Core Concept Protocols

Question 1

First Hop Redundancy

Answer 1

Provides redundant gateway services for the LAN.

Is an important part of network failover and disaster recovery

Supported on routers and layer 3 switches

Layer 3 switches share a virtual IP address and a virtual mac address with a standby router

Standby routers picks up the virtual ip and mac address if the active gateway fails

Question 2

First Hop Redundancy Protocols

Answer 2

HSRP Hot Standby Router Protocol
VRRP Virtual Router Redundancy Protocol
GLBP Gateway Load Balancing Protocol
CARP Common Address Redundancy Protocol

Question 3

HSRP

Answer 3

Hot Standby Router Protocol

Allows you to configure two or more routers as standby routers and only a single router as an active router at a time

Establishes a fault tolerant default gateway.

Cisco Proprietary, popular and easy to configure

Question 4

VRRP

Answer 4

Virtual Router Redundancy Protocol

Open Source. Functions similarly to HSRP

Question 5

GLBP

Answer 5

Gateway Load Balancing Protocol

Can present multiple gateways in a single instance and provides load balancing across the gateways

Cisco Propriety

Question 6

CARP

Answer 6

Common Address Redundancy Protocol

Similar to HSRP and VRRP

Question 7

NAT

Answer 7

Network Address Translation

Performed by routers and firewalls

Simplest form, NAT is just a one to one address mapping

Question 8

Static NAT

Answer 8

single specific internet address to a single specific internal address

Question 9

Dynamic NAT

Answer 9

uses a pool of internet addresses to provide to internal devices

Question 10

PAT

Answer 10

Port Address Translation

Tracks the NAT sessions by using random TCP port numbers for each session

Number one use is to translate a group of private addresses into a public address that is routable on the internet

Question 11

SNAT

Answer 11

Source NAT

SNAT is the same as NAT

changes the source address of the packets passing through the router

Question 12

DNAT

Answer 12

Destination NAT

Changes the destination address of the packets passing through the router

Question 13

Port Forwarding

Answer 13

Any traffic arriving on a specific TCP or UDP port will be forwarded to a defined internal host and port

Examples of when to use this, for Web Servers for ports 80 (HTTP) and 443 (HTTPS), for a Mail Server port 25 (SMTP), for an IP camera so it’s not hogging the web port 80

Used to access servers or systems that are behind a firewall

Can restrict allowed network resources for added security

Question 14

DNS

Answer 14

Domain Naming System

Resolves IP (Internet Protocol) addresses based on Fully Qualified Domain Names (FQDN)

Question 15

FQDN

Answer 15

Fully Qualified Domain Name

Identifies the specific server or host at the domain

Question 16

Root Domain

Answer 16

.

Literally a dot, a period whatever you wanna call it. It’s invisible, at the very end of the url, but you can type it and it will bring you to the correct website

Question 17

Top Level Domain

Answer 17

Last part of the website

.com, .gov, .org, .edu

Question 18

Second Level Domain

Answer 18

The name of the website, coming before the top level domain

google.com with google being the second level domain

Question 19

Host Domain

Answer 19

The beginning of the website

www. world wide web
mail. mail.google.com
web. something.com

Question 20

URL

Answer 20

Uniform Resource Locator

Includes the FQDN and protocols such as http, https, and ftp

Question 21

Public DNS Server

Answer 21

Resolves public FQDNs to IP addresses

Free to use DNS server on the public internet

Ex: Google DNS

Question 22

Private DNS Server

Answer 22

Private DNS names are associated with an organization/s private IP Addresses

Not part of the public DNS

Question 23

Split Horizon DNS

Answer 23

Split Brain.

