Everything Else

Cisco CCNA test... - Page 1

Sometime kindof soon I will be needing to get a real job, and I decided that having a cisco certification would be useful. I don't really think that they teach you all that much in the certification, but it looks like it makes a big difference when a prospective employer considers you.

I got the 2 self study books (INTRO & ICND) and have been going through them. It seems to me that they have a huge focus on memorization, but maybe that is just be. I tend to think that memorizing things is a waste of time - what you don't know you can look up, and if you use it often you will quickly learn it because you are using it. How many people have a boss tell them "do this, and you can't look up any information?" Anyway, that is beside the point.

What I am really wanting to know is a) how close are the practice tests to the real thing; b) about what grade is passing (90%? 80%? 70%? 107%?), and is there anything specific that I should worry about?

If you have anything helpful to say (without violating cisco's test agreement thing) I would appreciate it.

Well, I am going to go back to wishing that IOS had a halfway decent shell.

_________________
-WolvesOfTheNight
uhh with the shell comment, if you're griping about what I assume you're griping about, maybe you should explore other terminal packages.

as for passing grade, I think it's changed recently, but iirc for me it was about 85%.

as for how to prepare for it... know subnetting backwards and forwards... it's broad ranged, so you have to know most of the stuff. last time I took it you could use the help functions so it was less memorization required there. sorry, it's been a while.
Heh. A "real" job.

I would suggest the Sybex book by Todd Lammle. It really is the best text on the market for beginners. You shouldn't really be memorizing IOS commands and subnetting, you should be learning how Cisco tends to build IOS commands and you should be able to subnet in your sleep. On the Cisco exams, believe it or not, practical experience pays better than memorization and reading lengthy descriptions of various protocols and their behavior.

You'll need to be able to configure single-area OSPF, (E)IGRP and RIP (no BGP, IS-IS or multi-area routing).

Have a decent understanding of WAN technologies and which are packet, circuit and cell switched, as well as how to troubleshoot a serial (DS*) and frame relay interface.

You'll need to be able to identify which switch in a stack is the root switch, how it got elected and which ports are blocking, as well as how STP determines which ports *to* block.

You'll need to be able to configure and troubleshoot basic VLANs and dot1q trunks (no ISL).

Be able to quickly troubleshoot basic routing issues based upon sh ip int, sh run and sh ip routing commands.

Passing is 875/1000, and the possible range is 300-1000, you'll have 90 minutes to take the test, with 2-3 sims/simlets that will take up most of your time.

If you have any (more specific) questions, feel free to ask me via PM or email. Hope the brain dump helps. :wink:
OK, that is about what I was expecting. I will spend more time on subnetting, though I am OK at it right now (my big problem is making little math errors). Actually, the binary math is something that my CS profs moaned about in a number of classes and I am OK at. Also, the subnetting seems more like a more useful thing to know than which trunking protocols fully encapsulate the data and which just add a header (one of the practice questions asks something like this).

Otherwise, I will go through your list and see how I am doing on each thing.

As for the shell thing, I don't thing that it my terminal setup (same one that I use on my O200). Mostly, the IOS CLI seems like something that I would expect out of the 70s or 80s. It has a very basic help system and very simple interface. For example, you can not edit an access control list - you can append it or delete it. My book recommends that you type it all up in a text editor and then paste it in. Come on, would it really be that hard to include something like vi or emacs (or even pico) to edit such things?

Back then it was really important to keep the load on the processors down, and a spiffy shell could take up a good bit of power, this made since. Now we have faster computers and can use better shells (or in many cases waste them on iCandy).

Yes, I know that there are windows programs that provide an easier interface to set stuff up. You can save the config file elsewhere and edit that (though the CCNA book has not said much about actually doing this). The CCNA stuff wants you to use the IOS CLI. Also, the windows programs won't work on linux, mac, or my O200 :( . Well, OK, I would not drag an O200 around to talk to a switch, but you get the idea.

Anyway, I will let you know if I have any specific questions. Thanks!

_________________
-WolvesOfTheNight
Hint from the Pros:

Named access lists *can* be edited line-by-line in the shell. Each line is assigned a number starting at 10 and incrementing by 10 for each line. When adding/removing specific access-list entries, specify the sequence number:

Access list:
Code:
ip access-list extended INBOUND
permit tcp any host 10.10.10.10 eq www
permit tcp any any www
deny ip any any log


Code:
sh ip access-lists
Extended IP access list INBOUND
10 permit tcp any host 10.10.10.10 eq www (0 matches)
20 permit tcp any any www (0 matches)
30 deny ip any any log (0 matches)


To remove an entry, simpy:
Code:
conf t
ip access-list ext INBOUND
no 10


Adding a new entry is just as trivial:
Code:
conf t
ip access-list ext INBOUND
15 permit tcp any host 10.10.10.10 eq www
That is worth knowing. My CCNA book just said that you can't do it! If I end up with a job doing a lot of work on cisco stuff I expect that I will need to learn a lot more about them. Just working with the stuff is the best way to learn it. The problem is that telling people in a job interview that you don't know it but can learn it does not sound nearly as good as being able to tell them that you know something about it. Thanks!

