ ب٠ح
ا
Define Subnet
عء إ عء Hostجبح ٠Networkؾي
١خ
١جر
بح
ب
ا
٠ر
Host-Network
Design Subnet
Page 74
8/21/2019 CCDA Arabic
http://slidepdf.com/reader/full/ccda-arabic 74/107
74 | P a g e
خ
ا
ز٠
:
How large is the network
بخ
جىخ
ا
How many locations does the network have?
لا
ا
What are the IP addressing requirements in the locations?
١خ ثب
ا خ
ا ١خ
Private IPV4 Addresses
بخ
ا
جىبد
ا
ازا
١ز
ؾغح
٠ب
ا
Public Network:
10.0.0.0/8
172.16.0.0/12
192.168.0.0/16
Network Addressee Translation -NATث
ب
١خ
مر
ب
ا
١خ
ؾ
ا
جىبد
ا
Privateز
ا
ض
بخ
ا
جىبد
ا
Publicب
اب
ا
بأ
أ
ب
جى
ا
Security
ــ
ا
جأ
١جر
ل١م١خ
ح
NAT
Route Summarization
ز٠ب
١عز
ا
عاي
بء
ث
١ز
١ى١
ىث جىخ
ا
ع
ا
عبد
ا
ز
ا
١بد
ا
١
مز
ب
بح
اع
ا
ثب
م٠رءبو
رر
بز
بث
Efficiency andperformance
Error!
Page 75
8/21/2019 CCDA Arabic
http://slidepdf.com/reader/full/ccda-arabic 75/107
75 | P a g e
غاي
زع١ح
ا
Fixed Length Subnet Mask-FLSM
١عز
ا ثرود ا
أ جث خب Routing Protocolى٠ أ اىح
Subnetأ
ز١ح
١ذ
اؽح
١برصبثذ
Variable Length Subnet Mask-VLSMبزر
١عز
ا
ثرود
أ
ؽ١ش
بثمخ
ا
٠مخ
ا
أ
Subnetخ
ز
عاي
ازا
رر
عبد
ا
وبءح
٠ر
بز
بث
خ
زا١ع
ث٠مخ
١عز
Classful versus Classless Routing Protocol
Page 76
8/21/2019 CCDA Arabic
http://slidepdf.com/reader/full/ccda-arabic 76/107
76 | P a g e
Classful Routing Protocol
ــ
ا
Subnetر
ز
ا١
ضبي
١عز
ا
ثرود
رؾ٠ضبد
FLSM
Classless Routing Protocol
ــ
ا Subnetضبي ١عز
ا ثرود رؾ٠ضبد ر زا١
VLSM
ىزبة
بح
ا
خ
ا
ذ
ز
ا
ا
٠ػ
Internet Protocol Version 6-IPV6
ذ
ز
ا ثروي غ٠ح
ا غخ
ا أ١ اد
128-bit addresses size from 32-bit
خ
ا
غؽ
٠بح
32
إ
ثذ
821ؽ
ا
ثذ
ىز٠ ااابغ
إ
8ث
No need for NAT
أ ا١
ا
Site Multi-homing
أ
رى
لذ
ا
ا
ضوأ
ؾ٠ــ
اخ
ا
اعح
بز
ا
١ز٠
IPV4
and IPV6
Fixed header size for more efficient processingضبثزخ
ا
بد
ا
أ
ؽ١ش
ب٠خ
خ
أ٠ب
ىر
١بد
ا
أ
عخ
ا
أ
ا
٠٠
ب
صبثزخ
بى
بثءبى
ا
Improve Privacy and Security
بأ
أ
١خ
ا
ب٠بح
ا
Page 77
8/21/2019 CCDA Arabic
http://slidepdf.com/reader/full/ccda-arabic 77/107
77 | P a g e
New Capabilities for labeling traffic for QoS
ع٠ح
ا
ا
ثغح
بخ
Increased Mobility Features
ؽ٠خ
ا
ى٠١بح
ا
جىبد
ا
ــ
بخ
ا
ؾوخ
ا
IP Header
ا
أز
ا
ضبثزخ
ا
بد
ا
زؾ٠
Version
Traffic Class
Flow Label
Payload LengthNext Header
Hop Limit
Source Addressee
Destination Addressee
IPV6 Types
ذ
ز
ا
ا
١ضر
١زر
خ
ز
ا
أ
-
اب
ا
Unicast
Anycast
Multicast
Link Local Addressee
Site Local Addressee
Global Aggregatable Addressee
IPV6 Routing Protocol
Interior Gateway Protocol (IGP)
RIPng
OSPFv3IS-IS
Exterior Gateway Protocol (EGP)
BGP4+
Page 78
8/21/2019 CCDA Arabic
http://slidepdf.com/reader/full/ccda-arabic 78/107
78 | P a g e
خ
اثعا
اي
ا
Provide an example of a flat address that is used in modern computernetworking.