A mechanism for DNS servers to supply different results based on the source

The organization may need the internal DNS lookups for the website to map to an internal private IP address, while DNS lookups from the public internet would map to the public IP address

Question 24

Forward Lookup Zone

Answer 24

Resolves FQDNs to IP Addresses

Question 25

Reverse Lookup Zone

Answer 25

Resolves IP addresses to FQDNs

Question 26

SOA

Answer 26

Start of Authority Record

The authoritative name server for a domain. Only one exists per Forward Lookup Zone

Question 27

NS

Answer 27

Name Server Record

Provides for quick FQDN to IP Address resolution

At least one NS is specified per Lookup Zone. Can have multiple NS records for secondary servers

Question 28

A Record

Answer 28

Host record

Simply and FQDN and an Ipv4 address

Question 29

AAA Record

Answer 29

Host reconrd

FQDN and IPv6 address

Question 30

CNAME

Answer 30

Alias Record

www.example.com == example.com

Question 31

MX

Answer 31

Mail Exchange Record

Used to point to a mail server, needs FQDN and ipv4 address

Usually points to an A Record

Question 32

SRV

Answer 32

Service Location Record

Defines the location of various servers

Not used as much as the rest

Question 33

DDNS

Answer 33

Dynamic DNS

Let’s you use a dynamically assigned public IP address with a public DNS record

Question 34

DNS

Answer 34

Domain Naming System

Resolves FQDNs to IP addresses. Requires static ip addresses

Question 35

SSH

Answer 35

Secure Shell

Command line access to routers, switches, firewalls, and servers

Encrypted session – TCP port 22
More secure than Telnet

Question 36

Telnet

Answer 36

Command line access to routers, switches, firewalls, and servers

Clear text/plain text – TCP port 23

Should be disabled for best practice

Question 37

ICMP

Answer 37

Internet Control Message Protocol

Allows us to test IP connectivity on the network with things like Ping and Traceroute

Echo Reply and Echo Request are part of ICMP

Question 38

FTP

Answer 38

File Transfer Protocol

TCP ports 20 and 21

Connection oriented. Retrieves files from an FTP server on the network. Used to transfer files to routers, switches, firewalls, servers, and hosts

Question 39

TFTP

Answer 39

Trivial File Transfer Protocol

UDP Port 69

Connectionless. Less Reliable. Retrieves files from an FTP server on the network. Used to transfer files to routers, switches, firewalls, servers, and hosts

Question 40

Command Line Tools

Answer 40

Microsoft uses Command Prompt or PowerShell

Mac/Linux uses the Bash Terminal

Question 41

IPCONFIG

Answer 41

Windows

Displays the IP address

ipconfig/all includes the MAC address as well

Question 42

IFCONFIG

Answer 42

Mac/Linux

Displays the IP Address

ifconfig -a displays the MAC address as well

Question 43

Ping

Answer 43

Lets us test layer 3 connectivity to a host via ip address

Question 44

arp

Answer 44

command displays our arp cache

Can enter static arp entries or delete them as well

Question 45

Tracert

Answer 45

Windows

Traceroute – in Linux Mac

Shows us all the hops in a path between the host and the destination ip address

Displays all layer 3 hops between the computer and destination can see all router hops

Question 46

Pathping

Answer 46

Windows and Mac/Linux

Similar to traceroute but also shows more statics about each hop in the path

Question 47

nslookup

Answer 47

Windows and Mac/Linux

Performs a domain name lookup on a host name, finds the ip address of that host name

Question 48

netstat

Answer 48

Windows and Mac/Linux

Lets us view all the currently active TCP/UDP sessions on our host

Question 49

nbtstat

Answer 49

Displays information related to Windows NetBIOS

Windows Only

Question 50

Remote Desktop Access

Answer 50

Allows for logging into a computer’s desktop from a remote location

Remote Desktop Protocol

Microsoft RDP
Remote Desktop Connection (RDP Client)
Remote Desktop Server
VNC
Web-based software - teamviewer

Question 51

VNC

Answer 51

VNC (Virtual network computing) Allows for the same type of service and available for a wide range of operating systems

Question 52

Terminal Emulation Software

Answer 52

Provides an interface for connecting to local consoles ports and SSH or Telnet sessions

Ex: Putty

Question 53

Protocol Analyzers

Answer 53

Capture traffic from a network interface card (NIC) and lets us dissect the contents of Frames and Packets

Ex: Wireshark

Question 54

Looking Glass Sites

Answer 54

Let us check the routing tables and routes on national and global services providers networks

