Dion Network+ Flashcards
Wi-Fi Standard is IEEE
802.11 (remember i and i being .11)
Ethernet Standard is IEEE
802.3 (ethernet is three)
Data in OSI model
Do * 3
Some
People
Fear
Birthdays
Do * 3
Some
People
Fear
Birthdays
Data
Segments
Packets
Frames
Bits
MAC Address in Data Link Layer controls
The address
LLC (Logic Link Controller) in Data Link controls
data flow and some error control
ICMP (Internet Control Protocol) is at which layer
Network
Router is at which layer
Network
Multi layer switch is at which layer
Network
Switch is at which layer unless told
Data link
H.323/RTP/NetBIOS at which layer
Session
Data formatting and encryption at which layer
Presentation
UDP data is called
Datagram
TCP data is called
Segments
Default frame in MTU
1500
Jumbo Frame in MTU
9000
We add source and destination ports at layer
4 (Transport)
We add our source and destination IP addresses at layer
3 (Network)
We add our source and destination MAC addresses at layer
2 (Data Link)
Windowing is done by which protocol
TCP
Ping is a command in which protocol
ICMP
ICMP is used for
network diagnostic and error reporting tool
Port 80
HTTP
Port 443
HTTPS
HTTPS uses which tunnels
SSL or TLS
SMTP (Simple Mail Transfer Protocol) uses port
25
SMTPS on which port
Secure version 587
SMTP on sends
emails
FTP is on ports
20 - actual data transfer 21 - sending control command
SFTP is secure FTP and is on port
22
SFTP is an FTP protocol through an
SSH connection
(TrivialFTP) TFTP is a simpler version of FTP on port
69
SMB is to read and write to servers on port
445
SMB is used in a LAN not across the
internet
Secure Shell (SSH) used for secure remote login over an unsecure network and is on port
22
SSH is for encrypted tunnel for text based
commands
SIP (Session Initiation Protocol) is on port
5060 / 5061
Remote Desktop Protocol (RDP) is on port
3389
Telnet is on port
23
DHCP is on port and (TCP or UDP)
67\68 and UDP
SQL for microsoft is port
1433
LDAP over SSL (LDAPS) is on port
636
DNS is on port
53 and TCP
Syslog is on port
514
SNMP (Simple Network Management Protocol) is for
controlling network devices
SNMP managers use port
161
Lightweight Directory Access Protocol (LDAP) is on port
389
SNMP agents use port
162
NTP (Network Time Protocol) is on port
123
CAT 5 speed
100 (for all)
CAT 5e (enhanced) speed
1000Mbps/1 Gbps (*10)
CAT 6 speed
1Gbps
10Gbps if 55 meters or less
CAT 6a speed
10Gbps for 100meters
CAT 8 speed
40Gbps for 30 meters
RG-6 cable is used for
cable modem
Coaxial cables speeds
1Gbps for 300 meters
DAC cables speeds
active 100 Gbps at 15 meters
passive 100 Gbps at 7 meters
Twinaxial cables (better) are used for
SFP+ and QSFP between routers or switches
Twinaxial cables speeds
10G for 100m
100G for 7m
Plenum cables (fire resistant) used in what space
roof
Cable Speeds start with CAT 5 and go up by a factor of 10
CAT 5 (100Mbps), CAT 5e (1Gbps), CAT 6 (same but 10Gbps at 55m)
CAT 6a (10Gbps at 100m), CAT 8
Cabling standard 568B colouring (straight Through)
eg switch to computer
a cable for a switch to a swtich is
a crossover cabel
MDIX simulates the crossover for a cable for exam
don’t assume
CAT cabling Mnemonics for 568B
We Only Order Great Burgers While Guests Bring Beer
We Only Order Great Burgers While Guests Bring Beer (568B)
White-Orange, Orange, White-Green, Blue, White-Blue, Green, White-Brown, Brown
Single-mode Fiber (SMF) optical cable colour
Yellow
Multi-mode Fiber (MMF) optical cable colour
Aqua blue or orange
Subscriber Connector (SC) optical nick name
Stick and click (square shape)
Lucent Connector (LC) optical smaller nick name
Love connector
Mechanical Transfer-Registered Jack (MTRJ) how many fibers
Two
Straight Tip Connector (ST) nick name great outdoors
stick and twist like BNC
Media converters and transeivers are which layer devices
Physical
Multi-Fiber Push on (MPO) have multiple what
Fibers
2.4GHz channels to be used
1 6 11
5 GHz has how many channels
24
5 GHz uses is based on the WiFi standard
