Exam Flashcards

Question

active FTP

Answer 1

client sends PORT command specifying chosen port and server opens data connection between that port and TCP port 20 on server

Answer 2

session on each RTP stream that monitors the quality of the connection and provides reports that the network stacks can use to tune QoS parameters

Answer 3

- session initiation protocol - end user devices such as IP-enabled handsets or client and server web conference software

Answer 4

TCP 1433 - allows clients to connect to database server over network and allow replication traffic to move between database servers

Answer 5

allows for secure connections to a print device and allows it to advertise service capabilities over the network, provides plug-and-play installation for Windows and iOS devices, and uses bidirectional status messaging.

Answer 6

- simple network time protocol - UDP 123 - host that supports SNTP cannot act as time source for other hosts

Answer 7

critical level

Answer 8

narrative commentary describing examples of attacks and the tactics, techniques, and procedures (TTPs) gathered through primary research sources.

Answer 9

consists of lists of IP addresses and domains associated with malicious behavior and signatures of known file-based malware

Answer 10

involves identifying critical systems and assets that support mission essential functions

Answer 11

hosts in perimeter and not fully trusted - proxy and web

Answer 12

- customer premises equipment - equipment owned, managed, and supported by the customer as it falls beyond the demarcation point.

Answer 13

- coarse wavelength division multiplexing - supports up to 16 wavelengths and typically deploys four or eight bidirectional channels over a single fiber strand.

Answer 14

- wavelength division multiplexing - a means of using a strand to transmit or receive more than one channel at a time.

Answer 15

- bidirectional - support, transmit, and receive signals over the same strand of fiber. This uses WDM to transmit the transmit (Tx) and receive (Rx) signals over slightly shifted wavelengths.

Answer 16

- dense wavelength division multiplexing - provisions a greater number of channels (20, 40, 80, or 160). This means that there is much less spacing between each channel and requires more precise and expensive lasers.

Answer 17

creates a patch cord that fixes a plug to a cable. The tools are specific to the type of connector and cable, although some have modular dies supporting a range of RJ-type plugs. Many crimpers also come with cable stripping capabilities.

Answer 18

terminates a group of connectors in one action.

Answer 19

terminates a fixed cable and fixes conductors into an IDC. There are different IDC formats (66, 110, BIX, and Krone) that require different blades.

Answer 20

Angled Physical Contacts (APCs) make for an even tighter connection and better return loss performance. APCs cannot mix with PC faces or UPCs

Answer 21

the cable and connector are polished to a higher standard than with PC. - ultra physical contact

Answer 22

faces of the connector and fiber tip are polished so that they curve slightly and fit together better, reducing return loss

Answer 23

special types of equipment rooms marking the point at which external cabling (located outside the plant) joins to the internal cabling (located on the premises).

Answer 24

reflects signals back into the waveguide as efficiently as possible so that the light signal travels along the waveguide by multiple internal reflections.

Answer 25

switches can connect together and operate as a group. The sysadmin can manage the switch stack as a single unit.

Answer 26

combines two or more separate cabled links into a single logical channel

Answer 27

- interior gateway routing - older routing protocol, which is classful. Classful routing protocols do not carry subnet masks.

Answer 28

dynamic routing protocol that supports classless addressing, required for both subnetting and supernetting. The Internet has shifted towards a hierarchical routing structure by reengineering classful schemes.

Answer 29

- enhanced interior gateway routing protocol - dynamic routing protocol that supports classless addressing, required for both subnetting and supernetting. Routers at the top of the hierarchy need to store only the high-level network prefixes.

Answer 30

- open shortest path first - dynamic routing protocol that supports classless addressing, required for both subnetting and supernetting.

Answer 31

a path vector type that is part of the Exterior Gateway Protocol (EGP) class and runs over Transmission Control Protocol (TCP) port 179.

Answer 32

support 10GBASE-T standard speeds at a distance of up to 180 ft. (55 m).

