2.0 Network Implementation Flashcards

Question

Why would you use QoS on a switch?

Answer 1

Quality of Service (QoS) support means that a switch can prioritize traffic. This allows important or time-sensitive traffic to get through faster and less important or time-insensitive traffic to get through when it can. QoS can be important on networks with real-time or time-sensitive traffic such as VoIP (voice) or streaming media. However, this will not relieve the network designer of concerns about the proximity or availability of a power outlet.

Answer 2

Of the listed services, a firewall software solution typically provides packet filtering, Hypertext Transfer Protocol (HTTP) proxy services, and Internet Protocol (IP) proxy services. These three services can also be obtained as separate products. With packet filtering, data packets can either be allowed or denied entry into a network based on certain specified factors, such as the TCP port number or the IP address of the sending host. HTTP proxy services typically include Web page caching, which enables Web pages to be stored on an HTTP proxy server and retrieved from the proxy server rather than from the Internet; thus, HTTP proxy services can improve Web browsing performance. IP proxy services typically include the ability to present a single IP address to the Internet on behalf of all hosts on a private network. IP proxy services enable private IP addresses to be used on the private network, and IP proxy services protect the internal network-addressing scheme from malicious users on the Internet.

Answer 3

L1 cache is cache memory that resides on a central processing unit (CPU). L2 cache is cache memory that resides on a system board near the CPU. Cache memory is a small amount of memory that is very fast and interfaces with the slower RAM on a system board to help increase the rate at which data flows between RAM and the CPU.

Answer 4

For the Network+ exam, you must understand the following firewall types: Host-based − This firewall is installed on a specific host and only protects the host on which it is installed. This is the best solution if you need to protect laptops or desktop computers from external threats. An external threat is a threat that originates external to your organization, and these can be manmade or environmental. Network-based − This firewall is installed on the network and protects all devices that are on the network that it controls. Application aware/context aware − This firewall is designed to manage application and Web 2.0 traffic. This type allows fine-tuning the rules rather than just configuring allow or deny rules. Small office/home office firewall − This firewall is easier to configure than most enterprise firewalls and often only involves a software component that you install on a network host. Unified Threat Management (UTM) − This device bundles multiple security functions into a single physical or logical device. Features included could be IPS, IDS, anti-virus, anti-malware, anti-spam, NAT, and other functions.

Answer 5

To automatically propagate VLAN information to all switches on the LAN, you should use VLAN Trunking Protocol (VTP), which is also referred to as 802.1q. VTP configuration will prevent the VLAN information from having to be manually configured on all of the switches. VTP allows two switches to share VLAN information. One of the VLANs is called a native VLAN, also referred to a default VLAN. Frames belonging to the native VLAN are sent unaltered over the trunk with no tags. However, to distinguish other VLANs from one another, the remaining VLANs are tagged.

Answer 6

There are two types of STP: spanning tree (802.1d) and rapid spanning tree (802.1w). 802.1d is an older standard that was designed when a minute or more of lost connectivity was considered acceptable downtime. In Layer 3 switching, switching now competes with routed solutions where protocols such as Open Shortest Path First (OSPF) and Enhanced Interior Gateway Routing Protocol (EIGRP) provide an alternate path in less time. A layer 3 switch is the best option when you need to re-route multicast and unicast communication caused by a disruption of service when a network is failing redundancy at the main distribution frame (MDF).

Answer 7

802.11a, 802.11n, 802.11ac, and 802.11ax can use the 5 GHz frequencies for wireless communications. 802.11a and 802.11ac do not work at the 2.4 GHz frequency, while 802.11n and 802.11ax can transmit on either the 2.4 or 5 GHz bands. The benefit of the higher frequency, especially for newer standards (where a through n fall in chronological order, and ac and ax after that), is higher throughput (especially when using wider channels and additional antennas). The disadvantage of the higher frequency, especially for older standards (802.11a and 802.11n), is reduced transmission/reception range, particularly indoors where walls and other solid or metallic barriers can interfere with or impede communications. Overall, 802.11ac or 802.11ax would be your best choice for a new network.

Answer 8

WPA-Enterprise requires the use of a RADIUS authentication server. WPA-Enterprise is intended for large networks. It is also referred to a WPA-802.1x.None of the other options is correct. WPA2 is more secure than WPA. WPA-Pre-shared Key (WPA-PSK), also known as WPA-Personal, is for use in small home or office networks.

Answer 9

HVAC systems can be found in almost all settings due to their universal usage. HVAC systems are designed to handle the heating, ventilation, and air conditioning within a building. HVAC systems can be found in data centers, industrial buildings, residential buildings, and commercial buildings. With HVAC systems, it is important to understand that they can be vulnerable to cyberattacks as many of these systems are automated and not designed with cybersecurity in mind. Routinely monitoring and managing these systems is critical whenever designing a new network.

Answer 10

ICS is a general term that encompasses several types of control systems that are designed in help manage and control industrial processes. These control systems can vary in size from a few modular panel systems to larger interconnected and interactive control systems with thousands of field connections. These systems are most likely to be found in an industrial setting. While they can be deployed in an office building, they are much less likely to be found there. ICS can interface with most HVAC systems, but not all HVAC systems will be deployed as part of an ICS.

Answer 11

SCADA systems are comprised of computers, networked data communications, and graphical user interfaces for high-level supervision of various network machines and processes. These systems can also cover various sensors and other logic controllers. These systems would most likely be found within a production facility, in a data center, or in an industrial plant and may include HVAC systems. They are much less likely than an HVAC system to be found in an office building.

Answer 12

Host A will send out an ARP request for the MAC address of Host B. Host A will then send a data frame to the switch with a destination MAC address of Host B. Finally, the switch will forward the frame to Host B. Host A and Host B are connected to the same subnet, 192.168.1.32 /27, and are thus within the same VLAN. For this reason, traffic between the two hosts does not need to be sent to their default gateway to be routed. Hosts are able to ARP and build unicast frames for hosts on the same subnet. The switch will receive the frame and forward it to the appropriate host based on a MAC address table lookup. The router is not involved in this scenario. Host A will not send an ARP request for the router's MAC address because routing is not required between hosts on the same subnet. Host A will not send a frame with the destination MAC address of the router because routing is not required between hosts on the same subnet. The switch will not forward the frame to the router because routing is not required between hosts on the same subnet.

Answer 13

Port authentication on your network switches is based on the switch's MAC address. If the switch is not specifically configured with a MAC address, the MAC address communication is not allowed through the switch port. For the Network+ exam, you also need to understand managed versus unmanaged switches. Managed switches give you more control over your traffic and offer advanced features to control that traffic. An unmanaged switch simply allows Ethernet devices to communicate with one another. They are shipped with a fixed configuration and do not allow any changes to this configuration.

Answer 14

When traffic is encountered, a stateful firewall first examines a packet to see if it is the result of a previous connection. Information about previous connections is maintained in the state table. You can configure the IDS to perform stateful packet matching and monitor for suspicious network activity. This is referred to as stateful inspection. An IDS cannot perform authentication and encryption for a VPN and cannot block traffic based on the application or port used. With a stateful firewall, a packet is allowed if it is a response to a previous connection. If the state table holds no information about the packet, the packet is compared to the access control list (ACL). Depending on the ACL, the packet will be forwarded to the appropriate host or dropped completely. Stateful firewalls can be used to track connectionless protocols, such as the User Datagram Protocol (UDP), because they examine more than the packet header. Stateless firewalls watch network traffic and control packets based on source and destination addresses or other static values. They are not aware of traffic patterns. A stateless firewall uses simple rules that either allow or deny the traffic.

Answer 15

Packet-filtering firewalls function at the Network layer of the OSI model. This type of firewall filters traffic based on rules defined by the administrator.

Answer 16

Circuit-level firewalls function at the Session layer of the OSI model.