غاة
ا
A Media Access Control (MAC) address is an example of a flat address
that is used in modern computer networks. MAC addresses are used for
Layer 2 addressing in Ethernet networks. These address uniquely
identify a system on the network.
اي
ا
What is the meaning of the following statement:IP addresses are hierarchical.
غاة
ا
This means that IP addresses are composed of multiple parts, each
having a specific meaning. IP addresses are composed of a network
portion and a host portion.
اي
ا
How many bits does an IP address contain, and how is it typically
presented?
غاة
ا
An IP address consists of 32 bits. It is typically presented in dotted
decimal form. For example: 10.24.65.128.
اي
ا
The following IP address and subnet mask are used on a workstation in
a subnet of the network.
IP Address: 172.16.2.100
Subnet Mast: 255.255.255.240
How many total host addresses are available in the subnet?غاة
ا
Given the subnet mask of 255.255.255.240, 28 bits are used for the
network identification. This leaves four bits for host addressing. 2 raised
to the 4th power is 16, minus 2 equals 14. Therefore, there are 14 total
available host addresses in the subnet.
Page 79
8/21/2019 CCDA Arabic
http://slidepdf.com/reader/full/ccda-arabic 79/107
79 | P a g e
اي
ا
What is the range of possible values in the first octet for a Class B IP
address?غاة
ا
128-191
Class A: first octet starts with 0; 0 to 127
Class B: first octet starts with 10; 128-191
Class C: first octet starts with 110; 192-233
Class D: first octet starts with 1110; 224-239
Class E: first octet starts with 1111; 240-255
اي
اList at least two questions that should be asked before designing a
network's IP addressing.
غاة
ا
It is important to ask all of the following questions:
- How large is the network?
- How many locations exist?
- What are the IP addressing requirements for locations?
- What class and how many networks can be obtained from the public
number authority?
اي
ا
Name at least two private address ranges.
غاة
ا
The private IP address ranges are:
- 10.0.0.0/8
- 172.16.0.0/12
- 192.168.0.0/16
اي
ا
What technology allows multiple internal addresses to be converted at a
router into addresses that are usable on the public Internet?
غاة
ا
Page 80
8/21/2019 CCDA Arabic
http://slidepdf.com/reader/full/ccda-arabic 80/107
80 | P a g e
Network Address Translation allows internal network addresses to be
translated into global Internet addresses. Port address translation
allows multiple internal addresses to be mapped to a single external
address.
اي
ا
A popular characterization of dynamic routing protocols examines
whether a routing update contains subnet mask information. What is
this characterization called, and which type of routing includes the
subnet mask information?
غاة
ا
The characterization is classless versus classful. Classless routing
protocols include the subnet mask information in routing updates.
These protocols are considered second generation and can use VLSM.
اي
ا
How many bits does an IPv6 address contain, and how is it typically
presented?
غاة
ا
An IPv6 IP address contains 128 bits. They are typically presented as
hexadecimal numbers separated by colons.
اي
ا
What is the meaning of two colons (:in an IPv6 address?
غاة
ا
Two colons can be used to represent successive hexadecimal fields of
zeros. This can be done once within an IP address.
اي
ا
What field is used in an IPv6 header to facilitate special handling, such
as QoS (quality of service)?
غاة
ا
The Flow Label field is used to label packets for special handling.
اي
ا
What IPv6 address scope type allows for a station to send data to the
nearest interface with the configured address type?
غاة
ا
The new anycast address scope permits this behavior. It can be
Page 81
8/21/2019 CCDA Arabic
http://slidepdf.com/reader/full/ccda-arabic 81/107
81 | P a g e
considered one to nearest behavior.
اي
ا
Name at least two transition strategies for IPv6.
غاة
ا
Following are the three major mechanisms that should assist with the
deployment and transition to IPv6:
- Dual Stack: System runs both IPv4 and IPv6.
- Tunneling: Encapsulates IPv6 packets into IPv4 packets, and vice
versa.
- Translation: One protocol is translated into another to facilitate
communications.
