Antennas

Polarization

• Vertical
• Horizontal
• Circular
• Point-to-point - antennas must have the same polarization

Radiation Patterns

• Radiation pattern chart -  describes the signal sent by an antenna
• There are two fields that antennas radiate their power
• E-Plane
  • The elevation plane, or elevation chart - side view
  • Composes the electric field vector
• H-Plane
• The horizontal plane, or azimuth chart - top view
• Composes the magnetic field vector

RF Math

• Watt - energy measurement represents one Joule per second
• Decibel - logarithmic unit used to express the ratio between two values
• dBm- compare the relative power between two signal expressed in mW
○ 0dB = same power as measured
○ 3dB = Twice the power
○ 10dB = 10X the power
○ -3dB = Half the power
○ -10dB = 1/10 of the power

                -dBm = 10*Log10(mW)
                 mW = 10(dBm/10) 

Radio Frequency (RF) Fundamentals

Frequency - how fast a cycle repast itself
Wavelength - how wide is one cycle
Amplitude - related directly with power
Hertz (Hz) - how often a wave repeats per second

Low frequency travels further than higher frequency because it is less affected by the air

RSSI - Received Signal Strength Indicator
• Closer to zero better
• Negative value measured in dBm

Wireless Network and Topology

Types

• WAMP -Wireless personal area networks 
  ○ Range up to 30feet
  ○ 802.15standard
  ○ Low power , easy to use, low cost. 
  ○ E.g. Bluetooth
  
• WLAN - Wireless local area networks
  ○ Range about 300 feet
  ○ More power consumption
  
• WMAN - Wireless metropolitan area network
  ○ Range-city or suburb
  ○ Most of the time uses licensed frequencies
  ○ E.g.WiMAX
  
• WWAN - Wireless wide-area network
  ○ Very large distance coverage
  ○ Uses licensed frequencies
  ○ GSM is the most common in the world. CDMA, int he US and Japan 
  ○ E.g. Mobile phones network 

Layer 2 Security

SW-1

!----Task 1: Configure Root Bridge

!--Step 3. As sign S W-1 as a s econdary root bridge.

!

enable

ciscoenpa55

configure terminal

!

spanning-tree vlan 1 root secondary

!

!----Task 2: Protect Against STP Attacks

!--Step 3. Enable root guard.

!

Configure IOS Intrusion Prevention System (IPS) using CLI

R1

!----Task 1: Enable IOS IPS

!--Step 2. Create an IOS IPS configuration directory in flash.

!

enable

ciscoenpa55

!

mkdir ipsdir

!

!--Step 3. Configure the IPS signatures torage location.

!

Configuring a Zone-Based Policy Firewall (ZPF)

!----Task 2: Create the Firewall Zones on Router R3

!--Step 1. Create an internal zone.

!

ciscoconpa55

enable

ciscoenpa55

configure terminal

!

zone security IN-ZONE

!

!--Step 2. !--Step 2. Create an external zone.

!

Configuring Context-Based Access Control (CBAC)

R3

!----Task 1: Block Traffic From Outside

!--Step 2. Configure a named IP ACL on R3 to block all traffic originating from the outs ide network.

!

ciscoconpa55

enable

ciscoenpa55

Configure terminal

!

ip access-list extended OUT-IN

deny ip any any

exit

!

!--Step 3. Apply the ACL to interface Serial 0/0/1.

!

Configure IP ACLs to Mitigate Attacks

R1

!---- Task 2: Secure Access to Routers
!-- Step 1. Configure ACL 10 to block all remote access to the routers except from PC-C.
!
ciscoconpa55
enable
ciscoenpa55
config terminal
!
access-list 10 permit 192.168.3.3 0.0.0.0
!
!-- Step 2. Apply ACL 10 to ingress traffic on the VTY lines.
!

Configure AAA Authentication on Cisco Routers

R1

!---- Task 1:      Configure Local AAA Authentication for Console Access on R1

!-- Step 2.      Configure a local username on R1.

!

enable

ciscoenpa55

configure terminal

!

username Admin1 password admin1pa55

!

!-- Step 3.      Configure local AAA authentication for console access on R1.

!

aaa new-model

aaa authentication login default local

!

!-- Step 4.      Configure the line console to use the defined AAA authentication method.

!

CCNA Security Solutions Configure Cisco Routers for Syslog, NTP, and SSH Operations

R1
!----Task 1: Configure routers as NTP Clients.

!-- Step 2. Configure R1, R2 and R3 as NTP clients.

!

enable

ciscoenpa55

config terminal

!

ntp server 192.168.1.5

do show ntp status

!

!-- Step 3. Configure routers to update hardware clock.

!