Answer 17

Of the choices listed, an electrostatic discharge (ESD) has most likely caused the network interface card (NIC) to malfunction. ESD occurs when static electricity jumps from an object with a higher electrical charge to an object with a lower electrical charge. You can build up static electricity in your body by walking across a carpet. This static electricity can then be discharged in the form of ESD into the circuits on a microchip, which can destroy such circuits. NICs are expansion cards that contain microchips that ESD can destroy. You should take measures to prevent ESD before you handle the expansion cards in a computer. For example, you can wear an anti-static wrist strap, or you can discharge the static electricity in your body by touching a grounded object such as a computer case before you touch a circuit board. Companies should make employees aware of electrical safety if personnel may be required for perform work that could result in electric shock, such as computer repair. Proper grounding techniques should be covered as part of personnel training.

Answer 18

Both Versions 1 and 2 of RIP use hop count as the primary metric to determine the most desirable network path. A metric is a variable value assigned to routes and is a mechanism used by routers to choose the best path when there are multiple routes to the same destination. Each router traversed by a packet from the source to the destination constitutes one hop. The lower the hop count, the higher the preference given to that path. Using RIP, the hop count is limited to 15 hops. Any router beyond this number of hops is marked as unreachable.

Answer 19

RIP v1, RIP v2, and IGRP are considered distance vector protocols. Open Shortest Path First (OSPF) is a link-state protocol. EIGRP is a balanced hybrid routing protocol, also referred to as an advanced distance vector protocol.

Answer 20

A firewall examines the packets coming into a network based on a security policy to determine whether to forward the packet to its destination based on a security policy.

Answer 21

DHCP snooping − a security feature configured on switches that acts like a firewall between untrusted hosts and trusted DHCP servers. ARP inspection − a security feature on switches that validates ARP packets in a network. It determines the packet validity by performing an IP-to-MAC address binding inspection stored in a trusted database before forwarding the packet to the appropriate destination. All ARP packets with invalid IP-to-MAC address bindings that fail the inspection will be dropped. MAC address filtering − a security feature configured on switches that will allow or deny traffic based on the MAC address from which the communication comes. VLAN assignments − Virtual LANs (VLANs) are assigned to individual switch ports. Devices on the same switch can then be assigned to separate VLANs so that their traffic is isolated. Network segmentation − By assigning ports to different VLANs you provide network segmentation. Traffic meant for the same VLAN will only cross the ports in that VLAN. Because the traffic is isolated based on VLAN, it provides better security.

Answer 22

You should use channels 36-48 (80 MHz: 5.170-5.250 GHz) and 149-161 (80 MHz: 5.735-5.815 GHz) for indoor and outdoor Wi-Fi use. All 802.11n and 802.11ac client devices support use on these two bands. Whenever using Wi-Fi channels, it is important to understand the different regulatory restrictions that may be placed for channels and channel bonding. Depending on your office location, the regulatory domains can change significantly. Therefore, it is important to identify what regulatory bodies you must comply with and ensure that your network is following the appropriate regulatory rulings.

Answer 23

Channels 52-64 (80 MHz: 5.250-5.330 GHz) was historically reserved by the FCC for government weather radar systems, and DFS sensing is required for access points and client devices on this band. Only higher-end 802.11ac and older 802.11n client devices support use on this band.

Answer 24

Channels 100-144 (240 MHz: 5.49-5.730 GHz) is also reserved for government weather radar systems, and DFS sensing is required by access points and client devices. Channel 144 was added for Wi-Fi use in 2013, but does not work with older 802.11n client devices.

Answer 25

Channel 165 (20 MHz: 5.825-5.845 MHz) is only 20 MHz wide and does not meet the channel width requirements.

Answer 26

You should buy a 802.11n wireless access point (WAP). The critical factors at work here are compatibility and maximum distance (indoor range). 802.11ac is backward compatible with 802.11n, so 802.11ac and 802.11n devices may communicate with a WAP of either kind. The maximum indoor range for 802.11n is 70m or 230ft, while that for 802.11ac is 35m or 115 ft. Thus, only 802.11n will work.

Answer 27

802.11a's indoor range is identical to that for 802.11ac (35 m or 115 ft).

Answer 28

Also its indoor range is identical to that for 802.11ac (35 m or 115 ft).

Answer 29

Its indoor range is also too short at 38 m or 125 ft.

Answer 30

802.11ac would ordinarily be the best choice for deployment because of its ability to support multiple simultaneous users, wide data channels, and higher data rates. But the distance and cost limitations preclude its use (802.11ac's indoor range is 35m or 115 ft).

Answer 31

Each B channel in a Basic Rate Interface (BRI) Integrated Services Digital Network (ISDN) connection can provide a maximum data transfer rate of 64 kilobits per second (Kbps). A BRI ISDN line provides a total of two bearer (B) channels, which can be combined by the bonding protocol to provide a total maximum data transfer rate of 128 Kbps. A BRI ISDN line also provides a single delta (D) channel, which is used to transfer connection control data. A BRI ISDN D channel operates at a data transfer rate of 16 Kbps. BRI ISDN is sometimes referred to as 2B+D ISDN because BRI ISDN provides two B channels and one D channel.

Answer 32

A virtual LAN (VLAN) is a networking technology that allows networks to be segmented logically without having to be physically rewired. In a traditional Ethernet network, you can replace all hubs with VLAN switches. This creates virtual network segments whose logical topology is independent of the physical topology of the wiring. Each station is assigned a VLAN identification number (ID), and stations with the same VLAN ID function as though they are all on the same physical network segment, no matter which physical switch they are connected to. Only devices with the same VLAN ID will receive broadcasts sent by a host. The assignment of VLAN IDs is done at the port level on the switches themselves. Moving a host to another department only requires the assignment of a different VLAN ID to the port on the switch to which the host is connected. No rewiring of cables is necessary. The primary benefit of having a VLAN is that users can be grouped together according to their need for network communication, regardless of their actual physical locations. Membership in a VLAN segment, called a VLAN group, is controlled by the network management software, which allows users to be grouped according to their needs.

Answer 33

User/passwords − Limit the number of administrative users that are allowed to access the switches on your network. Always use complex passwords for those users. If there are any default accounts, such as administrator or guest, you should disable these accounts because attackers will often use these accounts to hack into your switch.

Answer 34

AAA configuration − AAA stands for Authentication, Authorization and Accounting. Authentication verifies the identity of the user. Authorization handles what the user is allowed to do and what resources he/she can access. Accounting audits the actions of the users. AAA and 802.1X are used for port-based authentication,

Answer 35

Console − The console is used to manage a switch. You should use Secure Shell (SSH) or connect directly to the switch's console port of the switch. An unmanaged switch is one that does not support the use of an IP address or a console port connection for management purposes.

Answer 36

Virtual terminals − Virtual terminals are remote workstations that allow you to access the switch management tools and desktop interface. You should limit who has access to these terminals and place them only in secure locations. In addition, they should require authentication before accessing the management tools. If only one person can log in to the virtual terminal at a time, you should increase the number of virtual terminals available.

Answer 37

In-band/Out-of-band management − When possible, you should use a separate network for management of a managed switch. This is referred to as out-of-band (OOB) management when the management traffic is kept on a separate network than the user traffic. In-band management occurs over the same network as user traffic. OOB management is more secure.

Answer 38

Quality of Service (QoS) provides varying levels of network bandwidth based on the traffic type. Each traffic type has its own queue. Each traffic type queue is given its own priority. Traffic types with a higher priority are preferred over lower priority traffic types. QoS is used in a variety of networks, including VoIP, to ensure performance standards.

Answer 39

Traffic shaping is a specialized type of QoS where traffic from each host is monitored. When traffic from the host is too high, packets are then queued. Traffic shaping can also define how much bandwidth can be used by different protocols on the network. A key feature of QoS is control plane policing. This feature will allow users to configure a QoS filter to manage the traffic flow within a network’s control plane. This hardening technique helps to protect the network against reconnaissance and denial of service (DoS) attacks.

Answer 40

Load balancing divides requests among several servers or resources. This ensures that no single server or resource is overloaded.