_________________
-WolvesOfTheNight
Yeah, I know. Most Cisco texts will neglect that particular feature. Why? I don't know. :?

I didn't take my CCNA until after about 6 years of working with Cisco devices day-to-day. I'm now working on my CCNP (two more tests! woohoo!), and aspiring toward CCIE status.

After I really got involved in Cisco work, I decided to purchase some equipment for a lab environment (much like I do with nearly everything else I do... I prefer hands-on experience to a paper trail), and have very much enjoyed doing work at the lower layers of the protocol stack. It's very refreshing to get through a day without hearing about some new Windows bug, or some such garbage (not that it effected me when I was admining UNIX boxen, but still...).

One note that many books will also neglect: the CCNA no longer involves *any* 1900 series switch work or 2500 series routers. Most books will cover the 1900/2500 as they were the de facto switch/router combo for the CCNA's simlets. That is no longer the case.

A 2924 or 2950 switch and a 2600 series router is recommended for reference, now.
My books (2005 edu) admit that the test does not use 1900 switches! They say that you do not need to know them for the test, but have an appendix on them in case you have some around.

Good luck on the CCNP! I doubt that I will ever do one unless my employer wants me to. I feel that just being able to do stuff is far more important than the certification, but I hear that managers do not always see it that way.

_________________
-WolvesOfTheNight
Thanks Wolves! I feel the same way; practical, applicable knowledge is nearly always more valuable to me than the ability to pass a test, but I'm always up for a challenge! I've found the Cisco exams to be a pretty good indicator of one's field knowledge, though. They seem to hit the mark closer than other trade certs.
WolvesOfTheNight wrote:
Good luck on the CCNP! I doubt that I will ever do one unless my employer wants me to. I feel that just being able to do stuff is far more important than the certification, but I hear that managers do not always see it that way.

Decent managers would agree but how can they tell in a fifteen minute interview exactly who can and who cannot do the work ? Many people are excellent bullshit artists. A certificate from a reputable testing concern at least proves some real-world capabilities..
These guys know their shit.

Never grabbed my ccna personally, ios and pixos really arent that hard to begin with. One thing about the cisco certs, alone they arent worth shit. With experience, they can help you demand a higher salary.

That, and they are some of the only certs still respected.

Hamei:

Who would you rather hire? the kid who knows enough pixos to fuck your routing tables oldschool? Or a bullshit artist who wont even do the job? :P
Are the simlits something like you have 3 routers connected to each other, a switch connected to each router, and 3 computers on each switch. Then they want you to subnet a class A network, assign IPs to everything, and make it all work? There was a practice section in the book like this.

So far, in the practice questions the worst that I have had to do is configure 2 routers in some simple way, which did not take very long.

_________________
-WolvesOfTheNight
Something like that. Typically in a simlet, you'll get a partially setup network or a network with some issue to troubleshoot. You'll be given consoles into the appropriate network devices, and some addressing information. You can check out Cisco's site for some practice exams (they're flash-based, you're forewarned).
Hamei - you have a good point, and it is one big reason that I am working on the cert (in an interview that I had awhile back they liked the fact that I was working on one). However, I really wish that there was a better way to do it. I really don't like the feeling that the companies are just selling certs to make more money more than to help people.

Ipaddict - thanks for the info. I have had mini problems in the test questions, but not any big ones. Hopefully I will be ready, though you are right about the best way to learn being through real life experience. Of course, that makes the chicken & egg problem of needing a job to learn the stuff for the cert and wanting the cert to help get a job in the first place...

_________________
-WolvesOfTheNight
VenomousPinecone wrote:
Hamei:

Who would you rather hire? the kid who knows enough pixos to fuck your routing tables oldschool? Or a bullshit artist who wont even do the job? :P


I'd hope that the difficulty of getting the certificate would eliminate the bullshit artists. I'd have no problem with "a kid who can run the routing tables" but it's not that easy to weed out the kids who claim they can run routing tables oldskool from the ones who really can in a fifteen minute interview. Sure, you can get a good idea (usually - some people are excellent bs artists. If they put as much work into learning the material as they do into learning the buzzwords ... anyway ...)

