Domain 4: Communication and Network Security Flashcards

Question 1

Q

Acknowledgment (ACK)

Answer

A

An acknowledgment of a signal being received.

Question 2

Q

Address Resolution Protocol (ARP)

Answer

A

Used at the Media Access Control (MAC) layer to provide for direct communication between two devices within the same LAN segment.

Question 3

Q

Advanced Persistent Threat (APT)

Answer

A

An adversary with sophisticated levels of expertise and significant resources who is able to use multiple different attack vectors (e.g., cyber, physical, and deception) to achieve its objectives. These are typically to establish and extend footholds within the organization’s IT infrastructure to continually exfiltrate information; undermine or impede critical aspects of a mission, program, or organization; or place itself in a position to do so in the future. Moreover, the APT pursues its objectives repeatedly over an extended period, adapting to a defender’s efforts to resist it, and with determination to maintain the level of interaction needed to execute its objectives.

Question 4

Q

Application Programming Interface (API) Object Notation (JSON).

Answer

A

Mobile code mechanisms that provide ways for applications to share data, methods, or functions over a network. Usually implemented either in XML or JavaScript 2. A reference to a software access point or library function with a well-defined syntax and welldefined functionality.

Question 5

Q

Bandwidth

Answer

A

The amount of information transmitted over time. A process consisting of learning or education could necessitate higher bandwidth than a quick status update, which would require a lower bandwidth.

Question 6

Q

Bit

Answer

A

Most essential representation of data (zero or one) at Layer 1 of the OSI 7-Layer Model.

Question 7

Q

Bluetooth (Wireless Personal Area Network IEEE 802.15)

Answer

A

Bluetooth wireless technology is an open standard for short-range RF communication used primarily to establish wireless personal area networks (WPANs). It has been integrated into many types of business and consumer devices.

Question 8

Q

Bound Network

Answer

A

Network in which devices are connected at Layer 1 by means of physical cables, wires or fiber. Often referred to as wired networks or Ethernet networks or by wiring or cable standard used, (e.g., fiber network, Cat 5, or Cat 6 network). See also Unbound (wireless) Network(s).

physically bound

Question 9

Q

Boundary Routers

Answer

A

Primarily advertise routes that external hosts can use to reach internal ones.

Question 10

Q

Bridges

Answer

A

A device that creates a single aggregate network from separate network segments. Using the OSI model, this device aggregates networks at Layer 2.

Question 11

Q

Carrier Sense Multiple Access with Collision Avoidance (CSMA/CA)

Answer

A

A method of flow control in a network. To prevent more than one station from accessing the network simultaneously, the sending station announces its intent to send, and other stations wait until the sending station announces its completion.

Question 12

Q

Cellular Network

Answer

A

A radio network distributed over land areas called cells, each served by at least one fixed-location transceiver, known as a cell site or base station.

Question 13

Q

Circuit-Switched Network

Answer

A

A network that establishes a dedicated circuit between endpoints.

Question 14

Q

Code-Division Multiple Access (CDMA)

Answer

A

Every call’s data is encoded with a unique key, then the calls are all transmitted at once.

Question 15

Q

Concentrators

Answer

A

Multiplex connected devices into one signal to be transmitted on a network.

Question 16

Q

Content Distribution Network (CDN)

Answer

A

A large, distributed system of servers deployed in multiple data centers, which moves content to achieve QoS and availability requirements.

Question 17

Q

Control Plane

Answer

A

Control of network functionality and programmability is directly made to devices at this layer. OpenFlow was the original framework/protocol specified to interface with devices through southbound interfaces.

Question 18

Q

Converged Protocols

Answer

A

A protocol that combines or converges standard protocols such as TCP/IP with proprietary or other nonstandard protocols. These can sometimes provide greatly enhanced functionality and security to meet the needs of specific situations or industries. Adopting them can also complicate enterprise-wide security engineering efforts by requiring additional specialist knowledge and skills to manage and secure.

Question 19

Q

Domain Name Service (DNS)

Answer

A

This acronym can be applied to three interrelated elements: a service, a physical server, and a network protocol.

Translates friendly-names into IP addresses that can then be routed using Address resolution protocol.

Question 20

Q

Driver (Device Driver)

Answer

A

Software layer that provides an interface for accessing the functions of hardware devices. Typically used by the OS.

Question 21

Q

Dynamic Host Configuration Protocol (DHCP)

Answer

A

An industry standard protocol used to dynamically assign IP addresses to network devices.

Question 22

Q

Dynamic or Private Ports

Answer

A

Ports 49152– 65535. Whenever a service is requested that is associated with well-known or registered ports, those services will respond with a dynamic port.

Question 23

Q

East-West Data Flow (or Traffic)

Answer

A

Network data traffic that flows laterally across a set of internal systems, networks, or subnetworks within an IT architecture. These can flow within a data center or between geographically dispersed locations. Contrast with north-south data flows, in which northbound data is leaving the organization and southbound data is entering it.

Question 24

Q

Fiber Distributed Data Interface (FDDI)

Answer

A

A LAN standard, defined by ANSI X3T9.5, specifying a 100 Mbps token-passing network using fiber- optic cable, with transmission distances of up to two kilometers.

Question 25

Q

Fibre Channel over Ethernet (FCoE)

Answer

A

A lightweight encapsulation protocol that lacks the reliable data transport of the TCP layer.

Question 26

Q

File Transfer Protocol (FTP)

Answer

A

The internet protocol (and program) used to transfer files between hosts.

Question 27

Q

Firewalls

Answer

A

Devices that enforce administrative security policies by filtering incoming traffic based on a set of rules.

Question 28

Q

Firmware

Answer

A

Computer programs and data stored in hardware typically in read-only memory (ROM) or programmable read-only memory (PROM)— such that the programs and data cannot be dynamically written or modified during execution of the programs.

Question 29

Q

Frame

Answer

A

Data represented at Layer 2 of the OSI 7-Layer Model.

Question 30

Q

Gateway Device

Answer

A

A firewall or other device sitting at the edge of a network to regulate traffic and enforce rules.

Question 31

Q

Hypertext Transfer Protocol (HTTP)

Answer

A

A communication protocol used to connect to servers on the World Wide Web. Its primary function is to establish a connection with a web server and transmit HTML pages to the client browser. The protocol used to transport hypertext files across the Internet.

Question 32

Q

Internet Control Message Protocol (ICMP)

Answer

A

An IP network protocol standardized by the IETF through RFC 792 to determine whether a particular service or host is available.