Answer 41

Fault tolerance is the ability to respond to a single point of failure on a network. Fault tolerance on servers involves hardware RAID, UPS systems, power conditioning, backups, and clustering.

Answer 42

Multiple user, multiple input, multiple output (MU-MIMO) permits multiple devices to send/receive wireless data simultaneously. This decreases the wait time when seeking wireless communications. Regular MIMO is more properly designated as SU-MIMO, where SU stands for single user. It supports multiple inputs and outputs, but can only service a single device at a time. While MU-MIMO often offers higher bandwidth and better throughput, this would not explain why MU-MIMO makes more sense than MIMO in a busy area where numbers of users are constantly active at the same time.

Answer 43

MU-MIMO does offer advantages over MIMO. While MU-MIMO often supports more users than MIMO, this would not explain why MU-MIMO makes more sense than MIMO in a busy area where numbers of users are constantly active at the same time. Indeed, MU-MIMO is faster and more capable than MIMO. But again, this would not explain why MU-MIMO makes more sense than MIMO in a busy area where numbers of users are constantly active at the same time.

Answer 44

Jumbo frames should be used by a network administrator so that the network can accept a maximum transmission unit (MTU) greater than 1,500. It can be used on a network that supports at least 1 Gbs, and the MTU size can be up to 9000 bytes. To take advantage of this feature, all nodes must be configured to accept jumbo frames at the same MTU rate. Jumbo frames improve network performance.

Answer 45

Fiber Channel over Ethernet (FCoE), as the name implies, deploys Fiber Channel frames in Ethernet networks. By encapsulating the frames, Fiber Channel can utilize 10Gb Ethernet.

Answer 46

A Unified Threat Management (UTM) appliance would be the best device to provide multiple security functions in a central location. UTM appliances incorporate multiple security and performance functions in one device. Some of those services can include load balancing, email security, URL filtration, wireless security and more.

Answer 47

You should first determine whether the call terminates on an analog endpoint. Dealing with audio quality issues on Voice over Internet Protocol (VoIP) is an occasional necessity. But before digging into the usual troubleshooting routine, it is essential to establish if the problem call or connection terminates on VoIP equipment on both sides. If one end of a call terminates on an analog endpoint, occasional audio problems are inevitable. Non-VoIP equipment cannot provide routine compression, echo cancellation, and sound quality enhancements. When a call terminates on an analog endpoint, this is really nothing to troubleshoot (aside from replacing the analog endpoint). So that possibility should be eliminated first before troubleshooting commences.

Answer 48

The H.323 protocol is the most widely used protocol for packet voice communications. Its selection versus other voice protocols, such as SIP, does not significantly affect call quality and echo one way or other.

Answer 49

A Unified Threat Management (UTM) appliance would be the best device to provide multiple security functions in a central location. UTM appliances incorporate multiple security and performance functions in one device. Some of those services can include load balancing, email security, URL filtration, and wireless security.

Answer 50

A multi-layer switch, in addition to working at the Data Link layer (Layer 2), also performs many Layer 3 router functions. When ports on a multi-layer switch are configured as Layer 2 ports, traffic is routed based on the MAC address. When ports are configured as Layer 3 ports, traffic is routed based on IP addresses. Multi-layer switches have the ability to route packets between VLANs.

Answer 51

A Layer 7 firewall or Next Generation Firewall (NGFW) combines traditional firewall functionality with an Application layer firewall. A traditional firewall that allows HTTP traffic on port 80 may also permit an SQL injection attack embedded in a properly formed HTTP request. An Application layer firewall would perform a more intensive examination of the traffic instead of just allowing the traffic on a given port. In this example, even though HTTP traffic on port 80 is allowed on a traditional firewall, the Application layer firewall would look for an SQL injection attack, and block the data.

Answer 52

VLANs place users from many locations into the same broadcast domain. A single VLAN can span multiple physical LAN segments, collision domains, and TCP/IP segments. VLANs can be based on work function, common applications or protocols, department, or other logical groupings. VLAN assignment is configured at the switch for each device that is connected to the switch. VLANs enable many users at many locations to be in the same broadcast domain. Remember, routers define broadcast domains, and because switches are Layer 2 devices, they do not segment broadcast domains; instead, they segment collision domains. VLANs span multiple collision domains, subnets, and cable segments, so users would not have these aspects of the network in common. IEEE 802.1Q is the networking standard that supports VLANs on an Ethernet network. Broadcast domains can be created using switches or routers.

Answer 53

Bridges, switches, and routers can be used to connect multiple LAN segments. For the Network+ exam, you need to understand the placement of these devices. Bridges, switches, and routers are implemented on the perimeters of segments or subnetworks and are used to connect those segments together. Bridges and switches operate at the Data Link layer, using the Media Access Control (MAC) address for sending packets to their destination.

Answer 54

Routers operate at the Network layer by using IP addresses to route packets to their destination along the most efficient path. Backbone routers are the open shortest path first (OSPF) routers that are in Area zero. Area zero is considered the backbone of an OSPF network. Internal routers are located in a single area within a single OSPF autonomous system. Area border routers (ABRs) are located in more than one area within a single OSPF autonomous system. Autonomous system border routers (ASBRs) connect multiple OSPF autonomous systems. A load balancer can be used to balance the workload between routers if more than one router is connected to a subnetwork. Load balancers can also be used with other devices to perform the same function.

Answer 55

A Wireless Access Point (WAP) is essentially a translational bridge. One side is commonly connected to the wired LAN and the other side communicates using IEEE 802.11b with a wireless connection. WAPs are not Physical layer devices like hubs or repeaters. They selectively transmit traffic based upon MAC addresses. A WAP can also function as a repeater. WAPs are placed in the center of an area to which you want to provide wireless access

Answer 56

Hubs act as a central connection point for network devices on one network segment. They work at the Physical layer. The primary reason for choosing a switch over a hub is bandwidth needs. Switches can greatly improve network performance because switches do not broadcast the packets they receive. Hubs broadcast the packets they receive to all available ports on the hub, thereby increasing network traffic. Hubs, like routers and switches, are placed on the perimeter of a single segment and only control the traffic on that segment. Both switches and hubs support the same protocols. Hubs are cheaper than switches, but can result in higher costs over time when you consider the potential for issues with lower bandwidth. Both switches and hubs support different types of nodes.

Answer 57

You may also need to understand network bridges, which operate at the OSI Data Link layer. They divide a network into segments, keeping the appearance of one segment to the upper-layer protocols. Using MAC addresses, bridges determine which traffic should pass through the bridge and which traffic should remain on the local segment. Keeping local traffic local can increase network performance. Bridges can be used to perform the following functions: Expand the length of a segment Provide for an increased number of computers on the network Reduce traffic bottlenecks resulting from an excessive number of attached computers Split an overloaded network into two separate networks, reducing the amount of traffic on each segment and making each network more efficient Link different types of physical media, such as twisted-pair and coaxial Ethernet

Answer 58

Another device that you may need to understand is a Multi-station Access Unit (MAU), which is also abbreviated as MSAU. This term is synonymous with a passive "hub" in a Token Ring network. A MAU is a multiport device that connects the computers in a physical star topology that functions as a logical ring.

Answer 59

A concept that you need to understand is traffic shaping, also known as packet shaping. A packet shaper delays data packets to bring them into compliance with a desired traffic profile. Packet shaping optimizes or guarantees performance and improves latency. The most common type of packet shaping is application-based traffic shaping. An example of this is P2P bandwidth throttling. Many application protocols use encryption to circumvent application-based traffic shaping. Another type of packet shaping is route-based traffic shaping that is conducted based on previous-hop or next-hop information.

Answer 60

WEP − Uses a 40-bit or 104-bit key WPA/WPA2 Personal − Uses a 256-bit pre-shared key (PSK) WPA/WPA2 Enterprise − Requires a RADIUS server

Answer 61

Proxy servers fulfill requests on the behalf of others. There are several kinds of proxy servers, including HTTP proxy, IP proxy, and FTP proxy. An HTTP proxy server is placed between the clients and the Internet. Frequently accessed files are placed in the cache on this server. When a client requests a file that is in the proxy cache, it will be downloaded from the proxy server rather than from the source, potentially lowering bandwidth usage. A proxy server can be configured to retrieve the originals of frequently requested files during low Internet usage hours so that content does not become outdated.

