There's a Lot More on Dave's Help Page for Cisco® Certification!

Dave's Study Tips for CCNA™ Exam 640-607

This website and the materials offered herein are neither affiliated with nor endorsed by Cisco Systems, Inc. "Cisco", "CCNA", "CCNP", "CCDA", and "CCIE" are all trademarks owned by Cisco Systems, Inc.

This page is focused on a now-obsolete exam.  There are a precious few who can still take it.  If that is you, then this page should help you.  If not, then check my 640-801 page.

In March of 2002, Cisco changed the format of the CCNA exam, and renumbered to 607 (from 507).  Out of curiosity, I took the exam in April, and, to my surprise, scored a 1000 (a.k.a. 100%)!  After taking more than 20 certification exams from various vendors, this is the first perfect exam score for me.  I'd like to share with you some of my study tips to help you do well on this exam yourself.

A good site to help you prepare is SemSim, which provides training for Cisco certification exams through exam and router simulation. Their site includes free learning center for cisco exams CCNA, CCDA, CCNP.

General Matters
Before I get to my study notes, I want to cover some matters regarding certification exams in general.  Following these principles will help you do better in any certification exam you take.

First, read the questions SLOWLY.  Many vendors love to write questions for folks who read too fast.  Most exams provide sufficient time in which to finish them.  Take your time!  Many mental mistakes are made by people who rush through the questions.  Second, don't forget the process of elimination.  I am amazed at how many times that I've been able to "guess" the correct answer simply because I knew that the other suggested answers could not possibly be right.  Typically, you will be able to easily eliminate all but two of the correct answers (or one, if you are fortunate enough).  Then you can focus your mental energy on the remaining two.

Remember to get a good night's rest.  Also, be relaxed!  I usually remove my shoes (it's hard to be tense in your stocking feet), and I normally spend a brief time in prayer before the exam - and during!  ;o)

Finally, there is no substitute for knowing the material.  In the case of the CCNA exam, you should either have access to routers and switches (preferably of the Catalyst 1900 series).  If not, then purchase a decent simulator, such as the virtual lab platinum edition (for the 640-801).  Practice tests can only help you so much.  The exams are rarely written in the exact same way as the practice tests.  Know the material, and you'll do well!  For a book, I would recommend Sybex's CCNA study guide.

Now, on to my study notes...

Exam Overview
According to Cisco, the CCNA exam can have anywhere from between 45-55 questions, and you are allowed up to 75 minutes to complete it.  For a list of exam topics, visit Cisco's official page for the CCNA 640-607 exam.  You should print that page out, as it provides a good checklist of what you need to know.  You will not be able to go mark any of  your answers to view later.  Once you finish a question and move on, you are forever done with that question.

As with the 640-507 exam, Cisco has dropped many references to legacy systems in their exam prep literature.  For example, I wouldn't worry too much about AppleTalk.  I recently discovered (in March 2003) that, acccording to Cisco's official list of exam objectives, references to IPX routing have been dropped from this exam.

For the first time in a CCNA exam, Cisco has incorporated a router simulator for some of the questions.  If you have recently been through a Networking Academy, you probably used a product called Router eSIM©.  That's the same basic product used for the simulations you will find on the exam.  If you have not used this product, you can practice with the new Exam Interface Tutorial at Cisco's web site.  The simulator on the exam is quite functional.  You can exam the contents of your running and startup configs, for example.  If you have practiced quite a bit on a simulator or real router, you should not have too many problems with the simulations, as you will probably be asked to enter in some rather basic configuration information.  Just make sure you are doing the right router and the right interface!

In addition to a few simulations, you may be faced with the prospect of typing in the answers to a small number of questions.  If you do, you will be prompted to make sure you are finished when you try to go to the next question.  The rest of the questions will be multiple choice (choose one correct answer), or multiple answer (choose two or more answers).  

This is the third major revision of the CCNA exam.  Each revision has seen a better accommodation of the Networking Academy curriculum.  I have been through both the ICND and the Netacad curriculums, and the 640-607 now better reflects the Netacad curriculum.  The 640-507 seemed more geared to the ICND.  However, taking the ICND should still prepare you quite well for this exam, as the objectives have not changed from the previous one.

