Dion Questions Review

Question 1

Malware

Answer 1

Any software intentionally designed to cause damage to a computer, server, client, or computer network

Software that serves a malicious purpose, typically installed without the user’s consent (or knowledge)

Question 2

Ransomware

Answer 2

type of malware from cryptovirology that threatens to publish the victim’s personal data or perpetually block access to it unless a ransom is paid

Malware that tries to extort money from the victim by encrypting the victim’s files and demanding payment.

Question 3

Phishing

Answer 3

type of social engineering where an attacker sends a fraudulent email designed to trick a human victim into revealing sensitive information to the attacker or to deploy malicious software on the victim’s infrastructure like ransomware

Email-based social engineering attack, in which the attacker sends email from a supposedly reputable source, such as a bank, to try to elicit private information from the victim

Question 4

brute-force attack

Answer 4

consists of an attacker submitting many passwords or passphrases with the hope of eventually guessing correctly

Type of password attack where an attacker uses an application to exhaustively try every possible alphanumeric combination to crack encrypted passwords.

Question 5

cloud site

Answer 5

virtual recovery site that allows you to create a recovery version of your organization’s enterprise network in the cloud. Cloud sites are useful when your disaster recovery plan includes migrating to a telework or remote operations environment.

Question 6

hot site

Answer 6

a real-time replication of an existing network environment. All data generated and stored at the primary site is immediately replicated and backed up at the disaster recovery site.

Fully configured alternate processing site that can be brought online either instantly or very quickly after a disaster.

Question 7

warm site

Answer 7

type of facility an organization uses to recover its technology infrastructure when its primary data center goes down. A warm site features an equipped data center but no customer data.

Alternate processing location that is dormant or performs noncritical functions under normal conditions, but which can be rapidly converted to a key operations site if needed.

Question 8

cold site

Answer 8

a backup facility with little or no hardware equipment installed. A cold site is essentially an office space with basic utilities such as power, cooling system, air conditioning, and communication equipment, etc.

Predetermined alternate location where a network can be rebuilt after a disaster

Question 9

Port 67

Answer 9

DHCP

Question 10

Port 53

Answer 10

DNS

Question 11

Split horizon

Answer 11

a method used by distance vector protocols to prevent network routing loops. With split horizon, if a router receives routing information from another router, the first router will not broadcast that information back to the second router, thus preventing routing loops from occurring.

Question 12

ACL

Answer 12

Access control list

a list of permissions associated with a system resource (object)

Collection of access control entries (ACEs) that determines which subjects (user accounts, host IP addresses, and so on) are allowed or denied access to the object and the privileges
given (read only, read/write, and so on)

Question 13

NAT

Answer 13

Network address translation

method of remapping one IP address space into another by modifying network address information in the IP header of packets while they are in transit across a traffic routing device. Using NAT, you can have the internal IP address of each workstation mapped to a public IP address or port when it crosses the router to access the WAN.

Question 14

DMZ

Answer 14

AKA: Screened subnet

physical or logical subnetwork that contains and exposes an organization’s external-facing services to an untrusted, usually larger, network such as the Internet

Question 15

VPN

Answer 15

Virtual Private Network
extends a private network across a public network and enables users to send and receive data across shared or public networks as if their computing devices were directly connected to the private network.

Question 16

OSPF

Answer 16

Open Shortest Path First

a link-state routing protocol that was developed for IP networks and is based on the Shortest Path First (SPF) algorithm.

OSPF is an Interior Gateway Protocol (IGP)

Question 17

control plane

Answer 17

The QoS plane that makes decisions about how traffic should be prioritized and where it should be switched

uses the information from applications to decide how to route a data packet on the network and to make decisions about how traffic should be prioritized, how it should be secured, and where it should be forwarded to

Question 18

infrastructure layer

Answer 18

Bottom layer of a SDN

Devices (physical or virtual) that handle the actual
forwarding (switching and routing) of traffic and imposition of ACLs and other policy configurations for security

contains the physical networking devices that receive information from the control layer about where to move the data and then perform those movements.

