Discoveri 3.1

1. What can be found at the enterprise edge?
• Internet, VPN, and WAN modules
• Internet, PSTN, and WAN services
• server farms and network management
• campus infrastructure, including access layer devices
Jawab: • Internet, VPN, and WAN modules

2. In which functional area of the Cisco Enterprise Architecture should IDS and IPS be located to detect
• and prevent services from accessing hosts?
• Enterprise Campus
• Edge Distribution
• Enterprise Edge
• Service Provider Edge
Jawab: Enterprise Edge

3. A business consultant must use Internet websites to research a report on the e-business strategies of several firms and then electronically deliver the report to a group of clients in cities throughout the world. Which two teleworker tools can the consultant use to accomplish this project? (Choose two.)
• VoIP
• VPN
• HTTP
• Telnet
• email
Jawab: HTTP ,  email

4. Which two measures help ensure that a hardware problem does not cause an outage in an enterprise LAN that supports mission critical services? (Choose two.)
• providing failover capability
• installing redundant power supplies
• purchasing more bandwidth from the ISP
• implementing broadcast containment with VLANs
• installing routers that can handle a greater amount of throughput
Jawab:  • providing failover capability
              • installing redundant power supplies

5. Which task would typically only require services located at the access layer of the hierarchical design model?
• connecting to the corporate web server to update sales figures
• using a VPN from home to send data to the main office servers
• printing a meeting agenda on a local departmental network printer
• placing a VoIP call to a business associate in another country
• responding to an e-mail from a co-worker in another department
Jawab: • printing a meeting agenda on a local departmental network printer

6. How does a VPN work to support remote user productivity?
• It uses SSL to encrypt remote user logins to the corporate intranet.
• It uses secure Telnet for remote user connections to internal network devices.
• It creates a virtual circuit that allows real-time communications between any two Internet endpoints.
• It uses encapsulation to create a secure tunnel for transmission of data across non-secure networks.****
Jawab: • It uses encapsulation to create a secure tunnel for transmission of data across non-secure networks.****

7. A remote user needs to access a networking device on the internal network of the company. The transactions between the remote user and the device must be secure. Which protocol enables this to happen securely?
• HTTP
• SSH
• Telnet
• FTP
Jawab: • SSH

8. What does VoIP provide to telecommuters?
• high-quality, live-video presentations
• real-time voice communications over the Internet
• ability to share desktop applications simultaneously
• secure, encrypted data transmissions through the Internet
Jawab: • real-time voice communications over the Internet

9. Which functional component of the Cisco Enterprise Architecture is responsible for hosting internal servers?
• enterprise campus
• enterprise edge
• service provider edge
• building distribution
Jawab: • enterprise campus

10. What is the purpose of the Cisco Enterprise Architecture?
• remove the three-layer hierarchical model and use a flat network approach
• divide the network into functional components while still maintaining the concept of Core, Distribution, and Access Layers
• provide services and functionality to the core layer by grouping various components into a single
• component located in the access layer
• reduce overall network traffic by grouping server farms, the management server, corporate intranet, and e-commerce routers in the same layer
Jawab: • divide the network into functional components while still maintaining the concept of Core, Distribution, and Access Layers

11. Which two solutions would an enterprise IT department use to facilitate secure intranet access for remote workers? (Choose two.)
• VPN
• NAT
• user authentication
• client firewall software
• packet sniffing
Jawab: • VPN , • user authentication

12. Which statement describes the difference between an enterprise WAN and an enterprise extranet?
• An enterprise WAN is designed to interconnect local LANs, while an enterprise extranet is designed to interconnect remote branch offices.
• An enterprise WAN is designed to interconnect branch offices, while an enterprise extranet is designed to give access to external business partners.
• An enterprise WAN is designed to provide remote access for its teleworkers, while an enterprise extranet is designed to provide Internet connectivity for the enterprise.
• An enterprise WAN is designed to provide Internet connectivity for the enterprise, while an enterprise extranet is designed to provide remote access to the enterprise network for teleworkers.
Jawab: • An enterprise WAN is designed to interconnect branch offices, while an enterprise extranet is designed to give access to external business partners.

13. Why would a network administrator want to limit the size of failure domains when designing a network?
• reduces the effect of Ethernet collisions
• reduces the impact of a key device or service failure
• reduces the impact of Internet congestion on critical traffic
• reduces the impact of blocking broadcast packets at the edge of the local network
Jawab: • reduces the impact of a key device or service failure

14. What is the main purpose of the Access Layer in a hierarchically designed network?
• performs routing and packet manipulation
• supplies redundancy and failover protection
• provides a high-speed, low-latency backbone
• serves as a network connection point for end-user devices
Jawab: • serves as a network connection point for end-user devices

15. Which three functions are performed at the Distribution Layer of the hierarchical network model? (Choose three.)
• forwards traffic that is destined for other networks
• isolates network problems to prevent them from affecting the Core Layer
• allows end users to access the local network
• provides a connection point for separate local networks
• transports large amounts of data between different geographic sites
• forwards traffic to other hosts on the same logical network
Jawab: • forwards traffic that is destined for other networks
• isolates network problems to prevent them from affecting the Core           Layer

• provides a connection point for separate local networks

16. What is a benefit of having an extranet?
• It provides web-like access to company information for employees only.
• It limits access to corporate information to secure VPN or remote access connections only.
• It allows customers and partners to access company information by connecting to a public web server.
• It allows suppliers and contractors to access confidential internal information using controlled external connections.
Jawab: • It allows suppliers and contractors to access confidential internal information using controlled external connections.

17. What are two important characteristics or functions of devices at the Enterprise Edge? (Choose two.)
• providing Internet, telephone, and WAN services to the enterprise network
• providing a connection point for end-user devices to the enterprise network
• providing high-speed backbone connectivity with redundant connections
• providing intrusion detection and intrusion prevention to protect the network against malicious activity
• providing packet inspection to determine if incoming packets should be allowed on the enterprise network
Jawab: • providing intrusion detection and intrusion prevention to protect the network against malicious activity
• providing packet inspection to determine if incoming packets should be allowed on the enterprise network

18. Why is TCP the preferred Layer 4 protocol for transmitting data files?
• TCP is more reliable than UDP because it requires lost packets to be retransmitted.
• TCP requires less processing by the source and destination hosts than UDP.
• UDP introduces delays that degrade the quality of the data applications.
• TCP ensures fast delivery because it does not require sequencing or acknowlegements.

Jawab: • TCP is more reliable than UDP because it requires lost packets to be retransmitted.

19. The ABC Corporation implements the network for its new headquarters using the Cisco Enterprise Architecture. The network administrator wants to filter the traffic from and to the outside world. Where should the administrator deploy a firewall device?
• server farm
• enterprise edge
• enterprise campus
• service provider edge
Jawab: • enterprise edge

20. Which two statements are reasons why UDP is used for voice and video traffic instead of TCP?(Choose two.)
• TCP requires all data packets to be delivered for the data to be usable.
• The acknowledgment process of TCP introduces delays that break the streams of data.
• UDP does not have mechanisms for retransmitting lost packets.
• UDP tolerates delays and compensates for them.
• TCP is a connectionless protocol that provides end-to-end reliability.
• UDP is a connection-oriented protocol that provides end-to-end reliability.

Jawab: • The acknowledgment process of TCP introduces delays that break the streams of data.
              • UDP does not have mechanisms for retransmitting lost packets.

CCNA Discovery 1 Module 7 Exam Answers Version 4.0

1. Why is IEEE 802.11 wireless technology able to transmit further distances than Bluetooth technology?
• has higher power output

2. What are three advantages of wireless over wired technology? (Choose three.)
• anytime, anywhere connectivity
• easy and inexpensive to install
• ease of adding additional devices

3. What are two benefits of wireless networking over wired networking? (Choose two.)
• mobility
• reduced installation time

4. A technician has been asked to provide wireless connectivity to the wired Ethernet network of a building. Which three factors affect the number of access points needed? (Choose three.)
• the size of the building
• the number of solid interior walls in the building
• the presence of microwave ovens in several offices

5. Why is security so important in wireless networks?
• Wireless networks broadcast data over a medium that allows easy access.

6. What does the Wi-Fi logo indicate about a wireless device?
• The device is interoperable with other devices of the same standard that also display the Wi-Fi logo.

7. Which statement is true concerning wireless bridges?
• connects two networks with a wireless link

8. Which WLAN component is commonly referred to as an STA?
• wireless client

9. Which statement is true concerning an ad-hoc wireless network?
• created by connecting wireless clients in a peer-to-peer network

10. Refer to the graphic. In the Wireless menu option of a Linksys integrated router, what does the Network Mode option Mixed mean?
• The router supports 802.11b, 802.11g, and 802.11n devices.

11. Refer to the graphic. In the Wireless menu of a Linksys integrated router, what configuration option allows the presence of the access point to be known to nearby clients?
• SSID Broadcast

12. Which two statements about a service set identifier (SSID) are true? (Choose two.)
• tells a wireless device to which WLAN it belongs
• all wireless devices on the same WLAN must have the same SSID

13. Which two statements characterize wireless network security? (Choose two.)
• With SSID broadcast disabled, an attacker must know the SSID to connect.
• Using the default IP address on an access point makes hacking easier.

