2. Networking (20%) Flashcards
Port 20/21
File Transfer Protocol (FTP)
Port 22
Secure Shell (SSH)
File Transfer Protocol (FTP)
is optimized to do what it says it does—transfer files
- includes both uploading and downloading files from one host to another
Secure Shell (SSH)
is a connection-oriented protocol that can be used to set up a secure Telnet session for remote logins or for remotely executing programs and transferring files
- originally designed to be a replacement for the unsecure telnet command
- a connection-oriented protocol, it has higher overhead than UDP and is a little slower.
Port 23
Telnet
Telnet
Someone using this can log into another machine and “see” the remote computer in a window on their screen
Port 25
Simple Mail Transfer Protocol (SMTP)
SMTP (Simple Mail Transfer Protocol)
is the protocol most commonly used to send email messages
- the protocol used to send email from mail server to mail server as well as from a mail server to an email client
Port 53
Domain Name System (DNS)
DNS (Domain Name System)
is to resolve hostnames to IP addresses
- let’s say that you open your web browser and type in a Uniform Resource Locator (URL) such as https://www.wiley.com
Port 67/68
Dynamic Host Configuration Protocol (DHCP)
DHCP (Dynamic Host Configuration Protocol)
dynamically assigns IP addresses and other IP configuration information to network clients
- is connectionless, which makes it a bit faster, but it doesn’t guarantee packet delivery
Port 80
Hypertext Transfer Protocol (HTTP)
HTTP (Hypertext Transfer Protocol)
It manages the communication between a web server and client, and it lets you connect to and view all the content that you enjoy on the Internet
- All the information transmitted is plain text, which means that it’s not secure
Port 110
Post Office Protocol 3 (POP3)
POP3 (Post Office Protocol 3)
the preferred protocol for downloading email for a long time
- replaced in most installations by IMAP4
Port 137/139
Network Basic Input/Output System (NetBIOS)/NetBIOS over TCP/IP (NetBT)
Network Basic Input/Output System (NetBIOS)
is an application programming interface (API) that allows computers to communicate with each other over the network
- It works at
Layer 5 of the OSI model
Port 143
Internet Message Access Protocol (IMAP)
Internet Message Access Protocol (IMAP)
is a secure protocol designed to download email. Its current version is version 4, or IMAP4
- works in connected and disconnected modes
- lets you store the email on the server, as opposed to POP3, which requires you to download it
- allows multiple clients to be simultaneously connected to the same inbox
Port 161/162
Simple Network Management Protocol (SNMP)
Simple Network Management Protocol (SNMP)
gathers and manages network performance information
- mostly used to monitor connectivity devices, many other network devices are SNMP-compatible as well
Port 389
Lightweight Directory Access Protocol (LDAP)
Lightweight Directory Access Protocol (LDAP)
is a directory services protocol based on the X.500 standard
- designed to access information stored in an information directory
Port 443
Hypertext Transfer Protocol Secure (HTTPS)
Hypertext Transfer Protocol Secure (HTTPS)
To encrypt traffic between a web server and client securely
- are secured using either Secure Sockets Layer (SSL) or Transport Layer Security (TLS)
- a connection-oriented protocol, it has higher overhead than UDP and is a little slower.
Port 445
Server Message Block (SMB)/Common Internet File System (CIFS)
Server Message Block (SMB)/Common Internet File System (CIFS)
is a protocol originally developed by IBM but then enhanced by Microsoft, IBM, Intel, and others.