ز
Page 82
8/21/2019 CCDA Arabic
http://slidepdf.com/reader/full/ccda-arabic 82/107
82 | P a g e
ض
ا
ا
******
ب
مخ
ى١
ا
أ
ع
ا
٠
ز
ا
عت
هثا٠خ
ح
ا
ظ
ي
ا
أ
جز٠
ا
ا
بؽ١خ
ا
زج١م١خ
ا
ز١١عز
ا
باد
ثرود
ثببة
٠زؾس
١خ
ا
١ث
ز
ا
ق
ا
ب
ؽا
و
ازا
٠أ
.
ا
Static versus Dynamic
Distance Vector versus Link state
Interior versus Exterior
Hierarchal versus Flat
Static versus Dynamic
وبا
ضبثذ
ا
١عز
ا
ازا
وبأ
أ
١
بز
ا
:
Routing to and from a stub network
Small network
Special feature: such as dial on demand routing
اي
ا
Name at least two cases where static routing is appropriate within a
network design.
Static routing is appropriate in the following cases:
Page 83
8/21/2019 CCDA Arabic
http://slidepdf.com/reader/full/ccda-arabic 83/107
83 | P a g e
غاة
ا
- The network is small and not complex; the network also has a very
slow rate of expansion or change.
- The network consists of a main larger network with one or more stub
networks.
- The network should include special features, such as dial-on-demand
routing.
You are considering using static routes in a stub area configuration with
a network. What are two advantages that exist through the use of a
static route in this design?
By using a static route with a stub network, the following advantage
exist:
- Dynamic routing protocol control information is not used on the link
to the stub, or in the stub network; this reduces the amount of routing
protocol traffic the network must carry
- Smaller routing tables are present in routers with the stub and central
networks
- Low end routers can be used in the stub network
- Processor requirements for routers are lower
Distance Vector versus Link state
خ
ضأ
Distance VectorRIPv1, RIPv2, IGRP
١اد
١
ز
ا
ا
Entire Routing tables are transferred periodically between the systems
ىث
رؾس
١عز
ا
عاي
أ
١ث
ىج
ا
Page 84
8/21/2019 CCDA Arabic
http://slidepdf.com/reader/full/ccda-arabic 84/107
84 | P a g e
Trend to converge slowly
ب
ثء
١ز
ا
لذ
ا
Offer limited scalability
٠
ؾح
ز٠خ
ا
Easy to implement and maintain
خ
ب١
ا
زو١ت
ا
خ
Which of the following routing protocols are considered distance
vector?
- EIGRP
- OSPF- IS-IS
- BGP
- RIP v1
- IGRP
- RIP v2
BGP, RIP v1 and V2, and IGRP are all considered distance vector
routing protocols. EIGRP is considered a hybrid routing protocol.
Because it is a routing protocol that features the best of distance vector
mechanisms and the best of link state mechanisms, it is often considered
a hybrid routing protocol. Which is it?
EIGRP offers the best features of both types of protocols and, as a
result, is often considered a hybrid routing protocol.
Link state
١أض
خ
OSPF, IS-IS
Each router makes routing decisions based on local database
بزبث مز
ا لا ع وىج
ا عح
ا بد
ب١ج
ا لبح
Faster Convergence
Page 85
8/21/2019 CCDA Arabic
http://slidepdf.com/reader/full/ccda-arabic 85/107
85 | P a g e
١ز
ا
لذ
ا٠
Better Scalability
بثك
ا
ا
ذ
ل
ب
إا
Feature less routing traffic overhead
زؾ٠ بد
ا أ أ را١ أ أ أ دى٠ بزبث بد
لأ
Requires more knowledge and expertise to configure
جاء
إ
٠ؾزبط
ضوأ
بد
اي
ا
What algorithm does a link state routing protocol use to select the best
path to a destination?
غاة
ا
The common shortest path first, or Dijkstra's algorithm, is used.
What is the most common Exterior Gateway Protocol in use today, and
what is its function?
BGP version 4 powers the routing functions of the Internet as we know
it today. BGP+ takes over once IPv6 is fully deployed. BGP is
responsible for routing between separate Autonomous Systems.
اي
ا
What default metrics does EIGRP use?
غاة
ا
The default metrics used by EIGRP are bandwidth and delay.
اا
What is the default metric used by OSPF? From what is this value
derived, by default?
غاة
ا
The default metric used by OSPF is cost. By default, this metric is
derived from bandwidth.اي
ا
What default metric does RIP use?