But if you have 250 applications, that's a lot of interviewing. Cut it down to the ones who've put the effort into getting the paper-with-gold-star and you've cut the numbers in half. I agree with what you're saying but the paper with gold star really can help when choosing whom to hire. Or maybe more accurately, when choosing whom to look at more carefully.

edit : hmm. Pinecone, I misread your verb. Not sure what your meaning is now :oops:
hamei wrote:
I'd hope that the difficulty of getting the certificate would eliminate the bullshit artists.

...the paper with gold star really can help when choosing whom to hire. Or maybe more accurately, when choosing whom to look at more carefully.


The problem with BS artists is that they will lie and say they have a cert that they dont have just to help them land a job (for some reason I am having a flashback to my first job after my internship... :P )

If you are using it to whittle down candidates I dont see a problem. The problem I see is HR management following the mantra of "If the field has a cert, and you dont, you obviously dont know what your talking about despite your experience".

I guess my point was; the last person I want poking around in my Peecee is a 17 year old kid with an A+ certification. With a basic understanding of a complex system you can cause more harm than good if you make a mistake.

Quote:
edit : hmm. Pinecone, I misread your verb. Not sure what your meaning is now :oops:


Eh, no big deal, your response was still valid.
looks like there's some people here with Cisco hands-on, so mine the knowledgebase ?

It's time to upgrade the network here. Pix would be nice but they aren't gonna go for that. Maybe next year. Heck, I had to throw a fit to justify the $50 D-Link router. (Originally they had a fiber-optic connection going straight into an unmanaged switch; they paid for ten static IP's (one for each box in the office) where they then installed Windows XP which everyone ran as administrator with no passwords. There must be a worse method out there but I haven't heard of it.)

Anyway, a 2900-series switch should be fine and it'd be easy to choose a router if I had unlimited funds. However, money is tighter than a .. right. Considering the cheapass manglement here, what would be the best deal in used routers ? Current needs are simple - 10/100 fast ethernet. One day tho, I'd like to kick Skype into the trash and get real VOIP. Also, it would be nice to eventually replace the el-crappo optic-to-ethernet transceiver with a medium-length optical WAN connection right into the router ? For wireless we can live with the Dropped-Link subnet ... keeping economics and future expandability in mind, what would you experienced Cisco admins recommend ?
hamei wrote:
looks like there's some people here with Cisco hands-on, so mine the knowledgebase


The nick isn't coincidence... :wink:

hamei wrote:
It's time to upgrade the network here. Pix would be nice but they aren't gonna go for that. Maybe next year.


Well, when you are: a 506E is a nice little small-office, VoIP-capable PIX. The price really isn't bad, either. If you need something a bit heavier duty, the quintessential 515E works great and the ASAs aren't really presenting any compelling reasons to upgrade off of PIX hardware, yet.

hamei wrote:
There must be a worse method out there but I haven't heard of it.


You're right. That's disgusting. But alas, it isn't the only similar case I've heard of. :roll:


hamei wrote:
Anyway, a 2900-series switch should be fine


Yup. A 2924/48 or 2960 (preferred) provides a good access-layer foundation for growth. Eventually, you may add another 2900 series, and maybe a 3550/3560/3570 to do VLAN routing and QoS tagging for you. Especially, with VoIP, a layered approach will be more robust and flexible in the end. However, the 2900 is a fine switch to begin with.

hamei wrote:
10/100 fast ethernet. One day tho, I'd like to kick Skype into the trash and get real VOIP. Also, it would be nice to eventually replace the el-crappo optic-to-ethernet transceiver with a medium-length optical WAN connection right into the router ? For wireless we can live with the Dropped-Link subnet ... keeping economics and future expandability in mind, what would you experienced Cisco admins recommend ?


Well, everyone has FastEthernet on their routers. Really, that isn't a hard requirement to meet. Even the "lower tier" Cisco kit is getting GigE now (2800 Series). The 2800 would be perfect for you. The 2811, for example, can have 2 built-in GigE ports, it can have L2/3/4 switch modules added as the need may arise, WLAN Management interfaces, a GigE SFP (fiber) HWIC for WAN access, and all the Call Manager integration you could ask for. Note the 2801 won't suit your application, but any of the other 2800 series would do just fine and grow with your company.
You should not come to me on an interview with a CCNA only as I willnot hire you.

_________________
LAMMEN GORTHAUR
chervarium wrote:
You should not come to me on an interview with a CCNA only as I willnot hire you.


What a cheery greeting. Are all Bulgarians so welcoming? Perhaps the next time you feel like saying something in this veign you could provide some useful feedback for those individuals who may be interested? That would be undoubtedly be appreciated more than a verbal door-slam. :roll: