Configure and Troubleshooting Networks Flashcards

1
Q

Give all NIC properties.

A

The computer’s network adapter connects to a network appliance
Card settings should be configured to match the network

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Give all Wired Network Cards

A

The Ethernet adapter and switch must have the same media type:
Signaling speed
Half/full duplex
Most will auto-negotiate; can be configured
Most settings can be left at default

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Give all the properties of QoS

A

A network protocol that prioritizes some types of traffic.
Can help ensure real-time applications such as VoIP or video conferences have priority.
QoS is usually configured on managed switches.
May need to enable the QoS protocol on the adapter.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What are all the points of Onboard Network Cards

A

Most computers have a built-in Gigabit Ethernet adapter.
Uses RJ-45 port/twisted-pair cabling.
Check system setup if issues or to disable if installing a plug-in card.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What are all the points of Wireless Network Cards

A

Set up 802.11 standards supported by the access point
The card should support any standard available
Configure Roaming Aggressiveness to adjust for weak signals
Transmit Power is usually set to the highest level by default

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What is Wake on LAN

A

Start computer remotely
A network card is active, and on standby
“Magic packet” starts the boot

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

How do you setup Wake on LAN

A

To set up WoL:
1 Enable WoL in system setup

2 Enable WoL on the adapter

3 Configure a network to send magic packets

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Give all Network Connections in Windows 7 and 8

A

Configure network card with client software and protocol
Use Network and Sharing Center

Access adapter properties
Wired/wireless adapter names vary

Change properties or view status
Configure client, protocol, service
Default bindings include Microsoft clients, IPv4 and IPv6, and link-layer discovery

To join WLAN, select network from the list in the notification area
Can connect automatically
Can configure manually if the network not broadcasting

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What is Network Connection in Windows 10

A

Settings: Network & Internet
Use to access Network and Sharing Center and Network Connections applets

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Give all points of IP Adress Configuration

A

Configure wired and wireless through connection’s Properties
Default is dynamic IP
Can configure a static IP address manually
Select “Obtain an IP address automatically” for DHCP/APIPA
Can set up alternate configuration if desired

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Give all the points of Other Network Connections

A

SOHO router is typical; usually combines several functions
Other connection options include dial-up
Analog modem connects to ISP
Use Set Up a Connection or Network to configure
WAN cellular connects to a cell provider’s network
Can be USB or internal
Install vendor software, and plug-in adapter, and use software to view and configure
VPN tunnels privately through a network
Windows supports several types; can configure in Network Connections
Click the network status icon to access

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Give all the properties of SOHO Networks

A

Business network; may use the centralized server as well as clients.
Often uses a single Internet device for connectivity.
Maybe a home/residential network as well.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Give a full description of Common SOHO Network Hardware

A

DSL or cable modem installed on customer premises.
Bundles several device types: modem, router, switch, and access point.
On DSL, the RJ-11 port connects to the phone jack; the voice/data splitter is usually part of the modern socket.
On DSL, the RJ-11 port connects to the phone jack.
Voice/data splitter is usually part of a modern socket.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Give a description of a SOHO Network Configuration

A

Connect the device to the SOHO appliance to configure.
Access management interface through the browser.
Change the default password!
Follow the wizard interface to configure Internet access.
View line status and system log in the management console.
Helpful for troubleshooting.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Give all the points of the wireless setting

A

Configure wireless settings; most hosts connect wirelessly.
Maybe part of setup wizard; can use management software directly.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

What settings can you adjust in wireless settings

A

Adjust settings as appropriate:
Frequency band (2.4 GHz or 5 GHz)
SSID (the name for WAN)
Security and encryption
Password (pre-shared key)
802.11 mode
Channel/channel width

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

Give a description of DHCP and IP Address Configuration

A

We May need to adjust DHCP server settings
Enabled by default
If you disable it, IP addresses must be assigned manually
Easy for an attacker to determine the scope

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

What are all the points of WPS

A

Simplifies secure access point setup.
AP and all adapters must be WPS-capable.
Pushbutton on device typically causes device and AP to associate automatically over WPA2.
Generates random SSID and passphrase.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

Give all the points of Access Point Placement

A

Correct antenna and access point placement helps ensure a robust network.
AP placement may be constrained by the provider’s cabling location.
Can use extenders.
A site survey can help identify dead zones.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

What is the channel selection

A

In the US, the 2.4 GHz band is subdivided into 11 channels at 5 MHz intervals.
Best to allow 25 MHz spacing for channels in active use.
No more than 3 nearby APs can have non-overlapping channels.
Newer APs detect the least-congested channel at boot; may need to adjust.
Use a spectrum analyzer to find the least busy channels.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

Give all the points of radio power levels

A

Can turn down AP power to prevent war driving.
Need to ensure enough coverage for legitimate users.
It May be exposed to an “evil twin” attack if a rogue AP is detected first.
Increasing power may also cause signal bouncing.
The client must match AP.
Best to allow auto-negotiation.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

What are Wi-Fi security protocols

A

Wi-Fi requires careful security configuration
Media “unguided;” RF scanner can intercept signals
Encryption is crucial
Cipher scrambles message; key decodes the message
Keep key secure

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

The description of a WEP

A

Legacy encryption system based on the RC4 cipher
64-bit or 128-bit key
The flaw in the key production method; easy for an attacker to generate key
Deprecated and should not be used

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

The description of WPA/WPA2

A

Based on RC4
Adds TKIP to fix the security problem
WPA2 developed to meet 802.11i security standards
Use WPA2 whenever possible
If not supported by devices, use WPA

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
Q

Give the description of a wifi authentication personal

A

Based on a pre-shared key generated from a passphrase.
Cannot completely secure distribution of key; on home, the network may not be secure passphrase; all users share key (no accounting); hard to change the key.
Simple setup.
The only choice for WEP; can use WPA/WPA2 on SOHO networks or workgroups.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
26
Q

Give the description of a wifi authentication Enterprise

A

Enterprise mode authentication in WPA/WPA2.
Authentication passed to the RADIUS server.
Suitable for server-/domain-based networks.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
27
Q

Give the description of the SOHO Security Issue: SSID

A

Simple name to identify the WAN
Change default SSID
Do not use personal information
Disable SSID broadcast
Enable encryption

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
28
Q

Give the description of the SOHO Security Issue: Physical Security

A

Restrict physical access to enterprise routers and switches
An attacker with physical access could reset to defaults, gain access

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
29
Q

Give the description of the SOHO Security Issue: Updating Firmware

A

Keep Internet appliance firmware and driver up to date
Make sure power stays on during the update process

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
30
Q

Give the description of the SOHO Security Issue: Static IP Addresses

A

Static IP assignments will not deter a determined attack
Router/modem must have static IP to function as DHCP server/default gateway

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
31
Q

Definition of Quality of Service

A

Quality of Service (QoS): Using a network protocol to prioritize types of traffic

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
32
Q

Give all the properties of latency and jitter

A

Modern networks provide two-way communications (VoIP, video conferencing, gaming).
Standard protocols are sensitive to data loss, not delivery delay (latency/jitter).
Real-time data applications are sensitive to latency and jitter, not packet loss.
Latency: the time for a signal to reach the recipient
Jitter: variation in delay (congestion, configuration problems).
QoS:
Hard to guarantee on the Internet.
Can be deployed on enterprise networks.
On SOHO network, may be able to configure on router/modem.

33
Q

Give a description of the firewall

A

Many types and implementations
Primary distinction:
Network firewall:
Inline on the network
Inspects all traffic
Host firewall:
Installed on host
Inspects traffic to that host

34
Q

What is packet filtering

A

Earliest type; all firewalls capable of this function
Inspects IP packet headers, accepts or drops based on rules
Filtering rules based on:
IP filtering
Protocol ID/type
Port filtering/security
Configure ACL

35
Q

Give the definition of a Host firewall

A

Software on the individual host; may be in addition to the network firewall
Can do packet filtering
Can also grant/deny access based on software programs, services/processes, and users
Two firewalls increase security; more complex to configure and troubleshoot

36
Q

Give a description of a firewall setting: Disabling Ports

A

Only enable required services; can remove service at the host.
You may want service available locally but not on the Internet.
Configure firewall ACL to block the port, or block by the default rule.