غاة
ا
The default metric used by RIP is hop count.
اي
ا
Page 86
8/21/2019 CCDA Arabic
http://slidepdf.com/reader/full/ccda-arabic 86/107
86 | P a g e
Which type of routing protocol converges faster: distance vector or link
state? Why?
غاة
ا
Link state routing protocols converge faster than distance vector
protocols because they instantly propagate route updates, while distance
vector technologies rely on a periodic update. This statement remains
true when the distance vector routing protocols use their default timers,
of course.
Interior Gateway Protocol – IGPs
١ب
خ
ضا
OSPF, IS-IS, EIGRP, RIP
These routing protocol handle the dynamic routing that occurs within
the private network
ؤح
بث
بخ
ا
جىخ
ا
ا
ازاب
٠ى
بز
بث
Fast convergence and easier configuration
خ
بث
ززر
ا
Page 87
8/21/2019 CCDA Arabic
http://slidepdf.com/reader/full/ccda-arabic 87/107
87 | P a g e
Exterior Gateway Protocol – EGPs
١ب
خ
ضا
: BGP
They handle routing between the autonomous system
وبأعار
Slower convergence and more complex configuration
مح
ز١ث١خ
ا
Routing protocol metrics
ثرود
صر
ز
ا
ا
ا
١عز
ا
باد
RIP-Hop account
IGRP-Bandwidth and delay
EIGRP-Bandwidth-delay
BGP-Path
OSPF-Cost (bandwidth)
IS-IS, Link metrics
Hierarchal Routing Protocol
Examples are classless
Divide the network into area; they don’t propagate information
throughout the entire network – area are used instead
١خ
أ
ىح
ااعأ
أعاء
ب
إ
جىخ
ا
بو
زر
بد
ا
They are scalable
ل١ب١خ
Flat Routing Protocol
Page 88
8/21/2019 CCDA Arabic
http://slidepdf.com/reader/full/ccda-arabic 88/107
88 | P a g e
Examples are classful routing protocol
They are not scalable
١ذ
١ب١ل
اي
ا
What is the main difference between a classful routing protocol and a
classless routing protocol?
غاة
ا
A classful routing protocol does not send the subnet mask information
with routing updates. A classless routing protocol includes this
information.
٢ا
أب
ى
٠خ
ؾخ
ىورؤ١ث
جح
و
١عز
ا
باد
RIPv2
RIPv2 is a classless version of RIP (VLSM supported).it uses multicast
rather than broadcast to propagate routing information. However, the
hop count limitation is 15
EIGRP
A hybrid routing protocol ,EIGRP uses the same metric as IGRP by
multiplies it by 256 to allow for greater flexibility .EIGRP is a classless
(supported VLSM) .EIGRP uses the diffusing update algorithm(DUAL)
to maintain fast convergence
OSPF
OSPF is an extremely scalable link state routing protocol that also
features excellent convergence .OSPF uses a cost metric that is based on
bandwidth
Integrated IS-ISIntegrated IS-IS supports OSI and IP networks and can do
simultaneously. Simple area design presents advantages over OSPF
BGP
BGP is exterior routing protocol that is used to route on the internet .it
Page 89
8/21/2019 CCDA Arabic
http://slidepdf.com/reader/full/ccda-arabic 89/107
89 | P a g e
is a distance vector with many enchantments and allows administrator
to heavily influence routing decision to permit “strategic routing
policies”
اي
ا
Describe Variable Length Subnet Masking.
غاة
ا
Variable length subnet masking allows the administrator to assign
different subnet masks to different parts of the network. This allows for
more efficient use of available IP address space, and for more
hierarchical-based network designs. As a result, summarization can be
performed, and more efficient dynamic routing is achieved.
اي
ا
Which type of routing supports VSLM: classful or classless?
غاة
ا
Classless routing protocols support VLSM.
اي
ا
Which of the following routing protocols are classless routing protocols?
غاة
ا
- IGRP (Interior Gateway Routing Protocol)
- EIGRP
- RIP v1 (Routing Information Protocol)
- RIP v2 (Routing Information Protocol)
- OSPF
- BGP (Border Gateway Protocol)- IS-IS
EIGRP, RIP v2, OSPF, BGP and IS-IS are all classless routing
protocols.
اي
ا
Page 90
8/21/2019 CCDA Arabic
http://slidepdf.com/reader/full/ccda-arabic 90/107
90 | P a g e
Name at least two aspects/advantages of on-demand routing (ODR).