802.11
802.11h wireless standardhas the features
Dynamic Frequency Selection (DFS) - looks for radar signals
Transmit Power Control (TPC) - minimum power consumption
802.11a specs
5GHz speed 54Mbps range 35m
802.11b specs
2.4GHz speed 11 Mbps range 140m
802.11g specs
2.4 GHz speed 54 Mbps range 140m
802.11n specs
5GHz speed 600 Mbps range 35m
802.11ac specs
2.4 and 5GHz speeds 1.3 Gbps
802.11ax specs
2.4, 5, and 6 GHz speed 9.6Gbps
802.11 2.4Ghz wireless which letters
b, g, n, ax
802.11 5GHz which letters
a, n, ac, ax
802.11 6GHZ which letters
ax
802.1X security for WiFi
different user logins
WPA uses which vector
TKIP very wea
WEP is associated with which term
InitializationVector (IV)
WPA is associated with the terms
TKIP and RC4
WPA2 is associated with the terms
CCMP and AES
WPA3 is associated with the term
SAE
Class A 255.0.0.0 first octet
1-127
Broadcast Storm
Multiple copies of frames being forwarded back and forth which then consumes the network
Network Access Control (NAC) is a
method for increasing the security of a given network by inspecting devices trying to connect to a network.
802.1x Authentication provides an
authentication framework for metworks and ensures only authenticated users can access network services
RADIUS server performs what function
Authentication
MTU default size for ethernet is
1500
Class B subnet mask 255.255.0.0 first octet public
128-191
Class C subnet mask 255.255.255.0 first octet public
192-223
Class D multicast first octet public
224-239
Class E first octet public
240-255
Private IP Class A Starting Value 10 what is range
10.0.0.0 -10.255.255.255
Private IP Class B Starting value 172.16 - 172.31 what is the range
172.16.0.0 - 172.31.255.255
Private IP Class C Starting value 192.168 what is the range
192.168.0.0 - 192.168.255.255
Loopback IP is Address
127.0.0.1
APIPA - automatic Private IP address range is (when DHCP cannot give IP address)
169.254.0.0 - 169.254.255.255
DORA stands for
Discover
Offer
Request
Acknowledge
DHCP assigns what
IP Address
Subnet mask
Default gateway
DNS/WINS server
RADIUS uses which protocol
UDP
RADIUS uses ports
1812 and 1813
IPSec provides security for what type of network
VPN
Kerberos uses a system of tickets to allow nodes to communicate over a non-secure network and securely prove their identity. NA
NA
APIPA address starts with
169
MTTR stands for
Mean Time to Repair
RTO stands for
Recovery time objective
RPO stands for
Recovery Point objective
MTBF stands for
Mean Time between failures
Crossover cables are used to connect two of the
same device together
CDA in three-tier hierarchical model stands for
Core Distribution Access
7 step syslog severity letters
E ACE WN ID
E ACE WN ID stands for
Emergency
Alert
Critical
Error
Warning
Notice
Information
Debugging
VTP transparent mode Virtual Switch is what?
VTP Transport mode does not synchronize VLAN configuration information with other switches. VTP advertisements when received are not applied to the VLAN database. This mode is used when you want to make the switch independent from current vlan structure. This mode has lowest impact when adding new switch to your switching topology.
SFP+ (Small Form-Factor Pluggable Plus) speeds
10Gbs
What is the purpose of a pointer (PTF) DNS record?
Maps an IP address to a hostname
Public IP Class A range
1-127
Public IP Class B range
128-191
Public IP Class C range
192-223
FTP and SMTP operate at which level of OSI
Application
IP is at which OSI level
Network
NFV, NSG and NSL stand for
Network functions virtualization, Network Security Group, Network Security Lists
A dual stack set up is running
IP4 and IP6 at the same time.
NSL (Network Security List) are associated with which part of the network
Infrastructure components eg load balancers
TLS is the protocol being used when SSL is omplemented and they stand for
Transport Layer Security and Secure sockets layer
NSG (Network Security Groups) control inbound and outbound traffic and act as virtual what?
Firewalls
the order of DHCP options from class, scope, server, reserve client
reserve client, class, scope, server
Forward DNS zone maps
domain names to IP addresses
Reverse DNS Zone have what types of records
pointer
FQDN stands for
Fully Qualified Domain Name
Structure of FQDN
Hostname, Domain Name, Top-Level Domain (TLD)
Purpose of a VPN concentrator
to terminate the VPN tunnels
RADIUS provides
centralized remote user authentication and accounting and also supports 802.1x port-based authentication
PAT (Port address translation)
able to share a single IP address amoung multiple computers
For IaC the following terms Playbooks/templates/reusable tasks, configuration drift/compliance, upgrades, and dynamic inventories are matched with
Automation
For Iac the following terms version control, central repository, conflict identification, and branching are matched with
Source control
Reverse Zone DNS lookup
IP addresses back to hostnames
Forward Zone DNS lookup
domain names into IP addresses
IPAM (IP address management) allows
integration of DNS and DHCP so that each is aware of changes in the other.
Port for POP3
110
DNS records to enter DKIM or SPF are what file type
TXT
801.q standard is used for
VLAN
802.1d standard is used for
STP (Spanning tree protocol) uses BPDU
802.1af standard is used for
POE
802.1x standard is used for
network authentication protocol
ISAMKP is a
Key management protocol
SAML is used in
SSO
RDP is on port and is on TCP or UDP
3389 TCP
OSI Level for Bridge
2
OSI Level for Switch
2 or 3
OSI Level for firewall
3 to 7
OSI Level for Hub
1
Is OSPF a classless protocol
Yes
Cabling Base-T are what type of cable
copper
Cabling Base-S is it single or double
Remember S is not single
802.3ad is for which protocol
LACP (Link Aggregation Control Protocol)
MIMO is what?
MIMO uses multiple antennas for transmission and reception,
Is a high signal to noise ratio good on a wireless network?
Yes
Which cables to swap for CAT wiring from B to A
orange to green
Split Horizon is in which protocols
RIP (Routing Information Protocol) and EIGRP (Enhanced Interior Gateway Routing Protocol).
RCF 919 is a method for
Broadcasting internet datagrams
AUP stands for
Acceptable use policy
HSPA+ (Evolved High-Speed Packet Access) and EV-DO (Evolution-Data Optimized) are mobile broadband technologies designed to provide high-speed internet access for cellular networks. Both emerged during the era of
3G
Routing Protocols
RIP (Routing Information Protocol) is primarily used within a single autonomous system and is less suitable for inter-domain routing.
EIGRP (Enhanced Interior Gateway Routing Protocol) is an interior gateway protocol designed for use within a single autonomous system.
OSPF (Open Shortest Path First) is an interior gateway protocol used within a single autonomous system, not for inter-domain routing.
BGP (Border Gateway Protocol) is designed for inter-domain routing between different autonomous systems, making it suitable for large-scale enterprise networks with diverse routing domains.
Captive portals usually rely on 802.1x, and 802.1x uses
RADIUS for authentication.
VRRP stands for
Virtual Router Redundancy Protocol (VRRP) allows for automaƟc assignment of available routers to
participating hosts, ensuring conƟnuous network availability even if one router fail.
First Hop Redundancy Protocol (FHRP) is a general term for protocols like VRRP that provide the
ability to automaƟcally failover to a backup router in case of the primary router failure, minimizing
downtime and maintaining network resilience.
LLDP is
LLDP: A vendor-neutral protocol used to discover and share information between network devices,
such as identity, capabilities, and neighbors.
Usage: Helps in identifying network topology, troubleshooting connectivity issues, and
ensuring proper network configuration.
CDP is
CDP: A Cisco-proprietary protocol similar to LLDP, specifically used in Cisco networks to share
information about directly connected Cisco devices.
QoS operates at which OSI levels
2 and 3
Multicasting is
one to many (subscriber)
Unicast is
one to one
Broadcast is
One to all
Anycast is
sent to nearest receiver on same IP
Optical cable Multi mode distance (long/short)
short
Optical Cable Single mode distance (long/short)
Long
Voltage for data centers
208V
IPv6 address of ::1
loopback
nmap -o (with IP) does?
operating system detail of the target server.
Anycast can only be used on IPv?
6
show interface command does?
This command provides comprehensive details about the operational state of the interface, including its bandwidth, duplex mode, MAC address, IP address, input/output errors, and drops.
TACACS+ was developed as a proprietary protocol by Cisco. Kerberos is a network authentication protocol designed
to provide strong mutual authentication for client/server applications using secret-key cryptography developed by MIT.
nmap -sT does
initiates a TCP connect scan.