Question 19

management plane

Answer 19

used to monitor traffic conditions, the status of the network, and allows network administrators to oversee the network and gain insight into its operations

Question 20

Multicast

Answer 20

sends out the packets to the requested devices when streaming to multiple workstations from a single streaming media server

Question 21

Anycast

Answer 21

communications are sent to the nearest receiver in a group of receivers with the same IP. Anycast only works with IPv6.

Question 22

DOCSIS

Answer 22

(Data Over Cable Service Interface Specification) is an international telecommunications standard that permits the addition of high-bandwidth data transfer to an existing cable television system. Many cable television operators employ it to provide Internet access over their existing hybrid fiber-coaxial (HFC) infrastructure. Most people today call these cable modems, but technically, they are DOCSIS modems.

Question 23

arp command

Answer 23

Used to view and modify the local address resolution protocol (ARP) cache of a device, which contains recently resolved MAC addresses of IP hosts on the network

Question 24

netstat command

Answer 24

used to monitor incoming and outgoing connections, routing tables, port states, and usage statistics on a network interface.

Question 25

route command

Answer 25

used to create, view, or modify manual entries in the network routing tables of a computer or server

Question 26

ipconfig command

Answer 26

used on Windows devices to display the current TCP/IP network configuration and refresh the DHCP and DNS settings on a given host

Question 27

CAN

Answer 27

campus area network

Scope defining a network with direct connections between two or more buildings within the same overall area.

a computer network that spans a limited geographic area. CANs interconnect multiple local area networks (LAN) within an educational or corporate campus

Question 28

cable crimper

Answer 28

sed to join the internal wires of a twisted pair cable with metallic pins houses inside a plastic connector, such as an RJ-45 connector

Question 29

punchdown tool

Answer 29

used to insert wires into insulation displacement connectors on patch panels, keystone modules, or punchdown blocks

Question 30

fusion splicer

Answer 30

used to create long fiber optic cable lengths by splicing multiple cables together or to repair a break in a fiber optic cable

Question 31

cable snip

Answer 31

used to cut copper cables into shorter lengths from a longer spool of wound cable

Question 32

Ports 161 & 162

Answer 32

SNMP

Question 33

SNMP

Answer 33

Simple Network Management Protocol

Application protocol used for monitoring and managing network device

Question 34

trap

Answer 34

an asynchronous notification from the agent to the manager. A trap is sent by the agent to notify the management of a significant event that is occurring in real-time, such as an alarming condition

Question 35

granular trap

Answer 35

Contains a unique object identifier (OID) number and a value for that OID

Question 36

verbose trap

Answer 36

may contain all the information about a given alert or event as its payload. A verbose trap contains more information and data than a granular trap, and therefore requires more bandwidth to send the verbose trap over the network

Question 37

NIC. teaming

Answer 37

Two or more NIC aggregated into a single channel link for fault tolerance and increased throughput. Also known as NIC bonding.

Question 38

LACP

Answer 38

Link Aggregation Control Protocol

IEEE protocol governing the use of bonded Ethernet ports

802.3ad

Question 39

802.3af

Answer 39

PoE

Question 40

CSMA/CD

Answer 40

a media access control method used most notably in early Ethernet technology for local area networking. It should not be disabled on an ethernet-based network since it is required for proper network operations

utilizes half-duplex transmission to detect when a signal is present on an interface’s transmit and receive lines simultaneously. A jamming signal is then used to keep other nodes from transmitting for a period of time

Question 41

show interface

Answer 41

command is used on a Cisco networking device to display the statistics for a given network interface

Question 42

show configuration

Answer 42

command is used on a Cisco networking device to display the device’s current configuration

Question 43

show route

Answer 43

command is used on a Cisco networking device to display the current state of the routing table for a given network device