14. What type of authentication does an access point use by default?
• Open

15. Which statement is true about open authentication when it is enabled on an access point?
• requires no authentication

16. What are two authentication methods that an access point could use? (Choose two.)
• EAP
• pre-shared keys

17. What is the difference between using open authentication and pre-shared keys?
• Pre-shared keys require an encrypted secret word. Open authentication does not require a secret word.

18. What term describes the encoding of wireless data to prevent intercepted data from being read by a hacker?
• encryption

19. What access-point feature allows a network administrator to define what type of data can enter the wireless network?
• traffic filtering


20. What are the two WEP key lengths? (Choose two.)
• 64 bit
• 128 bit

21. Complete the following sentence: WEP is used to ______ , and EAP is used to _____ wireless networks.
• encrypt; authenticate users on

CCNA Discovery 1 Module 9 Exam Answers Version 4.0...

1. What should a network administrator do first after receiving a call from a user who cannot access the company web server?
• Ask the user what URL has been typed and what error message displays.

2. A customer called the cable company to report that the Internet connection is unstable. After trying several configuration changes, the technician decided to send the customer a new cable modem to try. What troubleshooting technique does this represent?
• substitution

3. Only one workstation on a particular network cannot reach the Internet. What is the first troubleshooting step if the divide-and-conquer method is being used?
• Check the workstation TCP/IP configuration.

4. Which two troubleshooting techniques are suitable for both home networks and large corporate networks? (Choose two.)
• documenting the troubleshooting process
• keeping a record of system upgrades and software versions

5. Identify two physical-layer network problems. (Choose two.)
• hardware failure
• loose cable connections

6. Which ipconfig command requests IP configuration from a DHCP server?
• ipconfig /renew

7. What command is used to determine the location of delay for a packet traversing the Internet?
• tracert

8. What command is used to determine if a DNS server is providing name resolution?
• nslookup

9. Which troubleshooting method begins by examining cable connections and wiring issues?
• bottom-up

10. A technician suspects that a Linksys integrated router is the source of a network problem. While troubleshooting, the technician notices a blinking green activity LED on some of the ports. What does this indicate?
• The ports are operational and are receiving traffic.

11. A PC is plugged into a switch and is unable to connect to the network. The UTP cable is suspected. What could be the problem?
• A crossover cable is being used.

12. Refer to the graphic. What configuration is incorrect in the network shown?
• The wired connection is the wrong type of cable.

13. Which three settings must match on the client and access point for a wireless connection to occur? (Choose three.)
• SSID
• authentication
• encryption key

14. A technician is troubleshooting a security breach on a new wireless access point. Which three configuration settings make it easy for hackers to gain access? (Choose three.)
• configuring NAT
• broadcasting the SSID
• using open authentication
• using the default internal IP address

15. Refer to the graphic. The wireless host cannot access the Internet, but the wired host can. What is the problem?
• The host WEP key is incorrect.

16. Refer to the graphic. What configuration is incorrect in the network shown?
• The host IP address is incorrect.

17. When acting as a DHCP server, what three types of information can an ISR provide to a client? (Choose three.)
• default gateway
• dynamic IP address
• DNS server address

18. What two items could be checked to verify connectivity between the router and the ISP? (Choose two.)
• router status page
• connectivity status as indicated by LEDs

19. A technician is unsuccessful in establishing a console session between a PC and a Linksys integrated router. Both devices have power, and a cable is connected between them. Which two troubleshooting steps could help to diagnose this problem? (Choose two.)
• Ensure the correct cable is used.
• Ensure the link status LED on the integrated router is lit.

20. Network baselines should be performed in which two situations? (Choose two.)
• after the network is installed and running optimally
• after major changes are implemented on the network

21. Typically, help desk personnel assist end users in which two tasks? (Choose two.)
• identifying when the problem occurred
• implementing the solution to the problem

22. How does remote-access software help in the troubleshooting process?
• Diagnostics can be run without a technician being present at the site.

23. Which two items should be added to the documentation following a troubleshooting event? (Choose two.)
• final resolution
• results of successful and unsuccessful troubleshooting steps

CCNA Discovery 1 Module 8 Exam Answers Version 4.0

1. Identify three techniques used in social engineering. (Choose three.)
• vishing
• phishing
• pretexting

2. During a pretexting event, how is a target typically contacted?
• by phone

3. While surfing the Internet, a user notices a box claiming a prize has been won. The user opens the box unaware that a program is being installed. An intruder now accesses the computer and retrieves personal information. What type of attack occurred?
• Trojan horse

4. What is a major characteristic of a Worm?
• exploits vulnerabilities with the intent of propagating itself across a network

5. A flood of packets with invalid source-IP addresses requests a connection on the network. The server busily tries to respond, resulting in valid requests being ignored. What type of attack occurred?
• SYN flooding

6. What type of advertising is typically annoying and associated with a specific website that is being visited?
• popups

7. What is a widely distributed approach to marketing on the Internet that advertises to as many individual users as possible via IM or e-mail?
• spam

8. What part of the security policy states what applications and usages are permitted or denied?
• acceptable use

9. Which statement is true regarding anti-virus software?
• Only after a virus is known can an anti-virus update be created for it.

10. Which two statements are true concerning anti-spam software? (Choose two.)
• When anti-spam software is loaded, legitimate e-mail may be classified as spam by mistake.
• Even with anti-spam software installed, users should be careful when opening e-mail attachments.

11. What term is used to describe a dedicated hardware device that provides firewall services?
• appliance-based

12. Which acronym refers to an area of the network that is accessible by both internal, or trusted, as well as external, or untrusted, host devices?
• DMZ

13. Which statement is true about port forwarding within a Linksys integrated router?
• Only external traffic that is destined for specific internal ports is permitted. All other traffic is denied.

14. To which part of the network does the wireless access point part of a Linksys integrated router connect?
• internal

15. Refer to the graphic. What is the purpose of the Internet Filter option of Filter IDENT (Port 113. on the Linksys integrated router?
• to prevent outside intruders from attacking the router through the Internet

16. What statement is true about security configuration on a Linksys integrated router?
• Internet access can be denied for specific days and times.

17. What environment would be best suited for a two-firewall network design?
• a large corporate environment

18. What is one function that is provided by a vulnerability analysis tool?
• It identifies missing security updates on a computer.

19. Many best practices exist for wired and wireless network security. The list below has one item that is not a best practice. Identify the recommendation that is not a best practice for wired and wireless security.
• Disable the wireless network when a vulnerability analysis is being performed.

20. What best practice relates to wireless access point security?
• a change of the default IP address

21. Refer to the graphic. In the Linksys Security menu, what does the SPI Firewall Protection option Enabled provide?
• It requires that packets coming into the router be responses to internal host requests.

Lab 7.3.5 Configuring Wireless Security

* Create a security plan for a home network.
* Configure the wireless access point (AP) portion of a multi-function device using security best practices.


Background / Preparation
A well-planned security implementation is critical to the safety of a wireless network. This lab goes over the steps that must be taken to ensure the safety of the network using the following scenario.

You have just purchased a Linksys WRT300N wireless router, and you want to set up a small network in your home. You selected this router because the IEEE 802.11n specification claims that it has 12 times the speed of an 802.11g and 4 times the range. Because the 802.11n uses 2.4 GHz, it is backward compatible with both the 802.11b and 802.11g and uses MIMO (multiple-in, multiple-out) technology.

You should enable security mechanisms before connecting your multi-function device to the Internet or any wired network. You should also change the default values provided, because they are well-known values that are easily obtainable on the Internet.

The following resources are required:

* Windows-based computer
* Linksys WRT300N
* Straight-through Ethernet cable


Step 1: Plan the security for your home network

1. List at least six security best practices that you should implement to secure your multi-function device and wireless network.

1) Kurangi kekuatan pancar antena WAP
2) Berikan security code
3) Aktifkan MAC address filter.
4) Ganti Password default
5) Disable Broadcast SSID
6) Disable DHCP Server

2. Describe what the security risk is for each item.

1) Kelemahan atau resikonya misalnya disebuah tempat usaha atau perusahaan maka semakin jauh titik akses dari akses point mengakibatkan kecepatan akses sangat terpengaruh atau bahkan tidak menjanjikan sama sekali.
2) Bagi orang yang tidak paham teknologi akan kebingungan dalam memberikan security code.
3) Jika seandainya MAC address seseorang client pernah diblokir pada suatu tempat, akan tetapi belum dibuka kembali maka tidak bisa digunakan pada tempat akses lain.
4) Jika password pada default diganti, akan susah mengetahui paswor yang baru jika tidak dikonfirmasikan terhadap teknisi.
5) Jika tidak diaktifkan kembali, maka titik access tidak dapat diditeksi oleh wireless adapter.
6) Jika di disabledkan maka hanya IP address yang telah diregisterkan yang bisa mengakses jaringan, sehingga jaringan tidak bersifat bebas layaknya wi-fi zone pada umumnya.

