ccie written

[ Pobierz całość w formacie PDF ]

standard for backbone connectivity for some years. It is still found in many legacy
More study guides and information available at www.cramsession.brainbuzz.com.
� 2000 All Rights Reserved BrainBuzz.com
BrainBuzz Cramsession: Cisco Certified Internetwork Expert 35
networks, and is still relevant in both real-life situations and in preparation for the
CCIE track.
It is based on a token-passing scheme similar to Token Ring, but with dual counter-
rotating rings that provide redundancy in the event of a fiber (or copper in the case
of CDDI) cut. The primary ring carries traffic; the secondary is the backup link. The
rings have a speed of 100Mbps, which was perfectly acceptable in the backbone until
the introduction of inexpensive Fast Ethernet and Gigabit Ethernet.
There are two types of devices on the network:
" DAS (Dual-Attached Station) which would be attached directly to both rings.
" SAS (Single-Attached Station) - which would be connected to a concentrator.
Security
AAA (Authentication, Authorization and Accounting)
A standard feature set of software security tools that identify when users are logged
into a router; control each user s authority level; and monitor user activity to provide
accounting information.
TACACS (Terminal Access Controller Access Control System)
" A centralized validation service that accepts or rejects user name and
password pairs.
" TACACS+ uses TCP for transport and the entire body of TACACS+ packets is
encrypted if a there is a shared key on the router and server.
" TACACS+ can log every command that is entered at the router exec
command.
" Works with PPP or CHAP authentication.
" Transmits passwords in clear text.
" TACACS+ can pass caller ID or called party values from NAS to the server.
" TACACS+ requires AAA, although earlier versions, TACACS and Extended
TACACS did not work with AAA.
RADIUS (Remote Authentication Dial-In User Service)
" A client-server based protocol that accepts or rejects a user name and
password pairs.
" Works with PPP or CHAP authentication.
" Transmits passwords encrypted by MD5 algorithm when they are sent across
the data network.
" Server component can run on a Microsoft NT or Unix host.
" Used with AAA to enable authentication, authorization and accounting.
More study guides and information available at www.cramsession.brainbuzz.com.
� 2000 All Rights Reserved BrainBuzz.com
BrainBuzz Cramsession: Cisco Certified Internetwork Expert 36
" User names and passwords are encrypted.
PIX (Private Internet Exchange) Firewall
A Cisco hardware and software platform that prevents unauthorized connections
between two networks based on a defined security policy. It most commonly sits
between a company s internal network and the Internet.
Multiservice
Voice/Video Protocols
Erlang B A traffic model used by telephone system designers to estimate
the number of lines required for trunks.
H.323 Standard for real-time multimedia communications and conferencing over
packet-based networks.
SS7 (Signaling System 7) International standard for common channel
signaling between PSTN (Public Switch Telephone Network) switches. This standard
provides for out-of-band signaling and is responsible for routing, link status, and
connection control. 1-800 calls, local phone number portability, in-network phone
mail and portable phone roaming all are defined by SS7.
RTP (Real-time Transport Protocol) Provides support for applications
with real-time properties such as video or voice over IP.
Compression
The compress {predictor | stac} command can be used to enhance service on slow
point-to-point links using HDLC, PPP, and LAPB. This will cause an increase in CPU
utilization on the router.
Special Thanks to Dennis Laganiere for
contributing this Cramsession. Make sure
to visit his site at:
http://www.routedpacket.com
More study guides and information available at www.cramsession.brainbuzz.com.
� 2000 All Rights Reserved BrainBuzz.com [ Pobierz całość w formacie PDF ]

Archiwum