Dion Questions Review Flashcards
Malware
Any software intentionally designed to cause damage to a computer, server, client, or computer network
Software that serves a malicious purpose, typically installed without the user’s consent (or knowledge)
Ransomware
type of malware from cryptovirology that threatens to publish the victim’s personal data or perpetually block access to it unless a ransom is paid
Malware that tries to extort money from the victim by encrypting the victim’s files and demanding payment.
Phishing
type of social engineering where an attacker sends a fraudulent email designed to trick a human victim into revealing sensitive information to the attacker or to deploy malicious software on the victim’s infrastructure like ransomware
Email-based social engineering attack, in which the attacker sends email from a supposedly reputable source, such as a bank, to try to elicit private information from the victim
brute-force attack
consists of an attacker submitting many passwords or passphrases with the hope of eventually guessing correctly
Type of password attack where an attacker uses an application to exhaustively try every possible alphanumeric combination to crack encrypted passwords.
cloud site
virtual recovery site that allows you to create a recovery version of your organization’s enterprise network in the cloud. Cloud sites are useful when your disaster recovery plan includes migrating to a telework or remote operations environment.
hot site
a real-time replication of an existing network environment. All data generated and stored at the primary site is immediately replicated and backed up at the disaster recovery site.
Fully configured alternate processing site that can be brought online either instantly or very quickly after a disaster.
warm site
type of facility an organization uses to recover its technology infrastructure when its primary data center goes down. A warm site features an equipped data center but no customer data.
Alternate processing location that is dormant or performs noncritical functions under normal conditions, but which can be rapidly converted to a key operations site if needed.
cold site
a backup facility with little or no hardware equipment installed. A cold site is essentially an office space with basic utilities such as power, cooling system, air conditioning, and communication equipment, etc.
Predetermined alternate location where a network can be rebuilt after a disaster
Port 67
DHCP
Port 53
DNS
Split horizon
a method used by distance vector protocols to prevent network routing loops. With split horizon, if a router receives routing information from another router, the first router will not broadcast that information back to the second router, thus preventing routing loops from occurring.
ACL
Access control list
a list of permissions associated with a system resource (object)
Collection of access control entries (ACEs) that determines which subjects (user accounts, host IP addresses, and so on) are allowed or denied access to the object and the privileges
given (read only, read/write, and so on)
NAT
Network address translation
method of remapping one IP address space into another by modifying network address information in the IP header of packets while they are in transit across a traffic routing device. Using NAT, you can have the internal IP address of each workstation mapped to a public IP address or port when it crosses the router to access the WAN.
DMZ
AKA: Screened subnet
physical or logical subnetwork that contains and exposes an organization’s external-facing services to an untrusted, usually larger, network such as the Internet
VPN
Virtual Private Network
extends a private network across a public network and enables users to send and receive data across shared or public networks as if their computing devices were directly connected to the private network.
OSPF
Open Shortest Path First
a link-state routing protocol that was developed for IP networks and is based on the Shortest Path First (SPF) algorithm.
OSPF is an Interior Gateway Protocol (IGP)
control plane
The QoS plane that makes decisions about how traffic should be prioritized and where it should be switched
uses the information from applications to decide how to route a data packet on the network and to make decisions about how traffic should be prioritized, how it should be secured, and where it should be forwarded to
infrastructure layer
Bottom layer of a SDN
Devices (physical or virtual) that handle the actual
forwarding (switching and routing) of traffic and imposition of ACLs and other policy configurations for security
contains the physical networking devices that receive information from the control layer about where to move the data and then perform those movements.
management plane
used to monitor traffic conditions, the status of the network, and allows network administrators to oversee the network and gain insight into its operations
Multicast
sends out the packets to the requested devices when streaming to multiple workstations from a single streaming media server
Anycast
communications are sent to the nearest receiver in a group of receivers with the same IP. Anycast only works with IPv6.