37
Q

Give a description of a firewall setting: MAC Filtering

A

Firewalls, switches, and APs can whitelist/blacklist MAC addresses.
Can be time-consuming, but good security option for SOHO networks.

38
Q

Give a description of a firewall setting: Content Filtering /
Parental Controls

A

Blocks websites and services based on keywords, ratings, or classification.
Can restrict times.
ISP-enforced filters cannot distinguish account types.
Filters can also be enforced by OS.

39
Q

Give a description of a firewall setting: Whitelists /
Blacklists

A

Blacklists document URLs known to harbor specific undesired content.
Whitelists document sites that will be accessible even if the filter is applied.

40
Q

Give a full description of NAT

A

All routers/modems use NAT/NAPT
The router has a single public address; clients use local private addresses
The router translates between the Internet and the host
Usually auto-configured
Some protocols may need ALG to open ports dynamically

41
Q

Give a full description of Port Forwarding and Port Triggering

A

Internet hosts only see the router’s public address.
Configure port forwarding/DNAT if running an Internet-facing service on your internal network.
The router transmits Internet requests to a given port to a designated internal host.
Port triggering is for applications using multiple ports.

42
Q

Give a full description of DMZ

A

If the internal server is exposed to the Internet, consider local network security; a compromised server can expose LAN to attacks.
Enterprise networks use DMZ; hosts in DMZ are not trusted by the local networks.
Traffic from Internet cannot access the local network through DMZ.
SOHO vendors’ “DMZ” = LAN computer that receives all Internet communications not forwarded to other hosts.

43
Q

Give all the properties of Universal Plug and Play

A

Users may be tempted to turn off the firewall if the configuration is complex. Services requiring complex configuration can use UPnP to instruct the firewall with the correct configuration.
Does have security vulnerabilities:
Use only if required.
Don’t let UPnP accept Internet requests.
Keep firmware, and security advisories up to date.

44
Q

Give a description of the Windows Firewall

A

Each version has become more advanced
Configure in Control Panel
Can configure exceptions
Use Windows Defender Security Center on Windows 10

45
Q

What are the properties of Windows Firewall with Advanced Security

A

Add-in to basic firewall
Can configure outbound filtering, IPSec, monitoring
Configure in Group Policy on the domain, in management console in a workgroup
Configure inbound and outbound rules as appropriate
Rules can use various triggers

46
Q

What is location-awareness

A

Firewall settings can be applied depending on a connected network.
Displays dialog when a new network is detected.
Set location (Home, Work, Public, Domain).
Use Network and Sharing Center to change location.
In Windows 8/Windows 10, networks are either public or private.
Change using the Settings app

47
Q

Give a description of Browser Configuration

A

Browser is very important software, for browsing and as an app interface.
Internet Explorer has been dominant, but other browsers have similar configurations.
General settings include home pages, browsing history, etc.
Clear browsing history on public computers.
Check or set the default browser
Manage add-ons
Various advanced settings and options
Resetting the browser
Privacy settings control the use of cookies
Text files containing session data
Configure pop-up blocker
Security settings protect the system from malicious content on web pages.
In Windows, configure by security zone.
Configure proxy:
User machines send requests to the proxy server, which sends them to the Internet.
May also perform caching for improved performance.
Use LAN Settings to configure the proxy address.

48
Q

Give the browser configuration connections.

A

Configure connections:
Dial-up
Router

49
Q

Explain Remote desktop

A

Allows the user to connect to a desktop remotely
Desktop machine = terminal server; connecting machine = Windows terminal
Good for homeworkers
Can also be used for troubleshooting
TCP port 3389

50
Q

Explain Remote Assistance

A

Allows the user to request help from a technician
The helper can join user sessions and take control of the desktop
Port assigned dynamically from ephemeral range; intended for local support, not to pass through firewalls

51
Q

Give a full description of Remote Settings Configuration

A

Remote Assistance is allowed by default; Remote Desktop is not
Configure in System Properties/Remote Settings
Choose RDP client options, including NLA
RDP authentication/session data is always encrypted
Define which users can connect remotely (local or domain accounts)

52
Q

Explain Remote Credential Guard

A

Remote Desktop credentials are vulnerable on machines compromised by malware.
RDPRA Mode and Remote Credential Guard mitigate this risk.