Hot Standby Router Protocol (HSRP)
Allows for active router and standby router
WAN circuit switched ratio (eg one to one)
one to many
WAN packet switched ratio is eg one to one
many to many
WAN frame relay
many to one
NAT64 allows
IPv6-only devices to access IPv4 resources
FCoE (Fibre Channel over Ethernet) network throughput, provided all network devices recognize their specific frame size. What is the frame size?
Jumbo frame
captive portals are implemented by using
an HTTP redirect, an ICMP redirect, or a DNS redirect
What metric does OSPF use for route selection?
cost
LACP
Link Aggregation Control Protocol
nmap -p
scans the post and the computer listed
eg
20, 80, 445 10.245.20.1
OSPF (Open Shortest Path First) calculates the shortest path using
the Dijkstra algorithm,
EIGRP uses the Diffusing Update Algorithm (DUAL)
to achieve rapid convergence and ensure that routing is loop-free and reliable.
LLDP
protocol used for dynamically discovering and advertising capabilities of network devices on a local area network.
HIDS is a
host-based intrusion detection system
Broadcast only works on IPv?
4
MIB in SNMP is
The management information base (MIB) is a translation file that is used to describe the structure of the management data of a device subsystem using a hierarchical namespace containing object identifiers (OID).
IaC branching is
in version control systems allows developers to work on different features or fixes in isolation
what does the application layer within software-defined networking do?
focuses on the communication resource requests or information about the network
what does the Management layer within software-defined networking do?
is used to monitor traffic conditions, the status of the network, and allows network administrators to oversee the network and gain insight into its operations.
what does the control layer within software-defined networking do?
uses the information from applications to decide how to route a data packet on the network and to make decisions about how traffic should be prioritized, how it should be secured, and where it should be forwarded to.
what does the infrastructure layer within software-defined networking do?
contains the physical networking devices that receive information from the control layer about where to move the data and then perform those movements.
Native VLANS use tagged or untagged traffic?
untagged
The Rapid Spanning Tree Protocol (RSTP) achieves faster convergence compared to the original Spanning Tree Protocol (STP) through the use of
point-to-point links.
nmap -sU
UDP
nmap -sT
TCP
nmap -sV
version
RADIUS, TACACS+, and PAP are all protocols that contain known vulnerabilities that would require
additional encryption to secure them during the authentication process.
Which of RDP and VNC (Virtual Network Computing) have security
RDP
IMAP is on port
143
IMAP over SSL is on port
993
Transport layer security (TLS) can be used to encapsulate
frames or IP packets.
Authentication header (AH) protocol performs
a cryptographic hash on the whole packet, including the IP header, plus a shared secret key, and adds this secret in its header as an Integrity check value (ICV).
Encapsulating security payload (ESP) provides
(it attaches fields) confidentiality and/or authentication and integrity. It can be used to encrypt the packet rather than simply calculating a hash.
Internet protocol security (IPSec) can be used to secure
IPv4 and/or IPv6 communications on local networks and as a remote access protocol.
Generic Routing Encapsulation (GRE) Tunneling protocol allows the transmission
of encapsulated frames or packets from different types of network protocol over an IPv4 network.
(CSMA/CA) stands for
Carrier Sense Multiple Access with Collision Avoidance
(CSMA/CD) stands for
CSMA with Collision Detection
Multimode fiber is inexpensive to deploy compared to single-mode fiber. As such, it does not support long distances as single-mode. Uses what light source
LED
the small form-factor pluggable (SFP) uses what connector
LC small connector
(QSFP) cable stand for
Quad small form-factor pluggable
Cable distances: SR, SX, FX, LX
300m, 300m, 2km, 5km
Cable distance Twinaxial (10Gb), 10GBASE-LR, 10BASE-T (twisted pair)
5-10m, 10km, 100m
The Fibre Channel connects storage area networks using 3 main types of components:
the initiator
the target
the Fibre Channel switch.
The initiator is the client device of the SAN. The target is the network port for a storage device. The Fibre Channel switch, sometimes referred to as a director, provides the connections between the initiator and the target.
(APC) are a connector stands for
Angled physical contact
The ultra physical contact (UPC) fiber connector defines
that the cable and connector are polished to the highest standard (a higher standard than with PC).
Private IP Classes A, B, C, APIPA
10, 172, 192, 169
The routing information protocol (RIP) is a distance vector routing protocol
the next hop router to reach a given network or subnet (vector)
Hybrid Routing Protocol is an advanced distance vector comprised of two elements:
bandwidth and delay.