Although the questions will be given to you a very random order, the final score is based on how well you did in each of 8 sections.  I will arrange my study notes according to these sections...

Bridging & Switching
Know the difference between a bridge and an Ethernet switch!  Bridges use software to implement bridging, whereas switches do their switching based on hardware.  Also, switches usually have more ports than bridges.

Understand the how's and why's of the spanning tree protocol (STP).   Be familiar with the various switching methods, and know the difference between cut-through and store-and-forward switching.  

Make sure you know how to configure a switch for VLANs, and know what frame tagging does!  Also, remember that a host in one VLAN is in a separate subnetwork from a host in another VLAN.  They cannot ping each other without the aid of a router.  VLANs create their own broadcast domains as well.

Know also that VLANs can be created from a central site using the VLAN Trunking Protocol.  When configuring this, understand the three VTP modes (server, client, and transparent), what is unique to each, and the role that VTP domains play.

How well do you know your MAC addresses?  You need to know that they are 48-bit, hexadecimal (12 digit) addresses.  An example of a valid MAC address would be 1A2B3C4D5E6F.  

Remember that bridges and switches are layer 2 (data link layer) devices!

OSI Model & Layered Communications
Know the terms for the PDU (protocol data unit) at the various levels.  At layers 7 through 5, they are simply called Data.  At layer 4 they are called Segments, at layer 3 they are called Packets, at layer 2 they are called Frames, and at layer 1 they are referred to as Bits. 

Know what can happen to the data at the Presentation layer (e.g., ASCII and EBCDIC, JPG and MPG).  The point is that it is the data structure that is changed here.  Any encryption you use would also occur at the Presentation layer, in addition to data compression.

The Session layer can be hard to correlate to networking.  Know that it services the Presentation layer, and that it manages sessions between hosts.  You will find NFS and SQL residing here, in addition to RPC. 

A key toward understanding the Transport layer is to link "connection-oriented" and "end-to-end" services.  There is also a three-way handshake required for a TCP session to begin.  If you want to "bypass" the transport layer and its connection-oriented feature, then you would use the UDP layer 4 protocol.

The Network and Data Link layer questions should be pretty easy to recognize.   The buzzwords for Network layer are "path" and "route" and "logical" addressing.  Routers typically function at this layer, and also act as broadcast firewalls.  The Data Link layer is where the MAC (hardware) address is found, and where the NIC, bridges, and switches operate.  

Know how the four layers of the TCP/IP model map to the seven layers of the OSI model.  For example, the Internet layer of the TCP/IP model is the same as the Network layer of the OSI model.

Routed Protocols
You must know the difference between a "routed" protocol and a "routing protocol"!  Routed protocols are simply those protocols by which data can be routed.  Required in such a protocol is an addressing scheme whereby you can identify the network to which a host belongs, in addition to identifying that host on that network.  Examples of a routed protocol are IP, IPX, and AppleTalk.  All hosts on an internetwork (routers, servers, and workstations) can utilize the services of a routed protocol.

A routING protocol, on the other hand, is only used between ROUTERS!  Its purpose is to help routers building and maintain routing TABLES.  

The only two routed protocols you should worry about are IP and IPX (but, again, Cisco appears to have dropped references to IPX).

Regarding IP, make sure you know how to subnet!  If you cannot subnet (or are weak in this area), you stand a fairly good chance of failing this exam.  Understanding how to subnet will not guarantee that you will pass this exam, but not understanding subnetting will guarantee the other outcome!  

If I gave you an IP address and its subnet mask, could you: tell me the subnet ID of that host, the last USABLE host on that subnet, the subnet broadcast address, in addition to the number of possible subnets and hosts per subnet?  If you feel that you are not strong in subnetting, then go to the learn-to-subnet website.  

You will need to know how to recognize a subnet mask in its dotted decimal form (e.g., and by using a bit count (e.g., /28).   You should also know which bits must be off and on in the first octet for the various classes of IP addresses (e.g., Class B would have "10" in the first two bits).