Step 2: Connect a computer to the multi-function device and log in to the web-based utility

1. Connect your computer (Ethernet NIC) to the multi-function device (port 1 on the Linksys WRT300N) by using a straight-through cable.
2. The default IP address of the Linksys WRT300N is 192.168.1.1, and the default subnet mask is 255.255.255.0. The computer and Linksys device must be on the same network to communicate with each other. Change the IP address of the computer to 192.168.1.2, and verify that the subnet mask is 255.255.255.0. Enter the internal address of the Linksys device (192.168.1.1) as the default gateway. Do this by clicking, Start > Control Panel > Network Connections. Right click on the wireless connection and choose Properties. Select the Internet Protocol (TCP/IP) and enter the addresses as shown below.
3. Open a web browser, such as Internet Explorer, Netscape, or Firefox and enter the default IP address of the Linksys device (192.168.1.1) into the address field and press Enter.
4. A screen appears, requesting your user name and password.



1. Leave the User name field blank and enter admin for the password. It is the default password on the Linksys device. Click OK. Remember that passwords are case-sensitive.
2. As you make the necessary changes on the Linksys device, click Save Settings on each screen to save the changes or click Cancel Changes to keep the default settings.


Step 4: Change the Linksys device password

a. The initial screen displayed is the Setup > Basic Setup screen.
b. Click the Administration tab. The Management tab is selected by default.
c. Type in a new password for the Linksys device, and then confirm the password. The new password must not be more than 32 characters and must not include any spaces. The password is required to access the Linksys device web-based utility and Setup Wizard.

4. The Web Utility Access via Wireless option is enabled by default. You may want to disable this feature to further increase security..
5. Click the Save Settings button to save the information.


NOTE: If you forget your password, you can reset the Linksys device to the factory defaults by pressing the RESET button for 5 seconds and then releasing it. The default password is admin.

Step 5: Configure the wireless security settings

1. Click the Wireless tab. The Basic Wireless Settings tab is selected by default. The Network Name is the SSID shared among all devices on your network. It must be identical for all devices in the wireless network. It is case-sensitive and must not be more than 32 characters.
2. Change the SSID from the default of linksys to a unique name. Record the name you have chosen:

Jawab:

3. Leave the Radio Band set to Auto. This allows your network to use all 802.11n, g, and b devices.
4. For SSID Broadcast, select the Disabled button to disable the SSID broadcast. Wireless clients survey the area for networks to associate with and will detect the SSID broadcast sent by the Linksys device. For added security, do not broadcast the SSID.
5. Save your settings before going to the next screen.


Step 6: Configure encryption and authentication

1. Choose the Wireless Security tab on the Wireless screen.
2. This router supports four types of security mode settings:

· WEP (Wired Equivalent Privacy)
· WPA (Wi-Fi Protected Access) Personal, which uses a pre-shared key (PSK)
· WPA Enterprise, which uses Remote Access Dial In User Service (RADIUS)
· RADIUS

d. Select WPA Personal Security Mode.
e. On the next screen, choose an Encryption algorithm.
To secure a network, use the highest level of encryption possible within the Selected Security mode.The following Security Modes and Encryption levels are listed from least secure (WEP) to mostsecure (WPA2 with AES)

· WEP
· WPA
· TKIP (Temporal Key Integrity Protocol)
· AES (Advanced Encryption System)
• WPA2
• TKIP
• AES

AES is only supported by newer devices that contain a co-processor. To ensure compatibility with all devices, select TKIP.

f. For authentication, enter a pre-shared key between 8 and 63 characters. This key is shared by the Linksys device and all connected devices.
g. Choose a key renewal period between 600 and 7200 seconds. The renewal period is how often the Linksys device changes the encryption key.
h. Save your settings before exiting the screen.

Step 7: Configure MAC address filtering

1. Choose the Wireless MAC Filter tab on the Wireless screen.
2. MAC address filtering allows only selected wireless client MAC addresses to have access to yournetwork. Select the radio button to Permit PCs listed below to access the wireless network. Click the Wireless Client List button to display a list of all wireless client computers on your network.
3. The next screen allows you to identify which MAC addresses can have access to the wireless network. Click the Save to MAC Address Filter List check box for any client device you want to add, and then click the Add button. Any wireless clients, other than those in the list will be prevented from accessing your wireless network. Save your settings before exiting the screen.


Step 8: Reflection

1. Which feature that you configured on the Linksys WRT300N makes you feel the most secure and why?

Jawab:

aplikasi atau program yang membuat saya merasa lebih aman dan nyaman ketika mengkonfigurasi ialah MAC address filtering. Alasannya karena pada aplikasi ini terdapat sebuah pilihan untuk memberikan izin access kepada client yang telah terlebih dahulu alamat IP dan MAC address nya dicantumkan atau didaftarkan.


2. Make a list of other items that could be done to make your network even more secure.

Jawab:

Pada pengaturan wireless kita pilih wireless security dan security modenya kita ganti dari disabled menjadi WEP sehingga dapat memberikan kunci berlapis. Atau pada system operasi windows biasa kita aktifkn juga menu firewall dan kita aktifkan juga menu SYS.

Lab 7.2.6 Configuring a Wireless Client

• Install and configure a driver for a wireless USB NIC for a wireless client computer.
• Determine the version of the driver installed and check the Internet for updates.

Background / Preparation
In this lab you will install a driver for a wireless USB NIC in a computer. The driver is a type of software that controls the wireless NIC. The driver comes on a CD with the NIC or can be downloaded from the Internet. Many manufacturers require that the driver is installed before the adapter is connected. The procedure described in this lab is for a Linksys USB 802.11g wireless NIC, but is similar to others. You should always follow the procedure recommended by the wireless NIC manufacturer.
The following resources are required:
• Windows XP-based computer with an available USB port
• Wireless USB NIC and associated driver
• Administrator rights to install the driver
• Linksys WRT300N with wireless access configured from previous lab

Step 1: Install the wireless NIC driver
a. Insert the CD that contains the wireless NIC driver into the CD/DVD drive and install the driver according to the manufacturer recommendations. Most USB devices require that the driver be installed before the device is physically attached. Note that you may do part of the installation process now and part of it after the wireless NIC is installed.
b. Who is the manufacturer of the wireless NIC?
Jawab:
Linksys
c. Describe how you installed the wireless NIC driver.
Jawab :
Saya melakukan penginstalan driver terlebih dahulu dengan CD/DVD yang sudah di sediakan oleh produsen wireless NIC tersebut, setelah dilakukan penginstalan baru saya memasangkan perangkat UCB. Cara penginstalannya adalah:
o Masukkan CD.
o Buka webrowser kemudian masukkan alamat default IP-nya.
o Kemudian buka menu setup, seting sesuai kebutuhan. atur penggunaan IP static atau automating, dan tentukan range IP yang diizinkan mengakses.
o Kemudian buka menu wireless, atur network mode (ex: mixed), nama SSID, Radio band, dan yang terakhir enable kan SSID broadcast.
o Security sesuaikan dengan kebutuhan.
o Save setup.


Step 2: Install the wireless NIC
a. When prompted, connect the USB NIC cable to an available USB port. Click Next to continue.

Step 3: Attach to the wireless network
a. Most wireless NIC adapters have client software to control the NIC. The software shows any wireless networks that are discovered. Select the SSID of the wireless network that you configured on the AP in a previous lab.
b. Which SSID are you using?
Jawab:
c. If the wireless NIC did not connect to the wireless network, perform the appropriate troubleshooting.
d. What is the signal strength for the wireless NIC
Jawab;
Elektronika2
e. Did the wireless NIC see any other wireless networks in the area?
Jawab:
Ya
Why or why not?
Jawab:
Karena ada wireless adapter.
f. Show your active wireless connection to a fellow student or the lab assistant.
g. What is another name for a wireless host?
Jawab:
Elo_1Tes, elktronika UNP, elektronika1, elektronika2
h. Is it better to use the client software from the wireless NIC manufacturer or let Windows XP control the wireless NIC?
Jawab:
Lebih bagus menggunakan client siftware.
Step 4: Determine the NIC driver version
a. Hardware manufacturers continually update drivers. The driver that ships with a NIC or other piece of hardware is frequently not the most current.
b. To check the driver version for the NIC you installed, click Start, select Control Panel and then Network Connections. Right-click on the wireless connection and select Properties. Click the Configure button for the NIC and then the Driver tab. What is the name and version of the driver you installed?
Jawab:
Atheros AR5007EG Wireless Network Adapter

Step 5: Determine if the NIC driver is the most current
a. Search the NIC manufacturer web site for drivers that support the wireless NIC you installed. Are there more current ones available?
Jawab:
- Atheros AR5007EG Wireless Network Adapter
- Marvell Yukon 88E8039 PCI-E Fast Ethernet Controller
b. What is the most current one listed?
Jawab:
- Atheros AR5007EG Wireless Network Adapter

c. If there is a more current driver, how would you apply it?
Jawab;
Tinggal menambahkan satu buah NIC lagi.