غاة
ا
On-demand routing has the following characteristics/advantages:
- Reduces dynamic routing traffic overhead
- Ideal for hub and spoke topologies
- No IP routing protocol on the stub networks is required
- ODR relies upon CDP
اي
ا
What is the metric, and what is the metric limit with RIP v2?
غاة
ا
RIP v2 uses hop count as a metric. The hop count limit is 15.
اي
ا
Name at least two advantages that RIP v2 has over its RIP v1counterpart.
غاة
ا
The following advantages exist:
- VLSM support
- Multicast, instead of broadcast
- Faster convergence
- Manual route summarization
- Authentication
اي
ا
Which dynamic routing protocol offers built-in support for routing IP
and OSI protocols?
غاة
ا
The IS-IS protocol can do both. It is called Integrated IS-IS when it isused for routing TCP/IP traffic.
اي
ا
When BGP is running between routers in a single autonomous system,
what is it called?
غا
ا
Page 91
8/21/2019 CCDA Arabic
http://slidepdf.com/reader/full/ccda-arabic 91/107
91 | P a g e
iBGP, or Interior BGP.
***
ش
بض
ا
ا
***
Securityــا
ا
بلأ١١
ا
Denial of Services Attack
Reconnaissance Attack
Traffic Attack
Network Security Practices
Physical Security
AAA
SAFE Blueprint
SAFE Guidelines for Securing the Internet Connectivity Module
SAFE Guidelines for Securing the E-Commerce Module
SAFE Guidelines for Securing the Remote Access and VPN Module
SAFE Guidelines for Securing the WAN Module
Page 92
8/21/2019 CCDA Arabic
http://slidepdf.com/reader/full/ccda-arabic 92/107
92 | P a g e
SAFE Guidelines for Securing the Network Management Module
SAFE Guidelines for Securing the Server Farm Module
Cisco Network Security is divided into:
إ
مر
ى١
بأ
أ
جىبد
:
Data Integrity
بخ
ب١ج
ا
Data Confidentially
بد
ب١ج
ا
٠خ
Data Availability
بر٠خ
ب١ج
ا
اي
ا
Network security aims to provide data integrity, data confidentiality,
and system availability. What is the meaning of data integrity?
غاة
ا
Data integrity means that the network data is valid and has not been
changed or tampered with in any way.
Major threats include the following:
زر
ز٠اد
ا
:
Integrity Violationزبن
ا
ا
Confidentially breaches
دبل
ا
Denial of Services Attack
Page 93
8/21/2019 CCDA Arabic
http://slidepdf.com/reader/full/ccda-arabic 93/107
93 | P a g e
بد
ا
غ
ا
Denial of Services (DoS) attacks compromise the availability of data.
They typically involve flooding a network system with bogus traffic
ب١ه
جىخ ا ب١ ز٠ بد
ب١ج
ا ر٠خ ب٠
ا آ١خ ركا زت
ا
خ
ا
ا
بد
ب١ج
ا
اي
ا
Many types of attacks involve sending a host a malformed message that
is known to cause an error, or overwhelming the host with massive
amounts of data. What are these types of attacks typically called?
غاة
ا
These types of attacks are typically called Denial of Service attacks.
Reconnaissance Attack
غزا
Under a Reconnaissance Attack, the network is being searched or
scanned for the potential targets
ااف اوزبف زا ز٠ ا ىج
ا ا ؾز
ا جؾذ
ا ث خ
زؾ
ا
اي
ا
Many attacks involve searching the network for addresses, possible
targets, and security gaps. What are these types of attacks typicallycalled?
غاة
ا
These attacks are typically called reconnaissance attacks.