Answer 62

A WINS server is used to resolve NetBIOS names to IP addresses on Microsoft Windows networks.

Answer 63

An IP proxy server hides the local IP addresses of the private network, using one global IP address instead. All communication directed outside the local network is done using this one IP address.

Answer 64

The 802.11b wireless local area network (WLAN) technology supports maximum data rates of 11 Mbps. 802.11b WLAN clients, access points, and bridges use the Direct Sequence Spread Spectrum (DSSS) for transmission through RF ports. DSSS radio transmission provides data rates between 1 Mbps and 11 Mbps. DSSS uses three types of modulation schemes for Radio Modulation: Binary Phase Shift Keying (BPSK) for transmitting data rates at 1 Mbps. Quadrature Phase Shift Keying (QPSK) for transmitting data rates at 2 Mbps. Complementary Code Keying (CCK) for transmitting data rates at 5.5 Mbps and 11 Mbps.

Answer 65

802.11a WLANs work in the 5-GHz Industrial, Scientific and Medical (ISM) frequency band with Orthogonal Frequency Division Multiplexing (OFDM). OFDM supports a maximum data rate of 54 Mbps.

Answer 66

802.11g WLANs work in the 2.4-GHz frequency band and supports a maximum data rate of 54 Mbps. 802.11g is compatible with 802.11b. 802.11g hardware will work on an 802.11b network, and vice versa.

Answer 67

802.11e is a specification that was implemented to add quality of service (QoS) features to the 802.11 specification.

Answer 68

802.11n is a specification that was designed to replace 802.11a, 802.11b, and 802.11g. To achieve maximum throughput, 802.11n should be implemented in the 5-GHz ISM frequency, but can be operated at the 2.4-GH ISM frequency for backwards compatibility. This frequency is capable of up to 600 Mbps. 802.11n provides faster throughput using multiple input, multiple output (MIMO) and channel bonding. But if you implement an 802.11n wireless card on an existing wireless network and achieve only 11 Mbps with full signal strength, the network is implementing 802.11b, making the network only capable of the lower speed.

Answer 69

A dual-homed firewall has two network interfaces. One interface connects to the public network, usually the Internet. The other interface connects to the private network. The forwarding and routing function should be disabled on the firewall to ensure that network segregation occurs.

Answer 70

A bastion host is a computer that resides on a network that is locked down to provide maximum security. These types of hosts reside on the front line in a company's network security systems. The security configuration for this entity is important because it is exposed to un-trusted entities. Any server that resides in a demilitarized zone (DMZ) should be configured as a bastion host. A bastion host has firewall software installed, but can also provide other services.

Answer 71

A screened host is a firewall that resides between the router that connects a network to the Internet and the private network. The router acts as a screening device, and the firewall is the screen host.

Answer 72

A screened subnet is another term for a demilitarized zone (DMZ). Two firewalls are used in this configuration: one firewall resides between the public network and DMZ, and the other resides between the DMZ and private network.

Answer 73

A multi-layer switch, which operates at Layers 2, 3, and 4 of the OSI model, can make routing decisions based on the following criteria: MAC address − a Data Link layer (Layer 2) function IP address − a Network layer (Layer 3) function Protocol − a Network layer (Layer 3) function Port number − a Transport layer (Layer 4) function A multi-layer switch has 24 collision domains. Multi-layer switches do not route based on message content.

Answer 74

You can also purchase switches that offer services at only one layer of the OSI model. Layer 2 switches only route based on the MAC address. Layer 3 switches route based on the IP address or protocol. Layer 4 switches only route based on the port number.

Answer 75

A load balancer can be used to divert incoming web traffic by content to specific servers. This will reduce the workload on the primary server. The destination server is determined by data in Transport layer or Application layer protocols. Traffic distribution can be based on a number of algorithms, such as round robin, weighted round robin, least number of connections, or shortest response time. Wireless controllers provide central management of wireless access points. Without wireless controllers, each access point must be configured individually.

Answer 76

A VPN concentrator provides enhanced capabilities to a VPN router, including adding data and network security. It also creates and manages site-to-site VPN connections.

Answer 77

An authentication, authorization, accounting (AAA) server performs separate authentication, authorization, and accounting tasks. A Remote Access Dial-In User Service (RADIUS) provides AAA services in a centralized location. Whenever using RADIUS or similar remote access methods, organizations should establish remote access policies. These policies can be useful in determining who can remotely gain access to a network, when they can access the network, where they can access the network from, and how they can access the network.

Answer 78

Wireless controllers provide central management of wireless access points. Without wireless controllers, each access point must be configured individually.

Answer 79

Port mirroring copies the traffic from a single port to a different or mirror port, but prevents bidirectional traffic on the port. It allows you to view all of the traffic for a single VLAN, no matter the switch where the traffic originates. Local port mirroring only uses ports from the same switch. Remote port mirroring uses ports from multiple switches.

Answer 80

A spanning tree prevents loops when more than one path can be used. Spanning Tree Protocol (STP) uses the Spanning Tree Algorithm (STA) to help a switch or bridge by allowing only one active path at a time. A switching loop or bridge loop occurs when there is more than one path between two endpoints. The loop causes broadcast storms because broadcasts and multicasts are forwarded by switches out every port. The switch will repeatedly rebroadcast the messages, thereby flooding the network. If a frame is sent into a looped topology, it can loop forever. You should allow physical loop, but create a loop-free logical topology using the shortest path bridging (SPB) protocol or the older spanning tree protocols (STP) on the network switches.

Answer 81

Trunking (802.1q) allows different switches to support the same virtual LAN (VLAN) using frame-tagging. For example, when two ports on Switch A are connected to one port on Switch B, trunking has been implemented. Frame tags will be used to route the communication appropriately. If you need to add a switch to a room through which laptops can connect for full network access, you should configure a trunk on a switch port for both switches, the new switch in the room and the switch to which the new switch connects.

Answer 82

For the Network+ exam, you also need to understand Link Aggregation Control Protocol (LACP), also referred to as 802.3ad. LACP supports automatic link configuration and prevents an individual link from becoming a single point of failure. With this protocol, traffic is forwarded to a different link if a link fails. LACP allows network administrators to configure two or more links to pass traffic as if they were one physical link.

Answer 83

You should implement a unified communication (UC) gateway to connect the VoIP network to your company's PBX. Unified communications include VoIP, video, real-time services, quality of service (QoS), and UC devices. VoIP allows you to transmit voice communications over an IP network. Real-time services include instant messaging, presence information, voice, mobility features, conferencing services, desktop sharing, data sharing, call control, and speech recognition. Real-time services support both multicast and unicast communications. In unicast, one packet is transmitted to only one destination at a time. On the other hand, multicast sends packets to multiple destinations which is represented by a group address. UC devices include UC servers, UC devices, and UC gateways. UC servers are responsible for managing the UC communications. UC devices help transport and monitor UC. UC gateways connect VoIP networks to other types of networks, such as PBX networks.

Answer 84

For VoIP implementations, you also need to understand VoIP private branch exchange (PBX) and VoIP gateway. A VoIP PBX is a device where voice traffic is encapsulated inside data packets for transmission across a data network. A VoIP PBX operates between a VoIP network and a traditional telephone network. A VoIP gateway is a device that converts telephony traffic into IP for transmission over a data network. PBX systems are closely linked with the PSDN network, but existing PBX systems can also be migrated to VoIP using suitable adapters. A VoIP adapter used in combination with a PBX system constitutes an IP-PBX adapter that may be used to interface a PBX with an IP network and its VoIP devices. IP-ISDN fills the same role for ISDN-based PBX systems, where and IP-ISDN adapter may be used to interface an ISDN-PBX with an IP network and its VoIP devices.