Step 6: Verify connectivity
a. Once you have installed the NIC, it is time to verify connectivity with the Linksys WRT300N.
b. Open a web browser such as Windows Internet Explorer or Mozilla Firefox.
c. In the address line type http://192.168.1.1, which is the default setting on the AP.
d. In the Connect to 192.168.1.1 dialog box, leave the username text box empty, and type admin in thepassword text box. Leave the Remember my password checkbox unchecked. Click OK.
e. If you receive the Linksys Setup screen, you have established connectivity with the AP. If you do not establish connectivity, you will have to troubleshoot the connection by checking to ensure the devices are turned on and the IP addresses on all devices are correct. Which IP address should be configured on the wireless NIC?
Jawab:
Pada saat kita masuk pada pengaturan Linksys pada acses point, kita harus menyeting pada menu set up range IP yabg mana saja yang di izinkan untuk mengakses jaringan tersebut.
Step 7: Reflection
a. Do you think the process of setting up a wireless network at a food store or book store is any different from what you just did?
Jawab:
sama
Why or why not?
Jawab:
Karena alat yang digunakkan juga sama, dari mulai proses penginstalan sampai pengaturannya sama.ss
b. Do you think the AP model that you are using would be sufficient for the food store in your neighborhood? Why or why not?
Jawab:
Jika di toko buku dan toko makanan menggunakan PSK (Pre shared- Key), jadi pengunjung yang ingin menggunakan jaringan di berikan key atau password untuk wireless AP dapat mengontrol pengaksesan pada jaringan

Lab 7.2.5 Configuring a Wireless Access Point

· Configure the wireless access point (AP) portion of a multi-function device to allow access to a wireless client.

Background / Preparation

The Linksys WRT300N includes an integrated 4-port switch, a router and a wireless Access Point (AP). In this lab, you will configure the AP component of the multi-function device to allow access for wireless clients. The basic wireless capabilities of the multi-function device will be configured but this will not be a secure wireless network. Setting up a secure wireless network will be covered in a later lab. The following resources are required:

· Windows XP based computer that is cabled to the multi-function device
· Linksys WRT300N

Step 1: Verify connectivity between the computer and the multi-function device

a. The computer used to configure the AP should be attached to one of the multi-function device’s switch ports.
b. On the computer, click the Start button and select Run. Type cmd and click OK or press Enter.
c. At the command prompt, ping the multi-function device using the default IP address 192.168.1.1 or the IP that has been configured on the multi-function device’s port. Do not proceed until the ping succeeds.
d. Write down the command used to ping the multi-function device

Jawab:

192.168.1.1

NOTE: If the ping is not successful, try these troubleshooting steps:

· Check to make sure the IP address of the computer is on the 192.168.1.0 network. The computer must be on the same network as the multi-function device to be able to ping it. The DHCP service of the multi-function device is enabled by default. If the computer is configured as a DHCP client it should have a valid IP address and subnet mask. If the computer has a static IP address, it must be in on the 192.168.1.0 network and the subnet mask must be 255.255.255.0.
· Make sure the cable is a known-good straight-through cable. Test to verify.
· Verify that the link light for the port where the computer is attached is lit.
· Check whether the multi-function device has power. If none of these steps correct the problem, check with your instructor.

Step 2: Log in to the multi-function device and configure the wireless network

a. Open a web browser. In the address line, type http://ip_address, where ip_address is the IP address of the wireless router (default is 192.168.1.1). At the prompt, leave the user name textbox empty, but type the password assigned to the router. The default password is admin. Click OK.
b. In the main menu, click on the Wireless option.
c. In the Basic Wireless Settings window, the Network Mode shows mixed by default, because the AP supports 802.11b, g, and n wireless devices. You can use any of these standards to connect to the AP. If the wireless portion of the multi-function device is NOT being used, the network mode would be set to Disabled. Leave the default of Mixed selected.
d. Delete the default SSID (linksys) in the Network Name (SSID) textbox. Enter a new SSID using your last name or name chosen by your instructor. SSIDs are case-sensitive.
e. Write down the exact SSID name that you are using.

Jawab:

f. Click on the Radio Band drop-down menu and write down the two options.
Jawab:

Auto

g. For a wireless network that can use 802.11b, g, or n client devices, the default is Auto. Auto allows the Wide Channel option to be chosen and gives the best performance. The Standard Channel option is used if the wireless client devices are 802.11b or g, or both b and g. The Wide Channel option is used if only 802.11n client devices are being used. Leave the default of Auto selected.
h. SSID Broadcast is set to enabled by default, which enables the AP to periodically send out the SSID using the wireless antenna. Any wireless devices in the area can detect this broadcast. This is how clients detect nearby wireless networks.
i. Click on the Save Settings button. When the settings have been successfully saved, click on Continue.
j. The AP is now configured for a wireless network with the name (SSID) that you gave it. It is important to write down this information before starting the next lab or attaching any wireless NICs to the wireless network.

Step 3: Reflection

a. How many wireless networks do you think could be configured in one classroom? What would limit this?
Jawab:

50 user

Mulai dari 192.168.10.1 – 192.168.10.50


b. What do you see as a potential security problem when you broadcast your SSID from the AP?
Jawab:

Jika kita tetap menggunakan setingan default pada SSID maka akses point kita akan mudah di serang oleh People attack, mereka akan mudah mengakses jaringn kita.

Lab 6.2.3 Exploring FTP Objectiv

Demonstrate how to use FTP from the command prompt and GUI.
Background / Preparation
File Transfer Protocol (FTP) is part of the TCP/IP suite. FTP is used to transfer files from one network device
to another network device. Windows includes an FTP application that you can execute from the command prompt. There are also many free GUI versions of FTP that you can download. The GUI versions are easier to use than typing from a command prompt.
When using FTP, one computer is normally the server and the other computer is the client. When accessing the server from the client, you need to provide a username and password. Some FTP servers have a userID named anonymous. You can access these types of sites by simply typing “anonymous” for the userID, without a password. Usually, the site administrator has files that can be copied but does not allow files to be posted with the anonymous userID.
If your class does not have an FTP server available, you can download and install a freeware version, such as Home FTP Server or Cerberus FTP server. The FTP Server on a computer running the CCNA Discovery Live CD may also be used. Another computer will act as the FTP client by using FTP from the command line, a web browser, or download a freeware version of an FTP client, such as SmartFTP Client or Core FTP LE client. Work in teams of two to complete this lab.
The following resources are required:
Windows-based computer with an FTP client
FTP server (Existing FTP server, downloaded freeware, or use Live CD)
Step 1: Examine FTP from the command prompt
a. Click the Start button, select Run, type cmd on the command line, and then click OK.
b. At the prompt, type ftp to start the FTP application. The prompt changes.
c. From the ftp prompt, type ? to see a list of the commands that can be used in this mode.

d. List three FTP commands.:append,ascii,bell
e. At the prompt, type help put to see a short description of the put command.
f. What is the purpose of the put command? send one file
g. Use the help command again to get the purpose of the get, send, and recv commands.
Get receive file
send send one file
recv receive file
NOTE: The original FTP commands were PUT to send a file to an FTP server and GET to download a file from the FTP server. You also had to select ASCII or binary file mode. If you download a binary file in ASCII mode it could end up being corrupted. Some of the newer graphical programs now use send and receive in their place.
h. Partner with another student. Using procedures demonstrated in previous labs, write down the names and IP addresses of each partner computer. It is very important to get these names correct. Some FTP applications allow you to use either the IP address or the computer name.
Computer 1:
Computer 2:
Step 2: Use a GUI FTP client or web browser
a. If you are using a web browser as the FTP client, open the web browser and type
ftp://ip address of FTP server. If the FTP server is configured to use an anonymous userID, connect directly to the FTP server. Using the FTP client, download an available file from the server.
b. If you are using a GUI FTP client, open the application. For most FTP clients, you must configure a new connection by giving it a name, the IP address of the FTP server, and a username and password. You may have to type anonymous if the FTP server allows this type of connection. Some applications have a checkbox that allows an anonymous login. When you have configured the connection, connect to the FTP server and download a file.
c. What is the name of the file you downloaded from the FTP server?
d. List one example of when FTP might be beneficial to a computer technician.
Step 3: (Optional) Use both an FTP server and client
a. If you control both the FTP server and client, practice sending files to and getting files from the client and the server.
b. Show your transferred files to another group of students.
c. Close the FTP server and client applications.

