ALL THINGS IP

Question 1

SLAAC

Answer 1

STATELESS ADDRESS AUTO CONFIGURATION

IPV6 …device uses the prefix and its own MAC address to create an IP address

Question 2

ccmp

Answer 2

Counter Mode Cipher Block Chaining Message Authentication Code Protocol or CCM mode Protocol is an encryption protocol designed for Wireless LAN products that implements the standards of the IEEE 802.11i amendment to the original IEEE 802.11

Question 3

DHCPv6

Answer 3

Dynamic Host Configuration Protocol version 6 is a network protocol for configuring Internet Protocol version 6 hosts with IP addresses

Question 4

Link-Local

Answer 4

ipv6 fe80:: (like ipv4 apipa)

Question 5

class a

Answer 5

privet 10.0.0.1 255.0.0.0

public 1 to 126

Question 6

csu/dsu

Answer 6

csu network provider

dsu is ethernet side connects to (DTE) “router

Question 7

WPA

Answer 7

RC4 and TKIP

Question 8

vlsm

Answer 8

variable length subnet mask

Question 9

class e

Answer 9

240 to 255

Question 10

smart jack

Answer 10

NIU network interface unit

Question 11

APIPA

Answer 11

169.254.0.0 to 169.254.255.255

Question 12

ipv6 loop back

Answer 12

loopback address is 0:0:0:0:0:0:0:1 or ::1.

Question 13

CIDR

Answer 13

classless interdomain routing

Question 14

class d

Answer 14

224 to 239

Question 15

EUI-64

Answer 15

(Extended Unique Identifier) is a method we can use to automatically configure IPv6 host addresses. An IPv6 device will use the MAC address of its interface to generate a unique 64-bit interface ID. However, a MAC address is 48 bit and the interface ID is 64 bit.

Question 16

ipv6 multicast

Answer 16

ff00::/8

Question 17

class c

Answer 17

public 192 to 223

privet 192.168.0.0 192.168.255.255

Question 18

virtual ip

Answer 18

does not correspond to actual physical device

Question 19

WPA2

Answer 19

AES and CCMP

Question 20

loop back ipv4

Answer 20

127.0.0.1 to 127.255.255.255

Question 21

AES

Answer 21

advanced encryption standard, replaced RC4

Question 22

class b

Answer 22

public 128 to 191

privet 172.16.0.0 to 172.31.255.255

Question 23

RC4

Answer 23

RC4 is a stream cipher and variable-length key algorithm. This algorithm encrypts one byte at a time (or larger units at a time)

Question 24

How many Bytes in a frame

Answer 24

1500 and a minimal 46 bytes of data, even if this means the host has to pad the frame before transmitting it

Question 25

CARP

Answer 25

Common Address Redundancy Protocol (CARP) is an open standard that creates a redundancy group to share an IP address.

Router protocol

Question 26

HSRP

Answer 26

Hot Standby Router Protocol (HSRP) is a Cisco standard similar to CARP.

Question 27

MPLS VPN

Answer 27

Multiprotocol Label Switching Layer 3 (MPLS L3) virtual private network (VPN). This will allow all offices to connect to the same single-routed network and connect directly to the cloud.

Question 28

LACP

Answer 28

Link Aggregation Control Protocol (LACP) is a standard that assigns multiple physical links to a logical interface.

Question 29

Identify the problem.

Answer 29

Gather information.
Duplicate the problem, if possible.
Question users.
Identify symptoms.
Determine if anything has changed.
Approach multiple problems individually.

Question 30

Establish a theory of probable cause.

Answer 30

Question the obvious.
Consider multiple approaches.
Top-to-bottom/bottom-to-top OSI model
Divide and conquer

Question 31

Test the theory to determine cause.

Answer 31

Once theory is confirmed, determine next steps to resolve problem.
If theory is not confirmed, re-establish new theory or escalate.
Establish a plan of action to resolve the problem and identify potential effects,
Implement the solution or escalate as necessary,
Verify full system functionality and if applicable implement preventive measures.
Document findings, actions, and outcomes.