Question 33

Q

Internet Group Management Protocol (IGMP)

Answer

A

Used to manage multicasting groups that are a set of hosts anywhere on a network listening for a transmission.

Question 34

Q

Internet of Things (IoT)

Answer

A

A virtual network made up of small, dedicated-use devices that are typically designed as small form factor, embedded hardware with a limited functionality OS. They may interface with the physical world and tend to be pervasively deployed where they exist.

Question 35

Q

Internet Protocol (IPv4)

Answer

A

The dominant protocol that operates at Layer 3 of the OSI 7-Layer Model. IP is responsible for addressing packets so that they can be transmitted from the source to the destination hosts.

Question 36

Q

Internet Protocol (IPv6)

Answer

A

A modernization of IPv4 that includes a much larger address field: IPv6 addresses are 128 bits that support 2128 hosts.

Question 37

Q

Internetworking

Answer

A

Two different sets of servers and communications elements using network protocol stacks to communicate with each other and coordinate their activities with each other.

Question 38

Q

Kill Chain, Cyber Kill Chain

Answer

A

A generalized attack model consisting of actions on the objective and six broad, overlapping sets of operational activities: reconnaissance, weaponization, delivery, exploitation, installation, and command and control. APT actors often combine these operations in complex ways to achieve their goals; such attacks may span many months. For defenders, the kill chain model highlights the temporary gain in security that can result by improved systems and organizational hardening across any or all these areas.

Question 39

Q

Lightweight Directory Access Protocol (LDAP)

Answer

A

Authentication is specified as simple (basic), simple using SSL/TLS, or Simple Authentication and Security Layer (SASL).

Question 40

Q

Logical Link Control (LLC)

Answer

A

One of two sublayers that together make up the data link layer in the OSI.

Question 41

Q

Man-in-the-Middle (MITM)

Answer

A

A form of active attack in which the attacker inserts themselves into the physical or logical communications flow between two parties and falsifies or alters data exchanged as the attacker chooses to. Machine- in-the-browser (MITB) attacks focus on Layer 7 vulnerabilities to masquerade as client to the server and as server to the client.

Question 42

Q

Media Access Control (MAC)

Answer

A

The 48-bit hex number assigned to all network cards. The first 24 bits are assigned to the card manufacturer with the send being a unique value (address) for that card.

Question 43

Q

Microsegmented Networks, Microsegmentation

Answer

A

Part of a zero trust strategy that breaks LANs into small, highly localized zones using firewalls or similar technologies. At the limit, this places a firewall at every connection point.

Question 44

Q

Modem

Answer

A

Provides modulation and demodulation of binary data into analog signals for transmission through telephone, cable, fiber, or other signaling systems.

Question 45

Q

Multiprotocol Label Switching (MPLS)

Answer

A

A WAN protocol that operates at both Layer 2 and Layer 3 and does label switching.

Question 46

Q

Network Function Virtualization (NFV)

Answer

A

Alternately referred to as virtual network function. The objective of NFV is to decouple functions, such as firewall management, intrusion detection, NAT, and name service resolution, away from specific hardware implementation and move them into software solutions. NFV’s focus is to optimize distinct network services.

Question 47

Q

Network Management

Answer

A

Monitors network performance and identifies attacks and failures. Mechanisms include components that enable network administrators to monitor and restrict resource access.

Question 48

Q

North-South Network Data Flow (or Traffic)

Answer

A

Data flowing either from the organization to external destinations (northbound) or into the organization from external sources (southbound). 2. In SDN terms, data flowing up (northbound) or down (southbound) the stack of data/control/applications planes.

Question 49

Q

Open Shortest Path First (OSPF)

Answer

A

An interior gateway routing protocol developed for IP networks based on the shortest path first or link-state algorithm.

Question 50

Q

OSI Layer 1

Answer

A

Physical Layer. converts a frame into bits for transmission over the physical connection medium.

Question 51

Q

OSI Layer 2

Answer

A

Data Link Layer. It is the layer where media access control (MAC) addresses reside and frames are transmitted

Question 52

Q

OSI Layer 3

Answer

A

Network Layer. h is responsible for logical addressing and translating logical names into physical addresses. This layer also controls the routing of data from source to destination as well as the building and dismantling of packets.

IP Addresses

Question 53

Q

OSI Layer 4

Answer

A

Transport Layer. It’s responsible for checking that data packets created in the Session layer are received error- free. If necessary, it also changes the length of messages for transport up or down the remaining layers

TCP, UDP, TLS

Question 54

Q

OSI Layer 5

Answer

A

Session Layer. It determines how two computers establish, use, and end a session. Security authentication and network- naming functions required for applications occur here.

Question 55

Q

OSI Layer 6

Answer

A

Presentation Layer. is responsible for formatting data exchange, such as graphic commands, and converting character sets.

it presents data

Question 56

Q

OSI Layer 7

Answer

A

Application Layer.

This layer deals with how applications access the network and describes application functionality, such as file transfers, messaging, and so on

Question 57

Q

Packet

Answer

A

Representation of data at Layer 3 of the OSI 7-Layer Model.

Question 58

Q

Packet Loss

Answer

A

Degradation of VoIP or other streaming data caused by lost packets. A technique called packet loss concealment (PLC) is used in VoIP communications to mask the effect of dropped packets.

Question 59

Q

Packet-Switched Networks

Answer

A

Networks that do not use a dedicated connection betweenendpoints.

Question 60

Q

Peering

Answer

A

A voluntary interconnection of administratively separate networks to exchange traffic.

Question 61

Q

Point-to-Point Protocol (PPP)

Answer

A

Provides a standard method for transporting multiprotocol datagrams over point-to-point links.

Question 62

Q

Port Address Translation (PAT)

Answer

A

An extension to network address translation (NAT) to translate all addresses to one routable IP address and translate the source port number in the packet to a unique value.

Question 63

Q

Quality of Service (QoS)

Answer

A

Refers to the capability of a network to provide better service to selected network traffic over various technologies, including frame relay, ATM, Ethernet and 802.1 networks, SONET, and IP-routed networks that may use any or all these underlying technologies.

Question 64

Q

Registered Ports

Answer

A

Ports 1024–49151. These ports typically accompany nonsystem applications associated with vendors and developers.

Answer 65

A

A protocol that enables one system to execute instructions on other hosts across a network infrastructure.

Answer 66

A

Hardware-based mechanisms that guarantee the integrity of the hardware prior to loading the OS of a computer.

Answer 67

A

Data representation (or datagram name) at Layer 4 of the OSI 7-Layer Model. 2. A portion of a larger network, usually isolated by firewalls or routers at either end from other portions of the network. See also Microsegmented Networks, Microsegmentation.

