Chapter 11 - Advanced Networking Devices

Question 1

PPTP VPN

Answer 1

Point to Point Tunneling Protocol VPN
Creates tunnels between public networks
Now obsolete

Question 2

Type of VPN connection where a single computer logs into a remote network and becomes a member of that network

Answer 2

Host-to-site

Question 3

L2TP VPN

Answer 3

Layer 2 Tunneling Protocol VPN
Developed by Cisco, uses VPN Concentrators
Has no authentication or encryption, so often paired with IPsec

Question 4

Connecting two VPN concentrators to connect two separate LANs permanently, enabling two LANs to function as a single network, sharing files and services as if in the same building.

Answer 4

Site-to-site

Question 5

SSL VPN

Answer 5

Uses TLS (formerly SSL) to establish a secure connection over a web browser rather than using specific software

Question 6

SSL Portal VPN

Answer 6

User is presented with a web page and gains access to anything linked to that page (email, data, other pages, etc)

Question 7

DTLS VPN

Answer 7

Optimize connections for delay-sensitive applications, such as voice and video over a VPN.
After establishing a traditional TLS tunnel, DTLS VPNs use UDP datagrams rather than TCP segments for communication.

Question 8

DMVPN

Answer 8

Dynamic Multipoint VPN
Creates direct connections between multiple locations directly rather than using a central VPN location, which would create bottlenecks
Uses IPsec

Question 9

GRE

Answer 9

Generic Routing Encapsulation
Can pair with IPsec to create a point-to-point connection

Question 10

In-Band Management

Answer 10

Uses the same network for management of network devices and regular user data. Simpler to set up but may be impacted if the network experiences issues.

Question 11

Out-of-Band Management

Answer 11

Involves a separate, dedicated network for management of network devices. Provides a more secure and reliable means of managing devices, especially in critical scenarios.

Question 12

Trunking

Answer 12

Process of transferring VLAN traffic between two or more switches

Question 13

Trunk Port

Answer 13

A port on a switch configured to carry all traffic, regardless of VLAN number, between all switches in a LAN

Question 14

VLAN Assignment

Answer 14

Process in which ports are assigned to a newly created VLAN

Question 15

Tagged Ports

Answer 15

Network ports that carry traffic for multiple VLANs. When a frame leaves a device on a tagged port, it includes a VLAN tag in its header, indicating to which VLAN it belongs.
Typically used in scenarios where a device needs to communicate with multiple VLANs

Question 16

Untagged Ports

Answer 16

Network ports associated with a specific VLAN. Frames leaving or entering through untagged ports do not include VLAN tags

Question 17

VLAN Trunking Protocol (VTP)

Answer 17

Cisco proprietary protocol used to automate the updating of multiple VLAN switches. When you make changes to the VLAN configuration of the server switch, all the connected client switches update their configurations within minutes.

Question 18

interVLAN Routing

Answer 18

The process of connecting separate VLANs through a single router

Question 19

Relay Agent/DHCP Relay

Answer 19

DHCP cannot natively pass IP addresses through a router. When this is configured, the router will pass DHCP messages across the router interfaces. So now we can use a single DHCP server to serve addresses to multiple networks or subnetworks.

Question 20

Cisco implements DHCP relay through a configuration command called ____

Answer 20

IP Helper
Command line- ip helper-address

Question 21

Multilayer Switches

Answer 21

Operates at both Layer 2 and Layer 3. Multilayer switches have the capability to perform routing functions, making them more versatile in handling complex network environments.
Use MAC addresses to forward frames in the same VLAN
Use IP addresses to route between different VLANs or subnets
Can perform interVLAN Routing without the need for an external router

Question 22

Load Balancing

Answer 22

Making a bunch of servers look like a single server, creating a server cluster.
Requests to these servers are distributed evenly so no one server is bogged down while another is idle.

Question 23

DNS Load Balancing

Answer 23

Each DNS server for the domain has multiple “A” DNS records, each with the same fully qualified domain name (FQDN). The DNS server then cycles around these records, so the same domain name resolves to different IP addresses.
When a computer comes to the DNS server for resolution, the server cycles through the DNS A records, giving them out in a round robin fashion.

Question 24

Content Switch/Content Filter

Answer 24

Network device designed to intelligently distribute network traffic based on content, application-layer information, or server health. It operates at Layer 7, making decisions based on information such as URLs, cookies, or application-specific data.

Question 25

QoS

Answer 25

Quality of Service
Policies that prioritize traffic based on certain rules. These rules control how much bandwidth a protocol, PC, user, VLAN, or IP address may use

Question 26

Traffic Shaping

Answer 26

Method of QoS where you control the flow of packets into or out of the network according to the type of packet or other rules

Question 27

Port Bonding

Answer 27

Joining two or more connections’ ports logically in a switch so that the resulting bandwidth is treated as a single connection, increasing speed
Also called Port Aggregation

Question 28

NIDS vs HIDS

Answer 28

Network Based Intrusion Detection System and Host Based Intrusion Detection System
Network Based scans for signatures
Host Based looks for behaviors

Question 29

Port Mirroring

Answer 29

Network management feature that involves copying and forwarding network traffic from one network port (or a set of ports) to another designated port. This is done for the purpose of monitoring or analyzing network traffic without disrupting the normal operation of the network.

Question 30

Proxy Server

Answer 30

Sits in between clients and external servers, and passes requests back and forth. The client computers never touch the outside servers and thus stay protected from any unwanted activity, as well as keeping the client locations hidden

Question 31

Forward Proxy Server

Answer 31

Acts on behalf of clients, getting information from various sources and handing that information to the clients. The sources (servers) don’t know about the clients, only the proxy server

Question 32

Reverse Proxy Server

Answer 32

Acts on behalf of the server, handling requests for clients, which don’t know about the server behind the scenes

Question 33

AAA

Answer 33

Authentication, Authorization, Accounting