Answer 33

supports a maximum speed of 1 Gbps at a maximum distance of up to 328 ft (100 m) - 1000BASE-T

Answer 34

support 10GBASE-T standard speeds at a distance of up to 328 ft (100 m).

Answer 35

support speeds up to 40 Gbps up to 100 ft (30 m) - 40GBASE-T

Answer 36

early bayonet-style connector with a twist-and-push locking mechanism. ST was primarily used for multimode networks, however, it is no longer routinely utilized in Ethernet deployments.

Answer 37

a small-form-factor duplex connector with a snap-in design that is used in multimode networks.

Answer 38

small-form-factor connector with a push/pull tabbed design. The LC form factor is commonly used for Gigabit Ethernet and 10/40 GbE.

Answer 39

a push/pull connector that allows for easy insertion and removal. It may be utilized in either single-mode or multimode mode. It is frequently used in Gigabit Ethernet

Answer 40

the Simultaneous Authentication of Equals (SAE) protocol replaces the 4-way handshake, which has been found to be vulnerable to various attacks.

Answer 41

old protocol that is no longer safe to use, though it does not use the SAE protocol. WEP uses an outdated RC4 stream cipher to encrypt traffic.

Answer 42

designed to fix critical vulnerabilities in the earlier wired equivalent privacy (WEP) standard.

Answer 43

pre-shared key (PSK) authentication uses a passphrase to generate the key that is used to encrypt communications. It is also referred to as group authentication because a group of users share the same secret.

Answer 44

the time it takes for a transmission to reach the recipient, measured in milliseconds (ms)

Answer 45

a variation in the delay. Jitter manifests itself as an inconsistent rate of packet delivery.

Answer 46

SMTPS - establishes the secure connection before any SMTP commands (HELO, for instance) are exchanged. This is also referred to as implicit TLS and only represents encryption at the level of the transport layer.

Answer 47

command that upgrades an existing unsecure connection to TLS. This is also referred to as explicit TLS or opportunistic TLS and only represents encryption at the level of the transport layer.

Answer 48

last 64 digits

Answer 49

- appropriate for half-open scan - technique is faster as the scanning host sends a SYN packet to request a connection but does not complete the handshake. This method is typically used for stealthier scans, as it is less likely to be logged.

Answer 50

- complete three-way handshakes - more visible in logs, not half-open

Answer 51

a powered device that performs signal regeneration and can capture all packets.

Answer 52

an unpowered device that physically copies the signal from the cabling to a monitor port. The monitor port will receive every frame, however, signal regeneration is not performed.

Answer 53

also known as port mirroring or port monitoring, allows the capture of network data as it flows through a network switch. Corrupt frames are dropped.

Answer 54

The network makes decisions about how traffic should be prioritized and where it should be switched, which, in turn, keeps the network itself operational.

Answer 55

comprises traffic that allows remote administration and monitoring of network appliances, such as SSH, SNMP, NetFlow, and syslog. Management traffic is typically directed to the appliance's loopback address.

Answer 56

the amount of data loss that a system can sustain, measured in time units.

Answer 57

states the requirement for a business function. Downtime is calculated from the sum of scheduled service intervals (Agreed Service Time) plus unplanned outages over the period.

Answer 58

the period following a disaster that an individual IT system may remain offline

Answer 59

provides for protocol-specific inbound traffic. Reverse proxies can publish applications from the corporate network to the Internet in this way.

Answer 60

provides for protocol-specific outbound traffic. A multipurpose forward proxy is one configured with filters for multiple protocol types, such as HTTP, FTP, and SMTP.

Answer 61

the client must be configured with the proxy server address and port number to use it.

Answer 62

- AKA forced/intercepting - intercepts client traffic without the client having to be reconfigured. A transparent proxy must be implemented on a switch or router or other inline network appliance

Answer 63

allows bridges or switches to organize themselves into a hierarchy. Each switch determines the shortest path to the root bridge by exchanging information with other switches. STP information is packaged as bridge protocol data unit (BPDU) multicast frames

Answer 64

performs some of the functions on an IPv6 network that ARP and ICMP perform under IPv4, such as address autoconfiguration, redirection, prefix discovery, and local address resolution.

