3. Network Operations Flashcards
This refers to visual maps of network cabling, ports, and physical layout.
Physical Diagram
This diagram shows virtual/logical connections like VLANs, IP routing, and firewall zones.
Logical Diagram
This diagram shows the physical placement and order of equipment in a rack.
Rack Diagram
This type of diagram details the pathways and labels for all networking cables.
Cable Map / Cable Diagram
This shows how physical devices are connected (e.g., cables, interfaces).
Layer 1 Network Diagram
This type of diagram includes MAC addresses, switches, and VLAN information.
Layer 2 Network Diagram
This diagram shows IP routing paths, subnets, and routers.
Layer 3 Network Diagram
This is a database or list of all hardware, software, and related licenses used by an organization.
Asset Inventory
This tool helps manage and track IP addresses and subnet allocations.
IP Address Management (IPAM)
This is a formal agreement defining performance metrics and support expectations between provider and client.
Service-Level Agreement (SLA)
This visual tool shows wireless signal strength and coverage areas.
Wireless Survey / Heat Map
This marks the point when a product is no longer sold or updated with new features.
End-of-Life (EOL)
This marks when a vendor no longer provides patches, updates, or support for a product.
End-of-Support (EOS)
This includes managing and updating OS versions, patches, and firmware.
Software Management
This is the formal process of removing outdated equipment or software from production.
Decommissioning
This is a structured workflow for submitting, evaluating, and approving network changes.
Change Management
This process ensures accurate, secure, and consistent network configurations are tracked and recoverable.
Configuration Management
This is the current configuration of a device actively in use.
Production Configuration
This is a stored copy of a device’s configuration used for recovery or rollback.
Backup Configuration
This is a validated and approved standard config used to compare and deploy future builds.
Baseline / Golden Configuration
Used by network teams, this diagram helps locate devices, ports, and cabling for installation and troubleshooting.
Physical Diagram
Useful in planning logical segmentation, VLANs, and IP flows, this diagram doesn’t show physical hardware.
Logical Diagram
Often used by data center technicians, this diagram ensures equipment is installed in the correct position and order.
Rack Diagram
Critical for cabling audits, this diagram shows cable paths, endpoints, colors, and labeling conventions.
Cable Map / Cable Diagram
This layer focuses on physical connections like cables, jacks, and patch panels.
Layer 1 Network Diagram
This diagram is key for managing MAC addresses, switch ports, and VLAN IDs.
Layer 2 Network Diagram
Used by network engineers, this diagram displays routing protocols, IP subnets, and next-hop relationships.
Layer 3 Network Diagram
Helps with tracking lifecycle stages, software licenses, and maintenance contracts for IT assets.
Asset Inventory
Often used with DHCP and DNS, this system prevents IP conflicts and supports efficient subnet planning.
IP Address Management (IPAM)
Defines uptime, response time, and service quality expectations between IT providers and customers.
Service-Level Agreement (SLA)
This visual layout is used during wireless deployments or troubleshooting to ensure strong signal coverage.
Wireless Survey / Heat Map
No longer manufactured or sold, this status helps teams plan replacement strategies.
End-of-Life (EOL)
Once this is reached, vendors won’t offer patches or support—posing a security and reliability risk.
End-of-Support (EOS)
Includes OS updates, firmware upgrades, and patch management to maintain secure and stable systems.
Software Management
When retiring equipment, this process ensures secure data wiping and proper documentation.
Decommissioning
Reduces risk by requiring proposed network changes to go through a review, testing, and approval process.
Change Management
Involves storing and comparing config files to prevent misconfigurations and ensure recovery readiness.
Configuration Management
This is the active config running on a device—can differ from stored or baseline versions.
Production Configuration
Stored on flash, TFTP, or other locations, this config is used to recover or revert devices.
Backup Configuration
This validated config serves as the template or ‘known good’ for building or auditing other systems.
Baseline / Golden Configuration
Which type of diagram shows switch connections, MAC addresses, and VLAN assignments?
A. Physical diagram
B. Layer 2 diagram
C. Layer 1 diagram
D. Rack diagram
B. Layer 2 diagram
Which system helps prevent duplicate IP addresses and tracks DHCP usage and subnet allocation?