Question 32

Wavelength mismatch

Answer 32

Multi-mode fiber is designed to operate at 850 and 1300 nanometers (nm), while single-mode fiber is optimized for 1310 and 1550 nm. If the wrong wavelength is implemented or a device is added to the network that operates at the wrong wavelength, signal loss will occur.

Question 33

1000BaseLX range

Answer 33

1000BASE-LX can run over both single mode fiber and multimode fiber with a distance of up to 5 km and 550 m, respectively.

Question 34

1000base sx range

Answer 34

between 220 meters and 550 meters

Question 35

DHCP snooping

Answer 35

a security feature configured on switches that acts like a firewall between untrusted hosts and trusted DHCP servers

Question 36

ARP inspection

Answer 36

a security feature on switches that validates ARP packets in a network. It determines the packet validity by performing an IP-to-MAC address binding inspection stored in a trusted database before forwarding the packet to the appropriate destination. All ARP packets with invalid IP-to-MAC address bindings that fail the inspection will be dropped.

Question 37

pptp

Answer 37

(VPN) Point-to-point tunneling protocol, old and out of date, basic encryption not secure,

Question 38

l2tp

Answer 38

(VPN) IPsec encryption, Layer Two Tunneling Protocol.

Question 39

MAC address filtering

Answer 39

a security feature configured on switches that will allow or deny traffic based on the MAC address from which the communication comes.

Question 40

stateful firewall

Answer 40

Dynamic, aware of the state of a connection, do not have to open up a large range of ports to allow communication, no probles with protocols that use multi ports.

Question 41

VLAN assignments

Answer 41

Virtual LANs (VLANs) are assigned to individual switch ports. Devices on the same switch can then be assigned to separate VLANs so that their traffic is isolated.

Question 42

stateless firewall

Answer 42

ACL’s, works fast, Stateless firewalls, however, only focus on individual packets, using preset rules to filter traffic, allow or deny.

Question 43

SSTP

Answer 43

Secure Socket Tunneling Protocol, SSTP is a mechanism to encapsulate Point-to-Point Protocol (PPP) traffic over an HTTPS protocol, great for client to worksite.

Question 44

T1

Answer 44

T1 - 1.544 Mbps, 650 feet maximum cable length, UTP/STP/coaxial cable T1 line is a communications transmission service that uses 2 twisted pair copper wires to transmit and receive data or voice traffic

Question 45

T3

Answer 45

T3 - 44.736 Mbps, 450 feet maximum cable length, coaxial cable

Question 46

E1

Answer 46

E1 - 2.048 Mbps, 650 feet maximum cable length, UTP/STP/coaxial cable

Question 47

E3

Answer 47

E3 - 34.368 Mbps, 450 feet maximum cable length, coaxial cable

Question 48

signature-based IDS

Answer 48

relies upon a database that contains the identities of possible attacks.

Question 49

network-based IDS

Answer 49

is attached to the network in a place where it can monitor all network traffic

Question 50

anomaly-based IDS

Answer 50

detects activities that are unusual

there is an initial learning period before anomalies can be detected. Once the baselines are established,

Question 51

behavior-based IDS

Answer 51

looks for behavior that is not allowed and acts accordingly.

Question 52

IPSEC what is AH

Answer 52

AH does not perform encryption, it is a quicker standard than ESP
AH uses a hash algorithm to compute a hash value on both the payload and header of a packet, ensuring integrity of the packet.
AH provides data integrity, data origin authentication, and an optional replay protection service

Question 53

IPSEC what is ESP

Answer 53

ESP can be used with confidentiality only, authentication only, or both confidentiality and authentication. When ESP provides authentication functions, it uses the same algorithms as AH, but the coverage is different.
ESP is not used to digitally sign packet headers.

Question 54

AH and ESP may be used separately or in combination

Answer 54

An IPsec Security Association (SA) is a simplex (one-way) connection that may be used to negotiate ESP or AH parameters. If two systems communicate via ESP, they use two SAs, one for each direction.