OSPF is suitable for organizations with multiple
redundant paths between networks.
Enhanced Interior Gateway Routing Protocol (EIGRP) relies on neighboring routers to report
paths to remote networks and uses a metric composed of administrator-weighted elements.
A virtual IP (VIP) is a shared
address that is used by clients to access the service provided by the cluster.
Routing Information Protocol (RIP) will consider how many routes
1
In FHRP configurations each router must have a unique
MAC and IP address, but they share a common virtual IP address.
Interior Gateway Protocol (IGP) is the protocol that identifies routes within an
autonomous system (AS)
OSPF is suitable for organizations with multiple
redundant paths between networks.
RIP only considers the next hop router
to reach a given network or subnet (vector).
Enhanced Interior Gateway Routing Protocol (EIGRP)
relies on neighboring routers to report paths to remote networks and uses a metric composed of administrator-weighted elements.
The Border Gateway Protocol (BGP) is a patch vector routing protocol used between routing
domains in a mesh internetwork.
subinterface is bound to a
physical interface on a router and allocated a VLAN ID
SVI is a virtual interface on a Layer 3 switch that is bound to a
VLAN
Top-of-rack switching refers to the practice of using switches specifically made to provide high-bandwidth links between
distribution switches and server nodes.
Link Aggregation Control Protocol (LACP), which can be used to auto-negotiate the
bonded link between the switch ports and the end system, detects configuration errors and recovers from the failure of one of the physical links.
A trunk interconnects between
switches on large networks. A sysadmin will configure each switch as a trunk port for this purpose.
Link aggregation means combining two or more separate cabled links into a single logical channel. When done from the host end, this is called
NIC teaming.
What happens when an 802.1Q tagged frame is received on an untagged port?
The tag is stripped, and the frame is forwarded to the host
(WPA2)-Personal uses a
PSK
Cellular speeds 2G, 3G, 4G, 5G
14Kbps
3.1Mbps
150Mbps
50-300Mbps
A Yagi (a bar with fins) antenna direction
unidirectional and outdoors
A torus (donut) antenna
unidirectional and indoors
The SNMP agent maintains a database called a
Management Information Base (MIB)
An agent’s MIB on a device refers to each parameter stored in it by a numeric
object Identifier (OID). A tree structure stores the OIDs.
A port security configuration validates the
MAC address of end systems that connect to a switch port.
A 200 status code indicates that an HTTP request has
succeeded
A 404 status code indicates that the requested resource could not be
found
A 500 status code indicates an internal
server error
A 302 status code indicates a temporary
redirection
Common Vulnerabilities and Exposures (CVE) is a
dictionary of vulnerabilities in published operating systems
A cluster is a group of servers, each of which is referred to as a node, that provides
redundancy and fault tolerance for critical applications.
A Service (SRV) record is a DNS record used to identify a record that is providing a
network service or protocol.
External DNS servers refers to an external DNS zone that
internet clients must be able to access.
Most external DNS servers are managed by third-party organizations and are referred to as
external DNS servers.
Full tunnel allows internet access that is mediated by the corporate network that will alter the client’s
IP address and DNS servers and may use a proxy.
Split tunnel allows the client to access the internet directly using its native
IP configuration and DNS servers.
Virtual Network Computing (VNC) allows a site to operate a remote
desktop gateway that facilitates access to virtual desktops or individual apps running on the network servers.
Tunnel mode is used for communication between VPN gateways across an
unsecure network.
In a full tunnel VPN configuration, all of the client’s internet traffic is routed through the
corporate network.
This setup alters the client’s IP address and DNS servers and may use a proxy, offering better security by ensuring all data is encrypted and monitored.
Split tunnel configuration allows the client to access the internet directly
using ISP-managed configurations, not full tunnel.
ARP poisoning perpetuates a MitM attack by
broadcasting unsolicited gratuitous ARP reply packets with a spoofed source address.
arp -a
reviewing the returned Media Access Control (MAC) address.
arp -s
-s allows administrators to add an entry to the ARP cache. The administrator would add the MAC behind the IP.
arp commands
-a reviewing the returned Media Access Control (MAC) address.
-s allows administrators to add an entry to the ARP cache. The administrator would add the MAC behind the IP.