Traffic attacks
Page 94
8/21/2019 CCDA Arabic
http://slidepdf.com/reader/full/ccda-arabic 94/107
94 | P a g e
These attacks occur when data flowing through a network is
compromised
جىخ
(
بث
ح
جىخ
بد
ب١ج
ا
رك
غبد
ا
١رؾس
ب
)
Network Security Practices
جىخ
ا
أ
ببد
Risk Assessment
Defines the potential threats that exist
زؾ
ا
ز٠اد
اع
Security Policy
١خ
ا
١ب١خ
ا
Defines how risks are managed
ز٠اد
ا
إاح
و١م١خ
Security Design
Implements the security policy
١خ
ا
١ب١خ
ا
رج١ك
٠مخ
Physical Security
أ١ب٠١
ا
بد
ب١ج
ا
بأ
-١١ج
ا
بء
صأ
ازب
٠غت
ز
ا
١بد
ز
ا
ب
ا
ا
رج١ك
:
Include Physical Access Control
بىا ىؾز
اىج
ا
Determine breaches physical access can effect other security consoles
ا
بد
ا
بأ
صر
ز
ا
لبد
ا
ؽبة
Be able to recover quickly from theft
غ
ا
ث
ج١خ
ا
ح
ا
Ensure that you protect communications over insecure networks that
you do not own
ؾب٠خ
ادبىج
اآ
١
ىر
ل
ز
ا
ه
خ
ز
ا
AAA
AAA should be used in a secure network
Authentication
Page 95
8/21/2019 CCDA Arabic
http://slidepdf.com/reader/full/ccda-arabic 95/107
95 | P a g e
زؾمك
ا
Verify the identity of the user who wants to access network resources
٠٠
ز
ا
ز
ا
٠خ
زؾمك
اىج
ا
ب
ي
ا
Authorization
٠ز
ا
What can the user do in the network
ب
ز
ا
مث
ز
ا
ؽ١بد
ا
جىب
ا
Accounting
الجخ
ا
Monitoring the access to the network
جىخ
ا
إ
ي
ا
الجخ
اي
ا
Provide at least two reasons why it so important to physically secure a
router or switch.
غاة
ا
It is important to physically secure these devices for the following
reasons:
- Console access allows an administrator to override any security that is
placed on the device
- Theft
- Installation of software directly
- Installation of new hardware directly
اي
ا
Provide at least two of the physical security guidelines recommended by
Cisco.
غاة
ا
Cisco recommends the following physical security guidelines:
- Deploy adequate physical access controls
- To the extent possible, ensure that physical access cannot comprise
other security measures
- Ensure that you can recover easily in the event of device theft
Page 96
8/21/2019 CCDA Arabic
http://slidepdf.com/reader/full/ccda-arabic 96/107
96 | P a g e
- Be sure to use cryptography for data that travels on equipment or
networks that are out of your control
اي
ا
What does the acronym AAA stand for? What does each word mean to
network security?
غاة
ا
AAA stands for
- Authentication: Verifying a network user's identity
- Authorization: Verifying that the user is permitted do what they are
trying to do
- Accounting: Auditing access of recourses for security and billing
purposes
اي
ا
Name at least five ways a user can authenticate himself on a computer
network.
غاة
ا
There are many ways for authentication to function. The following can
be used:
- Username/password
- PIN (personal identification number)
- Private cryptographic key
- Password token card
- Smartcard
- Hardware key
- Fingerprint
- Retina pattern
- Voice
- Face recognition
اي
ا
Name at least two authentication guidelines that are recommended by
Cisco.
غاة
ا
Cisco Systems recommends the following:
Page 97
8/21/2019 CCDA Arabic
http://slidepdf.com/reader/full/ccda-arabic 97/107
97 | P a g e
- Use strong authentication on users from external networks
- Use strongest authentication mechanism when the most valuable
resources are being accessed
- Make authentication mechanisms user-friendly
- Integrate authentication with existing user databases
اي
ا
Name at least one Cisco recommendation when for network
authorization.
غاة
ا
Cisco recommends the following when it comes to authorization on the
network:
- Use the principle of least privilege: Each user should use an account
the gives him just enough privileges to accomplish what he needs, and
no more.
- Use the principle of defense in depth for valuable resources: Each
security mechanism should back up others.
- Never trust client-supplied settings.