Question 55

IPSEC

Answer 55

IPSec uses encapsulation security payload (ESP) and Authentication header (AH) as security protocols for encapsulation.

Question 56

quarantine network

Answer 56

would be set up in an office for computer and mobile devices that do NOT comply with the network access control (NAC) policies. A NAC server would hold the policies that would control access to the network. If computers or mobile devices did not have the appropriate security controls configured, they would be placed on the quarantine network to isolate them

Question 57

What is another term for a demilitarized zone (DMZ)?

Answer 57

screened subnet

Question 58

Error rate

Answer 58

metric that can be used to tool to indicate the reliability of the network. A segment with a high error rate would be less reliable than a segment with a low error rate. The error rate is usually expressed as a percentage.

Question 59

Utilization

Answer 59

is a measurement of how much of the capacity of the network is being used. For example, a utilization of 40% would mean that 40% of the total capacity of the network is being used.

Question 60

Packet drops

Answer 60

occur when a data package transmitted from one device fails to reach another device, measured as packet loss. Packet loss can be measured with the ping utility. If you add “-n 100” at the end of a ping command, as in ping www.somesite.com –n 100, you will end up with a report that tells you the percentage of packet loss.

Question 61

VNC

Answer 61

Virtual Network Computing, VNC products are widely and freely available for Windows, OS X (MacOS), Linux, Android, iOS, and Chrome. Second, many VNC products are easy to set up and use, interoperate among multiple versions, and work well through corporate and personal firewalls. Of the items listed it is the best no-cost option.

Question 62

MAC filtering

Answer 62

Media Access Control (MAC) filtering allows the administrator to restrict device access to the network based on the MAC address associated with the Network Interface Card (NIC) on that device. The administrator can set up a permission list (filter) on the router where only devices with specific MAC addresses are allowed on the network. A MAC address is uniquely associated with a NIC, and is analogous to a Vehicle Identification Number (VIN) on an automobile. In essence, the MAC address is the serial number of the NIC.

Question 63

802.1X

Answer 63

IEEE 802.1X is an IEEE Standard for port-based Network Access Control (PNAC)

Question 64

EAP

Answer 64

Extensible Authentication Protocol (EAP) is an authentication framework that is used in local area networks (LANs) and dial-up connections. EAP is used primarily in wireless communication for authentication among clients and a wireless LAN.

Question 65

EAP-TLS

Answer 65

(Transport Layer Security) provides for certificate-based and mutual authentication of the client and the network.

Question 66

PEAP

Answer 66

PEAP (Protected Extensible Authentication Protocol) is a version of EAP, the authentication protocol used in wireless networks and Point-to-Point connections. PEAP is designed to provide more secure authentication for 802.11 WLANs (wireless local area networks) that support 802.1X port access control.

Question 67

Rack diagrams

Answer 67

Rack diagrams depict the placement of network equipment, such as routers, switches, hubs, patch panels, servers, and more, in a standard 19”-wide cabinet called a rack. Rack diagrams are particularly useful when planning server rooms and networking closets, as the diagrams allow the engineer to determine the proper placement of equipment prior to the physical buildout. They also serve as a tool to help locate equipment for maintenance or repair.

Question 68

SLIP

Answer 68

Is an older point-to-point protocol that enables the transmission of TCP/IP communications over a serial connection. SLIP only supports TCP/IP, and SLIP does not support error checking or automatic configuration of network protocol parameters. You cannot use SLIP to establish a VPN connection

Question 69

PPP

Answer 69

PPP supports error checking and automatic configuration of network protocol parameters. Multilink PPP is a communications protocol that enables a computer to use two PPP ports to provide greater bandwidth.

Question 70

diversity antenna system

Answer 70

technique that can be used to improve radio communication and maximize the chance of a packet getting through at a given time and in a given position between a receiver and transmitter in a non-static environment.
A diversity antenna system avoids multipath distortion.