Answer 85

The company must deploy one or more VoIP-PSTN gateways. These devices establish the routing of calls to the existing PSTN network. Such gateways connect to the PSTN network through T1/E1/J1, ISDN, or FXO interfaces.

Answer 86

IP-PBX adapters permit VoIP devices to interact with PBX-based devices for calling. They do not support communications with the existing PSTN network.

Answer 87

IP-ISDN adapters permit VoIP devices to interact with ISDN-based PBX systems. Like IP-PBX adapters, IP-ISDN adapters do not support communications with the existing PSTN network.

Answer 88

The advantage of wireless bridges over E1/T1 lines is that wireless bridges support higher bandwidth than E1/T1 lines, and E1/T1 lines tend to be more expensive in the long term. Wireless bridges provide connectivity between two geographically separated LANs. These bridges are designed to provide outdoor deployments for connecting two or more remote locations. These bridges can be deployed for either point-to-point or point-to-multipoint wireless local area networks (WLANs). Wireless bridges can be deployed to interconnect two remote locations, up to a distance of 25 miles (40.2 Kms), with the integration of high-gain antennas. A wireless bridge products support a maximum of 54 Mbps of bandwidth. The disadvantage of using wireless bridging is that you need line-of-sight between the installation sites to provide WLAN connectivity.

Answer 89

A primary drawback of a network-based intrusion detection system (NIDS) is that it cannot detect an attack on a host if the intruder is logged on to the host computer. The simplest kind of IDS to implement is a pattern-matching NIDS. However, they have the disadvantage of generating an infinite volume of false positive alerts, and can flood the system with useless data when the defined signatures are not specific enough.

Answer 90

An NIDS is passive when it acquires data over the network. A primary advantage of NIDS is its usage of reliable real-time information to monitor the network without consumption of many resources. The primary disadvantage of a NIDS is its inability to analyze encrypted information. For example, the packets that traverse through a Virtual Private Network (VPN) tunnel cannot be analyzed by the NIDS. An NIDS can monitor either a complete network or some portions of a segregated network. It remains passive while acquiring the network data. For example, an intrusion detection system (IDS) can be placed on the internal network to monitor either real-time traffic or a de-militarized zone (DMZ). In a DMZ, public servers such as e-mail, DNS, and FTP servers are hosted by an organization to segregate these public servers from the internal network. An NIDS monitors real-time traffic over the network, captures the packets, and analyzes them either through a signature database or against the normal traffic pattern behavior to ensure that there are no intrusion attempts or malicious threats. NIDS finds extensive commercial implementation in most organizations.

Answer 91

NIDS does not monitor specific workstations. A host-based IDS (HIDS) monitors individual workstations on a network. An intrusion detection agent should be installed on each individual workstation of a network segment to monitor any security breach attempt on a host.

Answer 92

You need to implement frame tagging on both switches to ensure that the VLANs that were originally implemented are spread across both switches. Tagging is a technique that adds a small header to the frame as it is passed between devices in order to maintain the original VLAN broadcast domain. In normal Ethernet, there is no tagging. Tagging is implemented only when trunking VLANs between devices is involved. If you only have one switch, an untagged VLAN is just fine. If you have two or more switches and you want all of the VLANs to talk with each other, they will all need the same tag. A frame-tagging VLAN is not used to isolate IP and IPX traffic. A frame-tagging VLAN is a type of port-based VLAN that uses frame tagging to allow VLANs to be spread across multiple switches. You should not create a port-based, protocol-based, or subnet-based VLAN on both switches. The original switch is already configured to use port-based switching. Port-based switching alone will not ensure that the VLANs that were originally implemented are spread across both switches. Neither will protocol-based or subnet-based switching.

Answer 93

You should implement a protocol-based VLAN. This will allow you to isolate the IP and IPX traffic. With protocol-based VLANs, each VLAN is configured to support a single protocol.

Answer 94

A port-based VLAN is not used to isolate IP and IPX traffic. With this type of VLAN, each port on the switch is assigned to a VLAN. Devices attached to that port automatically becomes members of that VLAN.

Answer 95

A subnet-based VLAN is not used to isolate IP and IPX traffic. With this type of VLAN, each subnet on your network is assigned to a VLAN. Devices are part of a subnet based on the subnet to which the device's IP address belongs.

Answer 96

If you implement 802.1q, you are implementing VLAN trunking. It allows traffic from all VLAN to cross a single cable between two switches. If 802.1q were not implemented, each separate VLAN would require its own port connection. Trunking (802.1q) allows different switches to support the same virtual LAN (VLAN) using frame-tagging. For example, when two ports on Switch A are connected to one port on Switch B, trunking has been implemented. Frame tags will be used to route the communication appropriately. If you need to add a switch to a room through which laptops can connect for full network access, you should configure a trunk on a switch port for both switches, including the new switch in the room and the switch to which the new switch connects.

Answer 97

The 802.1d standard implements Spanning Tree Protocol (STP), which prevents looping.

Answer 98

A static route will be preferred because it has the lowest administrative distance. Administrative distance is a feature that is used to select the best path when two or more routes to the same destination exist. These multiple routes are the result of different protocols being available to be used. Routing protocols are dynamic routing methods. With the default configuration, a router will prefer static routes to dynamic routes. The default administrative distances for the offered options are: RIP − 120 OSPF − 110 BGP − 20 Static − 1 When Routing Information Protocol (RIP), Open Shortest Path First (OSPF), Border Gateway Protocol (BGP), and static routing is enabled on a router, the router will prefer the static route. Static routing does not consume the network bandwidth that dynamic routing does because static routing does not require routing broadcasts over the network. However, in large networks, dynamic routing is a better choice because static routing requires manual updates to all routing tables. In dynamic routing, convergence occurs when all devices have learned of a routing table change and have updated their routing table. If a router receives a packet for a destination not on the router's routing table, it usually forwards the packet to the next available router until the packet is "forwarded out." However, if the router is configured with a gateway of last resort, it will automatically forward a packet for an unknown destination to the gateway of last resort.

Answer 99

For the Network+ exam, you need to understand static vs dynamic vs default routes. Static routes are manually configured by an administrator. Dynamic routes are discovered by the devices through the messages that they send out. Default routes are the routes on a computer that define the packet forwarding rule to use when no specific route can be determined for a given destination address.

Answer 100

Border Gateway Protocol (BGP) is categorized as an EGP. An EGP is used between autonomous networks. BGP uses an algorithm to determine the quickest route between networks. When a company needs to implement highly available data centers, BGP allows a company to continue to maintain an Internet presence at all data center sites in the event that a WAN circuit at one site goes down. Routing Information Protocol (RIP), Intermediate System to Intermediate System (IS-IS), and Open Shortest Path First (OSPF) are categorized as Interior Gateway Protocols (IGPs). RIPv2 was developed to address the deficiencies of RIP and includes support for Classless Inter-Domain Routing (CIDR). RIP is considered a distance-vector protocol. OSPF is a link-state protocol. BGP is a hybrid protocol. Enhanced Interior Gateway Routing Protocol (EIGRP) is an IGP. EIGRP is a distance-vector protocol. All of the routing protocols mentioned can be used in IPv4/IPv6 networks.

Answer 101

A media converter should be used to connect the networks of the two offices because they use two different types of media. Media converters work on the Physical layer of the OSI model. A gateway allows two computers with no protocols in common to communicate. A Channel Service Unit/Digital Service Unit (CSU/DSU) is a device typically required by leased lines, such as T1 lines, to terminate their media connection to your LAN. A modem converts computer signals to travel over telephone and cable lines. Types of media converters include the following: Single-mode fiber to Ethernet Multi-mode fiber to Ethernet Fiber to coaxial Single-mode fiber to multi-mode fiber

Answer 102

You should understand the placement of these devices for the Network+ exam. Media converters are placed where two different types of media meet. A gateway is placed where two different types of computers meet. A CSU/DSU is placed where the leased line meets your local network. An internal modem is installed in the device that needs the ability to make calls, while an external modem is installed near the device needing that ability and connected to it and the telephone line.