DOCSIS
(Data Over Cable Service Interface Specification) is an international telecommunications standard that permits the addition of high-bandwidth data transfer to an existing cable television system. Many cable television operators employ it to provide Internet access over their existing hybrid fiber-coaxial (HFC) infrastructure. Most people today call these cable modems, but technically, they are DOCSIS modems.
arp command
Used to view and modify the local address resolution protocol (ARP) cache of a device, which contains recently resolved MAC addresses of IP hosts on the network
netstat command
used to monitor incoming and outgoing connections, routing tables, port states, and usage statistics on a network interface.
route command
used to create, view, or modify manual entries in the network routing tables of a computer or server
ipconfig command
used on Windows devices to display the current TCP/IP network configuration and refresh the DHCP and DNS settings on a given host
CAN
campus area network
Scope defining a network with direct connections between two or more buildings within the same overall area.
a computer network that spans a limited geographic area. CANs interconnect multiple local area networks (LAN) within an educational or corporate campus
cable crimper
sed to join the internal wires of a twisted pair cable with metallic pins houses inside a plastic connector, such as an RJ-45 connector
punchdown tool
used to insert wires into insulation displacement connectors on patch panels, keystone modules, or punchdown blocks
fusion splicer
used to create long fiber optic cable lengths by splicing multiple cables together or to repair a break in a fiber optic cable
cable snip
used to cut copper cables into shorter lengths from a longer spool of wound cable
Ports 161 & 162
SNMP
SNMP
Simple Network Management Protocol
Application protocol used for monitoring and managing network device
trap
an asynchronous notification from the agent to the manager. A trap is sent by the agent to notify the management of a significant event that is occurring in real-time, such as an alarming condition
granular trap
Contains a unique object identifier (OID) number and a value for that OID
verbose trap
may contain all the information about a given alert or event as its payload. A verbose trap contains more information and data than a granular trap, and therefore requires more bandwidth to send the verbose trap over the network
NIC. teaming
Two or more NIC aggregated into a single channel link for fault tolerance and increased throughput. Also known as NIC bonding.
LACP
Link Aggregation Control Protocol
IEEE protocol governing the use of bonded Ethernet ports
802.3ad
802.3af
PoE
CSMA/CD
a media access control method used most notably in early Ethernet technology for local area networking. It should not be disabled on an ethernet-based network since it is required for proper network operations
utilizes half-duplex transmission to detect when a signal is present on an interface’s transmit and receive lines simultaneously. A jamming signal is then used to keep other nodes from transmitting for a period of time
show interface
command is used on a Cisco networking device to display the statistics for a given network interface
show configuration
command is used on a Cisco networking device to display the device’s current configuration
show route
command is used on a Cisco networking device to display the current state of the routing table for a given network device
show diagnostic
command is used on a Cisco networking device to display details about the hardware and software on each node in a networked device
SOW
Statement of Work
a document that outlines all the work that is to be performed, as well as the agreed-upon deliverables and timelines
SLA
service-level agreement
written agreement that qualitatively and quantitatively specifies the service committed by a vendor to a customer
agreement that sets the service requirements and expectations between a consumer and a provider
STP
Spanning Tree Protocol
Protocol that prevents layer 2 network loops by dynamically blocking switch ports as needed
network protocol that builds a loop-free logical topology for Ethernet networks to prevent bridge loops and the broadcast storms that result from them. STP is defined in the IEEE 802.1d standard.
802.1d
STP; Spanning Tree Protocol
802.1x
Port-based NAC
a network authentication protocol that opens ports for network access when an organization authenticates a user’s identity and authorizes them for access to the network. This defines port security. The user’s identity is determined based on their credentials or certificate, which is confirmed by the RADIUS server.
Load balancing
a technique used to spread work across multiple computers, network links, or other devices
Uses a type of switch, router, or software that distributes client requests between different resources, such as communications links or similarly-configured servers. This provides fault
tolerance and improves throughput.
MPLS
Multiprotocol Label Switching
“Layer 2.5” network protocol used by service providers to implement WAN access links and virtual private networks with traffic engineering (congestion control), Class of Service,
and Quality of Service.
a routing technique in telecommunications networks that directs data from one node to the next based on short path labels rather than long network addresses, thus avoiding complex lookups in a routing table and speeding traffic flows
Multiplexing
the technology that is able to combine multiple communication signals together in order for them to traverse an otherwise single signal communication medium simultaneously
TXT
A DNS record that lets a domain administrator enter text into the Domain Name Systems.