- used to provide shared access to files, printers, and other network resources and is primarily implemented by Microsoft systems
Common Internet File System (CIFS)
is a Microsoft-developed enhancement of the SMB protocol, which was also developed by Microsoft
- used to share files and printers between computers, regardless of the operating system that they run
- default file and print sharing protocol in Windows
Port 3389
Remote Desktop Protocol (RDP)
Remote Desktop Protocol (RDP)
allows users to connect to remote computers and run programs on them
- is available for Windows, Linux, macOS, iOS, and Android
Trivial File Transfer Protocol (TFTP)
Transmitting configurations to
and from network devices. It can transfer files much like FTP, but it’s much simpler and faster
- is connectionless, which makes it a bit faster, but it
doesn’t guarantee packet delivery
Router
highly intelligent devices that connect multiple network types and determine the best path for sending data
- They connect multiple networks to each other, which none of the other devices we have discussed do
- operate at the Network layer (Layer 3) of the OSI mode
Switches
work at Layer 2 and they provide centralized connectivity, just like hubs
- examine the Layer 2 header of the incoming packet and forward it properly to the right port and only that port
Unmanaged Switch
it connects two or more computers, and passes along all traffic sent to a MAC address to its port
Managed switch
adds the ability to configure ports, manage traffic, and monitor traffic for issues
- cost more but provide features such as quality of service (QoS), redundancy, port mirroring, and virtual LANs (VLANs)
Access Points
any point that allows a user on to a network
- On a wired network, this means a hub or a switch, both of which we will cover shortly
Patch Panel
is essentially a large hub that is rack mounted. It houses multiple cable connections but possesses no network intelligence
- Its sole purpose is to connect cables together
Firewall
a hardware or software solution that serves as your network’s security guard
- they protect your network resources from hackers lurking in the dark corners of the Internet
- they can simultaneously prevent computers on your network from accessing undesirable content on the Internet
Power over Ethernet (PoE)
provides for electricity
over Ethernet cables
- useful in situations where you need a wireless access point in a relatively remote location that does not have any power outlets
Power over Ethernet injectors
a device that sits
between the switch and the access point (called a midspan device) whose sole purpose is to supply power via the Ethernet connection
Hub
a device used to link several computers together
- They simply repeat any signal that comes in on one port and copy it to the other ports (a process that is also called broadcasting)
- They work at Layer 1 of the OSI model
Cable Modem
most homes and many businesses now access the Internet through this
- use
television cable lines
Digital Subscriber Line (DSL)
uses existing phone lines and provides fairly reliable high-speed access
- you need a DSL modem and a network card in your computer
Optical Network Terminal (ONT)
If there is fiber in your work or home neighborhood, you need a different type of modem to connect to the ISP for Internet access
- It is closer to a modem in a sense though because it takes optical signals and changes them into electrical ones for your internal home or business network
Network Interface Card (NIC)
an expansion card that connects a computer to a network so that it can communicate with other computers on that network
Software-Defined Networking (SDN)
essentially setting up a network virtually, without the physical hardware connectivity devices that most people are used to
- it’s a network without the network hardware
2.GHz vs 5 GHz
unlicensed frequencies
- many electronic devices from bluetooth, cordless phones, cell phones, and microwaves create interference problems
802.11
standard was ratified in 1997 and defines WLANs transmitting at 1 Mbps or 2 Mbps bandwidths using the 2.4 GHz frequency spectrum
802.11a
a standard provides WLAN bandwidth of up to 54 Mbps in the 5 GHz frequency spectrum
- ratified in 1999, but devices didn’t hit the market until 2001
802.11b
was ratified in 1999 as well, but device makers were much quicker to market, making this the de facto wireless networking standard for several years
- provides for bandwidths of up to 11 Mbps in
the 2.4 GHz range
802.11g
ratified in 2003, standard provides for bandwidths of 54 Mbps in the 2.4 GHz frequency spectrum
802.11n
claims to support bandwidth up to 600 Mbps, but in reality the typical throughput is about 300–450 Mbps
- works in both the 2.4 GHz and 5 GHz ranges.
