Advanced Networking Devices

Question 1

an encrypted tunnel between a computer or remote network and a private network through the Internet

Answer 1

virtual private network (VPN)

Question 2

a virtual cable created in a VPN in which VPN software on the client creates a virtual NIC and creates a local IP address along with the IP information of a local network; that first IP address allows it to connect to a private network; the “cable” connects the client to a VPN server

Answer 2

VPN tunnel

Question 3

an advanced version of PPP for VPNs; the server endpoint is an RRAS program; when the remote computer connects to the server, the protocol creates a secure tunnel through the Internet to the private LAN; every OS has a program that supports this protocol; for security, this protocol uses autentication and encryption

Answer 3

Point-to-Point Tunneling Protocol (PPTP)

Question 4

remote access server program on a Windows server for VPN connections

Answer 4

Routing and Remote Access Service (RRAS)

Question 5

VPN protocol that combines PPTP and L2F and adds the ability to run a VPN on almost any connection, such as Ethernet, telephone, and optical connections; the server is a VPN concentrator; Cisco provides free client software to connect to the Cisco VPN; does not use encryption or authentication, relying on IPSec for all its security needs; every OS’s VPN client supports these VPNs

Answer 5

Layer 2 Tunneling Protocol (L2TP)

Question 6

Cisco protocol used in the L2TP VPN protocol

Answer 6

Layer 2 Forwarding (L2F)

Question 7

the VPN-capable router used in an L2TP connection rather than a VPN server program

Answer 7

VPN concentrator

Question 8

a VPN that offers advantages over Data Link or Network based VPNS since they don’t require special client software; clients connect to the server using a Web Browser, with traffic secured by TLS

Answer 8

SSL VPN

Question 9

SSL VPN where the client accesses the VPN via a secure Web page

Answer 9

SSL portal VPN

Question 10

SSL VPN where the client runs some kind of active control (ex. Java) through the Web browser; much greater access than portal VPN, and is more like a typical host-to-site connection; need sufficient permissions

Answer 10

SSL tunnel VP

Question 11

VPN that uses UDP datagrams through a TLS tunnel rather than TCP segment for delay-sensitive applications like voice over VPN; ex., Cisco AnyConnect…

Answer 11

Datagram TLS (DTLS) VPN

Question 12

VPN that enables direction VPN connections between multiple locations rather than having traffic pass through a central location

Answer 12

dynamic multipoint VPN (DMVPN)

Question 13

VPN that uses Ipsec tunneling, such as Cisco IOS Easy VPN

Answer 13

IPSec VPN

Question 14

protocol that is paired with IPSec for encryption in some VPNs

Answer 14

Generic Routing Encapsulation

Question 15

form of managed device configuration where configuring is done through a dedicated port that is connected to a segregated switch

Answer 15

out-of-band management

Question 16

a router with out-of-band management capabilities, like management URL?, modem connection, and console port

Answer 16

console outer

Question 17

process of transferring VLAN traffic between two or more switches

Answer 17

trunking

Question 18

a configuration port on each switch in a VLAN-enabled network that sends/receives all traffic between the switches

Answer 18

trunk port

Question 19

the VLAN designation for a trunk port

Answer 19

native VLAN

Question 20

VLAN that is based on ports

Answer 20

static VLAN

Question 21

VLAN that is based on MAC Addresses; never used today

Answer 21

dynamic VLAN

Question 22

a vulnerability of native VLANs that lets an attacker access VLANs that they shouldn’t; modern network now set the native VLAN to an unused VLAN

Answer 22

double-tagging attack

Question 23

proprietary Cisco protocol that automates the updating of multiple VLAN switches; changes on the server are reflected on the client switches, while “transparent” switches hold their configuration

Answer 23

VLAN Trunking Protocol (VTP)

Question 24

tool offered with VTP for minimizing broadcast traffic

Answer 24

VTP pruning

Question 25

interVLAN routing configuration where a single router interface connects to multiple VLANs on a switch

Answer 25

router-on-a-stick

Question 26

setting on a router that, when enabled and configured, will allow the router to pass DHCP traffic across the router interfaces; ports 67 and 68

Answer 26

relay agent/DHCP relay

Question 27

Cisco proprietary configuration command that enabled DHCP relay, as well as relay for other protocols

Answer 27

IP helper (ip helper-address)

Question 28

the act of making a bunch of servers acts as a single server, creating a server cluster

Answer 28

load balancing

Question 29

form of load balancing where a single FQDN corresponds to multiple “A” DNS records; when a computer comes to DNS server for resolutions, the server cycles through these records

Answer 29

DNS load balancing

Question 30

method of QoS implementation where one controls the flow of traffic through the network based on criteria, such as guaranteeing a devices an amount of bandwidth or limiting HTTP usage

Answer 30

traffic shaping

Question 31

feature of many switches and devices where multiple ports are treated as a single connection; are outgoing cables must connect to the same device, which must support the logical joining of ports

Answer 31

port bonding/link aggregation/NIC bonding/NIC teaming/port aggregation

Question 32

the Cisco protocol for accomplishing link aggregation

Answer 32

Port Aggregation Protocol (PAgP)

Question 33

implementation of link aggregation?/protocol

Answer 33

Link Aggregation Control Protocol (LACP)

Question 34

and IDS consisting of sensors placed around a network, sometimes on both sides of the gateway; also called signature-based IdS

Answer 34

network-based IDS (NIDS)

Question 35

collection of signatures of known malware for use by anti-malware software

Answer 35

definition file

Question 36

software running on individual systems that monitors for events like system file modification or registry changes; also called behavior-based IDS

Answer 36

host-based IDS (HIDS)

Question 37

the ability of some switches to copy data from any or all physical ports to a single physical port

Answer 37

port mirroring

Question 38

proxy server that acts on behalf of clients, where the servers don’t know about the clients

Answer 38

forward proxy server

Question 39

proxy server that acts on behalf of servers; clients contact it, it gathers info from the servers, and the clients don’t know about the actual servers

Answer 39

reverse proxy server