Answer 103

A signature-based IDS relies upon a database that contains the identities of possible attacks. This database is known as the signature database. A signature-based IDS watches for intrusions that match a known identity or signature. The signature database must be updated for a signature-based IDS to remain effective.

Answer 104

A network-based IDS is attached to the network in a place where it can monitor all network traffic. It implements passive and active responses. Passive responses include logging, notification, and shunning. Active responses include terminating processes or sessions, network configuration changes, and deception

Answer 105

An anomaly-based IDS detects activities that are unusual. With this type of IDS, there is an initial learning period before anomalies can be detected. Once the baselines are established, an anomaly-based IDS can detect anomalies. Sometimes the baseline is established through a manual process.

Answer 106

A behavior-based IDS looks for behavior that is not allowed and acts accordingly.

Answer 107

The 802.11a wireless local area networks (WLANs) use the 5-GHz frequency band. 802.11a WLANs use the 5-GHz frequency band with Orthogonal Frequency Division Multiplexing (OFDM). OFDM supports a maximum data rate of 54 Mbps. 802.11b WLANs use the 2.4-GHz frequency band for transmission with Direct Sequence Spread Spectrum (DSSS). DSSS supports a maximum data rate of 11 Mbps. 802.11a WLAN equipment does not use the 900-MHz or 2.9-GHz frequency bands for transmission. The maximum data rate is often referred to as maximum bandwidth. Channel bandwidth is the amount of bandwidth within a single channel used by the frequency.

Answer 108

802.11b wireless local area networks (WLANs) use the 2.4-GHz frequency band. 802.11g WLANs also use this frequency band. 802.11b WLANs use 2.4-GHz frequency band with Direct Sequence Spread Spectrum (DSSS). DSSS supports a maximum data rate of 11 Mbps. 802.11a WLANs use 5-GHz frequency band with Orthogonal Frequency Division Multiplexing (OFDM). OFDM supports maximum data rate of 54 Mbps. 802.11n WLANs can operate in both the 2.4-GHz frequency band and the 5-GHz frequency band. It will allow you to use both 802.11a and 802.11g devices. It will also support legacy devices. In 802.11n networks, you can modify the spectrum that is used. An 802.11a device that connects to an 802.11n network will use an 802.11a-ht connection type. An 802.11g device that connects to an 802.11n network will use an 802.11g-ht connection type. While wireless networks allow computers to connect to your network using a wireless connection, they also allow cell phones, laptops, tablets, gaming devices, media devices, and other mobile devices to connect to a network.

Answer 109

A hardware firewall is also referred to as an appliance firewall. Appliance firewalls are often designed as stand-alone black box solutions that can be plugged in to a network and operated with minimal configuration and maintenance. An application firewall is typically integrated into another type of firewall to filter traffic that is traveling at the Application layer of the Open Systems Interconnection (OSI) model. An embedded firewall is typically implemented as a component of a hardware device, such as a switch or a router. A software firewall is a program that runs within an operating system, such as Linux, Unix, or Windows 2000. If you set up a subnet with computers that use peer-to-peer communication, a software firewall is probably the best firewall solution. Firewalls can be used to create demilitarized zones (DMZs). A DMZ is a network segment placed between an internal network and a public network, such as the Internet. Typically, either one or two firewalls are used to create a DMZ. A DMZ with a firewall on each end is typically more secure than a single-firewall DMZ. However, a DMZ implemented with one firewall connected to a public network, a private network and a DMZ segment is cheaper to implement than a DMZ implemented with two firewalls.

Answer 110

A hub is a central point of connection between media segments. There are two primary types of hub: passive and active. A passive hub sends received signals out through all of its ports except the one through which the signal was received. It does not amplify or regenerate the signal. Therefore, it does not require electricity to operate. This type of hub is used mainly to provide communication flow through the network. An active hub also sends data out all of its ports except the one through which the signal was received, but amplifies or regenerates the signal as it sends it out the ports. Therefore, it does require electricity to operate. It can effectively double the length of the network segment. For example, you can extend an Ethernet segment to 200 meters (656 feet), rather than its usual 100 meters (328 feet), by placing a hub at the midpoint of the segment. Another type of hub is a hybrid hub, which is used to connect different types of cabling. Typically, the hybrid hub will connect to sub-hubs, which connect to computers. Switching hubs, also known as a switches or Layer 2 switches, also serve as connection points between media segments. Unlike other types, these hubs build a table of MAC addresses. Thus, they are able to send the signal out through the specific port leading to the destination, rather than through all of the ports.

Answer 111

An application-level proxy firewall most detrimentally affects network performance because it requires more processing per packet. The packet-filtering firewall provides high performance. Stateful and circuit-level proxy firewalls, while slower than packet-filtering firewalls, offer better performance than application-level firewalls. Kernel proxy firewalls offer better performance than application-level firewalls. An application-level firewall, or Layer 7 firewall, creates a virtual circuit between the firewall clients. Each protocol has its own dedicated portion of the firewall that is concerned only with how to properly filter that protocol's data. Unlike a circuit-level firewall, an application-level firewall does not examine the IP address and port of the data packet. Often, these types of firewalls are implemented as a proxy server. A proxy-based firewall provides greater network isolation than a stateful firewall. A stateful firewall provides greater throughput and performance than a proxy-based firewall. In addition, a stateful firewall provides some dynamic rule configuration with the use of the state table.

Answer 112

Virtual local area networks (VLANs) allow you to segment a network and isolate traffic to different segments. Each segment (such as Sales, Administration, Manufacturing, or Accounting) can become its own VLAN. VLANs are created by tagging and untagging ports on a switch. A trunk port, which serves as the connection between switches, tags the VLAN traffic. An access port, which is the connection to an end device, does not tag. Port tagging and VLANs are not used in unsegmented networks. MAC address tables contain the MAC address of any device on the network and the corresponding port on the switch to which it is attached. In instances where a VLAN is implemented, the MAC address table will also have the associated VLAN for that port. However, MAC address tables alone do not provide the network segmentation. ARP tables show the relationship of IP addresses to MAC addresses and are located on most devices. While they help the devices may routing decisions, they do not provide network segmentation.

Answer 113

You could deploy bridges or switches, which use STP to prevent loops in the network when more than one path can be used. STP uses the Spanning Tree Algorithm (STA) to help a switch or bridge by allowing only one active path at a time. STP can prevent network congestion and broadcast storms. Routers and hubs do not use STP.

Answer 114

There are two types of STP: spanning tree (802.1d) and rapid spanning tree (802.1w). 802.1d is an older standard that was designed when a minute or more of lost connectivity was considered acceptable downtime. In Layer 3 switching, switching now competes with routed solutions where protocols such as Open Shortest Path First (OSPF) and Enhanced Interior Gateway Routing Protocol (EIGRP) provide an alternate path in less time. You can implement a layer 3 switch and virtual LANs (VLANs) to limit the amount of broadcast traffic on a network and allow different segments to communicate with each other. The 802.1w protocol was developed to improve performance. 802.1w bridges are fully distributed, while 802.1d switches agree on a root port. This root port acts differently than the other switches and is responsible for the network's connectivity. 802.1w defines roles for the ports and a new bridge protocol data unit (BPDU) format, which introduces the proposal/agreement mechanism. BPDU's handling and convergence is different in each protocol. 802.1w introduces these new features: - Rapid Transition To Forwarding State − includes new Edge Ports and Link Types variables. - Uplink Fast − distinguishes between port roles and uses alternate ports.

Answer 115

Network configuration and performance baselines are parts of the network documentation that assist with troubleshooting. In particular, performance baselines show how the network performs under typical loads, in terms of bandwidth used, packets dropped, throughput, or other metrics, for a given period of time. Later, when network issues occur, such as a perceived drop in network speed, the administrator can compare current conditions to the previously recorded baseline.