Lab 6.2.1 Observing DNS Name Resolution Objectives

• Observe the conversion of a URL to an IP address.
• Observe DNS lookup using the nslookup command.
Background / Preparation
Domain Name System (DNS) is invoked when you type a Uniform Resource Locator (URL), such as http://www.cisco.com, into a web browser. The first part of the URL describes which protocol is being used. Common ones are HTTP (Hypertext Transfer Protocol), HTTPS (Hypertext Transfer Protocol over Secure Socket Layer), and FTP (File Transfer Protocol).
DNS uses the second part of the URL, which in this example is www.cisco.com. DNS translates the domain name (like www.cisco.com) to an IP address in order to allow the source host to reach the destination host. Work in pairs to complete this lab.
The following resources are required:
• Windows-based computer with Internet connectivity
• Access to the Run command
Step 1: Observe DNS conversion
a. Click the Start button, select Run, type cmd, and then click OK. The command prompt window appears.
b. At the command prompt, type ping www.cisco.com. The computer needs to translate www.cisco.com into an IP address so it knows where to send the Internet Control Message Protocol (ICMP) packets. Ping is a type of ICMP packet.
c. The first line of the output shows www.cisco.com converted to an IP address by DNS. You should be able to see the effect of DNS even if your school has a firewall that prevents pinging, or if Cisco has prevented people from pinging their web server.


d. Which IP address is shown on the screen? 96.6.224.170
e. Is it the same as the one shown in the figure? No it’s not Why do you think this occurred? _
f. Work together with another student and discuss one or two other instances (besides the ping command) in which the computer would use DNS.
DNS.core FTP Lite
Step 2: Verify DNS operation using the nslookup command
a. At the command prompt, type the nslookup command.
b. What is the default DNS server being used? ns4.unp.ac.id
c. Notice how the command prompt changed. This is the NSLOOKUP prompt. From this prompt, you can enter commands related to DNS.
d. At the prompt, type ? to see a list of all the available commands that you can use in NSLOOKUP mode.
e. Write three commands that you can use with NSLOOKUP. _
1.[no]debug :print debugging information, 2.[no]d2 :print exhaustive debugging information
3.[no]defname :append domain name to each query
____________________________________________________________________________
____________________________________________________________________________
f. At the NSLOOKUP prompt, type www.cisco.com.
g. What is the translated IP address? 60.254.168.170
h. Is it the same as the IP address shown with the ping command? _no it’s not
i. At the prompt, type the IP address of the Cisco web server that you just found. You can use NSLOOKUP to get the domain name of an IP address if you do not know the URL.
Using the previous procedures, find an IP address associated with www.google.com. _deploy.akamaitechnologies.com___
Step 3: Identify mail servers using the nslookup command
a. At the prompt, type set type=mx to have NSLOOKUP identify mail servers.
b. At the prompt, type www.cisco.com.
What is the primary name server, the responsible mail address, and the default Time to Live (TTL)? Ns4.unp.ac.id
c. At the prompt, type exit to return to the regular command prompt.
d. At the prompt, type ipconfig /all.
e. Write the IP addresses of all the DNS servers that your school uses.
192.168.194.129 , 10.1.1.5 , 202.134.0.155
f. Type exit to close the command prompt window.

Step 4: Reflection
a. If your school did not have a DNS server, what effect would this have on your use of the Internet?
but my school have a DNS server!!!!
I’m so sorry
b. Some companies do not dedicate a single server for DNS. Instead, the DNS server provides other functions as well. Which functions do you think might be included on a DNS server? Use the ipconfig /all command to help you with this.

Tugas CCNA lab 5.1.4

Lab 5.1.4 Using the Windows Calculator with Network Addresses
Objectives
• • Switch between the two Windows Calculator modes.
• • Use Windows Calculator to convert between decimal, binary, and hexadecimal.
• • Use Windows Calculator to determine the number of hosts in a network with powers of 2.
Background / Preparation
Network technicians work with binary, decimal, hexadecimal numbers with computers and networking devices. In this lab you will use the Windows Calculator application to convert between the binary, decimal, and hexadecimal number systems. You will also use the powers function to determine the number of hosts that can be addressed based on the number of bits available. The following resources are required:
• • PC with Windows XP installed and functional
Step 1: Access Windows Calculator and determine mode of operation
1. From the Start button menu, select All Programs > Accessories, and click on Calculator. An alternate method of starting the Calculator application is to access the Start menu, click on Run, type calc and press Enter. Try both methods.
2. Once the Calculator application opens, select the View menu option.
3. Which mode [Standard | Scientific] is currently active? Jawab: Mode yang sedang aktif sekarang adalah Scientific
4. Select the Standard mode. This is a basic mode for simple calculations. How many mathematical functions are available in this mode? Jawab: Fungsi matematika yang ada pada Standart model adalah 7 fungsi matematika
Step 2: Convert between number systems
1. Access Scientific mode. Notice the number system modes available—Hex (Hexadecimal), Dec (Decimal), Oct (Octal), and Bin (Binary).
2. Which number system is currently active? Jawab: System bilangan yang sedang aktif pada model Scientific adalah Decimal.
3. Which numbers on the number pad are active in Decimal mode? Jawab: Bilangan yang aktif adalah:
4. Click on the Bin (Binary) mode radio button. Which numbers on the number pad are now active? Jawab:
5. Why do you think the other numbers are grayed out? Jawab: bilangan yang berwarna buram membuktikan bahwa bilangan tersebut tidak aktif untuk binery. Karena bilangan pada binery hanya 0 dan 1.
6. Click on the Hex (Hexadecimal) mode radio button.
7. Which characters on the number pad are now activated? Jawab karakter yang aktif pada bilangan hexadecimal adalah:
8. Click on the Dec radio button. Using your mouse, click on the number 1 followed by the number 5 on the number pad. The decimal number 15 has now been entered. Click on the Bin radio button.
9. What happened to the number 15 listed in the textbox at the top of the window? Jawab: Ketika decimal aktif saya mengetikan angka 15 kemudian saya tukar dengan Binery maka angka 15 berubah menjadi 1111.
10. By selecting different modes, numbers are converted from one number system to another. Select Dec mode again. The number in the window converts back to decimal. Select the Hex mode.
11. Which hexadecimal character (0 through 9 or A through F) represents decimal 15? Jawab: pada Hexadecimal yang mempresentasika 15 adalah F
12. Clear the number 15 in the window. Select Dec mode again. Not only can the mouse be used to enter numbers, but the numerical keypad on the keyboard as well as numbers on the keyboard can also be used. Using the numerical keypad to the right of the ENTER key, type the number 22. Note that if the number does not enter into the calculator, press the Num Lock key to enable the numeric keypad. While the number 22 is showing in the calculator, use the number keys across the top of the keyboard to add a 0 to the number 22 (220 should now be on the calculator). Select the Bin radio button.
13. What is the binary equivalent of 220? Jawab: Decimal 220 equivalent dengan 11011100 pada bineryClear the number 220 in the window. From Binary mode, type in the following binary number: 11001100. Select the Dec radio button.
14. What is the decimal equivalent to the binary number of 11011100? Jawab: Binery 11011100 equivalent dengan 220 Decimal

1. Convert the following decimal numbers to binary.

Decimal Binery
86 1010110
175 10101111
204 11001100
19 10011
1. Convert the following binary numbers to decimal.
Decimal Binery
11000011 195
101010 42
111000 56
10010011 147
Step 3: Convert host IP addresses
1. Computer hosts usually have two addresses, an Internet Protocol (IP) address and an Ethernet Media Access Control (MAC) address. For the benefit of humans, the IP address is normally represented as a dotted decimal notation, such as 135.15.227.68. Each of the decimal octets in the address or a mask can be converted to 8 binary bits. Remember that the computer only understands binary bits. If all 4 octets were converted to binary, how many bits would there be?
Jawab:

jika jumlah semua ada 4 oktet maka ada 32 bit yang terbentuk karena 1 oktet terdiri dari 8 bits.

1. IP addresses are normally shown with four decimal numbers ranging from 0 to 255 and separated by a period. Convert the 4 parts of the IP address 192.168.10.2 to binary.



Decimal Binary
192 11000000
168 10101000
10 00001010
2 00000010s
1. Notice in the previous problem how the 10 converted to only four digits and the number 2 converted to only two digits. When IP addresses can have any number from 0 to 255 in each position, eight digits are normally used to represent each number. In the previous example, eight digits were needed to convert 192 and 168 to binary, but 10 and 2 did not need as many digits. Normally 0s are added to the left of the digits to have eight digits in binary for each IP address number. The number 10 would be shown as 00001010. Four extra zeros are added to the front of the other four binary digits.
2. On the calculator in Binary mode, enter the digits 00001010 and select the Dec radio button.
3. Which decimal number is equivalent to 00001010?
Jawab:

00001010 ekuivalen dengan 10 pada decimal

1. Did adding “leading” zeros affect the number any?
Jawab:

Tidak karena 0 di depan tidak mempunyai pengaruh di dalam pengkonversian.

1. What would the number 2 (in the previous example) be if you were to make it eight digits?
Jawab:

karena pada IP address satu octet harus berisikan 8 digit bilangan biner.

Step 4: Convert host IP subnet masks
1. Subnet masks, such as 255.255.255.0, are also represented as dotted decimal. A subnet mask will always consist of four 8-bit octets, each one represented as a decimal number. With the exception of decimal 0 (all 8 binary zeros) and decimal 255 (all 8 binary ones), each octet will have some number of ones on the left and some number of zeros on the right. Convert the 8 possible decimal subnet octet values to binary.
Decimal Binary
0 00000000.00000000.00000000.00000000
128 11111111.11111111.00000000.00000000
192 11111111.11111111.11111111.00000000
224 11111111.11111111.11111111.00000000
240 11111111.11111111.11111111.00000000
248 11111111.11111111.11111111.00000000
252 11111111.11111111.11111111.00000000
254 11111111.11111111.11111111.00000000
255 11111111.11111111.11111111.11111111
1. Convert the four parts of the subnet mask 255.255.255.0 to binary.
Jawab:

11111111.11111111.11111111.00000000

Step 5: Convert broadcast addresses
1. Computer hosts and network devices use broadcast addresses to send messages to all hosts. Convert the following broadcast addresses.