A. DNS
B. RADIUS
C. IPAM
D. SLA
C. IPAM
Which document defines guaranteed service levels such as uptime and response time between two parties?
A. Asset inventory
B. IPAM report
C. Service-level agreement
D. Change log
C. Service-level agreement
When a network device reaches end-of-support, what is the primary concern?
A. No new hardware features
B. No more firmware upgrades
C. Increased bandwidth
D. Security and support vulnerabilities
D. Security and support vulnerabilities
Which configuration state represents a validated, approved, and consistent template used to compare other devices?
A. Production configuration
B. Backup configuration
C. Golden configuration
D. Startup configuration
C. Golden configuration
What is the purpose of a wireless survey or heat map?
A. Manage bandwidth allocation
B. Display DNS and DHCP usage
C. Identify optimal access point placement and signal coverage
D. Configure MAC filtering
C. Identify optimal access point placement and signal coverage
Which process ensures that all changes to network configurations are reviewed and documented before implementation?
A. Configuration management
B. Change management
C. Decommissioning
D. Inventory control
B. Change Management
Where would a list of switch models, software licenses, and warranty info typically be stored?
A. Rack diagram
B. Logical diagram
C. Asset inventory
D. Change control log
C. Asset inventory
Which of the following is the running config currently applied to a network device?
A. Backup configuration
B. Baseline configuration
C. Startup configuration
D. Production configuration
D. Production configuration
What is the purpose of a patch panel in relation to documentation?
A. To organize IPAM
B. To simplify software upgrades
C. To document cable management and port mapping
D. To control voltage usage
C. To document cable management and port mapping
This protocol is used to monitor and manage network devices by exchanging management information.
SNMP (Simple Network Management Protocol)
This SNMP alert type is sent by a device to notify a manager of a significant event.
Trap
This SNMP database defines the structure of management data on a device.
Management Information Base (MIB)
This SNMP version supports community strings but lacks encryption.
SNMP v2c
This SNMP version adds encryption and authentication for secure monitoring.
SNMP v3
These are shared passwords used in SNMP v1/v2c to control access.
Community Strings
Used in SNMP v3, this confirms identity and optionally encrypts data.
Authentication
This data provides summaries of network traffic patterns (e.g., NetFlow, sFlow).
Flow Data
This captures detailed traffic data at the packet level for deep analysis.
Packet Capture
These are normal performance indicators used to compare against anomalies.
Baseline Metrics
These are notifications sent when performance deviates from the established baseline.
Anomaly Alerting / Notification
This process collects and stores logs from multiple devices in one place.
Log Aggregation
This tool collects logs using a standardized protocol, often UDP port 514.
Syslog Collector
This platform analyzes log and event data for security and performance issues.
SIEM (Security Information and Event Management)
This allows monitoring tools to interact with other systems and share data.
API Integration
This feature duplicates network traffic to a mirror port for monitoring or capture.
Port Mirroring
This process scans the network to find connected devices and systems.
Network Discovery
This type of discovery is manually initiated as needed.
Ad Hoc Discovery
This type of discovery runs at set intervals for ongoing device tracking.
Scheduled Discovery
This analyzes bandwidth usage and network flow patterns.
Traffic Analysis
This monitors device and link performance, including latency and throughput.
Performance Monitoring
This tracks whether devices or services are up or down.
Availability Monitoring
This ensures device configurations are tracked and compared for compliance or changes.
Configuration Monitoring
Commonly used with agents or agentless tools, this protocol allows for centralized monitoring of devices across a network.
SNMP
These are one-way messages that allow network devices to automatically send alerts to a management station.
SNMP Traps
Without this SNMP component, a management station wouldn’t know what variables or metrics it can access.
Management Information Base (MIB)
This version of SNMP is widely used due to simplicity, but it lacks encryption and should be secured carefully.
SNMP v2c
Preferred in secure environments, this version adds encryption and secure authentication features.
SNMP v3
These are used in SNMP v1/v2c to control read/write access to devices. Poorly managed strings can be a security risk.
Community Strings
This ensures only trusted sources can interact with SNMP data—vital for maintaining network integrity.