Answer 68

A

An IP protocol for collecting and organizing information about managed devices on IP networks. It can be used to determine the “health” of networking devices including routers, switches, servers, workstations, printers, and modem racks.

Answer 69

A

ICMP echo request sent to the network broadcast address of a spoofed victim causing all nodes to respond to the victim with an echo reply.

Answer 70

A

Any of a broad range of techniques that enable network management, routing, forwarding, and control functions to be directed by software. This is generally done by abstracting the control and management planes from the data plane and its forwarding functions.

Answer 71

A

An extension of the SDN practices to connect to entities spread across the internet to support WAN architecture especially related to cloud migration.

Answer 72

A

A command-line protocol designed to give command-line access from one host to another.

Answer 73

A

The major transport protocol in the internet suite of protocols that provides reliable, connection- oriented, full-duplex streams.

Answer 74

A

The name of the IETF’s four-layer networking model, and its protocol stack.

Answer 75

A

Internetworking protocol model created by the IETF, which specifies four layers of functionality: link layer (physical communications), internet layer (network-to- network communication), transport layer (basic channels for connections and connectionless exchange of data between hosts), and application layer, where other protocols and user applications programs make use of network services.

Answer 76

A

A tamper-resistant integrated circuit built into some computer motherboards that can perform cryptographic operations (including key generation) and protect small amounts of sensitive information, such as passwords and cryptographic keys.

Answer 77

A

Network in which physical layer interconnections are done using radio, light, or other means not confined to wires, cables, or fibers. Devices on unbound networks may or may not be mobile. See also Bound Networks.

Answer 78

A

Allow network administrators to use switches to create software-based LAN segments that can be defined based on factors other than physical location.

Answer 79

A

A set of technologies that enables voice to be sent over a packet network.

Answer 80

A

A software-based firewall, which monitors and filters exchanges between an applications program and a host. WAFs usually involve inspection and filtering of HTTP and HTTPS conversations.

Answer 81

A

Primarily associated with computer networking, Wi-Fi uses the IEEE 802.11x specification to create a wireless LAN either public or private.

Answer 82

A

A well-known example of wireless broadband. WiMAX can potentially deliver data rates of more than 30 Mbps.

Answer 83

A

Replaces trust, but verify as security design principle by asserting that all activities attempted, by all users or entities, must be subject to control, authentication, authorization, and management at the most granular level possible. NIST and others have proposed zero trust architectures as guidance frameworks for organizations to use as they combine microsegmentation, access control, behavior modeling, and threat intelligence (among other techniques) in moving toward a zero trust implementation.

Answer 84

A

A standardized reference model defined by ISO to categorize the process of communication between computers in terms of seven layers.

Answer 85

A

The process of stripping a layer’s header and footer from a protocol data unit (PDU) as it travels up the OSI model layers.

Answer 86

A

The act of enclosing or encasing one item inside another. Commonly used to describe tunneling, in which one protocol is enclosed in another or, in the context of the Open Systems Interconnection (OSI) model, each layer’s content is encapsulated as the payload in the next- lower layer and a header is added. The inverse of encapsulation is de- encapsulation.

Answer 87

A

Within the OSI model, the information removed by each layer contains instructions, checksums, and so on that can be understood only by the peer layer that originally added or created the information.

Answer 88

A

The name of the network container at OSI layers 7, 6, and 5 (Application, Presentation, and Session).

Goes on to segments/datagrams, packets, frames, bits in lower layers

Answer 89

A

A physical device that listens in on (sniffs) network traffic and looks for items it can make sense of. There is a legitimate purpose for these devices: administrators use them to analyze traffic. However, when they’re used by sources other than the administrator, they become security risks. Aka protocol analyzer, network evaluator, network analyzer, traffic monitor, or packet capturing utility.

Answer 90

A

A protocol that functions at the Application layer of the OSI model, providing terminal- emulation capabilities. Telnet has been deprecated in favor of Secure Shell (SSH)

Answer 91

A

A protocol similar to FTP that doesn’t provide the security or error- checking features of FTP. This is a network application that supports an exchange of files that does not require authentication. Used to host network device configuration files and can support multicasting. TFTP should not be used since it operates in cleartext. See File Transfer Protocol (FTP).

Answer 92

A

A protocol used over TCP/IP that permits the transferring of files between computer systems. Because FTP has been implemented on numerous types of computer systems, files can be transferred between disparate systems (for example, a personal computer and a minicomputer).

Answer 93

A

The primary protocol used to transfer or send email messages from clients to servers and from server to server.

Answer 94

A

The management protocol created for sending information about the health of the network to network management consoles.

Answer 95

A

A protocol used to transfer email messages from an email server to an email client. Allows for messages to be saved or archived on the email server rather than the client (as is the limitation with Post Office Protocol [POP]).

Answer 96

A

An email access program that can be used to retrieve email from an email server. POP results in archiving messages only on the client; they are fully removed from the server. See Internet Message Access Protocol (IMAP).

Answer 97

A

A protocol used to assign TCP/IP configuration settings to systems upon bootup, including TCP/IP addresses, default gateways, subnet masks, and DNS configurations. DHCP uses UDP port 67 for server point- to- point response and port 68 for client request broadcast. DHCP supports centralized control and management of network addressing.

Answer 98

A

The protocol used to transmit web page elements from a web server to web browsers (over the well- known service TCP/UDP port address 80).

Answer 99

A

The encrypted form of HTTP that currently uses TLS (previously used SSL) and mostly operates over TCP port 443.

Answer 100

A

This is a network service that is used to spool print jobs and send print jobs to printers. port 515

Answer 101

A

A GUI API for command- line operating systems. Port 6000-6063

Answer 102

A

A protocol that enables users to access files on remote computers as if the files were local. TCP Port 2049

Answer 103

A

A connectionless protocol located at layer 4 of the OSI model.

Answer 104

A

Describes communications between two hosts that have a previous session established for synchronizing sent data. The receiving system acknowledges the data. This method allows for guaranteed delivery of data between systems. Within the Transmission Control Protocol/Internet Protocol (TCP/IP) protocol suite, TCP is used for connection- oriented communication. A connection- oriented protocol such as TCP provides increased reliability but has more overhead and is therefore slower.

Answer 105

A

Describes communications between two hosts that have no previous session established for synchronizing sent data. The data isn’t acknowledged at the receiving end. This method can allow data loss. Within the Transmission Control Protocol/Internet Protocol (TCP/IP) protocol suite, User Datagram Protocol (UDP) is used for connectionless communication. The advantage of a connectionless protocol such as UDP is increased speed; however, this comes with less reliability.