53
Q

Explain the Remote Assistance Process

A

Remote Assistance request placed with Remote Assistance tool (file, email, or Easy Connect).
The helper opens the invitation file and waits for the user to accept the offer.
Remote Desktop window and chat tool open.
Remote Assistance session encrypted, same as RDP.

54
Q

Fully explain the remote desktop process

A

Open via the Communications menu in Accessories or by typing mstsc at a command prompt.
Enter the server’s computer name or IP address to connect.
You will need to define logon credentials.
Use the format ComputerOrDomainName\UserName
No one else can use the target system while in remote mode.

55
Q

What are the remote access technologies

A

Remote Desktop and Remote Assistance are Microsoft technologies.
Can connect from Linux, macOS, iOS, or Android to Windows RDP server using mstsc client.
Use other protocols and software for incoming connections to non-Windows devices.

56
Q

Explain Telnet fully.

A

Command-line terminal emulation protocol and program
The host runs Telnet Daemon on TCP port 23
The client uses the Telnet program
Once connected, can use the same commands as the local user
Common commands: open HostPort; ?; status; close; quit
Troubleshooting for SMTP or HTTP
Remote router or switch configuration

57
Q

A full description of SSH

A

Replaces unsecure administration and file copy programs (Telnet, FTP)
Uses TCP port 22
Encrypts each session
Many commercial products
SSH servers identified by public/private key pairs
SSH clients can keep mappings or use commercial SSH key management products

58
Q

Explain SSH authentication

A

The server’s host key is used to set up a secure channel for SSH client authentication
Various authentication methods are possible; can be enabled/disabled as needed:
Username/password
Kerberos
Host-based
Public key

59
Q

Give all the points of Screen Sharing and VNC

A

In macOS, use Screen Sharing for remote desktop
Based on VNC
Can use any VNC client
Encrypted
VNC itself is a freeware
Similar to RDP
TCP port 5900
Freeware versions have no connection security
Commercial products include encryption solutions

60
Q

Explain File Share

A

Network file sharing can be complex (file sharing protocol; permissions; user accounts)
Vendors offer simple file sharing options:
AirDrop (Apple iOS/macOS)
NearShare (Microsoft)
Third-party and open-source alternatives
Products include security, but always the potential for misuse
Only accept requests from known contacts
Security vulnerabilities may allow unsolicited transfers

61
Q

Give all the ways of Common Wired Network Connectivity Issues and how to troubleshoot them.

A

Rule out hardware-layer connectivity (cable connection)
Troubleshoot wired connectivity:
Test with ping
Verify patch cord between host/panel and panel/switch
Connect a different host
Verify network adapter link properties
Connect to a different port
Check the switch (if multiple users)
Use cable testing tools
Troubleshoot slow transfer speeds:
Check network adapter driver configuration
Check to set for a switch port
Check for:
Switch or router congestion or network-wide problem
Adapter driver issues
Malware
Interference in network cabling

62
Q

Give all the ways of Common Wireless Network Connectivity Issues and how to troubleshoot them.

A

Consider problems with physical media, and configuration:
RF signal weakens with distance
Check security and authentication configuration
Configuration issues:
If in range, check SSID mismatch or SSID broadcast
Standards mismatch
Dual-band support
Low RF/RSSI
Signal issues:
Channel interference
Signal blocking
Use a Wi-Fi analyzer such as inSSIDer to perform a site survey
A site survey can:
Identify sources of interference problems
Measure signal strength
Identify congested channels

63
Q

Describe IP configuration issues and how to resolve them, and also give the switches.