SNMP Authentication
Instead of showing raw packets, this summarizes communication sessions and bandwidth usage, reducing overhead.
Flow Data
This allows for deep troubleshooting by viewing the actual contents of network traffic, but it can raise privacy and security concerns.
Packet Capture
By understanding what ‘normal’ looks like, these values help identify performance degradation or intrusions.
Baseline Metrics
Sent automatically by monitoring systems, these flag when traffic or performance deviates from normal.
Anomaly Alerting / Notification
Consolidating log data into one place reduces overhead and simplifies analysis.
Log Aggregation
This type of server listens for messages from network devices, often using UDP port 514.
Syslog Collector
This centralized platform correlates security, performance, and log data to detect threats and monitor operations.
SIEM
Lets monitoring platforms pull/push data from other systems, enabling automation and integration.
API Integration
Used on switches, this sends traffic from one port to another for inspection without affecting the flow.
Port Mirroring
Used to discover unknown devices or audit existing networks, this process reveals all connected endpoints.
Network Discovery
This type of discovery is manually triggered to provide a quick snapshot of the current network.
Ad Hoc Discovery
This type of discovery helps maintain up-to-date topology maps over time.
Scheduled Discovery
Used to find bandwidth hogs or identify unusual flows, this type of analysis is key in congestion troubleshooting.
Traffic Analysis
Tracks metrics like CPU usage, interface errors, and latency to ensure smooth operation of network devices.
Performance Monitoring
Alerts when critical devices like firewalls or switches become unreachable.
Availability Monitoring
Compares current configs to approved versions and alerts when changes occur.
Configuration Monitoring
Which protocol is commonly used to collect performance metrics from switches and routers?
A. FTP
B. SNMP
C. HTTPS
D. DNS
B. SNMP
Which SNMP version adds support for authentication and encryption?
A. SNMPv1
B. SNMPv2c
C. SNMPv3
D. SNMPv4
C. SNMPv3
What are SNMP traps used for?
A. Encrypting MIBs
B. Logging CLI activity
C. Alerting management systems of device events
D. Pinging neighboring devices
C. Alerting management systems of device events
Which SNMP component defines which metrics and data points are available on a managed device?
A. Trap
B. Community string
C. MIB
D. Flow record
C. MIB
Which method provides summarized statistics on bandwidth, protocols, and communication between hosts?
A. Packet capture
B. Flow data (e.g., NetFlow)
C. Syslog
D. SNMP
B. Flow data (e.g., NetFlow)
Which monitoring method is used to analyze the contents of individual network frames and packets?
A. Flow data
B. Packet capture
C. SNMP
D. Baseline metrics
B. Packet Capture
What does a baseline metric provide in network monitoring?
A. Firewall rules
B. IP address allocations
C. A comparison point for detecting anomalies
D. Network maps
C. A comparison point for detecting anomalies
Which tool collects logs from multiple devices and centralizes them for correlation and security analysis?
A. Port mirror
B. Syslog
C. SIEM
D. MIB
C. SIEM
Which feature on a switch is used to send a copy of traffic to a monitoring port?
A. Flow export
B. Port mirroring
C. SNMP
D. NAT
B. Port mirroring
Which discovery method would you use if you wanted to manually scan a network right now?
A. Flow-based
B. Ad hoc
C. Scheduled
D. Passive
B. Ad hoc
This protocol assigns IP addresses dynamically to clients on a network.
DHCP (Dynamic Host Configuration Protocol)
This DHCP feature ensures a specific MAC address always gets the same IP.
Reservation
This defines the range of IP addresses a DHCP server can assign.
Scope
This sets the duration a device can use an assigned IP address.
Lease Time
These are additional DHCP settings like DNS server or default gateway.
DHCP Options
This allows DHCP traffic to reach servers on different subnets.
DHCP Relay / IP Helper
This prevents specific IPs within a scope from being assigned to clients.
Exclusion
This IPv6 feature allows devices to configure their own addresses without a DHCP server.
SLAAC
This system translates domain names into IP addresses.
DNS (Domain Name System)
This adds cryptographic validation to DNS responses to prevent spoofing.
DNSSEC
This encrypts DNS queries using HTTPS.
DoH (DNS over HTTPS)
This encrypts DNS queries using TLS.