Answer 106

A

The human- friendly name of a system or resource that is associated with an IP address. An FQDN is composed of a hostname or subdomain, a registered domain name, and a top- level domain (TLD) name.

Answer 107

A

A security improvement to the existing Domain Name System (DNS) infrastructure. The primary function of DNSSEC is to provide reliable authentication between devices during DNS operations. Each DNS server is issued a digital certificate, which is then used to perform mutual certificate authentication.

Answer 108

A

The act of falsifying the Domain Name System (DNS) information used by a client to reach a desired system. Usually employed by planting false information into a zone file, caching DNS system, or a HOSTS file. Often the malicious site looks exactly like the site the user intended to visit and can be difficult to identify.

Answer 109

A

A false DNS server that can listen in on network traffic for any DNS query or specific DNS queries related to a target site. Then the rogue DNS server sends a DNS response to the client with false IP information. Once the client receives the response from the rogue DNS server, the client closes the DNS query session, which causes the response from the real DNS server to be dropped and ignored as an out- of- session packet.

Answer 110

A

An attack against a caching DNS server where false data is injected. This can potentially occur without notice for a significant period of time.

Answer 111

A

The malicious redirection of a valid website’s URL or IP address to a fake website that hosts a false version of the original valid site.

Answer 112

A

A type of attack that occurs when the hacker is able to eavesdrop on a client’s query to a DNS server. The attacker then sends back a reply with false information. In order for this to be successful, the false reply must include the correct query ID (QID) cloned from the query.

Answer 113

A

Attacks that could modify the local system proxy configuration, the configuration script, or the routing table to redirect communications to a false proxy. This method works only against web communications (or other services or protocols that use a proxy). A rogue proxy server can modify traffic packets to reroute requests to whatever site the hacker wants.

Answer 114

A

Deploying a DNS server for public use and a separate DNS server for internal use. All data in the zone file on the public DNS server is accessible by the public via queries or probing. Aka split- horizon DNS, split- view DNS, and split- brain DNS.

Answer 115

A

Systems that provide false responses to DNS queries from malware, such as bots. This technique is effectively DNS spoofing. It can be used for both malicious and benign/investigative/defensive purposes. This is a specific example of a false telemetry system. Aka sinkhole server, internet sinkhole, and blackhole DNS.

Answer 116

A

The malicious action of changing the registration of a domain name without the authorization of the valid owner. This may be accomplished by stealing the owner’s logon credentials; using XSRF, session hijacking, or MitM; or exploiting a flaw in the domain registrar’s systems.

Answer 117

A

A DNS attack that leverages the similarities in character sets to register phony international domain names (IDNs) that to the naked eye appear legitimate.

Answer 118

A

1-126 first octet

Answer 119

A

128-191 First Octet

Answer 120

A

192-223 First Octet

Answer 121

A

224-239 first Octet

Answer 122

A

240-255 First Octet

Answer 123

A

A means to reference the local machine, often used in testing for network faults. Often the IPv4 address of 127.0.0.1 is used, but the entire Class A range of 127 was set aside to be used for this purpose. In IPv6, the loopback address is ::/128. The loopback address is used to create a software interface that connects to itself via TCP/IP. The loopback address is handled by software alone. It permits testing of the TCP/IP protocol stack even if network interfaces or their device drivers are missing or damaged.

Answer 124

A

255.0.0.0 /8

Answer 125

A

255.255.0.0 /16

Answer 126

A

255.255.255.0 /24

Answer 127

A

CIDR provides for a subnet masking notation
that uses mask bit counts rather than a full dotted-decimal notation subnet mask. Thus, instead of 255.255.0.0, a CIDR notation is added to the IP address after a slash, as in
172.16.1.1/16, for example.

Answer 128

A

A message and management protocol for
TCP/IP. The ping utility uses ICMP. See also ping and Transmission Control Protocol/Internet
Protocol (TCP/IP).

Answer 129

A

A protocol used for multicasting operations across the Internet.

Answer 130

A

An attack where an attacker inserts bogus
information into the ARP cache (the local memory store of discovered IP to MAC relationships). Aka ARP spoofing.

Answer 131

A

A gratuitous Address Resolution Protocol (ARP) broadcast may be sent
as an announcement of a node’s existence, to update an ARP mapping due to a change in IP
address or MAC address, or when redundant devices are in use that share an IP address and
may also share the same MAC address (regularly occurring gratuitous ARP announcements
help to ensure reliable failover). This occurs when a system announces its MAC-to-IP mapping without being prompted by an ARP query. Aka unsolicited ARP.

Answer 132

A

A ticket-based authentication mechanism that employs a trusted third party to
provide identification and authentication. Typically used in private LANs as an SSO solution.

Answer 133

A

The standard of IP security extensions used as an addon for IPv4 and integrated into IPv6. IPsec provides encrypted communication tunnels between individual systems or entire networks. See Authentication Header (AH), Encapsulating
Security Payload (ESP), Internet Key Exchange (IKE), and Internet Security Association and
Key Management Protocol (ISAKMP).

Answer 134

A

An authentication service. S-RPC is a means to
prevent unauthorized execution of code on remote systems.

Answer 135

A

Based on SSL technology, TLS incorporated many security enhancements and was eventually adopted as a replacement for SSL in most applications. Early versions of TLS supported downgrading communications to SSL v3.0 when both parties did not support TLS. However, in 2011, TLS v1.2 dropped this backward compatibility. TLS uses TCP port 443.

Answer 136

A

The merging of specialty or proprietary protocols with standard protocols, such as those from the TCP/IP suite. Some common examples of converged protocols
are FCoE, MPLS, iSCSI, and VoIP

Answer 137

A

A secondary network (distinct from the primary communications network) used to consolidate and manage various storage devices.

Answer 138

A

A means to encapsulate Fibre Channel communications over Ethernet networks. FCoE typically requires 10 Gbps Ethernet to support the Fibre Channel protocol.

Answer 139

A

An alternate implementation of Fibre Channel signaling that
no longer requires any specific network speed and operates over standard Ethernet cables.
It is the SAN equivalent of VoIP.

Answer 140

A

A high-throughput, high-performance network
technology that directs data across a network based on short path labels rather than longer
network addresses.

Answer 141

A

A common protocol of VoIP that supports the
transmission of the data packets of the conversation. See Secure Real-time Transport Protocol (SRTP).