The TXT record was originally intended as a place for human-readable notes. However, now it is also possible to put some machine-readable data into TXT records. TXT records are a key component of several different email authentication methods (SPF, DKIM, and DMARC) that help an email server determine if a message is from a trusted source.
non-persistent vs persistent agent
A non-persistent agent is used to access the device during a one-time check-in at login. A persistent agent is agent software that resides on the client making the connection, and a non-persistent agent is software the client runs (usually from a browser) as they are connecting so the agent can perform the checks, but the software does not permanently stay with the client after they disconnect. This is beneficial in BYOD (Bring Your Own Device) policies
Neighbor Discovery Protocol
IPv6 protocol used to identify link local nodes.
a parr of IPv6 that operates at the data link layer of the OSI Internet model and is responsible for gathering various information required for internet communication, including the configuration of local connections and the domain name servers and gateways used to communicate with more distant systems
Network Tap
used to create a physical connection to the network that sends a copy of every packet received to a monitoring device for capture and analysis
Straight through cable
Cable designed to connect an end system MDI to an intermediate system MDI-X, such as a host to a hub.
used to connect a computer to a hub or switch
Crossover cable
Cabling where the transmit pair at one end is connected to the receive pair at the other.
used if you needed to connect a computer to a computer in a peer-to-peer network, or if you needed to connect two switches together that didn’t support MDIX
Rollover cable
used to connect a computer to a console port on a router in order to configure the device
CSU/DSU
Channel Service Unit/Data Service Unit
a hardware device about the size of an external modem that converts digital data frames from the communications technology used on a local area network (LAN) into frames appropriate to a wide-area network (WAN) and vice versa. A CSU/DSU is used to terminate a T1 connection at the customer’s site
IPS
intrusion prevention system
Security appliance or software that combines detection capabilities with functions that can actively block attack
IDS
intrusion detection system
a device or software application that monitors a network or systems for malicious activity or policy violations. An IDS can detect a threat, but it cannot react or change configurations based on those threats like an IPS can
PPP
Point-to-Point Protocol
Dial-up protocol working at layer 2 (Data Link) used to connect devices remotely to networks
TCP/IP protocol that is used to connect one computer system to another. Computers use PPP to communicate over the telephone network or the Internet
Zero-trust
a security framework that requires all users, whether in or outside the organization’s network, to be authenticated, authorized, and continuously validated for security configuration and posture before being granted or keeping access to applications and data
QoS
Quality of Service
occurs at both Layer 2 and Layer 3 of the OSI Model. Layer 2 Quality of Service (QoS) allows for traffic prioritization and bandwidth management to minimize network delay using Cost of Service (CoS) classification, and DSCP marking under the 802.1p standard. Layer 3 Quality of Service (QoS) allows for managing the quality of network connections through its packet routing decisions.
Teredo
a transition technology that gives full IPv6 connectivity for IPv6-capable hosts that are on the IPv4 Internet but have no native connection to an IPv6 network
Teredo tunnels IPv6 packets as IPv4-based UDP messages over port 3544
ESSID
Extended SSID
Network name configured on multiple access points to form an extended service area
a wireless network can utilize multiple wireless access points to broadcast a single network name for access by the clients
BSSID
Basic Service Set Identifier
MAC address of an access point supporting a basic service area
mgre
a protocol that can be used to enable one node to communicate with many nodes by encapsulating layer 3 protocols to create tunnels over another network. The mGRE protocol is often used in Dynamic Multipoint VPN (DMVPN) connections
BGP
Border Gateway Protocol is a standardized exterior gateway protocol designed to exchange routing and reachability information among autonomous systems on the Internet
Path vector exterior gateway routing protocol used principally by ISPs to establish routing between autonomous systems
RIP
Routing Information Protocol
an Interior Gateway Protocol (IGP) designed to distribute routing information within an Autonomous System (AS)
EIGRP
Enhanced IGRP
Advanced distance vector dynamic routing protocol using bandwidth and delay metrics to establish optimum forwarding paths
an Interior Gateway Protocol (IGP) designed as an advanced distance-vector routing protocol used on a computer network for automating routing decisions and configuration.
RIPv2
classless, distance vector routing protocol that will include the subnet mask with the network addresses in its routing updates. RIPv2 has the least overhead of the four routing protocol options presented in this question. If you were not sure about this, you could look at answer the second half of the question concerning the interconnection of the computers within the branch office instead and try to eliminate some of the wrong options
MTJR
Mechanical Transfer Registered Jack
a small-form-factor duplex connector with a snap-in design that is used in multimode networks
fiber connector
ST connector
Straight Tip
an early bayonet-style connector with a twist-and-push locking mechanism. ST was primarily used for multimode networks, however, it is no longer routinely utilized in Ethernet deployments.
LC
Local Connector
(fiber)
a small-form-factor connector with a push/pull tabbed design. The LC form factor is commonly used for Gigabit Ethernet and 10/40 GbE.
SC
Subscriber connector
(fiber)
a push/pull connector that allows for easy insertion and removal. It may be utilized in either single-mode or multimode mode. It is frequently used in Gigabit Ethernet