-d will delete the entry for the IP address
War driving uses a Wi-Fi sniffer to
detect wireless networks and then connect or try to break into them.
a single firewall is that the single firewall configuration typically employs a
triple homed setup.
What happens when a Topology Change Notification (TCN) is received in a network using STP?
Ports may change their status from forwarding to blocked or vice versa.
The iptables command line utility is used to
edit the rules enforced by the Linux kernel firewall. It can change INPUT, OUTPUT and FORWARD chains that are firewall rulesets.
The route command is a command utility to
configure and manage the routing table on a Windows or Linux host.
show running-config interface
(displays concise summary information)
show interface
(displays extended information)
show interface ethernet counters
command displays interface statistics.
show ip cache flow command displays
the NetFlow accounting statistics.
Iperf is a network performance utility that can
generate TCP and UDP traffic to test bandwidth, latency, and packet loss.
how mls netflow ip command displays
NetFlow IP entries.
domain information groper (dig) utility is used to query
Domain Name System (DNS) server and return information about a particular domain name.
The netstat command allows for checking the state of
ports on a local host
arp commands
-a reviewing the returned Media Access Control (MAC) address.
-s allows administrators to add an entry to the ARP cache. The administrator would add the MAC behind the IP.
-d will delete the entry for the IP address
iptables command line utility is used to
change INPUT, OUTPUT and FORWARD chains that are firewall rulesets.
The data link layer describes
an agreement between the different systems on the same network segment on how to communicate.
The network layer
handles logical addressing and routing
the transport layer, enables
end-to-end communication between running applications on different hosts. eg TCP and UPD
Session Layer
is responsible for establishing, maintaining, and synchronising communication between applications running on different hosts
The presentation layer
data encoding, compression, and encryption.
IPSec in Tunnel mode encrypts
both the header and payload
IPSec in Transport mode encrpts
the payload of each packet but leaves the header
SDN Data plane is
responsible for packets forwarding
SDN Control plane
manages network traffic and policies
ST Connector fiber single or multimode
single mode
SC Connector fiber single or multimode
single and multimode
LC Connector (small form) fiber single or multimode
single and multimode
Dual LC connector fiber single or multimode
single and multimode
Multi-fiber (MPO) is high density single or multimode
single and multimode
A stateful firewall inspects everything
inside data packets, the characteristics of the data, and its channels of communication.
DoT is
DNS over TLS (DoT) encrypts DNS queries and responses, providing protection against eavesdropping by external attackers.
DoH is
DNS over HTTPS (DoH), DoT operates on the traditional DNS port (port 53), which makes it suitable for organizations looking to secure their DNS traffic without altering standard DNS traffic flow.
IP helper address
enable a single DHCP server to provide DHCP IP addresses to every PC on the network
The switch with the lowest bridge priority becomes
the root switch
What ar ethe 7 steps of the problem solving model
- Identify the problem
- Establish a theory of probable cause
- Test the theory to determine the cause
- Establish a plan of action to resolve the problem and identify potential effects
- Implement the solution or escalate as necessary.
- Verify full system functionality amd implement preventive measures if applicable
- Document finding, action, outcomes and lessons learned throughout the process.
DLP stands for
Data Loss Prevention
In EIGRP the back up route when the primary route fails is called the
Feasible sucessor
PKI Stands for
Public Key Infrastructure
DHCP can not have a static
IP address
Extensible Authentication Protocol (EAP) is an
authentication framework that allows for the use of different authentication methods for secure network access technologies.
PAP and CHAP based on password or certificates
password
netstat command show
all active network connections
arp show
IP to MAC address translations
Acronym ACL
Access Control List: A set of rules used to control network traƯic and access to resource
Acronym AH
Authentication Header: A protocol used to provide connectionless integrity and data origin
authentication
Acronym ARP
Address Resolution Protocol: A protocol used to map IP addresses to MAC addresses.
Acronym CAM
Content-addressable Memory: A type of memory used in networking devices for fast data lookup
Acronym CDP
Cisco Discovery Protocol: A proprietary protocol used by Cisco devices to share information with directly connected devices
Acronym CIA
Confidentiality, Integrity, and Availability
Acronym CLI
Command line interface
Acronym DAC
Direct Attached Copper
Acronym DAS
Direct attached storage
Acronym DR
Disaster Recovery
Acronym EAPoL
Extensible Authentication Protocol over LAN: A network port authentication protocol used in wired and wireless networks.
Acronym ESP
ESP - Encapsulating Security Payload: A protocol used in IPSec to provide confidentiality, integrity, and authenticity of data packets.