Answer 116

Standard operating procedures/work instructions represent key documents used to manage the network. While the two documents are related, they each have a different purpose. Standard operating procedures (SOPs) indicate what is to be done, as well as the responsible party. The work instructions describe how to execute the task identified in the SOP, but would not identify an active issue with throughput.

Answer 117

Rack diagrams depict the placement of network equipment, such as routers, switches, hubs, patch panels, and servers, in a standard 19” rack. Rack diagrams are particularly useful when planning server rooms and networking closets as the diagrams allow the engineer to determine the proper placement of equipment prior to the physical buildout. They also serve as a tool to help locate equipment for maintenance or repair, but not to identify an active issue with throughput.

Answer 118

Wiring and port locations should be a critical component of the network documentation. This documentation facilitates troubleshooting connectivity by not only identifying the IP or MAC address where the problem is located, but also the physical location of the problem. Wiring and port locations will not help you research performance issues until after the network configuration and performance baselines examined and compared to current performance.

Answer 119

The 802.11a and 802.11g Wireless Local Area Network (WLAN) transmission technologies are least affected by multipart distortion. Multipath distortion is caused by the reflection of radio frequency (RF) signal on surfaces while traveling between the transmitter and the receiver. These reflected signals reach the receiver with delay. This is also known as inter-symbol interference. This delayed signal adds distortion to the original signal that is directly sent to the antenna system of the receiver. 802.11a and 802.11g WLAN devices use Orthogonal Frequency Division Multiplexing (OFDM) modulation for transmission. Each 802.11a channel utilizes an RF bandwidth of 20 MHz in OFDM modulation. This 20-MHz channel is split into 52 channels with 300-KHz smaller sub-carriers, of which 48 are used for data transmission. The access point transmits the same data in the different frequency channels. When the data is sent on multiple frequencies instead of single frequency, the RF signal is less susceptible to the inter-symbol interference. This is because there is less probability that two signals will use the same sub-carrier frequency channel for transmission.

Answer 120

The IEEE 802.11 standard, which is the main standard for wireless LANs, specifies using Carrier Sense Multiple Access/Collision Avoidance (CSMA/CA) for its media access method. Like an Ethernet network, which uses Carrier Sense Multiple Access/Collision Detection (CSMA/CD), wireless adapter cards "sense," or listen, for network traffic before transmitting. If the network is free of traffic, the station will send its data. However, unlike an Ethernet network, wireless network cards cannot send and receive transmissions at the same time, which means that they cannot detect a collision. Instead, the sending station will wait for an acknowledgment packet (ACK) to be sent by the destination computer, verifying that the data was received. If, after a random amount of time, an acknowledgment has not been received, the sending station will retransmit the data. The 802.11 standard also refers to CSMA/CA as Distributed Coordination Function (DCF). Carrier Sense Multiple Access/Collision Detection (CSMA/CD) computers compete for the right to send data. In CSMA/CD, when a collision occurs, the computers sending the data wait a random amount of time before attempting to retransmit the data.

Answer 121

Token-passing access methods allow only the one computer that has the token to transmit data, meaning there is no contention for media access.

Answer 122

Demand priority is an 802.12 standard known as 100VG-AnyLAN. It operates at 100 Mbps. In the event of contention on the network, the higher-priority data is given access first

Answer 123

Modulation techniques − Modulation is the process of encoding source data onto a continuous carrier signal frequency. Multiplexing − Multiplexing allows multiple communications sessions to share the same physical medium. De-multiplexing − De-multiplexing separates 2 or more multiplexing channels. Analog and digital techniques − With analog, transmission of data is done in the form of continuous subjecforms. With digital, the transmission of discrete data uses two distinct electric states: '1' for "on" and '0' for "off". Time-division multiplexing (TDM) − TDM supports different communication sessions (for example, different telephone conversations in a telephony network) on the same physical medium by causing the sessions to take turns.

Answer 124

Numbering systems − Binary, hexadecimal, and octal refer to different number systems. In the decimal system, you use ten different symbols: 0, 1, 2, 3, 4, 5, 6, 7, 8, and 9. In a binary number system, you use only two symbols to represent numbers: 0 and 1. The hexadecimal system uses sixteen symbols to represent numbers: 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, A, B, C, D, E, and F. Octal uses eight symbols to represent all the quantities: 0, 1, 2, 3, 4, 5, 6, and 7.

Answer 125

OSPF is a link-state routing protocol which uses cost as a metric for optimal path calculation. It is an open standard protocol based on Dijkstra's Shortest Path First (SPF) algorithm. Routing metrics are used by routing protocols to determine the lowest cost path to a network number, which is considered the optimal or "fastest" path. Cisco's implementation of OSPF calculates the cost (metric) of a link as inversely proportional to the bandwidth of that interface. Therefore, a higher bandwidth indicates a lower cost and a more favorable metric The following are characteristics of OSPF: Uses Internet Protocol (IP) protocol 89. Has a default administrative distance of 110. Is an industry standard protocol (non-Cisco proprietary). Supports Non-Broadcast Multi-Access (NBMA) networks such as frame relay, X.25, and Asynchronous Transfer Mode (ATM). The default hello interval for NBMA networks is 30 seconds. Supports point-to-point and point-to-multipoint connections. Supports authentication. Uses 224.0.0.6 as multicast address for ALL D Routers. Uses 224.0.0.5 as multicast address for ALL SPF Routers. Uses link-state updates and SPF calculation that provides fast convergence. Recommended for large networks due to good scalability. Uses cost as the default metric.

Answer 126

Maximum Transmission Unit (MTU), bandwidth, delay (latency), load, and reliability form a composite metric used by Interior Gateway Routing Protocol (IGRP) and Enhanced Interior Gateway Routing Protocol (EIGRP). IGRP is a distance vector routing protocol developed by Cisco Systems. Enhanced IGRP (EIGRP) is a Cisco-proprietary, hybrid routing protocol that combines features of both distance-vector and link-state protocols.

Answer 127

Hop count is a metric used by Routing Information Protocol (RIP). The fewer hops between the routers, the better the path.

Answer 128

Loopback interface − allows you to test to ensure that the local network interface is working properly. The IPv4 address for the locate loopback is 127.0.0.1, and the IPv6 address for the loopback is ::1. By pinging this address, you can determine whether the local network interface is working.

Answer 129

Routing table − a data table that lists the routes to particular network destinations. They can be stored on a router or computer. The routes that are included can be manually configured by using the appropriate routing command or can be automatically configured by the router.

Answer 130

Default route − the route that takes effect when no other route can be determined for a given destination. All packets for destinations not established in the routing table are sent via the default route. In most cases, the default route is to the router closest to the computer.

Answer 131

Interior Gateway Routing protocols versus Exterior Gateway Routing Protocols − protocols that route between autonomous systems or routing domains are referred to as Exterior Gateway Routing Protocols. Interior Gateway Routing Protocols discover paths between networks within the same organizational boundary, and EGPs discover paths between autonomous systems.

Answer 132

Autonomous System (AS) Numbers − numbers assigned to network operators by the Internet Assigned Numbers Authority (IANA) and the Regional Internet Registries (RIRs).

Answer 133

Route redistribution − when you take a route from one routing protocol and distribute it to another protocol. By default, routers only advertise and share routes with other routers running the same protocol. If you have an OSPF router and an EIGRP router and you want them to know each other's routes, you would implement route redistribution so the two different protocols can share and advertise routes to each other.

Answer 134

High availability − can be ensured by implementing the following: Virtual Router Redundancy Protocol (VRRP) − a protocol that manages virtual routers. VRRP sets up VRRP clusters. Virtual IP − an address assigned to virtual routers.

Answer 135

Hot Standby Router Protocol (HSRP) − a Cisco proprietary first-hop redundancy protocol (FHRP) designed to allow for transparent fail-over of the first-hop IP router.

Answer 136

Route aggregation − minimizes the number of routing tables required in an IP network organizing network layer IP addresses in a hierarchical way so that addresses are topologically significant.

Answer 137

Shortest Path Bridging (SPB) − a routing protocol that identifies loop-free shortest paths to help with traffic engineering.