Address Binery
IP broadcast255.255.255.255 11111111.1111111.11111111.11111111
MAC broadcastFF:FF:FF:FF:FF:FF 11111111.1111111.11111111.11111111
Step 6: Convert IP and MAC addresses for a host
1. Click the Start button, select Run, type cmd, and press Enter. From the command prompt, type ipconfig /all.

1. Make a note of the IP address and physical address (also known as a MAC address).
IP Address:
Jawab:

IP addressnya adalah 192.168.193.71

MAC Address:
Jawab:

MAC addresnya adalah 00-17-C4-23-43-FE

1. Using the calculator, convert the four numbers contained in the IP address to binary.

Decimal Binary
192 11000000
168 10101000
193 11000001
71 01000111
1. The MAC or physical address is normally represented as 12 hexadecimal characters, grouped in pairs and separated by dashes (-). Physical addresses on a Windows-based computer are shown in a format of xx-xx-xx-xx-xx-xx, where each x is a number from 0 to 9 or a letter from a to f. Each of the hex characters in the address can be converted to 4 binary bits which is what the computer understands. If all 12 hex characters were converted to binary, how many bits would there be?
Jawab:

Jika ada 12 karakter hexadecimal maka akan ada 96 bilangan biner yang terbentuk.

1. Convert each of the hexadecimal pairs to binary. For example, if the number CC-12-DE-4A-BD-88-34 was the physical address, convert the hexadecimal number CC to binary (11001100). Then convert the hexadecimal number 12 to binary (00010010) and so on. Be sure to add the leading zeros for a total of 8 binary digits per pair of hex digits.


Hexadecimal Binery
CC 11001100
12 00010010
DE 11011110
4A 01001010
BD 10111101
88 10001000
34 00110100
Step 7: Manipulate powers of 2 to determine the number of hosts on a network
Binary numbers use two digits, 0 and 1. When you calculate how many hosts can be on a subnetwork, you use powers of two because binary is being used. As an example, we have a subnet mask that leaves six bits in the host portion of the IP address. In this case, the number of hosts on that network is 2 to the 6th power minus 2 (because you need a number to represent the network and
1. number that can be used to reach all the hosts—the broadcast address). The number 2 is always used because we are working in binary. The number 6 is the number of bits that are used for the host bits.
2. On the calculator, in Dec mode, input the number 2. Select the x^y key, the key which raises a number to a power. Input the number 6. Click on the = key, press Enter on the keyboard, or press the = key on the keyboard—all give the total. The number 64 appears in the output. To subtract two, click on the minus (-) key and then the 2 key followed by the = key. The number 62 appears in the output. This means 62 hosts could be utilized.
3. Using the previously described process, determine the number of hosts if the following number of bits are used for host bits.

No. of Bits Used forHosts No. of Hosts
5 30 hosts
14 16382 hosts
24 16777214 host
10 1022 hosts
1. Using a similar technique as learned previously, determine what 10 to the 4th power equals.
Jawab:

Hasilnya adalah 9998

1. Close the Windows Calculator application.

Step 8: (Optional) Determine the network number and number of hosts based on subnet mask
1. Given the IP network address of 172.16.203.56 and a subnet mask of 255.255.248.0, determine the network portion of the address and calculate how many hosts can be created from host bits left.
2. Start by converting the 4 octets of the decimal IP address to binary and then convert the decimal subnet mask to binary. Remember to include leading zeros when converting to binary in order to make a total of 8 bits per octet.

Decimal IP addressand subnet mask Binary IP address and subnet mask
172.16.203.56 10101100.00010000.11001011.00111000
255.255.248.0 11111111.11111111.11111000.00000000
1. Align the 32 bits of the subnet mask to the 32 bits of the IP address and compare them. The bits in the IP address that align with the ones bits in the subnet mask represent the network number. What is the binary and decimal network number for this IP address? Determine the binary address first (include all 32 bits) and then convert it to decimal. Binary network address:
Jawab:

10101100.00010000.11001011.00111000
11111111.11111111.11111000.00000000



10101100.00010000.11001000.00000000

Decimal network address:
Jawab:

172.16.200.0
1. How many ones bits are in the subnet mask?
Jawab:

Subnetmask = 2n = 23=8
1. How many bits are left for host bits?
Jawab:

Host = 2n-2= 25-2= 30

1. How many hosts can be created with the bits left?
Jawab:

Host =2n-2= 211-2= 2046

Step 9: Reflection
1. List one other thing for which you might use the Windows Calculator scientific mode. It does not have to be related to networking.

Jawab: Windows Calculator dapat digunkan untuk operasi Matematika dan operasi Gerbang logika.

Tugas CCNA lab 4.2.3

Lab 4.2.3 Tracing Internet Connectivity
Objectives
• • Use software that shows how data travels through the Internet.
• • Use the ping utility to test connectivity to a remote network.
• • Construct a visual map of connectivity from your network to a remote network.
Background / Preparation
In order to perform this lab, Internet connectivity is required. On a PC, open a web browser to ensure connectivity exists before beginning this lab. This lab has an optional first step of downloading and installing a free program that can be used to determine the path a packet takes through the Internet. This program may be free, but it also may be copyrighted. Also, it may be that you are not permitted on a campus computer to download and install software. Check with the instructor or student assistant if you are unsure. The following resources will be required:
1. • Windows-based computer with Internet connectivity
2. • Ability to download and install freeware software (optional)
3. • Access to the Run command
Step 1: (Optional) Download and install a free program
1. Open a search engine such as Google (www.google.com), Yahoo (www.yahoo.com), or Search (http://search.com).
2. Which words do you think would give you the best result if you are searching for a visual program that allows you to trace how data (a packet) travels through the Internet? Write your search words.Answere: www. google.com
3. Type the words you chose in the Search field. Locate and download the software and install it. Normally, the website has a link to the download site or you can click the words “Download” or “Download Now”. When you download any freeware, remember the location on the hard drive, flash drive, or disk media where you saved the program. Write down where the download is saved. Answere: my Dokuments in folder downloads.
4. What is the name of the program you installed? Answere: IDM (Internet Download Manager)
Step 2: Locate web sites
1. Using the search engine again, locate five businesses with a web server, which are located in a country different from your own.
2. Write the names of the five business web sites. Answere: toko online, bisnis online pilihan, bisnis online indonesia, beton market.
3. Using the search engine again, locate a business in your own country that has a web site that is accessible.
4. Write the URL of the web site. An example URL is www.cisco.com. Answere: www.bisnisonlineindonesia.com
Step 3: (Optional) Use downloaded visual trace route tool
1. Using the software you have downloaded and installed, use the tool to determine the path which the packet takes to reach one of the remote country destinations. Each tool normally allows you to type a URL. The program should either list or visually display the path taken by the packet.
2. How many hops does the packet take to get from your computer to the destination computer? Answere: over a maximum of 30 hops atau lebih dari 30 hops tampak dilayar ada 20 hops(jalur)
3. If your tool also provides time information, write down how long it took for the packet to reach the first hop? Answere:15 menit
4. Use the tool to determine the path to another foreign country site.
5. How many hops does the packet take to get from your computer to the destination computer? Answere: http://www.netlink.co.uk/users/itcentre/ lebih dari 30 hop(jalur yang dilintasinya) namun terlihat dilayar ada 17 hop yang dilalui.
6. Use the tool to determine the path to a web site in your own country. Yaitu: www.pemdapadang.com ada 30 hops.Was the time it took to reach a web site in your own country shorter or longer? Answere: longer
7. Try to think of an instance where the time it takes to reach a web server in your own country would be longer than it takes to reach another country’s web server? Answere: karena di Indonesia belum ada server yang besar sehingga pengiriman paket data harus melalui server Negara lain.
Step 4: Use the tracert command
1. Click the Start button, click the Run option, type cmd, and press Enter. An alternate way to get to the command prompt is to click Start > All Programs > Accessories > Command Prompt.
2. From the command prompt, type tracert and press Enter. Options that can be used with the tracert command are shown. Items shown in square brackets [ ] are optional. For example, the first option that can be used with the tracert command is –d. If someone was to type tracert –d www.cisco.com, then the command issued to the computer is to trace the route to www.cisco.com, but do not try to resolve IP addresses to names. The target_name parameter is mandatory (it does not have brackets around it) and it is replaced with the destination network. In the previous example of tracert –d www.cisco.com, www.cisco.com is the target_name.
3. Which tracert option would be used to designate that only 5 hops could be used to search for the device address on the destination network? Jawaban: 10.10.14.45, 172.20.11.82, 222.124.3.9, 203.208.131.89 dan 59.128.15.141
4. Write the full command that would be typed to trace a route to www.cisco.com and instruct the computer to not search for it after seven hops. Jawaban: tracert –d www.cisco.com
5. Using one of the remote country destination addresses (use the same address as the one you used with the visual tool if possible) use the tracert command to determine how many hops it takes to reach the remote web server. Write the number of hops and the destination. Jawaban:
6. The tracert command uses Internet Control Message Protocol (ICMP) echo request messages to determine the path to the final destination. The path displayed is a list of IP addresses assigned to routers that connect to one another to form the path. The ICMP packets contain a value called a Time To Live (TTL). The TTL value is 30 by default on a Microsoft-based PC and each router through which the packet passes, decrements that value by 1 before sending the packet on to the next router in the path. When the TTL value reaches 0, the router that has the packet sends an ICMP time exceeded message back to the source. The tracert command determines the path by sending the first ICMP echo request message with a TTL of 1 and then increases that TTL value by 1 until the target responds or the maximum number of hops is reached. The path is determined by examining the ICMP time exceed messages that are sent back by routers along the way and by the ICMP echo reply message that is returned from the destination. Routers that do not return the ICMP time exceed messages are shown by a row of asterisks (*).
7. How many hops does your tracert command show that the packet went through? Jawaban:
Step 5: Use the pathping command
1. A similar command that can be used on a Windows XP computer is pathping. This command combines the abilities of the tracert command with the ping command. From the command prompt, use the pathping command to determine the IP addresses of the routers used to create the packet path to another foreign country address. An example of the pathping command used to trace the path to Cisco is pathping www.cisco.com. Jawaban:
2. How many hops did the pathping command display to your remote destination? When do you think that you would ever use a tool like pathping or tracert?
Step 6: (Optional) Use the whois function
1. Some of the freeware tools include an option to perform a whois function. Whois is a separate program or integrated with a tool similar to tracert or pathping. It displays (and sometimes has a link) who owns the web link of either the destination URL (such as cisco.com) or any of the links along the path. Explore the freeware tool that you have downloaded and installed and determine if it has a whois function. If it does, use it to determine who owns the domain name of one of the previous destinations used.
2. Why would you want to use the whois function? Jawaban:
Step 7: Reflection
With a classmate, compare all of the commands used in this lab. Describe the purpose and benefit of each one. Which do you think is the most useful command?