Acronym GDPR
General Data Protection Regulation: A regulation in the EU governing data protection and privacy.
Acronym GRE
GRE - Generic Routing Encapsulation: A tunneling protocol used to encapsulate a wide variety of network layer protocols.
Acronym IAM
IAM - Identity and Access Management: A framework of policies and technologies for ensuring that the right users have the appropriate access to technology resources.
Acronym ICS
Industrial Control System: Systems used to control industrial processes, including SCADA, DCS, and PLCs.
Acronym IIoT
IIoT - Industrial Internet of Things: The use of IoT technology in industrial sectors and applications.
Acronym IKE
Internet Key Exchange: A protocol used to set up a secure, authenticated communication channel in IPSec.
Acronym IPAM
IPAM - Internet Protocol Address Management: Tools and processes for planning, tracking, and managing IP address space.
Acronym IPSec
Internet Protocol Security: A suite of protocols used to secure Internet Protocol (IP) communications by authenticating and encrypting each IP packet.
Acronym IS-IS
IS-IS - Intermediate System to Intermediate System: A routing protocol used to move information eficiently within a computer network, a variant of the link-state routing protocol.
Acronym LACP
Link Aggregation Control Protocol
Acronym LDAP
Lightweight Directory Access Protocol
Acronym LLDP
Link Layer Discovery Protocol: A protocol used by network devices to advertise their identity and capabilities to neighbors on the same local network.
Acronym MDIX
Medium Dependent Interface Crossover: A network interface that automatically crosses over the transmit and receive pairs of a cable
Acronym NAC
Network Access Control: A security solution that controls access to a network based on policies, including authentication and compliance checks.
Acronym OT
OT - Operational Technology: Hardware and software that detects or causes changes through direct monitoring and control of physical devices, processes, and events.
Acronym PSK
PSK - Pre-shared Key: A shared secret used for securing wireless networks, typically used in WPA or
WPA2.
Acronym RJ
RJ - Registered Jack: A standardized physical network interface for connecting telecommunications or networking equipment.
Acronym SAML
SAML - Security Assertion Markup Language: An XML-based standard for exchanging authentication and authorization data between parties, particularly between an identity provider and a service
provider.
Acronym SASE
SASE - Secure Access Service Edge: A network architecture model that combines network security functions with WAN capabilities to support the secure access needs of organizations.
Acronym SCADA
SCADA - Supervisory Control and Data Acquisition: A system used for remote monitoring and control of industrial processes.
Acronym SDN
SDN - Software-defined Network: An approach to networking that uses software-based controllers to manage network resources and services.
Acronym SIP
SIP - Session Initiation Protocol: A protocol used to initiate, maintain, and terminate real-time sessions in IP networks, such as voice and video calls.
Acronym SIEM
SIEM - Security Information and Event Management: A solution that provides real-time analysis of security alerts generated by network hardware and applications.
Acronym SMB
SMB - Server Message Block: A network protocol used for providing shared access to files, printers, and serial ports between nodes on a network.
Acronym SOA
SOA - Start of Authority: A DNS record that provides information about the DNS zone and the authoritative server for that zone.
Acronym SSE
SSE - Security Service Edge: A framework that combines multiple security services, such as SWG, CASB, and ZTNA, to protect users and data in the cloud.
Acronym SVI
- Switch Virtual Interface: A virtual interface used to manage a switch and allow communication
between VLANs.
Acronym UTM
UTM - Unified Threat Management: A security solution that integrates multiple security features, such as firewall, antivirus, and intrusion detection, into a single device.
Acronym VLSM
VLSM - Variable Length Subnet Mask: A technique that allows for more eƯicient allocation of IP addresses by using diƯerent subnet masks within the same network
Acronym ZTA
ZTA - Zero Trust Architecture: A security model that assumes no implicit trust, requiring verification of every access attempt regardless of its origin.
Routes use what type of cable for a direct connection
DCE
ISAKMP is used with what to creat a secure session
IPSec
Ports used on RSTP
Root
Designated
Alternaive
Back up
Disabled
CWDM is
is commonly used in metropolitan area networks (MANs) and in situations where operators want to maximize the capacity of their existing fiber infrastructure without the necessity of installing additional fibers.