Ex: Troubleshooting connectivity on public internet

Question 55

Troubleshooting

Answer 55

What, Why, How to fix it

Question 56

Troubleshooting Network Layer

Answer 56

Missing route to a specific location, or ip address issues

Question 57

Troubleshooting Physical Layer

Answer 57

Cable of physical connection

Question 58

Troubleshooting Data Link Layer

Answer 58

NIC settings, switchport, speed/duplex mismatch, VLANS

Question 59

Troubleshooting Transport Layer

Answer 59

Firewalls, TCP/UDP ports blocked

Question 60

Troubleshooting Methodology

Answer 60

1-7 points

1. Identify the Problem
2. Establish a Theory of Probable Cause
3. Test the Theory
4. Establish a Resolution Plan + identify Effects
5. Implement the Solution (or Escalate)
6. Verify full system functionality
7. Document all Findings, Actions, and Outcomes

Question 61

1. Identify the Problem

Answer 61

Gather information
Duplicate the problem if possible
Question Users

Question 62

2. Establish a Theory of Probable Cause

Answer 62

Question the obvious
Consider multiple approaches
Top to bottom / bottom to top OSI Model

Divide and Conquer method may be used in this step

Question 63

3. Test the Theory

Answer 63

Once theory is confirmed determine next steps to resolve the issue
If theory is not confirmed, establish a new theory or escalate

Question 64

4. Establish a Resolution Plan + Identify Effects

Answer 64

Identify the possible side effects of the resolution plan

Question 65

5. Implement the Solution (or Escalate)

Answer 65

Implement the solution if you’re able to or escalate to someone who can implement

Question 66

6. Verify full system functionality

Answer 66

Double check the system works as expected
Take Preventative measures where possible
Think: Is there a way we can stop this from happening again?

Question 67

7. Document all Findings, Actions, and Outcomes

Answer 67

If the fix was successful then after documenting the fix you are done

If the fix was not successful, escalate

Question 68

Half Split Method

Answer 68

Divide and Conquer

Divide the circuit or topology in half and test

Continue to divide the failed parts in half until the problem component is identified

Troubleshoot the problem component

Question 69

End to End Connectivity issues

Answer 69

Use tracecroute, the divide and conquer method, and check layers 1-3 in OSI

Question 70

Wrong IP configuration/default gateway issue

Answer 70

Check and update ip settings on the host, layer 2 in osi

Question 71

Misconfigured DHCP issue

Answer 71

Check the DHCP server scope settings, OSI layer 3

Question 72

Duplicate IP Address issue

Answer 72

Track down the hosts with the duplicate ip addresses and update the ip settings, osi layer 3

Question 73

Speed and DUplex Mismatch issue

Answer 73

Check the host NIC and or router/switch interface speed duplex. Hard set the speed/duplex to the correct setting. OSI layer 2

Question 74

Wrong VLAN assignment issue

Answer 74

Check the switch port for correct VLAN assignment, osi layer 2 issue

Question 75

Broadcast storms/switching loop

Answer 75

Check the switch logs for MAC address flapping as that is a sign of a loop. Identify the loop source and disconnect it until a proper fix is in place. OSI layer 2 issue

Question 76

Hardware Failure

Answer 76

Replace device, OSI layer 2 or 3 depending on the device

Question 77

Incorrect router interface or interface misconfigured issue

Answer 77

Identify the network or interface having a problem and check the interface IP configuration and cable placement, OSI layer 3

Question 78

Routing loop issue

Answer 78

User traceroute to identify the loop and check the routing tables, static routes and dynamic routes on the routers. OSI layer 3

Question 79

Simultaneous wired and wireless connections issue

Answer 79

The host needs to be connected to either the wired or wireless network, not both at the same time. OSI layers 1-3

Question 80

Missing IP routes issue

Answer 80

Check the routing tables on the routers involved and ensure there is a route, OSI layer 3

Question 81

MTU / MTU Blackhole

Answer 81

Some network nodes may require larger MTU than the standard 1500 Bytes. Make sure the MTU configured on the routers and switches meets the requirements of the hosts/nodes, OSI layer 2. MTU size settings refer to Frame sizes and Frames work at the data link layer

Question 82

NIC Teaming misconfiguration issue

Answer 82

Identify the machine causing the loop and disable NIC teaming in the OC, OSI layer 1 and 2, NICs function at DAta link layer and physical alyers