Question 44

show diagnostic

Answer 44

command is used on a Cisco networking device to display details about the hardware and software on each node in a networked device

Question 45

SOW

Answer 45

Statement of Work

a document that outlines all the work that is to be performed, as well as the agreed-upon deliverables and timelines

Question 46

SLA

Answer 46

service-level agreement

written agreement that qualitatively and quantitatively specifies the service committed by a vendor to a customer

agreement that sets the service requirements and expectations between a consumer and a provider

Question 47

STP

Answer 47

Spanning Tree Protocol

Protocol that prevents layer 2 network loops by dynamically blocking switch ports as needed

network protocol that builds a loop-free logical topology for Ethernet networks to prevent bridge loops and the broadcast storms that result from them. STP is defined in the IEEE 802.1d standard.

Question 48

802.1d

Answer 48

STP; Spanning Tree Protocol

Question 49

802.1x

Answer 49

Port-based NAC

a network authentication protocol that opens ports for network access when an organization authenticates a user’s identity and authorizes them for access to the network. This defines port security. The user’s identity is determined based on their credentials or certificate, which is confirmed by the RADIUS server.

Question 50

Load balancing

Answer 50

a technique used to spread work across multiple computers, network links, or other devices

Uses a type of switch, router, or software that distributes client requests between different resources, such as communications links or similarly-configured servers. This provides fault
tolerance and improves throughput.

Question 51

MPLS

Answer 51

Multiprotocol Label Switching

“Layer 2.5” network protocol used by service providers to implement WAN access links and virtual private networks with traffic engineering (congestion control), Class of Service,
and Quality of Service.

a routing technique in telecommunications networks that directs data from one node to the next based on short path labels rather than long network addresses, thus avoiding complex lookups in a routing table and speeding traffic flows

Question 51

Multiplexing

Answer 51

the technology that is able to combine multiple communication signals together in order for them to traverse an otherwise single signal communication medium simultaneously

Question 52

TXT

Answer 52

A DNS record that lets a domain administrator enter text into the Domain Name Systems.

The TXT record was originally intended as a place for human-readable notes. However, now it is also possible to put some machine-readable data into TXT records. TXT records are a key component of several different email authentication methods (SPF, DKIM, and DMARC) that help an email server determine if a message is from a trusted source.

Question 53

non-persistent vs persistent agent

Answer 53

A non-persistent agent is used to access the device during a one-time check-in at login. A persistent agent is agent software that resides on the client making the connection, and a non-persistent agent is software the client runs (usually from a browser) as they are connecting so the agent can perform the checks, but the software does not permanently stay with the client after they disconnect. This is beneficial in BYOD (Bring Your Own Device) policies

Question 54

Neighbor Discovery Protocol

Answer 54

IPv6 protocol used to identify link local nodes.

a parr of IPv6 that operates at the data link layer of the OSI Internet model and is responsible for gathering various information required for internet communication, including the configuration of local connections and the domain name servers and gateways used to communicate with more distant systems

Question 55

Network Tap

Answer 55

used to create a physical connection to the network that sends a copy of every packet received to a monitoring device for capture and analysis

Question 56

Straight through cable

Answer 56

Cable designed to connect an end system MDI to an intermediate system MDI-X, such as a host to a hub.

used to connect a computer to a hub or switch

Question 57

Crossover cable

Answer 57

Cabling where the transmit pair at one end is connected to the receive pair at the other.

used if you needed to connect a computer to a computer in a peer-to-peer network, or if you needed to connect two switches together that didn’t support MDIX

Question 58

Rollover cable

Answer 58

used to connect a computer to a console port on a router in order to configure the device

Question 59

CSU/DSU

Answer 59

Channel Service Unit/Data Service Unit

a hardware device about the size of an external modem that converts digital data frames from the communications technology used on a local area network (LAN) into frames appropriate to a wide-area network (WAN) and vice versa. A CSU/DSU is used to terminate a T1 connection at the customer’s site