Answer 142

A

A security improvement over
the Real-time Transport Protocol (RTP) that is used in many Voice over IP (VoIP) communications. SRTP aims to minimize the risk of VoIP DoS through robust encryption and reliable
authentication.

Answer 143

A

A unique approach to network operation, design,
and management. The concept is based on the theory that the complexities of a traditional network with on-device configuration (i.e., routers and switches) often force an organization to
stick with a single device vendor and limit the flexibility of the network to changing physical
and business conditions. SDN aims at separating the infrastructure layer (i.e., hardware and
hardware-based settings) from the control layer (i.e., network services of data transmission
management). SDN offers a new network design that is directly programmable from a central
location, is flexible, is vendor neutral, and is based on open standards. See Network Functions
Virtualization (NFV). Aka virtualized network, virtual network, and network virtualization.

Answer 144

A

Another derivative of SDN. SDS is a SDN version of a SAN or NAS. SDS is storage management and provisioning solution that is policy driven and is independent of the actual underlying storage hardware. It is effectively virtual storage.

Answer 145

A

A peer-to-peer 802.11 wireless network connection between two
(or more) individual systems without the need for a wireless base station. Ad hoc does not
support encryption. An updated version is known as Wi-Fi Direct. See also peer-to-peer mode
and Wi-Fi Direct.

Answer 146

A

The name for the wireless topology of ad hoc or peer-to-peer connections.
It is a means for wireless devices to connect directly to each other without the need for an
intermediary mbase station.

Answer 147

A

The name of a wireless network when a wireless
base station or wireless access point (WAP) is used (that is, infrastructure mode).

Answer 148

A

A configuration of an 802.11 wireless network in which a wireless
access point (WAP) is used to support connections of wireless clients for communication with
each other as well as to an attached wired network.

Answer 149

A

A wireless network that uses a wireless access point
to connect wireless clients together but does not offer any access to a wired network. Aka
stand-alone mode infrastructure.

Answer 150

A

A wireless network configuration where the wireless access point
acts as a connection point to link the wireless clients to the wired network. Aka wired
extension mode infrastructure.

Answer 151

A

An arrangement in which multiple wireless
access points (WAPs) are used to support a single wireless network over a larger geographic
area than could be supported by a single wireless access point and connect a large physical
area to the same wired network.

Answer 152

A

A base station that is a fully managed wireless system, which operates as a
standalone wireless solution

Answer 153

A

A form of wireless access point deployment
that is used to link two wired networks together over a wireless bridged connection.

Answer 154

A

A WAP that is little more than a wireless transmitter/receiver, which
must be managed from a separate external centralized management console called a wireless
controller.

Answer 155

A

A separate external centralized management console used to control
thin access points.

Answer 156

A

The name of a wireless network when in ad hoc or
peer-to-peer mode (that is, when a base station or wireless access point isn’t used).

Answer 157

A

A type of wireless network packet that broadcasts the presence of the
wireless network. This management frame contains various information such as the Service
Set Identifier (SSID), beacon interval, time stamp, and so on.

Answer 158

A

The SSID used by Wi-Fi Direct and ad hoc
mode networks.

Answer 159

A

Subdivisions of wireless frequencies. Aka wireless channels.

Answer 160

A

An area within a physical environment where a wireless device can connect to
a wireless access point (WAP).

Answer 161

A

(1) A mapping of wireless signal strength measurements over a building’s blueprint. A site survey often produces a heat map. (2) See risk matrix.

Answer 162

A

A formal assessment of wireless signal strength, quality, and interference
using an RF signal detector. A site survey is performed by placing a wireless base station in
a desired location and then collecting signal measurements from throughout the area. A site
survey often produces a heat map.

Answer 163

A

A connection scheme for wireless networks where no
real authentication is required; as long as a radio signal can be transmitted between the client
and WAP, communications are allowed. An open Wi-Fi network with no authentication and
no encryption.

Answer 164

A

One of the original authentication options of 802.11 in
relation to WEP. A fixed value, similar to a password, is used to authenticate as well as
encrypt the session.

Answer 165

A

A security solution designed as the replacement
for Wired Equivalent Privacy (WEP) without requiring replacement of legacy wireless
hardware. TKIP was implemented in 802.11 wireless networking under the name Wi-Fi Protected Access (WPA). TKIP and WPA were officially replaced by WPA2 in 2004.

Answer 166

A

An early alternative to WEP was Wi-Fi Protected
Access (WPA), which was based on a secret passphrase and employed the LEAP and TKIP
cryptosystems. WPA uses the RC4 algorithm and employs the Temporal Key Integrity
Protocol (TKIP) or the Cisco alternative Lightweight Extensible Authentication Protocol
(LEAP). However, it is no longer secure enough to use. It is attackable through passphrase
guessing and encryption key compromise/discovery. WPA can be deployed using authentication in personal mode with a preshared key authentication or in enterprise mode using
802.1X to use existing network authentication.

Answer 167

A

A revision of WPA that upgraded the encryption to an
Advanced Encryption Standard (AES) variant known as Counter Mode with Cipher Block
Chaining Message Authentication Code Protocol (CCMP). WPA2 supports two authentication options: preshared key (PSK) or personal (PER) and IEEE 802.1X or enterprise (ENT).
Aka IEEE 802.11i.

Answer 168

A

The replacement or upgrade of wireless authentication and encryption of WPA2. WPA3-ENT uses 192-bit AES CCMP encryption. WPA3-PER
replaces the preshared key authentication with Simultaneous Authentication of Equals
(SAE). WPA3 also implements IEEE 802.11w-2009 management frame protection so that a
majority of network management operations have confidentiality, integrity, authentication of
source, and replay protection.

Answer 169

A

A wireless technology intended to simplify the effort
involved in adding new clients to a secured wireless network. It operates by autoconnecting
the first new wireless client to seek the network once WPS is triggered. WPS can be initiated
by a button on the WAP or a code or PIN that can be sent to the base station remotely. This
can allow for a brute-force guessing attack to discover the WPS code in less than six hours.

Answer 170

A

A Cisco proprietary alternative
to the Temporal Key Integrity Protocol (TKIP) for Wi-Fi Protected Access (WPA). This was
developed to address deficiencies in TKIP before the 802.11i/WPA2 system was ratified as a
standard. LEAP is now a legacy solution to be avoided.

Answer 171

A

An authentication option of WPA3 that
uses a password, but it no longer encrypts and sends that password across the connection.
Instead, SAE performs a zero-knowledge proof process known as Dragonfly Key Exchange,
which is itself a derivative of Diffie–Hellman. The process uses a preset password and the
MAC addresses of the client and AP to perform authentication and session key exchange.