DoT (DNS over TLS)
This DNS record maps a domain name to an IPv4 address.
A Record
This DNS record maps a domain name to an IPv6 address.
AAAA Record
This record creates an alias to another domain name.
CNAME Record
This record defines which mail server handles email for a domain.
MX Record
This record holds arbitrary text—often used for SPF and DKIM.
TXT Record
This record identifies the authoritative DNS server for a domain.
NS Record
This record maps an IP address to a domain name (used in reverse DNS).
PTR Record
This DNS zone resolves domain names to IP addresses.
Forward Zone
This DNS zone resolves IP addresses to domain names.
Reverse Zone
This response comes from a server that holds original data.
Authoritative Response
This response is based on cached or relayed data, not from the source.
Non-Authoritative Response
This DNS server holds the original zone file and can be modified.
Primary DNS Server
This DNS server gets a read-only copy of the zone from a primary server.
Secondary DNS Server
This type of query has the DNS server do all lookups on behalf of the client.
Recursive Query
This local file maps hostnames to IPs and is checked before DNS.
Hosts File
This protocol synchronizes clocks on devices over the internet.
NTP (Network Time Protocol)
This is a higher-precision clock synchronization protocol used in LANs.
PTP (Precision Time Protocol)
This secures NTP messages using encryption and authentication.
NTS (Network Time Security)
This metric defines the maximum amount of acceptable data loss in the event of a disaster, shaping backup frequency.
Recovery Point Objective (RPO)
This metric sets the target duration to fully restore services after a disruption—it drives decisions around redundancy and staffing.
Recovery Time Objective (RTO)
Used in SLAs and maintenance planning, this tracks how long it typically takes to fix failed systems or components.
Mean Time to Repair (MTTR)
A reliability metric that predicts the expected time interval between system failures, often used in hardware selection.
Mean Time Between Failures (MTBF)
This site is the least expensive option and typically involves leasing space, but setup and restore can take days or weeks.
Cold Site
Often used by companies with moderate DR needs, this site includes powered-on hardware but requires data syncing before going live.
Warm Site
This site is kept fully in sync with production, allowing near-zero downtime but at the highest cost.
Hot Site
In this setup, both systems are live and share workloads; if one fails, the other continues processing without interruption.
Active-Active
This setup has a standby system that activates only when the primary fails, saving resources but introducing a brief delay.
Active-Passive
This low-cost test format brings stakeholders together to walk through the DR plan using hypothetical scenarios.
Tabletop Exercise
This real-world simulation involves executing recovery procedures to ensure systems, backups, and personnel can meet DR objectives.
Validation Test
Which metric defines how much data loss is acceptable in a disaster recovery scenario?
A. RTO
B. MTTR
C. RPO
D. MTBF
C. RPO
Which metric describes the time allowed to fully restore systems after an outage?
A. RPO
B. RTO
C. MTBF
D. Uptime SLA
B. RTO
What does MTTR represent in disaster recovery planning?
A. Time between full system upgrades
B. Time required to repair and restore failed services
C. Downtime that users can tolerate
D. Amount of recoverable data
B. Time required to repair and restore failed services
Which metric predicts how often a system or component is likely to fail?
A. MTTR
B. RPO
C. MTBF
D. SLA
C. MTBF
Which type of disaster recovery site contains no hardware or data and may take the longest to become operational?
A. Hot site
B. Cold site
C. Warm site
D. Backup site
B. Cold site
Which type of site includes powered hardware but typically requires data synchronization before use?
A. Cold site
B. Archive site
C. Warm site
D. Live site
C. Warm site
Which site type is fully functional, continuously synchronized, and ready for immediate use?
A. Warm site
B. Cold site
C. Off-site backup
D. Hot site
D. Hot site
In which high-availability setup are all systems active and sharing the workload simultaneously?
A. Active-passive
B. Active-active
C. Cold-hot
D. Primary-secondary
B. Active-active
Which test type involves simulating a disaster and walking through the recovery plan without touching systems?
A. Validation test
B. Failover test
C. Tabletop exercise
D. Live fire drill
C. Tabletop exercise
Which type of DR test verifies that the systems can be fully restored and function as expected?