802.11ac (Wi-Fi 5)
- 5 GHz frequency
- 6.9 Gbps Maximum throughput
802.11ax (Wi-Fi 6)
- 5 GHz/2.4 GHz frequency
- 9.6 Gbps maximum throughput
Unlicensed Frequencies
- Wi-Fi operates on these 2.4 GHz and 5 GHz
- Other unlicensed frequencies include 900 MHz and 1.8 GHz and are used by devices such as walkie-talkies and cordless telephones
- they are more susceptible to interference from other signals or eavesdropping
Licensed Frequencies
use of them is granted by a governmental body
- Think of AM and FM radio, for example
- If access is granted, then that company is the only one that can use the frequency within a certain geographical area
Near-Field Communication
(NFC)
designed to facilitate information sharing and, in particular, contactless payment
- transmits at 13.56 MHz, which is the same frequency as HF RFID
Radio-frequency identification
(RFID)
a communications standard that uses radio waves to facilitate communication
- Low frequency (LF): 125–134 kHz & 10 centimeters
- High frequency (HF): 13.56 MHz & 30 centimeters
- Ultra-high frequency (UHF): 856–960 MHz & 100 meters
Fileshare or File Server
a central repository for users to store, manage, and access files on the network
- Ease of access to files for collaboration
- Centralized security management
- Centralized backups
Print Server
makes printers available to clients over the network and accepts print requests from those clients
- can be a physical server like a
Windows- or Linux-based server, a small stand-alone device attached to a printer, or even a server built into the printer itself
Mail Server
the computer must be running a specialized email server package
- popular ones are Microsoft Exchange, Sendmail, Postfix, and Exim, although there are dozens of others on the market
Syslog
works as a client-server model, where the clients generate messages based on the triggering of certain conditions, such as a login event or an error with a device, and send them to a centralized logging server
- uses UDP port 514 by default
Web Server
Whenever you visit a web page, you are making a connection from your device (the client) to this
Authentication, Authorization, and Accounting (AAA)
The ultimate goal of a security system is to protect resources by keeping the bad people out and letting the good people in
- servers are gatekeepers and critical components to network security, and they can be implemented on a dedicated server machine, wireless router or access point, Ethernet switch, or a remote access server
Spam Gateways
a program used to detect unsolicited, unwanted and virus-infected emails and prevent those messages from getting to a user’s inbox
- by other names as well, such as antispam gateways, spam
blockers, and email gateways
Unified Threat Management (UTM)
to centralize security management, allowing administrators to manage all their security-related hardware and software through a single device or interface
- implemented as a stand-alone device (or series of devices) on a network, and it will replace the traditional firewall
Load Balancing
Each server helps balance out the work
for the website
- When a user visits the website, the load balancer sends the request to one of many real web servers to fulfill the request
Proxy Server
makes requests for resources on behalf of a client
- Keep in mind that if all of the traffic from a network must pass through a proxy server to get to the Internet, that can really slow down the response time
Legacy/Embedded Systems
usually defined as those using old technology in one or more of the following areas:
■ Hardware
■ Software (applications or operating system)
■ Network protocols
Supervisory control and data
acquisition (SCADA)
is a category of software applications for controlling industrial processes, which is the gathering of data in real time from remote locations in order to control equipment and condition
- are extremely old
and were designed to be open access, so they are huge security holes
Internet of Things Devices
a central controller or coordinating device, like a computer switch but dedicated specifically to IoT devices
IPv4
a 32-bit hierarchical address that identifies a host on the network
- allows for nearly 4.3 billion addresses
- only about 250 million of those addresses are actually usable
Private addresses
are not routable on the Internet
- weren’t intended for use on the Internet freed us from the requirement that all addresses be globally unique
Public Addresses
All the addresses that are used on the Internet
IPv6
uses a 32-bit
addressing scheme that provides for more than 4 billion unique addresses
- 3.4 × 10^38 addresses
- uses three types of addresses: unicast, anycast, and multicast
Automatic Private IP Addressing (APIPA)
a TCP/IP standard used to automatically configure IP-based hosts that are unable to reach a DHCP server.
- are in the
169.254.0.0–169.254.255.255 range, with a subnet mask of 255.255.0.0
Static IP
should only be used under certain circumstances for client computers, since it is not very scalable and a nightmare to keep track of manually
- only be used on internal network resources such as routers, network printers, and servers
Dynamic IP
is the standard in small-to-large networks when configuring client computers
Gateway
is the address to the router to take a client to the next network (or Internet
- can be configured with a static assignment or dynamically through a DHCP server.
A (DNS)
IPv4 host record
AAAA (DNS)
Called “quad A,” it’s the host record for IPv6 hosts.