Answer 172

A

An authentication expansion system in which
new or custom mechanisms to perform authentication can be added to existing systems.

Answer 173

A

A protocol tool that encapsulates
EAP methods within a Transport Layer Security (TLS) tunnel that provides authentication
and potentially encryption

Answer 174

A

A list of authorized wireless client interface media access control
(MAC) addresses that is used by a wireless access point (WAP) to block access to all nonauthorized devices. See MAC limiting.

Answer 175

A

A wireless or radio wave communication process that employs all the available frequencies simultaneously in parallel.

Answer 176

A

An early implementation of the spread
spectrum concept. This wireless access technology transmits data in a series while constantly
changing the frequency in use.

Answer 177

A

Communication that occurs over multiple frequencies at the same time.

Answer 178

A

A wireless technology that
employs a digital multicarrier modulation scheme that allows for a more tightly compacted
transmission. It is a variation on frequency multiplexing that employs a digital multicarrier
modulation scheme that allows for a more tightly compacted transmission.

Answer 179

A

The process of sending messages to Bluetooth-capable devices without the permission of the owner/user.

Answer 180

A

A denial-of-service (DoS) attack against a Bluetooth device.

Answer 181

A

An attack that allows hackers to connect with your Bluetooth devices
without your knowledge and extract information from them. This form of attack can offer
attackers access to your contact lists, your data, and even your conversations.

Answer 182

A

Eavesdropping or packet-capturing Bluetooth communications.

Answer 183

A

A 2.4 GHz wireless protocol used to pair devices together to
support communications and control.

Answer 184

A

A low-power consumption
derivative of standard Bluetooth. BLE was designed for Internet of Things, edge/fog devices,
mobile equipment, medical devices, and fitness trackers. It uses less power while maintaining a similar transmission range to that of standard Bluetooth. Standard Bluetooth and BLE are
not compatible, but they can coexist on the same device.

Answer 185

A

An attack that grants hackers remote control over the hardware and software
features and functions of a Bluetooth device. This could include the ability to turn on the
microphone to use the phone as an audio bug

Answer 186

A

A standard that establishes radio communications between devices in close proximity. It lets you perform a type of automatic synchronization and
association between devices by touching them together or bringing them within inches of
each other. NFC is a derivative technology from RFID and is itself a form of field-powered or
field-triggered device

Answer 187

A

A tracking technology based on the ability to power
a radio transmitter using current generated in an antenna when placed in a magnetic field.
RFID can be triggered/powered and read from a considerable distance away (often hundreds of meters). Each RFID tag includes a unique identifier so that when a nearby antenna/
transceiver activates the tag, it transmits that identifier back to the antenna, where that value
is recorded or used to trigger some kind of action. RFID devices may also be used to track
individuals (carrying tags), equipment (bearing tags), and so forth, within the premises of an
enterprise for security monitoring.

Answer 188

A

The act of searching for wireless networks using any of a variety of wirelessdetection tools, from handheld scanners to notebook computers. Originally named after the
method of driving around office buildings looking for open access points.

Answer 189

A

An attack in which a hacker operates a false wireless access point (WAP) that will
automatically clone, or twin, the identity of another access point based on a client device’s
automatic request to reconnect to a known wireless network from its connection history. See
rogue access point.

Answer 190

A

One of the many types of wireless management frames. An attack can send
repeated disassociation frames to a client to prevent reassociation, thus causing a denial of
service (DoS).

Answer 191

A

A technology for wireless communications using light. It is used to
transmit both data and position information between devices. It uses visible light, infrared,
and the ultraviolet light spectrums to support digital transmissions. It has a theoretical transmission rate of 100 Gbps. LiFi has the potential to be used in areas where interference to
electromagnetic radiation would be a problem for radio wave–based solutions. Although
direct line of sight between devices provides optimum throughput, signals can be transmitted
off reflective surfaces in order to maintain at least some level of data transmission.

Answer 192

A

A means of audio and data transmission using satellites orbiting in near-earth orbit.

Answer 193

A

Satellites can be positioned in three primary orbits: low Earth
orbit (LEO), 160–2,000 km, medium Earth orbit (MEO), 2,000–35,786 km, and geostationary orbit (GEO), 35,786 km. GEO satellites appear motionless in the sky as they are
rotating around the earth at the same angular velocity as the earth rotates. Thus, GEO satellites maintain a fixed position above a terrestrial location. GEO satellites have a larger
transmission footprint than MEO satellites but also a higher latency. But GEO satellites do
not require that a ground station track the movement of the satellite across the sky as is
necessary with LEO and MEO satellites, so GEO ground stations can use fixed antennas. See
low Earth orbit (LEO) and medium Earth orbit (MEO).

Answer 194

A

A type of radio wave communication that is widely
used by SCADA systems to communicate over a distance or geographic space where cables or
traditional wireless are ineffective or inappropriate.

Answer 195

A

An IoT equipment communication’s concept that is based on Bluetooth. Zigbee has
low power consumption, has a low throughput rate, and requires close proximity of devices.

Answer 196

A

A collection of resource
services deployed in numerous data centers across the internet in order to provide low
latency, high performance, and high availability of the hosted content. CDNs provide the
desired multimedia performance quality demanded by customers through the concept of
distributed data hosts. Rather than having media content stored in a single central location
to be transmitted to all parts of the internet, the media is distributed to numerous geographically distributed prestaging internet locations that are closer to groups of customers.

Answer 197

A

A privately controlled network segment or subnet that functions as a screened
subnet for business-to-business transactions. It allows an organization to offer specialized services to a limited number of specific outsiders but not the entire public, such as
business partners, suppliers, distributors, or high-end customers. Often access into an extranet from the internet requires a virtual private network (VPN) connection. Extranets are
often used in business-to-business (B2B) applications, between customers and suppliers. See
screened subnet.

Answer 198

A

A method of placing web and other servers that serve the general public
outside the firewall and, therefore, isolating them from internal network access. These servers
should be hardened and trust relationships limited to prevent transitive trust attacks. Placing
virtualized servers inside the screened subnet is considered a bad security practice for similar
reasons, even though virtualization security has improved significantly in the last few years.
Previously known as DMZ. See extranet.

Answer 199

A

A network device used to amplify signals on network cabling to allow for longer
distances between nodes. Aka a concentrator or amplifier.

Answer 200

A

A network device used to connect multiple systems together in a star topology.
Hubs repeat inbound traffic over all outbound ports. Hubs are a legacy networking device
that you are unlikely to find in standard networks today.