SAFE Blueprint
The Cisco security architecture for Enterprise (SAFE) blueprint
provides a modular approach to securing the network. It also provides
best practices for network designers and implementers
ض
٠مخ
مر
ى١
ا
أب
أ
٠ر
١خ
خم١ار
خ
ز
ث٠مخ
بد
ب
١ضر
ز١ب
ع
وأ
SAFE Guidelines for Securing the Internet Connectivity Module
Firewalls, routers and IDS should be used to prevent network mapping
attacks
Page 98
8/21/2019 CCDA Arabic
http://slidepdf.com/reader/full/ccda-arabic 98/107
98 | P a g e
غ
أ٠خ
ب٠خ
ا
غا
ا
عبد
ا
ؽب٠خ
٠غت
To ensure that the exposed hosts are not compromised, use firewall to
protect and IDS to detect
اغ
ا بزبث با ٠ ١ى
ا ١ز
ا ؤث وؤز
ا ا ؾب٠خ
ب٠خ
ا
ى
To stop hosts from being attacked by compromised use a DMZ,
firewalls, LAN Access Control and IDS for monitoring
ازا
ؾز٠
بز
بث
ل
ا
جل
اعاءاد
برا
١ؾز
ا
وح
ا
اعح
ؾب٠خ
ا
DoS attacks on links – QoS mechanism; IDS
ز
ا
اعاء
غ
ا
DoS attacks on hosts – host hardening and firewalls
ا
ز
ا
اعاء
غ
Introduction of malicious code-use application filtering
ز
ا
اعاء
غ
ا
ز١بجرا
اعت
ا
اعاء
ا
ا
أ
SAFE Guidelines for Securing the E-Commerce Module
Exposed hosts and applications, use a firewall, host hardening, secure
programming and IDS
Hosts attacked from other host, Host hardening, firewalls and ISD
DoS attacks at hosts, DMZ, firewalls, IDS and LAN Access Control
SAFE Guidelines for Securing the Remote Access and VPN Module
Risk of Identity spoofing-strong authentication
Confidentially and integrity-strong encryption
Compromised clients and remote sites-Firewall and viruses scanning
Page 99
8/21/2019 CCDA Arabic
http://slidepdf.com/reader/full/ccda-arabic 99/107
99 | P a g e
SAFE Guidelines for Securing the WAN Module
Confidentially and integrity-Strong encryption
WAN misconfiguration-WAN peer authentication
SAFE Guidelines for Securing the Network Management Module
Administrator impersonation-Authentication
Compromise of management protocols-secure protocol
Accidental/deliberate misconfiguration- Authorization
Responsibility avoidance – Auditing
Management host-separate management networks, firewalls and IDS
SAFE Guidelines for Securing the Server Farm Module
Compromise of exposed hosts-firewalls, host hardening, secure
applications and IDS
Compromise other hosts from compromised hosts-firewalls, IDS and
LAN access control
اي
ا
The Internet Connectivity Module often features a DMZ. What is a
DMZ?
غاة
ا
A demilitarized zone (DMZ) network contains a host that has been
compromised. A DMZ is typically created using two firewalls, and it
permits public access for select services.
اي
ا
Page 100
8/21/2019 CCDA Arabic
http://slidepdf.com/reader/full/ccda-arabic 100/107
100 | P a g e
What is spoofing in network security?
غاة
ا
Spoofing means that the client is falsifying its true identity. IP address
spoofing is a common method for gaining access to secured networks
ز
ثا
ا
ا
******
Voice
د
ا
Introduction
مخ
ا
PBX
ق
رب
ا
PSTN Switch
رب
ا
جىخ
Telephone Infrastructure
رب
زؾز١خ
ا
١خ
ج
ا
Telephony Signalingبرإبح
ا
ابي
Analog Signaling
١خ
صبز
ا
ابح
Page 101
8/21/2019 CCDA Arabic
http://slidepdf.com/reader/full/ccda-arabic 101/107
101 | P a g e
Coding and Compression Algorithm
١بد
١ز
اب
ب١ج
ا
Introduction
مخ
ا
ؽخ
ى١
ا جوخ
ا
١
بث
ىربلأ
أ
ربوث
ب
زا
جأ
خ
ب
ب
زج
ع
ب
ر١جى
ا
جىخ
ج
د
ا
١بد
مر
١ز
ا
ز
ىثرب
ا
ق
زؾس
بث
ح
ا
ي
أي
ززؼ
ب
PBX
ق
رب
ا
A PBX (private branch exchange) is a telephone system within an
enterprise that switches calls between enterprise users on local lines
while allowing all users to share a certain number of external phone
lines. The main purpose of a PBX is to save the cost of requiring a line
for each user to the telephone company's central office.
ز
ا
جىخ
١ث
ا
مخ
ؽ
جز٠
ز
ا
بع١خ
ا
رب
ا
ؤح
ا
١خ
ا
ا
ا
١ع
١ب
زؾىز٠١زبن
ا
ث
ا
م
ا
عب
ا
رب
ا
ب
ا
إ
ي
رب
ا
جىثجىخ
ا
ه
زث
بخ
ا
بد
ا
و
م٠
.