Routing Protocols
The CCNA objectives only require that you know how to configure RIP and IGRP.  However, you do need to know about the three classes of routing protocols (distance vector, link state, and hybrid), and which protocol belongs to which class.  OSPF is the only link state protocol with which you need to concern yourself, and EIGRP is the only hybrid protocol.  Everything else is belongs to the distance vector category.  Know which protocol has a lower administrative distance (IGRP vs. RIP), and that static routes normally have a lower administrative distance than both (if you use the defaults).

When configuring RIP or IGRP, make sure that you also know how to turn on the attached networks so that they will start sending and receiving routing updates.  Also remember that IGRP requires the addition of an autonomous system number.

Be familiar with the metrics RIP and IGRP use in determining the best path through which to route.  RIP for IP only uses hops (RIP for IPX uses ticks and hops) and IGRP uses Bandwidth, Delay, Reliability, Load, and MTU.  But, by default, IGRP only uses Bandwidth and Delay.  

Remember that "show ip route" displays the contents of your routing table.

WAN Services
You should expect to see a lot of questions related to WANs and serial interfaces.  Know your basic WAN terminology, including the differences between DCE and DTE, and what "CO", "demarcation," and "CPE" mean.

Generally, routers will function as DTE devices, because they will receive their clocking from a DCE device, such as a CSU/DSU.  However, if you have no DCE device between to two routers and their serial connections, then the router, which has the DCE end of the cable, will require additional configuration at the serial interface.  The command is "clock rate" and the rate is measured in bits.  

Do not confuse the "clock rate" command with the "bandwidth" command.  Both are done in config-if mode, but bandwidth does not control the clock speed of the interface.  Bandwidth is simply informational and is used as routing metric for IGRP.  It is measured in kilobits.  So, a DCE interface with a clock rate of 56000 bits would use a bandwidth statement of 56.

When encapsulating with PPP, you have the option of using two different authentication methods.  PAP uses a two-way handshake and transmits the username and password as clear text.  CHAP is preferred, as it uses a three-way handshake and does not transmit any username or password over the wire.  You should know that LCP is responsible for setting up a PPP connection, and that NCP is used for negotiating a network transport protocol.

Concerning ISDN, know also the difference between BRI and PRI ISDN, and how the channels work.  2-B @ 64k and 1-D @16k = 144kbps.  Remember that the D channel is for signaling and the B channels are the ones that actually transmit the data..  Pay attention to your questions.  Are they asking for the total of the B channels (128)  or the total for all BRI channels (144)?  Also know that there are two different layer-2 encapsulations in ISDN.  The B channels can use either HDLC (the default on any serial interface) or PPP.  The D channel uses LAPD.

When using ISDN and DDR (dial-on demand routing), know how to use the "dialer group" command to assign a "dialer list" (which are used to define "interesting traffic") to an interface.  

When employing frame-relay on a router, one should know how to display configured DLCI’s.   Type "sh frame-relay pvc."  Also, if you do the "show interface serial" command after setting Frame-Relay encapsulation, you'll see a lot of stuff (such as LMI information).  Know that DLCI's have only LOCAL significance, and that they identify a logical link between a router and the nearest frame-relay switch.  

All of your frame-relay configuration commands are done at the interface. The default encapsulation is "Cisco," but if you are communicating with a non-Cisco router on the other end, then you will need to change that encapsulation to "IETF."  

If you are using Cisco IOS 11.2 or later, then the LMI-type is automatically sensed.  

Understand how split horizon can affect a frame-relay interface.  If you have a point to multipoint situation, then a routing update may not be passed on, as split horizon does not permit the passing of a routing update back out the same physical interface.  The solution is to use point-to-point connections on a subinterface.

When using subinterfaces in frame-relay, it is recommended that you remove the IP address from the physical interface.  You also MUST specific point-to-point or multipoint when using subinterfaces.  There is no default.  If using point-to-point, then each subinterface will have a separate subnet ID.  In a multipoint situation, all routers connected to that interface will share the same subnet address.

Network Management
This section will require that you understand how to use the basic troubleshooting tools, such as ping, telnet, tracert, netstat, etc.