Answer 201

A

(1) A traditional landline modem (modulator-demodulator) is a communications
device that covers or modulates between an analog carrier signal and digital information in
order to support computer communications of PSTN (public switched telephone network)
lines. (2) With the advancement of digital broadband communication technologies, the term
modem is now often used to refer to the intermediary device between business or personal
equipment and the broadband network (typically internet) carrier or service (such as DSL,
cable, cellular/wireless/mobile, Wi-Fi, ISDN, etc.), even when modulation and demodulation
are not actually taking place.

Answer 202

A

A network device used to connect networks with different speeds, cable types, or
topologies that still use the same protocol. A bridge is a layer 2 device.

Answer 203

A

A layer 2 network device that tracks the media access control (MAC) addresses
of the systems connected on each port. Instead of repeating traffic on every outbound port,
a switch repeats only traffic out of the port on which the destination is known to exist.
Switches offer greater efficiency for traffic delivery, create separate broadcast and collision
domains, and improve the overall throughput of data.

Answer 204

A

A network device used to control traffic flow on networks. A router determines the
best path for data packets from source to destination. Routers are often used to connect similar networks together and control traffic flow between them. They can function using statically defined routing tables or employ a dynamic routing system.

Answer 205

A

A remote access, multilayer switch used to connect distant networks over
WAN links. This is a strange beast of a device in that it creates WANs, but marketers of this
device steer clear of the term WAN and use only the terms LAN and extended LAN. The
idea behind this device was to make the terminology easier to understand and thus make the
device easier to sell than a more conventional WAN device grounded in complex concepts
and terms.

Answer 206

A

A remote access system deployed to make accessing a specific system or
network easier or more secure. A jump server is often deployed in extranets, DMZs, or cloud networks where a standard direct link or private channel is not available or is not considered safe.

Answer 207

A

A hardware or software tool used to monitor digital or physical activities or events
to record information or at least take notice of an occurrence. A sensor may monitor network activity, heat, humidity, wind movement, doors and windows opening, the movement
of data, the types of protocols in use on a network, when a user logs in, any activity against
sensitive servers, and much more. A sensor collects information and then transits it back to a
central system for storage and analysis. Sensors are common elements of fog computing, ICS,
IoT, IDS/IPS, and SIEM/security orchestration, automation, and response (SOAR) solutions.
See collector.

Answer 208

A

Any system that gathers data into a log or record file.
A collector is similar to the functions of auditing, logging, and monitoring. A collector watches
for a specific activity, event, or traffic, and then records the information into a record file.
See sensor.

Answer 209

A

A type of multiplexor. Numerous inputs are received and directed or transmitted to a single destination. MPLS is an example of an aggregator.

Answer 210

A

A concept of controlling access to an environment through
strict adherence to and implementation of security policy. The goals of NAC are to prevent/
reduce zero-day attacks, enforce security policy throughout the network, and use identities to
perform access control.

Answer 211

A

A firewall that filters traffic by examining data from a message header. Usually, the rules are concerned with source, destination, and port addresses.
Aka screening router.

Answer 212

A

A firewall that operates at OSI layer
7, the Application layer, where it filters traffic for a specific application or service, such as a
web proxy. Aka application-level gateway.

Answer 213

A

A firewall that filters traffic around a circuit (i.e., communication
session or connection) rather than around only a specific application or protocol. Typically,
a circuit-level gateway functions at layer 4 or 5 of the Open Systems Interconnection (OSI)
model. Aka circuit-level gateway, circuit-level gateway firewall, and circuit proxies.

Answer 214

A

A firewall that evaluates the state or the context of network
traffic. By examining source and destination addresses, application usage, source of origin,
and relationship between current packets with the previous packets of the same session,
stateful inspection firewalls are able to grant a broader range of access for authorized users
and activities and actively watch for and block unauthorized users and activities. A type of
firewall that is aware that any valid outbound communication (especially related to Transmission Control Protocol [TCP]) will trigger a corresponding response or reply from the
external entity. Aka dynamic packet filtering firewall.

Answer 215

A

A unified threat management (UTM) device that is
based on a traditional firewall with numerous other integrated network and security services,
such as application filtering, deep packet inspection, intrusion prevention, TSL offloading
and/or inspection, domain name and website filtering, QoS, bandwidth management, antimalware, authentication services, and identity management. See unified threat management
(UTM) and multifunction device (MFD).

Answer 216

A

A firewall deployed between internal network segments or company divisions. Its purpose is to prevent the further spread of malicious code or
harmful protocols already within the private network. With an ISFW, network segments can
be created without resorting to air gaps, VLANs, or subnet divisions. An ISFW is commonly
used in microsegmentation architectures.

Answer 217

A

A mechanism that copies packets from one network into another. The
copy process also changes the source and destination address to protect the identity of the
internal or private network (i.e., NAT/PAT). Proxies may be transparent or nontransparent.
Proxies may cache static content to improve network throughput. Aka forward proxy, forwarding proxy, standard proxy, common proxy, or reverse proxy

Answer 218

A

A standard or common proxy that acts as an intermediary for queries of
external resources. A forward proxy handles queries from internal clients when accessing
outside services.

Answer 219

A

A proxy system that handles inbound requests from external systems to internally
located services. A reverse proxy is similar to the functions of port forwarding and static NAT.

Answer 220

A

A proxy that manages client traffic because the client is specifically
configured to send communications to the proxy.

Answer 221

A

The settings for a nontransparent proxy. PAC can be implemented with a script or via DHCP.

Answer 222

A

The security filtering function in which the contents of the application protocol payload are inspected.

Answer 223

A

A form of copper cable that is no longer in widespread use for networking
because it has been replaced by unshielded twisted pair (UTP), shielded twisted pair (STP),
fiber-optic cables, or wireless. Coaxial cable used for networking is known as 10Base2 and
10Base5. A cable with a center core of copper wire surrounded by a layer of insulation and
then by a conductive braided shielding and finally encased in an insulation sheath. Coaxial
cable is fairly resistant to electromagnetic interference (EMI), has a low cost, and is easy
to install.

Answer 224

A

A form of cable commonly used in network
applications. It’s named after its twisting of pairs of conductors within the cable itself. Standard networking cable has eight wires or four pairs. See also unshielded twisted pair (UTP)
or shielded twisted pair (STP) (if shielded). See 10BaseT.

Answer 225

A

A twisted-pair wire that includes a metal foil shielding
wrapper inside the outer sheath to provide additional protection from electromagnetic interference (EMI).

Answer 226

A

A twisted-pair wire that does not include additional
electromagnetic interference (EMI) protection. Most twisted-pair wiring is UTP.