Answer 138

You should use the 802.11b and 802.11g wireless access points. These two standards operate at the 2.4 GHz frequency and can be used interchangeably. If you deploy all of these access points, you will need to ensure that each of them uses a different channel to prevent interference between them. You cannot use 802.11a wireless access points with 802.11b or 802.11g wireless access points. 802.11a wireless access points operate at the 5 GHz frequency. Therefore, a solution that includes 802.11a will only provide two wireless access points.

Answer 139

VLANs place users from many locations into the same broadcast domain. A single VLAN can span multiple physical LAN segments. VLANs can be based on work function, common applications or protocols, departments, or other logical groupings. An example of a work function VLAN would be grouping all executives into the same broadcast domain. The three main benefits of VLANs are security, segmentation, and flexibility. Flexibility and segmentation are important because today's networking environment is no longer limited to a single location. With multiple district, branch, and home offices, traditional LANs are very inefficient. VLANs address these issues by allowing users to be grouped by functions, common applications, departments, and various other logical groupings. However, whichever criterion you use to group VLANs, you should be consistent throughout the network. VLANs improve security by controlling broadcasts and forcing upper-layer security checks so that all devices cannot communicate using Layer 2 alone. A VLAN's primary purpose is not to provide micro-segmentation for a single geographic location. VLANs do not provide switchless networking using virtual addresses, and VLANs can be grouped by multiple criteria, not just by their physical location. Note that each switch port is assigned to a single VLAN.

Answer 140

A packet-filtering firewall only examines the packet header information. A stateful firewall usually examines all layers of the packet to compile all the information for the state table. A kernel proxy firewall examines every layer of the packet, including the data payload. An application-level proxy firewall examines the entire packet. Packet-filtering firewalls are based on access control lists (ACLs). They are application independent and operate at the Network layer of the OSI model. They cannot keep track of the state of the connection. A packet-filtering firewall only looks at a data packet to obtain the source and destination addresses and the protocol and port used. This information is then compared to the configured packet-filtering rules to decide if the packet will be dropped or forwarded to its destination. When implemented on a firewall, port security specifically allows or denies traffic based on which port is being used.

Answer 141

Shared authentication and open authentication were the two insecure methods of authentication under WEP. Under Shared Key Authentication (SKA), all of the clients used the same key, making the key very vulnerable to being cracked. This would be like giving every customer the keys to your business and once inside, they can do anything they want. Authentication for wireless can be configured to OSA or open system authentication (no authentication), shared key authentication (SKA), pre-shared key (PSK), or 802.1x/EAP. An open wireless network does not require any form of authentication key, which is like leaving the front door open.

Answer 142

In a wireless network, a preshared key (PSK) is an encryption method used with WPA Personal or WPA2 personal. PSK is appropriate for Small Office Home Office networks. A user will request access to the wireless network, supply a passphrase, which is then used with the Service Set Identifier (SSID) to generate a unique encryption key.

Answer 143

Authentication and authorization are two of the three security principles in Authentication, Authorization, and Accounting (AAA). Authentication is validating that a user is who they say they are. This is, in essence, an identity check. Validation is often accomplished with the user supplying a user name and a password, but there are other methods available, such as biometrics. Once authenticated, the next step is determining to which network resources should be granted to the user. This process is called authorization. Accountability or accounting is holding personnel accountable for their actions. Accounting is accomplished by comparing the audit logs with the authorization settings and the security policy in order to determine compliance or violation. These audit logs are designed to keep a chronological and security-relevant collection of various records that revolve around a specific operation, device, or event. Teams should consistently and thoroughly review these logs to ensure compliance and to monitor for suspicious behaviors.

Answer 144

An intrusion prevention system (IPS) detects network intrusion attempts and controls access to the network for the intruders. An IPS is an improvement over an intrusion detection system (IDS) because an IPS actually prevents intrusion.

Answer 145

Time Division Multiple Access (TDMA) is obsolete. It is a multiplexing technique used to combine multiple signals in a single wireless cellular channel. It is a 2G cellular technology that was largely decommissioned in 2007-2009.

Answer 146

Code-division multiple access (CDMA) refers to a multiplexing technique used to combine multiple signals in a single wireless cellular channel. CDMA applies to both 2G and 3G cellular networks, and remains in wide use today at carriers such as Sprint, Virgin Mobile, and Verizon Wireless.

Answer 147

Enhanced Data Rates for GSM Evolution (EDGE) is three times faster than GSM (but based on GSM technologies). EDGE capabilities are roughly equivalent to those delivered on the original iPhone in late June 2007. It is still in use today.

Answer 148

Global System for Mobile (GSM) communications is the world's most widely used cellphone technology. In the USA, T-Mobile, AT&T, and many other smaller cellular providers use GSM on their networks. Overseas, India, Russia, and China all have more GSM phone users than the USA. GSM is the best choice for those who need to use their cellphones outside the USA. Because GSM is still widely used today, it would not be obsolete and unusable in the vehicles.

Answer 149

Long Term Evolution (LTE) is an IP-based 4G cellular technology that started rolling out in 2012.

Answer 150

Omnidirectional antennas radiate in a 360-degree pattern in the horizontal plane. The radiation pattern of an antenna defines the use of the antenna for WLAN deployments. Omnidirectional antennas have 360 degrees of coverage in the horizontal plane. These antennas are used for point-to-multipoint WLAN deployments for smaller areas. The combination of omnidirectional and directional antennas is used for long-distance point-to-multipoint bridging applications.

Answer 151

Patch antennas are unidirectional antennas with a wide beam width. Patch antennas are used for wide directional radiation patterns. Cisco manufactures 6.5-dBi diversity patch wall mount antennas that broadcast a 55-degree radiation pattern for the 2.4-GHz frequency band. Yagi antennas are unidirectional antennas and have coverage pattern of 28 to 80 degrees in the 2.4-GHz frequency band. Cisco provides 13.5 dBi Yagi antennas with a 25-degree radiation pattern. Yagi antennas are used for point-to-multipoint and point-to-point directional WLAN deployments. Yagi antennas have a small physical footprint and minimal weight as compared to the other options.

Answer 152

The parabolic dish antennas are very high-gain antennas and have very sharp beam in radiation. Cisco provides 21 dBi parabolic dish antennas with a radiation pattern of 12 degrees for the 2.4-GHz frequency band. Parabolic dish antennas are used for point-to-point, long distance WLAN bridging deployments.

Answer 153

The characteristics match with the 802.11 specifications as follows: 802.11a − 5 GHz, up to 54 Mbps 802.11b − 2.4 GHz, up to 11 Mbps 802.11g − 2.4 GHz, up to 54 Mbps 802.11n − 2.4 or 5 GHz, up to 600 Mbps 802.11g devices are backwards compatible with 802.11b devices.

Answer 154

802.11ac operates in the 5GHz band up to 1 Gbps. You should use 802.11ac if you need to support HD video streaming to multiple devices. Spatial streams can be deployed in 802.11ac to support a higher bandwidth. For example, if your company requires a 800-Mbps wireless network throughput, you could deploy 802.11ac with 2 spatial streams and an 80 MHz bandwidth.

Answer 155

The newest generation of Wi-Fi is known as 802.11ax or Wi-Fi 6. 802.11ax builds on the strengths of 802.11ac by improving efficiency, flexibility, and scalability to allow new and existing networks to have increased speed and capacity. 802.11ax can transmit on either the 2.4 or 5 GHz bands, with plans to expand into the 6 GHz band. As of this writing, the planned maximum speed for 802.11ax is 3.5 Gbps.

Answer 156

You should deploy media converters between the wiring centers on each floor. By definition, a media converter maintains network characteristics, but permits dissimilar media to be linked together. A pair of media converters that can interlink TP (RJ-45) cables and some kind of standard fiber-optic interface would be a good solution for this scenario. They would permit you to use a single- or multi-mode duplex fiber optic cable to bridge the gap between floors in your office building. Multi-mode makes the most sense here because it is cheaper to purchase and install.