CWDM v DWDM in cost
more cost-effective
DWDM is used in
used in long-haul telecommunications
MAC Table is MAC linked to port and is on a
Switch
ARP Table is a IP to MAC address and is on a
Router
ICV stands for
Integrity Value Check
Authentication Header (AH) and Encapsulating security payload (ESP) are part of
IPSec
Point-to-point protocol (PPP) is an encapsulation protocol that works at which OSI Level
Layer 2
NS record (DNS) tells the computer
where to go for th name.
Administrative distance order OSPF, EIGRP, RIP, BGP
BGP, EIGRP, OSPF, RIP
Outgoing email uses
SNMP and encryption of TLS/STARTTLS
Incoming email uses
POP or IMAP and encryption of SSL/TLS
SSH uses TCP or UDP
TCP
FTP uses TCP or UDP
TCP
POP runs security on
SSL/TLS
SMTP runs security
TLS/STARTTLS
Transciever and media converter are in which OSI layer
Physical
MAC, Bridge,and EUI are in which OSI layer
Data Link
UDP Protocols
67/68 DHCP, 69 TFTP, 123 NTP, 161/162 SNMP, 514 SYSLOG
OSPF is a distance or link state routing protocol
Link state
IS-IS (like OSPF) is a distance or link state routing protocol
Link state
EIGRP using bandwidth and delay is a distance or link state routing protocol
Neither it is s hybrid of both
Duplex mismatch can cause what type of error?
CRC
MU-MIMO is used in which wireless technology
ac and ax
IPv6 - Link local unicast
fe80::/10
fe80
IPv6 - Multicast
ff00::/8
ff
IPv6 - Unspecified
::/128
0::0
IPv6 - Loopback
::1/128
::1
3G has what technology
WCDMA, HSPA, HSPA+
4G has what technology
LTE, LTE-A
5G has what technology
GSM amd CDMA
What does the Encapsulating Security Payload (ESP) protocol encrypt (IP header, payload, optional authentication, whole packet)
payload nad optional authentication
LC connector size wise is
compact
PAP (Password Authentication Protocol) is
unencrypted over plain text
EAP-TLS (Extensible Authentication Protocol - TLS) uses what encryption and what for authentication
PKI & TLS encryption and certificates but hard to impliment
CHAP (Challenge Handshake AUthentication Protocol) uses a
three way handshake weaker than EAP-TLS, hash based encryption
MS-CHAP uses weak encryption so is susceptible to
dictionary attack
NSG (Network Security Group) works like a
firewall
NSG (Network Security Group) controles
traffic flow between subnets, VMs, or external sources.
IAM (Identity and Access Management) purpose is to
manage user identities, roles, and permissions for cloud resources.
IAM (Identity and Access Management) has the functionality of
Authentication: Who can access cloud resources (users, groups, service accounts).
Authorization: What actions they can perform (read, write, delete, manage).
Enforces role-based access control (RBAC).
Supports MFA (Multi-Factor Authentication) for security.
Order of Resolving a DNS query TLD, Authorative, root, local
local, root, tdl, authorative
SVR record is for
Host name and port number
IPSec Tunnell Mode encrypts the
entire IP packet
IPSec Transport mode encrypts
only the payload
A solid amber LED on a switch port signifies that the port is blocked
is blocked by the spanning tree algorithm, which is a network protocol that ensures a loop-free topology for any bridged Ethernet local area network.
A flickering green LED, not a solid amber one,
indicates that the link is operating normally with traffic.
A blinking amber LED, not a solid amber one, indicates
a fault such as a duplex mismatch.
A solid green LED, not a solid amber one, indicates
that the link is connected but there is no traffic passing through.
VLAN Port Type - Access Port function
Connects end devices only one VLAN and untagged
VLAN Port Type Trunk port function
Connects switches or other VLAN-aware devices and carries traffic for multiple VLANs, tagged
VLAN Port Type Hybrid or dynamic
Can operate as either an access or trunk port, depending on the connected device.
If Windows detects a duplicate IP (Internet Protocol) address it will
display a warning and disable IP traffic.
Header fields in an ethernet frame
Preamble, SDF, Destination MAC, source MAc and ether type
Error checking at the end FSC or CRC
Tunneling is when an IPv6 packet is inserted into a
IPv4 packet
ULA are IPv6 address that are
are private IP addresses
NAT router stores port number on a
translation table
RADIUS stands for
Remote Authentication Dial-In User Service
TACACS+ stands for
Terminal Access Controller Access-Control System Plus
IGP (Interior Gateway Protocol) is for what type of system
Autonomous systems