Tugas CCNA lab 3.1.5

Lab 3.1.5 Building a Peer-to-Peer Network
Objectives
• • Design and build a simple peer-to-peer network using a crossover cable supplied by the instructor.
• • Verify connectivity between the peers using the ping command.
Background / Preparation
In this hands-on lab, you will plan and build a simple peer-to-peer network using two PCs and an Ethernet crossover cable. The following resources are required:
• • Two Window XP Professional PCs, each with an installed and functional Network Interface Card (NIC)
• • An Ethernet crossover cable
Step 1: Diagram the network
1. A network diagram is a map of the logical topology of the network. In the space below, sketch a simple peer-to-peer network connecting two PCs. Label one PC with IP address 192.168.1.1 and the other PC with IP address 192.168.1.2. Use labels to indicate connecting media and any necessary network devices.


Answere:
1. A simple network like the one you designed can use a hub or switch as a central connecting device, or the PCs may be directly connected. Which kind of cable is required for a direct Ethernet connection between the two PCs? Answere: Straight-through Cables
Step 2: Document the PCs
1. Check the computer name settings for each PC and make adjustments as necessary. For each PC, select Start and Control Panel. Double-click the System icon, then click the Computer Name tab. Write down the computer name that is displayed following Full computer name:
PC1 Name Computer 1
PC2 Name Computer 2
1. Check to see if the two PCs have the same name. If they do, change the name of one PC by clicking the Change button, typing a new name in the Computer name field, then clicking OK.
2. Click OK to close the System Properties window.
3. Why is it important that each PC on a network have a unique name? Answere: because if there are the same name of computer make the failed connections, and this is the rules of connections.
Step 3: Connect the Ethernet cable
1. Use the Ethernet crossover cable provided by the instructor. Plug one end of the cable into the Ethernet NIC of PC1.
2. Plug the other end of the cable into the Ethernet NIC of PC2. As you insert the cable, you should hear a click which indicates that the cable connector is properly inserted into the port.
Step 4: Verify physical connectivity
1. After the Ethernet crossover cable is connected to both PCs, take a close look at each Ethernet port. A light (usually green or amber) indicates that physical connectivity has been established between the two NICs. Try unplugging the cable from one PC then reconnecting it to verify that the light goes off then back on.
2. Go to the Control Panel, double click the Network Connections icon, and confirm that the local area connection is established. The following figure shows an active local area connection. If physical connectivity problems exist, you will see a red X over the Local Area Connection icon with the words Network cable unplugged.
3. If the Local Area Connection does not indicate that it is connected, troubleshoot by repeating Steps 3 and 4. You may also want to ask your instructor to confirm that you are using an Ethernet crossover cable.
Step 5: Configure IP settings
1. Configure the logical addresses for the two PCs so that they are able to communicate using TCP/IP. On one of the PCs, go to the Control Panel, double click the Network Connections icon, and then right click the connected Local Area Connection icon. Choose Properties from the pull-down menu.
2. Using the scroll bar in the Local Area Connection Properties window, scroll down to highlight Internet Protocol (TCP/IP). Click the Properties button.
3. Select the Use the following IP address radio button and enter the following information:
IP Address 192.168.1.1 Kelas C
Subnet Mask 255.255.255.0 Subnet mask default kelas C
1. Click OK, which will close the Internet Protocol (TCP/IP) Properties window. Click the Close button to exit the Local Area Connection Properties window.
2. Repeat steps 5a – 5d for the second PC using the following information:
IP Address 192.168.1.1
Subnet Mask 255.255.255.0
Step 6: Verify IP connectivity between the two PCs
NOTE: To test TCP/IP connectivity between the PCs, Windows Firewall must be disabled temporarily on both PCs. Windows Firewall should be re-enabled after the tests have been completed.
1. On PC1, on the Windows XP desktop, click Start. From the Start menu, select Control Panel, and double-click Network Connections.
2. Right-click the Local Area Connection icon and select Properties. Click the Advanced tab. Locate and click the Settings button.
3. Make a note of whether the firewall settings are ENABLED (ON) for the Ethernet port or DISABLED (OFF) for the Ethernet port.
4. If the firewall settings are enabled, click the Off (not recommended) radio button to disable thefirewall. The setting will be re-enabled in a later step. Click OK in this dialog box and the following to apply this setting.
5. Now that the two PCs are physically connected and configured correctly with IP addresses, we need to make sure they communicate with each other. The ping command is a simple way to accomplish this task. The ping command is included with the Windows XP operating system.
6. On PC1, go to Start, then Run. Type cmd, and then click OK. A Windows command prompt window will appear as shown in the figure below.
7. At the > prompt, type ping 192.168.1.2 and press Enter. A successful ping will verify the IP connectivity. It should produce results similar to those shown in here.
8. Repeat Steps 6a-6c on the second PC. The second PC will ping 192.168.1.1.
9. Close the Windows command prompt window on both PCs.
Step 7: Verify connectivity using My Network Places
1. A PC can share its resources with other PCs on the network. PCs with shared resources should be visible through My Network Places. On PC1, go to Start, click My Network Places, and then click View workgroup computers in the left panel.
2. Do you see an icon for the other PC in your peer-to-peer network? Answere: yes, I do.
3. What is the name of the other PC? Answere: à Cisco 27 and Cisco 28.
4. Is it the same name you recorded in Step 2? Answere: No, it is.
5. Perform Step 7a on the second PC.
6. Close any open windows.
Step 8: (Optional – Use only if the Firewall was originally ENABLED) Re-enable the firewall
1. If you disabled the Windows Firewall in Step 6, click Start, select Control Panel, and open the Network Connections control panel.
2. Right-click the Ethernet network connection icon and select Properties. Click the Advanced tab. Locate and click Settings.
3. If the firewall settings are disabled (and they were enabled before this lab began), click the On radio

CCNA Discovery 2 Module 8 Exam Answers Version 4.0

1. Which AAA service reduces IT operating costs by providing detailed reporting and monitoring of network user behavior, and also by keeping a record of every access connection and device configuration change across the network?
• authentication
• accreditation
• accounting
• authorization

2. Which three items are normally included when a log message is generated by a syslog client and forwarded to a syslog server? (Choose three.)
• date and time of message
• ID of sending device
• length of message
• message ID
• checksum field
• community ID

3. What is the advantage of using WPA to secure a wireless network?
• It uses a 128-bit pre-shared hexadecimal key to prevent unauthorized wireless access.
• It uses an advanced encryption key that is never transmitted between host and access point.
• It is supported on older wireless hardware, thus providing maximum compatibility with enterprise equipment.
• It requires the MAC address of a network device that is requesting wireless access to be on a list of approved MAC addresses.