Understand the difference between ping your loopback address (, your NIC's IP address, and the address of another host.  If you can ping, that means that the TCP/IP protocol stack has initialized properly.  If you can ping your NIC's IP address, then that means that your NIC is working properly.  If you can ping another host, that means that you have connectivity.

Make sure you understand Access Lists, including knowing the ranges for the various standard and extended lists.  For example,  1-99 is for IP standard lists, 100-199 is for IP extended lists, 800-899 is for IPX standard lists, and 900-999 is for extended IPX access lists. For IPX SAP filters, the range is 1000-1099.  Don’t forget the implicit "Deny Any" traffic statement at the end of each list! Also, know the two ways to monitor the access lists you create: "show access-lists" (to see the actual statements) and "show ip interface" (to show placement of the lists and the direction in which they will work).  If you see an extended access list, be careful that you don't get fooled by a statement that combines "IP" with "EQ port".  TCP and UDP uses ports, but IP doesn't! Also know what the terms "any" and "host" mean.  

LAN Technologies
Be familiar with how different devices relate to the OSI model.  Layer 1 devices, such as hubs and repeaters, extend collision domains and result in greater congestion.  Layer 2 devices, such as bridges and switches, alleviate congestion by segmenting (in the case of bridges) and microsegmenting (in the case of switches) these collision domains.  Having many small collision domains is a good thing, and having a few big collision domains is a bad thing. 

Know the differences between half and full duplex.  In a switched environment, a full-duplex interface will experience NO collisions.  Half-duplex interfaces still must deal with collisions between transmit and receive.

LANs still have the problem of being a broadcast domain.  All hosts in a LAN will see a broadcast from one host.  The firewall that stops these broadcasts is called a router.  Broadcasts are a layer 2 problem, which are solved by a layer 3 device.

Also, some basic cabling knowledge is a must, particular in the area of connecting networking devices.  When connecting dissimilar devices, you use a straight-through cable (with the exception of connecting a hub to a switch).  When connecting similar devices, you almost always must use a cross-over cable.  For example, you would use a cross-over cable to connect to routers directly between their Ethernet ports.  The one exception to this rule could be when you have a switch that has an uplink port (usually marked with an "x").  If you have connect a port on a switch marked with an "x" to a port that is not marked with an "x", then you would use a straight-through cable.  If you connect two ports that are each marked with an "x", then you would use a cross-over cable.  This is also true when neither port is marked with an "x".  

Cisco & Networking Basics
Know how to convert binary to both decimal and hexadecimal.  A decimal number will typically consist of 8 bits and a hexadecimal number will consist of 4 bits.  

Be familiar with the various components of a router, and what goes where.  The startup config is stored in NVRAM, the running config is stored in RAM (as are the routing tables), and the IOS image is stored in Flash.

Be very familiar with the Cisco IOS and the various configuration modes.  Be sure you know the appearance of the router prompt for whatever configuration or command you are to enter. For example, router#(config-if) would be required of what types of configuration?  And you can NEVER configure when the router prompt has a > in it!  Also, you can't ping or use "show" commands in any of the configuration modes.  You need to be in either user mode or privileged exec mode.

You might see several questions on the router’s IOS interface itself, including how to use the help command (i.e., "?"). Also, know your keyboard combinations, such as how to move back or forth a character or a word.  Character commands start with a Ctrl (just like "character" starts with a "c") and word commands start with ESC.  Also how do you look at your buffer history (show history) and how do you configure your history buffer (terminal history size)?  You can also use your "up arrow" to see the previously-typed command.

This is the section in which you will encounter the router simulator.  If you have considerable experience configuring routers (even at a basic level), you shouldn't have too many problems here.

Know the "boot system" command and how it works! Know also how to use a TFTP server for both IOS images and backup configurations.  Remember that the IOS is copied into Flash, and the startup (a.k.a. "backup") config is copied into NVRAM.

Know how to enable the "banner of the day" feature. Remember how to use the end-of-message character.

Know how to configure your various lines (vty and con) and how to assign passwords to each (and don't forget the "login" command).  Also know how to create an encrypted privileged mode password ("enable secret").

If this page has helped you in any way, please let me know!

Back to Dave's Help Page for Cisco® Certification!