Answer 227

A

Loss of signal strength over a distance of a copper cable or wireless transmission, caused by resistance and noise picked up from the environment. Attenuation is what
limits the maximum use length of a copper cable and is one factor that limits the distance
of wireless transmissions. Fiber-optic connections also experience attenuation in the form of
transmission loss (weaker light over greater distance).

Answer 228

A

The logical operation of a network. It defines the arrangement and organization of devices as well as the means used to communicate to and with each other. Aka
signal topology.

Answer 229

A

The physical layout and organization of computers and networking
devices. Aka physical topology.

Answer 230

A

A network structure that connects each system as points on a circle.

Answer 231

A

A network structure that connects each system to a trunk or backbone cable.
All systems on the bus can transmit data simultaneously, which can result in collisions.

Answer 232

A

A network structure that employs a centralized connection device. This
device can be a simple hub or switch. Each system is connected to the central hub by a dedicated segment.

Answer 233

A

A network structure that connects systems to other systems using
numerous paths or links. A full-mesh topology connects each system to all other systems on
the network. A partial-mesh topology connects many systems to many other systems. Mesh
topologies provide redundant connections to systems, allowing multiple segment failures
without seriously affecting connectivity.

Answer 234

A

A continuous signal that varies in frequency, amplitude, phase,
voltage, and so on. The variances in the continuous signal produce a wave shape (as opposed
to the square shape of a digital signal). The actual communication occurs by variances in the
constant signal.

Answer 235

A

Network transmissions that occur through the use of a discontinuous electrical signal and a state change (i.e., high and low voltages) or on-off pulses.

Answer 236

A

A means of data transfer that relies on a stop and start
delimiter bit to manage the transmission of data. Because of the use of delimiter bits and
the stop and start nature of its transmission, asynchronous communication is best suited
for smaller amounts of data. PSTN (public switched telephone network) modems are good
examples of asynchronous communication devices.

Answer 237

A

A form of communication in which the cable or communication media is able to support only a single transmission at a time.

Answer 238

A

A form of communication in which the cable or
communication medium is able to support multiple transmissions at one time.

Answer 239

A

A communications transmission to multiple but unidentified recipients.

Answer 240

A

A communications transmission to multiple identified recipients. Aka multicasting.

Answer 241

A

A communications transmission to a single identified recipient.

Answer 242

A

A LAN media access technology that does not
directly address collisions. If a collision occurs, the communication would not have been successful, and thus an acknowledgment would not be received. This causes the sending system
to retransmit the data and perform the CSMA process again.

Answer 243

A

A LAN media
access technology that attempts to avoid collisions by granting only a single permission to
communicate at any given time. This system requires designation of a primary system, which
responds to the requests and grants permission to send data transmissions.

Answer 244

A

A LAN media
access technology that responds to collisions by having each member of the collision domain
wait for a short but random period of time before starting the process over. Unfortunately,
allowing collisions to occur and then responding or reacting to collisions causes delays in
transmissions as well as a required repetition of transmissions. This results in about 40 percent loss in potential throughput.

Answer 245

A

A LAN media access technology that performs communications using a
digital token. Possession of the token allows a host to transmit data. Once its transmission is
complete, it releases the token to the next system. Token passing was used by ring topology–
based networks.

Answer 246

A

A LAN media access technology that performs communications using a primarysecondary configuration. One system is labeled as the primary system. All other systems
are labeled as secondary. The primary system polls or inquires of each secondary system in
turn whether they have a need to transmit data. If a secondary system indicates a need, it is
granted permission to transmit. Once its transmission is complete, the primary system moves
on to poll the next secondary system. Mainframes often supported polling.

Answer 247

A

A full-duplex line protocol that supersedes Serial Line Internet Protocol (SLIP), which was used over various non-LAN connections, such as modem
dial-up links.`

Answer 248

A

A legacy protocol that was used in early remote access
environments. SLIP was originally designed to connect Unix systems together in a
dial-up environment, and it only supports serial communications. Was replaced by PPP.

Answer 249

A

A protocol that challenges a system to verify its identity. CHAP is an
improvement over Password Authentication Protocol (PAP), in which one-way hashing is
incorporated into a multistep, nonrepeatable challenge-response handshake.

Answer 250

A

An insecure plaintext password-logon mechanism. A standardized authentication protocol for PPP. PAP transmits usernames and passwords in the clear.

Answer 251

A

An authentication expansion system in which
new or custom mechanisms to perform authentication can be added to existing systems.

Answer 252

A

(1) The physical control of all connection points, such as RJ-45 wall jacks
or device ports, so that no unauthorized user or devices can attempt to connect into an open
port. (2) The management of Transmission Control Protocol (TCP) and User Datagram Protocol (UDP) ports through the use of firewall, intrusion detection system (IDS), and intrusion
prevention system (IPS) tools. (3) The need to authenticate to a port before being allowed to
communicate through or across the port. This may be implemented on a switch, router, smart
patch panel, or even a wireless network. This concept is often referred to as IEEE 802.1X,
which is titled Port-Based Network Access Control. (4) Port knocking.

Answer 253

A

The oversight and management of the efficiency and performance
of network communications. Items to measure include throughput rate, bit rate, packet loss,
latency, jitter, transmission delay, and availability.

Answer 254

A

A virtual private network (VPN) configuration that allows a VPN-connected
system to access both the organizational network over the VPN as well as the internet
directly at the same time. The split tunnel thus grants a simultaneously open connection to
the internet as well as the organizational network. See full tunnel.

Answer 255

A

A virtual private network (VPN) configuration in which all of the client’s traffic
is sent to the organizational network over the VPN link, and then any internet-destined
traffic is routed out of the organizational network’s proxy or firewall interface to the internet. A full tunnel ensures that all traffic is filtered and managed by the organizational network’s security infrastructure. See split tunnel.

Answer 256

A

An enhancement of PPP that creates encrypted
tunnels between communication endpoints (i.e., virtual private networks [VPNs]). PPTP is
often replaced by L2TP.

Answer 257

A

A tunneling protocol that adds functionality to the
Point-to-Point Protocol (PPP). This protocol was created by Microsoft and Cisco and is often
used with virtual private networks (VPNs). A point-to-point tunneling protocol developed by
combining elements from PPTP and L2F. L2TP uses 802.1X for authentication. L2TP lacks a
built-in encryption scheme but typically relies on IPsec’s ESP as its encryption mechanism.

Brainscape's Knowledge GenomeTM

Domain 4: Communication and Network Security Flashcards

Brainscape's Knowledge Genome^TM