4. A company wants to configure a firewall to monitor all channels of communication and allow only traffic that is part of a known connection. Which firewall configuration should be deployed?
• packet filtering
• proxy
• stateful packet inspection
• stateless packet inspection

5. A server log includes this entry: User student accessed host server ABC using Telnet yesterday for 10 minutes. What type of log entry is this?
• authentication
• authorization
• accounting
• accessing

6. What two measures help to verify that server backups have been reliably completed? (Choose two.)
• reviewing backup logs
• performing trial backups
• performing full backups only
• replacing tape backup with hard disk-based backup
• using an autoloader when backups require more than one tape

7. Which means of communication does an SNMP network agent use to provide a network management station with important but unsolicited information?
• query
• broadcast
• ICMP ping
• trap
• poll

8. Which three protocols are used for in-band management? (Choose three.)
• FTP
• HTTP
• SNMP
• Telnet
• TFTP
• DHCP

9. A hacker has gained access to sensitive network files. In analyzing the attack, it is found that the hacker gained access over a wireless segment of the network. It is further discovered that the only security measure in place on the wireless network is MAC Address Filtering. How is it likely that the hacker gained access to the network?
• The hacker used a software tool to crack the shared hexadecimal wireless key.
• The hacker obtained the MAC address of a permitted host, and cloned it on his wireless laptop NIC.
• The attacker mounted a denial of service attack to overwhelm the firewall before penetrating the wireless LAN.
• The hacker gained wireless access to the MAC address database and added his own MAC address to the list of permitted addresses.

10. A network administrator is assigning network permissions to new groups of users and employing the principle of least privilege. Which two actions should the administrator take? (Choose two.)
• Provide users with only the access to resources required to do their jobs.
• Provide the minimum level of permissions required for users to do their jobs.
• Remove all permissions from the users and grant permissions as they are requested.
• Allow users to decide how much permission they need to accomplish their job tasks.
• Provide full access to the users and gradually remove privileges over time.

11. Which three protocols describe methods that can be used to secure user data for transmission across the internet? (Choose three.)
• SMTP
• IPSEC
• SSL
• HTTPS
• FTP
• TFTP

12. Which benefit does SSH offer over Telnet when remotely managing a router?
• encryption
• TCP usage
• authorization
• connection using six VTY lines

13. Which of the following does SNMP use to hold information collected about the network?
• network management station
• network management database
• management information base
• database information agent

14. What are two potential problems with using tape media to back up server data? (Choose two.)
• Tape is not a cost-effective means of backing up data.
• Data tapes are difficult to store offsite.
• Data tapes are prone to failure and must be replaced often.
• Tape drives require regular cleaning to maintain reliability.
• Backup logs are not available with tape backup solutions.

15. What is the term for the public network between the boundary router and the firewall?
• "clean" LAN
• intranet
• DMZ
• extranet

16. Which two characteristics of network traffic are being monitored if a network technician configures the company firewall to operate as a packet filter? (Choose two.)
• applications
• physical addresses
• packet size
• ports
• protocols

17. When is the use of out-of-band network management necessary?
• when a server needs to be monitored across the network
• when the management interface of a device is not reachable across the network
• when enhanced monitoring features are required to gain an overall view of the entire network
• when it is desirable to use the information that is provided by SNMP

18. What network layer security protocol can secure any application layer protocol used for communication?
• HTTPS
• IMAP
• FTPS
• IPSEC
• TLS

19. Before a technician upgrades a server, it is necessary to back up all data. Which type of backup is necessary to ensure that all data is backed up?
• daily
• differential
• full
• incremental
• partial

20. What AAA component assigns varying levels of rights to users of network resources?
• auditing
• accounting
• authorization
• access control
• authentication
• acknowledgement

CCNA Discovery 2 Module 7 Exam Answers Version 4.0

1. Which two statements are true about the OSI and TCP/IP models? (Choose two.)
• The two bottom layers of the TCP/IP model make up the bottom layer of the OSI model.
• The TCP/IP model is a theoretical model and the OSI model is based on actual protocols.
• The OSI network layer is comparable to the Internet layer of the TCP/IP model.
• The TCP/IP model specifies protocols for the physical network interconnection.
• The TCP/IP model is based on four layers and the OSI model is based on seven layers.

2. To meet customer expectations, an ISP must guarantee a level of service that is based on what two factors? (Choose two.)
• accessibility
• adaptability
• availability
• reliability
• scalability

3. User1 is sending an e-mail to User2@cisco.com. What are two characteristics of the process of sending this data? (Choose two.)
• It utilizes TCP port 110.
• A TCP connection is established directly between the User1 and User2 client computers in order to send the e-mail message.
• It utilizes a store and forward process.
• The same application layer protocol is used to send the e-mail and retrieve it from the destination server.
• SMTP is used to send the e-mail message to the mail servers.

4. Refer to the exhibit. Host1 is in the process of setting up a TCP session with Host2. Host1 has sent a SYN message to begin session establishment. What happens next?
• Host1 sends an ACK message to Host2.
• Host1 sends a SYN message to Host2.
• Host1 sends a SYN-ACK message to Host2.
• Host2 sends an ACK message to Host1.
• Host2 sends a SYN message to Host1.
• Host2 sends a SYN-ACK message to Host1.

5. What are three characteristics of network reliability? (Choose three.)
• Redundant hardware provides enhanced reliability.
• Reliability is measured as a percent.
• Reliability is the responsibility of the ISP customers.
• Fault tolerance is a measure of reliability.
• The longer the MTBF, the greater the reliability.

6. Which two statements describe the FTP protocol? (Choose two.)
• It uses well-known port 23.
• The protocol interpreter is responsible for the data transfer function.
• In passive data connections, the FTP client initiates the transfer of data.
• It requires two connections between client and server.
• FTP servers open a well-known port on the client machine.

7. What is the function of the TCP three-way handshake?
• It enables the synchronization of port numbers between source and destination hosts.
• It immediately triggers the retransmission of lost data.
• It synchronizes both ends of a connection by allowing both sides to agree upon initial sequence numbers.
• It identifies the destination application on the receiving host.

8. What are three characteristics of HTTPS? (Choose three.)
• It uses a different client request-server response process than HTTP uses.
• It specifies additional rules for passing data between the application and data link layers.
• It supports authentication.
• It allows more simultaneous connections than HTTP allows.
• It encrypts packets with SSL.
• It requires additional server processing time.

9. Which DNS zone resolves an IP address to a qualified domain name?
• dynamic lookup
• forward lookup
• resolution lookup
• reverse lookup

10.

What type of update allows client computers to register and update their resource records with a DNS server whenever changes occur?
• dynamic
• zone transfer
• local recursive query
• root domain query
• top-level domain query

11. Refer to the exhibit. Which two statements are true about this file? (Choose two.)
• If the gateway address changes, the file will be updated dynamically.
• The command ping fileserv will use IP address 172.16.5.10.
• If the ping www.cisco.com command is issued, the file will be checked for the Cisco web server IP address before DNS is queried.
• The file must be created by the user if it is to be used by a workstation.
• Name to IP address mappings are added to the file after they are received from DNS.

12. Which two tasks are the responsibility of the local DNS server? (Choose two.)
• maintaining a large number of cached DNS entries
• maintaining the ISP server
• mapping name-to-IP addresses for internal hosts
• forwarding name resolution requests to a caching-only server
• forwarding all name resolution requests to root servers on the Internet

13. What are three unique characteristics of UDP? (Choose three.)
• connection oriented
• full-duplex operation
• low overhead
• no flow control
• no error-recovery function
• reliable transmission

14. A manufacturing company is looking into subscribing to services from a new ISP. The company requires hosted world wide web, file transfer, and e-mail services. Which three protocols represent the key application services that are required by the company? (Choose three.)
• FTP
• HTTP
• ICMP
• PPP
• Telnet
• SMTP

15. Which two options correctly match protocol and well-known port number? (Choose two.)
• DNS - 25
• FTP - 110
• HTTP - 80
• POP3 - 25
• SMTP - 25

16. Within TCP, what combination makes up a socket pair?
• source port with destination port
• source IP address with destination port
• source IP address and destination IP address
• source IP address and port with a destination IP address and port

17. Which protocol is used to send e-mail, either from a client to a server or from a server to another server?
• SNMP
• FTP
• SMTP
• HTTPS

18. Refer to the exhibit. The PC is requesting HTTP data from the server. What is a valid representation of source and destination sockets for this request?
• Source - 192.168.1.17:80 ; Destination - 192.168.2.39:80
• Source - 192.168.1.17:80 ; Destination - 192.168.2.39:1045
• Source - 192.168.1.17:1045 ; Destination - 192.168.2.39:80
• Source - 192.168.1.17:1045 ; Destination - 192.168.2.39:1061

19. What type of DNS server is typically maintained by an ISP?
• caching-only
• root
• second-level
• top-level

20. A client is communicating with a server on a different segment of the network. How does the server determine what service is being requested by the client?
• The server will apply the default service configured in directory services.
• The server will use ARP to discover the appropriate service from the local router.
• The server will send a request to the client asking for the appropriate service.
• The server will determine the appropriate service from the destination port field.

21.

When a host is communicating with multiple applications on the same server at the same time, which of the following will have the same value for each session? (Choose two.)
• IP address
• MAC address
• session number
• sequence number