Question 60

IPS

Answer 60

intrusion prevention system

Security appliance or software that combines detection capabilities with functions that can actively block attack

Question 61

IDS

Answer 61

intrusion detection system

a device or software application that monitors a network or systems for malicious activity or policy violations. An IDS can detect a threat, but it cannot react or change configurations based on those threats like an IPS can

Question 62

PPP

Answer 62

Point-to-Point Protocol

Dial-up protocol working at layer 2 (Data Link) used to connect devices remotely to networks

TCP/IP protocol that is used to connect one computer system to another. Computers use PPP to communicate over the telephone network or the Internet

Question 63

Zero-trust

Answer 63

a security framework that requires all users, whether in or outside the organization’s network, to be authenticated, authorized, and continuously validated for security configuration and posture before being granted or keeping access to applications and data

Question 64

QoS

Answer 64

Quality of Service

occurs at both Layer 2 and Layer 3 of the OSI Model. Layer 2 Quality of Service (QoS) allows for traffic prioritization and bandwidth management to minimize network delay using Cost of Service (CoS) classification, and DSCP marking under the 802.1p standard. Layer 3 Quality of Service (QoS) allows for managing the quality of network connections through its packet routing decisions.

Question 65

Teredo

Answer 65

a transition technology that gives full IPv6 connectivity for IPv6-capable hosts that are on the IPv4 Internet but have no native connection to an IPv6 network

Teredo tunnels IPv6 packets as IPv4-based UDP messages over port 3544

Question 66

ESSID

Answer 66

Extended SSID

Network name configured on multiple access points to form an extended service area

a wireless network can utilize multiple wireless access points to broadcast a single network name for access by the clients

Question 67

BSSID

Answer 67

Basic Service Set Identifier

MAC address of an access point supporting a basic service area

Question 68

mgre

Answer 68

a protocol that can be used to enable one node to communicate with many nodes by encapsulating layer 3 protocols to create tunnels over another network. The mGRE protocol is often used in Dynamic Multipoint VPN (DMVPN) connections

Question 69

BGP

Answer 69

Border Gateway Protocol is a standardized exterior gateway protocol designed to exchange routing and reachability information among autonomous systems on the Internet

Path vector exterior gateway routing protocol used principally by ISPs to establish routing between autonomous systems

Question 70

RIP

Answer 70

Routing Information Protocol

an Interior Gateway Protocol (IGP) designed to distribute routing information within an Autonomous System (AS)

Question 71

EIGRP

Answer 71

Enhanced IGRP

Advanced distance vector dynamic routing protocol using bandwidth and delay metrics to establish optimum forwarding paths

an Interior Gateway Protocol (IGP) designed as an advanced distance-vector routing protocol used on a computer network for automating routing decisions and configuration.

Question 72

RIPv2

Answer 72

classless, distance vector routing protocol that will include the subnet mask with the network addresses in its routing updates. RIPv2 has the least overhead of the four routing protocol options presented in this question. If you were not sure about this, you could look at answer the second half of the question concerning the interconnection of the computers within the branch office instead and try to eliminate some of the wrong options

Question 73

MTJR

Answer 73

Mechanical Transfer Registered Jack

a small-form-factor duplex connector with a snap-in design that is used in multimode networks

fiber connector

Question 74

ST connector

Answer 74

Straight Tip

an early bayonet-style connector with a twist-and-push locking mechanism. ST was primarily used for multimode networks, however, it is no longer routinely utilized in Ethernet deployments.

Question 75

LC

Answer 75

Local Connector

(fiber)
a small-form-factor connector with a push/pull tabbed design. The LC form factor is commonly used for Gigabit Ethernet and 10/40 GbE.

Question 76

SC

Answer 76

Subscriber connector

(fiber)

a push/pull connector that allows for easy insertion and removal. It may be utilized in either single-mode or multimode mode. It is frequently used in Gigabit Ethernet