da Flashcards
Microsoft CHAP (MS-CHAP)
Microsoft-enhanced version of CHAP
*Two-way authentication.
*Hashed credential
*Most secure
PAP Sent in the clear
CHAP Hashed credentials
MS-CHAP Hashed credential and most secure
DHCP Relay
Forwards DHCP packets between clients and servers
Types of Hypervisor
VMWare ESXi
Microsoft Hyper-V
VirtualBox
VMWare Workstation
Network Attached Storage (NAS)
Disk storage delivered as a service over TCP/IP
Storage Area Network (SAN)
Specialized LAN that transfers data at block-level with a special protocol
InfiniBand
Virtualaized storage technology that uses a switched fabric topology and features very high throughput and very low latency
Software-Defined Networking (SDN)
Provides an easy to use front end to configure physical and virtual devices throughout the ntework.
Virtual Private Branch Exchange (PBX) and VoIP
Outsources a telephone system by utilizing VoIP to send all data to the provider and then connecting it to the telephone system
Bandwidth Speed Test
Verifies the real-world throughput from a client device all the way out to the Internet and back
iPerf
Tool that measuers maximum achievable bandwidth on an IP network
NetFlow Analyzer
*Monitoring
*Troubleshooting
*In-depth inspection, interpretation and synthesis of traffic flow data
Terminal Emulator
Allows a host computer to access another computer through a command-line interface or a graphical one using either Telnet or SSH
IP Scanner
Used to search for and detect IP addresses and other information related to devices on the network
Network Platform
Refers to any router, switch, or firewall regardless of the brand or manufacturer
Dynamic NAT (DNAT)
Automatically assigns an IP address from a pool and gives a one-to-one translation to access external
Network Address Translation (NAT)
Used to conserve the limited supply of IPv4 addresses
Static NAT (SNAT)
Manually assigns an IP address and gives a one-to-one translation (access external)
Port Address Translation (PAT)
Sharing of one public IP by multiple private IP addresses which gives a many-to-one translation
Multicast Routing
Multicast sender sends traffic to a Class D IP address, known as a multicast group
Access Control List (ACL)
Set of rules applied to router interfaces or FW that permit or deny certain traffic (IP/port/MAC)
In-Band Management
Managing devices through the use of Telnet or SSH protocols over the network
Out-of-Band Management
Connecting to and configuring different network devices using an alternate path or management network
Secure Socket Layer (SSL)
Provides cryptography and reliability using the upper layers of the OSI model, specifically L 5, 6, & 7
Transport Layer Security (TLS)
Provides secure web browsing over HTTPS
Datagram Transport Layer Security (DTLS)
UDP-based version of the TLS protocol, which operates a bit faster due to having less overhead
Access Control List (ACL)
A list of permissions associated with a given system or network resource
Explicit Deny
Blocks matching traffic
Implicit Deny
Blocks traffic to anything not explicitly specified
Wireless Client Isolation
Prevents wireless clients from communicating with one another
Guest Network Isolation
Keeps guests away from your internal network communications
Pre-Shared Key (PSK)
Secures Wireless networks, including those protected with:
WEP
WPA
WPA2
WPA3
Layer 3 Redundancy
Used if the default gateway goes down and clients couldn’t leave the subnet
Multipathing
Creates more than one physical path between the server and its storage devices for better fault tolerance and performance
Delay
The time a packet travels from source to destination
Jitter
Uneven arrival of packets which is especially harmful in VoIP traffic
Drops (packet)
Occurs during link congestion when a router’s interface queue overflows and causes packet loss
Network Performance Monitoring
Monitors the performance from the end user’s workstation to the final destination they are trying to reach
Latency
Time that it takes for data to reach its destination across a network
Jitter
When a time delay in the sending of data packets over a network connection occurs
Full Packet Capture
Captures the entire packet, including the header and the payload for all traffic entering and leaving a network
NetFlow
Defines a particular traffic flow based on the different packets that share the same characteristics
Zeek
*Passively monitors a network like a sniffer
*Only logs full packet capture data of potential interest
Broadcast Storm
Occurs when a network system is overwhelmed by continuous multicast or broadcast traffic
Broadcast Address
Layer2
FF:FF:FF:FF:FF:FF
Layer3
255.255.255.255
Broadcast Domain
A logical division of a computer network where all nodes can reach each other by broadcast at the data link layer
Logical Domain Manager
*Listens to multicast messages
*Keeps track of the MAC address being used
Multicast Flooding
*Switch is not multicast aware and treats multicast as broadcast
*Enable IGMP on multicast aware switches
Host-Based Firewall
Runs on an individual computer or device connected to the network to protect that one device
Network-Based Firewall
Deployed in line with the network traffic flow to monitor and filter incoming and outgoing traffic based on established rule sets
