Sunday, 1 May 2011

Cost effective study for CCNA

Cisco's CCNA is a very useful qualification for an Ethical Hacker or Penetration tester, as it helps gain a good basic understanding of most LAN and WAN technologies, as well as configuration of Cisco routers and switches, which are commonly used in many networks.

Here are a few tips for studying for a CCNA on a limited budget.

Self study is best
For me, I usually find that self-study is the most effective, as it can be a waste of time listening to a tutor going over material I already know, just for a few gems that I don't.

I feel that I can usually cover more ground in less time with, Google,, some practical examples in a virtual environment, and a few books or articles on the web.

When studying for CCNA, I recommend using multiple study materials, including books, CBT, lots of real or simulated practice, and test material with realistic example questions.

Cisco website
First sign up for an account on the Cisco website. This gives you access to a fair bit of material, including the following syllabus and useful links for CCNA

CCNA Books
You can usually pickup cheap CCNA books on Ebay. I have various books that I bought on Ebay very cheaply. Some were a little old and focused on the 640-801 exams, but most of the core material is the same as for 640-802
(There is a digest of the differences between the 640-801 and 640-802 exams at the following location

I read the ExamCram books. I had some Cisco books as well, but those seem to be very verbose and cover a lot of basics and irrelevant material.

There are some great free cheat-sheets I found here:

Most important - Simulated routers and switches GNS3

I feel this part is essential. When studying for a CCNA you really need an environment that you can hack around with, build lots of different setups, break it, fix it, and generally get your hands deep in the command-line.

GNS3 is a great piece of software, which can enable you to replicate pretty much any type of Cisco router configuration. This is a great help when studying CCNA.

More information here::

I installed my copy of GNS3 on a copy of Backtrack Linux (which I often use as my main OS). You can do this with the following command (don't bother with the Linux compile and install instructions that you may find online)

apt-get install gns3

GNS3 is not totally intuitive to begin with, and it takes a few hours to get used to it, but once you do it is an incredibly powerful tool for real world experience of configuring different protocols and topologies.

One tweak you might want to make on Backtrack is to change the terminal emulator command in GNS3 as follows:

(Backtrack 5)
/usr/bin/konsole --new-tab -e /usr/bin/telnet %h %p > /dev/null 2>&1

(Backtrack 4)
/opt/kde3/bin/konsole --notabbar --nomenubar -T %d -e /usr/bin/telnet %h %p >/dev/null 2>&1 &

Other than that, there is a great tutorial on how to use it at the following location which contains information about setup on both Linux and Windows, connecting virtual machines, and various test configurations:

Here is an example network I quickly created with a WAN and LAN:

Of course this network is completely simulated, so you can also try to secure it, and attack it to your hearts content (try cracking the Telnet or SSH passwords, or uploading malicious configs, to sabotage the routers and switches to intercept traffic for example - or is that just me ;o)

Anyway it's a good idea to use this environment to practise lots of cisco commands and configurations.

This is a useful guide to the basic commands required for the CCNA

1 comment:

  1. Great post! I am actually getting ready to across this information, It's very helpful for this blog.Also great with all of the valuable information you have Keep up the good work you are doing well.
    PEGA Training in Chennai