A

If the host IP configuration is incorrect it will not be able to communicate
View adapter status in Windows
Use ipconfig at the command line
Typical switches:
/all
/release
/renew
/displaydns
/flushdns

64
Q

What is the process of using ipconfig

A

Use ipconfig to test adapter configuration:
Static or DHCP? If DHCP, correct parameters?
If the configuration is correct, check for:
Communication with DHCP server
Configuration with DHCP server
Multiple conflicting DHCP servers
On Linux, use ifconfig; some different functionality

65
Q

Describe IP Connectivity issues and all connectivity tests

A

If the link and IP are correct, the problem may be in network topology.
Test connections by trying to use resources (but doesn’t eliminate application fault).
Use other connectivity tests:
Ping
DNS testing
IP conflict

66
Q

Give all connectivity tests that can be done and what will the outcome be.

A

Use ping to test communications.
Ping loopback, workstation, default gateway, remote host.
If successful, reply with time in milliseconds.
If unsuccessful:
Destination unreachable
No reply (request timed out)

Test DNS:
Ping DNS names.
Try reverse lookup.
Troubleshoot IP conflicts:
Possible configuration error due to static assignment.
Windows disables IP.
Identify affected machines and resolve duplicates.

67
Q

How do you deal with routing issues and what will occur?

A

Use tracert to investigate routing problems
Command will time out if the host not located
Will list:
Router hops
Ingress interface
Response time
Asterisk if no response

68
Q

What are the points of unavailable resources

A

If not with cabling, switches/routers, or IP, the problem is at a higher layer
Failures possible in:
Security
Name resolution
Application/OS
If Internet access or local resources are unavailable, establish the scope by trying a different client:
If works, problem with 1st client
If fails, the problem is with the server, device, or infrastructure

69
Q

How do you troubleshoot internet availability

A

Troubleshooting Internet availability:
If “No Internet access” message, no working Internet connection
Check local PC settings
Check ISP’s service status page/helpline
Restart modem/router
Suspect security issue (misconfigured proxy, firewall blocking host)

70
Q

How do you perform a reset

A

Performing a reset:
Restart server as a stock response to persistent problems
Restart application
Run Windows network troubleshooter
Reset the network stack
Windows 10: Network & Internet > Status
Windows 7/8: Network Adapter troubleshooter or command-line tools
Remove network adapters and reboot; update all network settings

71
Q

How do you investigate open ports and connections? What are the switches?

A

Use netstat to investigate open ports and connections
Use –a, -b, -n switches
Linux has a slightly different utility

72
Q

What is nslookup

A

Use nslookup to investigate name resolution problems
nslookup -Option Host Server
Query a different name server and compare your results

73
Q

Explain the Internet of Things

A

A global network of devices equipped with sensors, software, and network connectivity.
Devices can communicate and pass data M2M.
“Things” identified with unique numbers/codes.

74
Q

Definition of Bluetooth
Bluetooth Low Energy

A

Radio communication speeds up to 3 Mbps; v3 or v4 up to 24 Mbps
The maximum range of 10 m/30 ft (signal strength weak at max. distance)
Used in many portable/wearable devices
Pairing procedure
BLE version for low-powered devices that transmit infrequently

75
Q

Definition of Z-Wave

A

Wireless protocol for home automation
Mesh topology over low-energy radio waves
Can configure repeaters up to four “hops”
High 800-low 900 MHz range; runs for years on battery power

76
Q

Definition of ZigBee

A

Similar to/competitive with Z-Wave
2.4 GHz band
Up to 65,000 devices in a single network (232 for Z-Wave); no hop limit

77
Q

Definition of RFID and NFC

A

Tagging and tracking devices with radio-frequency tags
NFC: peer-to-peer version of RFID

78
Q

How do you configure IoT on a device?

A

IoT functionality in home automation/smart home devices
To interoperate, devices must all share protocol (i.e., Z-Wave or Zigbee) and be compatible with the same virtual assistant/hub
Endpoint devices (thermostats, light switches, etc.)
Smartphone control (using Wi-Fi, Bluetooth, NFC)
Smart hub control (Z-Wave, Zigbee, Wi-Fi, Bluetooth, NFC)
Dedicated hub from vendor
Generic smart speaker/digital assistant

79
Q

Give a description of digital assistants

A

Voice interface responding to natural language
Smartphones, computers, smart-speaker hubs
Back-end server processing; raises privacy/security concerns
Google Assistant
Amazon Alexa
Apple Siri
Microsoft Cortana
The device may require “training” to recognize and respond to the user’s voice