Answer 65

task of resolving an IP address to a hardware address.

Answer 66

carries all the VLAN-to-VLAN traffic that must be routed

Answer 67

- acts as an intermediary between the application requiring DNS resolution and a recursive DNS resolver. - function of a resolver is to perform recursive queries in response to requests from client systems

Answer 68

rely on authoritative DNS nameservers to tell them where to find certain domains.

Answer 69

a name server that manages the root zone of the Internet's Domain Name System. It directly responds to queries for root zone records and returns a list of authoritative name servers for the relevant top-level domain for all other requests.

Answer 70

client accesses the Internet directly using its "native" IP configuration and DNS servers

Answer 71

Internet access is mediated by the corporate network, which will alter the client's IP address and DNS servers and may use a proxy.

Answer 72

allows end-user devices, such as computers, printers, and smartphones to connect to the network.

Answer 73

offers fault-tolerant linkages between distinct access blocks and either the core or other distribution blocks.

Answer 74

provides a highly available network backbone. Routers or layer 3 switches in the core layer form a complete mesh topology with distribution layer switches

Answer 75

enables multiple hosts to share an IP address on the same network segment so that they can act as a default gateway.

Answer 76

allows the automatic assignment of IP routers to act as a default gateway on a single subnet.

Answer 77

allows multiple physical routers to serve as a single default gateway for a subnet, but it is a proprietary protocol developed by Cisco.

Answer 78

Data link layer

Answer 79

connects different networks and treats them as if they were one network

Answer 80

transfers data between nodes on the same logical segment - ARP tables located here - bridges

Answer 81

encapsulates onto a packet at the data link layer

Answer 82

provides logical addressing and packet forwarding between different networks - wraps TCP segment at network layer

Answer 83

version of GRE protocol that supports point-to-multipoint links, such as hub and spoke dynamic VPN

Answer 84

operates as overlay network to configure point-to-point or point-to-multipoint links between nodes

Answer 85

provisions virtual network appliances such as switches, routers, and firewalls

Answer 86

nodes receive the data transmitted all at the same time, regardless of physical wiring layout of the network

Answer 87

wireless adapter allows connections to and from other devices, AKA IBSS

Answer 88

describes placement of nodes and how they are connected by the network media

Answer 89

describes flow of data through the network regardless of its physical layout

Answer 90

dedicated T1 or DS1 digital signal circuit

Answer 91

or data center 10 GbE (unofficially referred to as 10GBASE-CR) and 40 GbE (40GBASE-CR4) interconnections of up to about 5 meters for passive cable types and 10 meters for active cable types

Answer 92

used when agent informs monitor of a notable event, such as port failure

Answer 93

used for software to query the agent for a single object identifier

Answer 94

unidirectional signal for point-to-point wireless bridge connections - common for outdoor use and long distances

Answer 95

parabolic or dome shaped antenna that is unidirectional - expensive

Answer 96

donut shaped - similar to round wireless routers businesses mount in office ceiling - not good for outdoors

Answer 97

- dome with rectangular feature with grid-like openings - expensive up-front and maintenance

Answer 98

ad hoc topology where the wireless adapter allows connections to and from other wireless devices

Answer 99

agent that informs the SNMP monitor of a notable event - sysadmin can set threshold for triggering traps for each value

Answer 100

frame that is larger than the max permissible size (1518 bytes)

Answer 101

frame smaller than minimum size (64 bytes for ethernet) - collision usually causes them

Answer 102

snapshot of a known good configuration and how a device operates at that known good configuration

Answer 103

measures whether an interface is working or not - configure link state of a given port on a switch or router to turn it on or off