A. Simulation
B. Tabletop
C. Validation test
D. Walkthrough
C. Validation test
This VPN type connects two separate sites, such as branch offices, using an encrypted tunnel.
Site-to-Site VPN
This VPN type allows individual remote users to connect to a central network.
Client-to-Site VPN
This client-to-site VPN method uses a browser-based portal—no software install required.
Clientless VPN
This VPN approach routes only some traffic through the tunnel, preserving local internet access.
Split Tunnel
This VPN approach routes all traffic through the VPN for maximum security.
Full Tunnel
This method of access uses a secure, encrypted command-line interface.
SSH (Secure Shell)
This access method involves interacting through a visual interface like a dashboard or web portal.
Graphical User Interface (GUI)
This method allows programmatic control and automation of network devices.
API (Application Programming Interface)
This is the physical port used to configure devices directly, often via serial cable.
Console
This hardened system provides an isolated, secure environment to access and manage network devices.
Jump Box / Jump Host
This management type uses the same production network for administrative access.
In-Band Management
This uses a dedicated, isolated path for managing devices—even if the production network is down.
Out-of-Band Management
Used to link entire office networks together securely over the internet, this type of VPN connects routers or firewalls.
Site-to-Site VPN
This type of VPN allows individual users—like remote workers—to securely connect to a corporate network.
Client-to-Site VPN
Often used from public devices, this VPN requires no install and runs in a web browser with limited functionality.
Clientless VPN
Allows only specific traffic (like corporate resources) to pass through the tunnel, while internet-bound traffic uses the local network.
Split Tunnel
Sends all traffic—including internet-bound—through the VPN tunnel, often used in high-security environments.
Full Tunnel
This secure protocol provides encrypted command-line access, replacing insecure protocols like Telnet.
SSH (Secure Shell)
Commonly used for firewalls, wireless controllers, and cloud platforms, this method lets users click through visual options.
Graphical User Interface (GUI)
Used in automation and integration, this method allows software to send commands and queries to devices or platforms.
API
This is a direct connection to a device using a serial cable, typically for initial config or when network access fails.
Console
Placed between the admin and sensitive devices, this hardened machine allows secure and controlled access into protected network zones.
Jump Box / Jump Host
Uses the main production network path for administrative access—easy but vulnerable if that network goes down.
In-Band Management
Uses a dedicated network path (e.g., separate NIC or management switch) that remains available even during production outages.
Out-of-Band Management
Which type of VPN is used to connect two networks, such as corporate offices?
A. Client-to-site VPN
B. Site-to-site VPN
C. Full tunnel VPN
D. Clientless VPN
B. Site-to-site VPN
Which VPN method allows remote users to connect without installing any client software?
A. Full tunnel VPN
B. Client-to-site VPN
C. Split tunnel VPN
D. Clientless VPN
D. Clientless VPN
In which VPN setup is only specific traffic (e.g., corporate resources) sent through the VPN tunnel?
A. Full tunnel
B. Split tunnel
C. Clientless
D. Site-to-site
B. Split tunnel
What access method provides secure, command-line access over an encrypted connection?
A. Telnet
B. GUI
C. SSH
D. SNMP
C. SSH
Which of the following allows automated tools and scripts to interact with network services and devices?
A. SSH
B. API
C. Console
D. GUI
B. API
What is a jump box used for in a secure network environment?
A. Automatically patch devices
B. Provide internet access to IoT devices
C. Act as an intermediary for managing protected systems
D. Replace firewalls
C. Act as an intermediary for managing protected systems
What’s the key benefit of out-of-band management compared to in-band?
A. It uses less bandwidth
B. It integrates better with DNS
C. It works even when the primary network is down
D. It requires no authentication
C. It works even when the primary network is down
Which method uses a physical or virtual port to access a device before the network is configured?
A. API
B. GUI
C. Console
D. SSH
C. Console
Which method of device management is vulnerable if the production network fails?
A. API-based
B. Out-of-band
C. GUI
D. In-band
D. In-band
Which type of VPN forces all traffic, including web browsing, through the tunnel?
A. Split tunnel
B. Site-to-site
C. Full tunnel
D. Clientless
C. Full tunnel