Page 102
8/21/2019 CCDA Arabic
http://slidepdf.com/reader/full/ccda-arabic 102/107
102 | P a g e
ث
ا
١خ
آ
ضر
برح
ا
جىبد
PSTN Switch
رب
ا
جىخ
Public Switched Telephone Network. The worldwide set of
interconnected switched voice telephone networks that deliver fixed
telephone services to the general public and are usually accessed by
telephones, key telephone systems, private branch exchange trunks, and
certain data arrangements, transmitting voice, other audio, video, and
data signals
وبخ
ثر
ز
ا
١خ
ا
بر١خ
ا
جىخ
ا
جبح
جث
ثب
رب
ا
جىبد
خ
ز
ا
رب
ا
أعح
ر
ز
ا
اخ
ا
خ
احعا
ه
ر
٠زث
مر
ز
ق
١ب
ثب
خ
ز
ا
بد
بثرب
ا
.
Error!
Page 103
8/21/2019 CCDA Arabic
http://slidepdf.com/reader/full/ccda-arabic 103/107
103 | P a g e
ا
جىبد
ث
١
ا
ب٠
ا
رب
ا
جىخ
أ
رؼ
ثح
ربجث
اي
ا
Name at least two differences between a PBX and a PSTN switch.
Page 104
8/21/2019 CCDA Arabic
http://slidepdf.com/reader/full/ccda-arabic 104/107
104 | P a g e
غاة
ا
There are several differences, including the following:
- PBXs are located in corporations, while PSTN switches are located in
the public sector
- PBXs do not feature the scalability of PSTN switches
- PBXs tend to use proprietary protocols versus PSTN switches' open
standards
- PBXs connect telephones and other PBXs
Telephone Infrastructure
رب
زؾز١خ
ا
١خ
ج
ا
١خ
ج
اب١خ
بد
ى
ا
ا
جىخ
زؾز١خ
ا
رب
:
Local Loop
Station Line
Tie Trunk
CO Trunk
PSTN Switch Trunk
Foreign exchange Trunk
اي
ا
There are several types of trunks in a traditional voice network. What is
the purpose of a tie trunk?
غاة
ا
Tie trunks are used to connect traditional PBXs in a traditional voice
network.
اي
ا
What is the purpose of a Foreign Exchange Station (FXS) interface?غاة
ا
An FXS interface typically terminates at an analog telephone or fax
machine.
Page 105
8/21/2019 CCDA Arabic
http://slidepdf.com/reader/full/ccda-arabic 105/107
105 | P a g e
Telephony Signaling
ابي
برإبح
ا
Subscriber Signaling
Trunk Signaling
Supervision Signaling
Aedeses Signaling
Call Process Signals
Network Management Signals
اح
رب
ا
إباد
ث
ا
ر١ؾ١خ
ز
اي
ا
What is QSIG?
غاة
ا
QSIG is a standards based protocol for use between PBXs. QSIG does
not place any restrictions on private numbering plans.
Analog Signaling
١خ
صبز
ا
ابح
Loop Start
Ground StartE&M
اي
ا
Page 106
8/21/2019 CCDA Arabic
http://slidepdf.com/reader/full/ccda-arabic 106/107
106 | P a g e
According to the open standard for converged networks, what are the
three independent layers of the packet-switching model?
غاة
ا
The three layers of the model are as follows:
- Packet Infrastructure layer
- Call Control layer
- Open Service Application Layer
اي
ا
Name at least three benefits of the H.323 protocol.
غاة
ا
The H.323 protocol features the following benefits:
- Establishes standards for compression and decompression
- Provides for interoperability
- Provides network independence
- Permits platform and application independence
- Permits bandwidth management
- Supports multicast
- Enhanced flexibility
اي
ا
Name at least three components of H.323?
غاة
ا
The possible components are:
- Terminals
- Gateways
- Gatekeepers
- MCUs
اي
ا
A key component of the Cisco IP telephony implementation is the
replacement of the traditional PBX (Private Branch Exchange). Which
Cisco component does this?
غاة
ا
Cisco CallManager
Page 107
8/21/2019 CCDA Arabic
http://slidepdf.com/reader/full/ccda-arabic 107/107
اي
ا
What mechanism allows you to associate destination phone numbers
with IP addresses?
غا
ا
Dial peers
Coding and Compression Algorithm
١بد
١ز
اب
ب١ج
ا
ثب
و
خ
ز
ا
١ز
ا
ا
أ
٠
ا
بن
PCM
ADPCM
LDCELP
CS-ACELPCELP
Voice Coding Standard
G.711
G.726
G.728
G.729
G.723.1
ز