MX (DNS)
Mail Exchange. It’s the name or address of the email server
TXT (DNS)
Text record. Used to enter human-readable or machine-readable data. Today, text records are used primarily for email spam prevention and domain ownership verification
Domain
Keys Identified Mail (DKIM)
a bit more involved, as it authenticates using encryption through a public-private key pair
Sender Policy Framework (SPF)
is the simplest of the three. It authenticates an email server based on its IP address
Domain-based Message Authentication, Reporting,
and Conformance (DMARC)
builds on both SPF and DKIM and essentially combines them together into one framework
- it allows a domain owner to decide how they want email from their domain to be handled if it fails either an SPF
or a DKIM authentication
Virtual LAN (VLAN)
computers attached to the same physical switch can be segmented into multiple logical networks
- can still communicate with those on another virtual LAN, if the switch is configured properly
- also be completely isolated from each other, adding an
additional level of security
Virtual Private Networks (VPN)
a secure (private) network connection that occurs through a public network
Satellite
Great for rural areas without cabled broadband methods. More expensive than DSL or cable
- downloads often maxing out at around 125 Mbps and uploads around 3 Mbps
- delay occurs because of the length of time required to transmit the data and receive a response
Cellular
Great range; supported by cell phone providers. Best for a very limited number of devices
- Up to 100 Mbps with 5G LTE
Fiber
Incredibly fast and expensive
- Up to 1 Gbps
Cable
Inexpensive broadband Internet access method with wide availability, using cable television lines.
- Up to 100 Mbps
DSL
Inexpensive broadband Internet access method with wide availability, using telephone lines
- Up to 50 Mbps
Wireless Internet service provider (WISP)
Fast connection for rural areas without cabled broadband methods
- 6 Mbps to 50 Mbps
Local area network (LAN)
created to connect computers in a single office or building
- backend to process and store information
- user’s computer is the frontend, where data entry and minor processing functions are performed
Wide area network (WAN)
networks expanding to cover large geographical areas and were supporting thousands of users
- span buildings, states, countries, and even continental boundaries
- , only larger corporations used WANs, but many smaller companies with remote locations now use them as well
Personal Area Networks (PANs)
is a network that connects devices, such as mice, keyboards, printers, smartphones, and tablets within the range of an individual person
- most commonly used in reference to Bluetooth networks
Metropolitan Area Networks (MANs)
a network that spans a city or a large campus
- networks that are larger than a LAN but confined to a relatively small geographical area
Storage Area Networks (SANs)
designed to do exactly what it says, which is to store information
- This network won’t have client computers or other types of servers on it. It’s for storage only
Wireless Local Area Networks (WLANs)
simply a LAN, but one in which clients connect wirelessly rather than through network cables
- Wireless clients on a network typically access the network through a wireless access point (WAP)
Crimpers
a tool used to attach a terminator or connector to the end of a cable
- used for RJ-45 and RJ-11
Cable Stripper
a tool used to remove the plastic jacket from a cable, exposing the wires
Wi-Fi analyzer
software that could be used to scan the area for 802.11 signals, the SSIDs, wireless frequency and the wireless transmission channels
Toner Probe
a two-part kit that is used to trace cables in walls, floors and ceilings `
Punch-down tools
a tool used to punchdown or fasten individual wires from a network cable to a patch panel
- 66 blocks or 110 blocks are types of patch panels
Cable Testers
a tool used to test a cable to find out if it is good or to find out what type of cable it is if the cable is not labeled
Loopback plug
a device to test the functionality of a RJ-45 port
Network tap (test access port)
is a hardware device that creates a copy of network traffic for use by monitoring devices without disrupting normal traffic
Ethernet over Power
a technology in which two adapters are usually plugged in to wall outlets in order to extend the range of a wired/wireless connection
Bandwidth
the maximum amount of data transmitted over an internet connection in a given amount of time
Latency
the amount of time it takes for data to travel from point A to point B
Authentication
verifies credentials when a person or another server needs to prove who they are to access a resource
Authorization
users are allowed to perform only specific task on specific objects based on what they are authorized to do
Accounting
the principle of accounting seeks to keep a record of who accessed what and when, and the actions they performed
multimeter
a tool used to measure voltage, current, and resistance of a device
Cell tower analyzer
software that could be used to scan the area for surrounding cellular towers of certain providers. This could be used to troubleshoot cellular network connectivity issues
- both of these could be downloaded onto your mobile device
PoE standards
There have been a number of standards created for providing power over a data cable.
These standards differ in several ways.:
- Minimum power per port provided to the device
- Maximum power per port provided by the power-sourcing
device
- Required cable category
- Power over pairs
- Released date