Answer 104

packet analyzer that can measure network traffic statistics

Answer 105

total capacity to process network traffic

Answer 106

prelim or exploratory agreement to express an intent to work together

Answer 107

detailed diagram of wiring and port locations

Answer 108

records position of each appliance in the rack

Answer 109

shows detailed info about termination of twisted pairs in RJ-45 or RJ-48C jack or IDC

Answer 110

critical planning tool to ensure WLAN delivers acceptable data rates to supported number of devices in physical locations

Answer 111

intermediate distribution frames - provide termination for access layer switches that serve a given area - essential for distributing network connections from the MDF to specific locations or devices within a facility, ensuring comprehensive network access and efficiency in communication flow

Answer 112

- main distribution frame - location for distribution/core level internal switching - serves as location for termination of external WAN circuits

Answer 113

- total operational time divided by number of failures - KPI measuring expected lifetime of a product

Answer 114

mean time it takes to correct fault to point of restoration and recovery of network services - KPI

Answer 115

states requirement for a business function, used to measure level of high availability

Answer 116

- takes longer to setup - may be an empty building with a lease agreement in place to install whatever equipment the company requires when necessary

Answer 117

can failover almost immediately - site is already within organization's ownership and is ready to deploy

Answer 118

requirement that latest data set will need to be loaded

Answer 119

group of servers, each known as node, that provides redundancy and fault tolerance for critical applications

Answer 120

defines a PNAC mechanism, which means that the switch/router performs some sort of authentication of the attached device before activating the port

Answer 121

- port based network access control - switch/router performs type of authentication of attached device before activating port

Answer 122

authenticates admin access to routers and switches - TCP port 49

Answer 123

used in VPN implementation, manages remote and wireless authentication infrastructures

Answer 124

form of eavesdropping where attacker makes an independent connection between two victims and steals information to use fraudulently

Answer 125

sends a stream of spoofed de-auth frames to cause a client to deauthenticate from the AP

Answer 126

compromises name resolution, redirects users to fraudulent sites

Answer 127

attacker redirects IP address to MAC address of a computer that is not the intended recipient

Answer 128

practice of using wifi sniffer to detect WLANs and then either using unsecured ones or trying to break into them with WEP and WPA cracking tools

Answer 129

- distributed reflection denial of service - adversary spoofs the victim's IP address and attempts to open connections with servers which direct responses to the victim server, rapidly consuming bandwidth

Answer 130

attacker implements an amplification factor and dramatically increases the bandwidth sent to a victim during DDoS attack

Answer 131

malicious program or script set to run under particular circumstances

Answer 132

means of redirecting users from legitimate website to malicious one - corrupts the way the computer performs internet name resolution

Answer 133

ransomware that encrypts data files and user is unable to access files without obtaining the private encryption key

Answer 134

access point that can implement a similar port-security mechanism to switches - allows for device authentication using digital certificates

Answer 135

supports encryption of data logs as they travel over the network to a target system like an analytics server

Answer 136

applies an additional layer of segmentation by restricting the ability of hosts within a VLAN to communicate directly with one another

Answer 137

policy that is designed to mitigate the risk from route processor vulnerabilities

Answer 138

causes switch to inspect DHCP traffic arriving on access ports to ensure host is not trying to spoof its MAC address - can be. used to prevent rogue DHCP servers from operating on the network

Answer 139

allows access to the network when the network is down - can be used to remotely reboot devices

Answer 140

designed to connect an analog modem and provide remote access over a dial-up link

Answer 141

configuring virtual network interface and IP address on the device to use for management functions and connecting to it via one of the normal ethernet ports

Answer 142

used to secure communication between hosts on a private network

Answer 143

used for communication between VPN gateways across an unsecured network

Answer 144

allows internet access that is mediated by the corporate network that will alter client's IP address and DNS servers may use proxy

Answer 145

used to secure IPv4/6 communications on local networks and as remote access protocol

Answer 146

provides confidentiality, IA, used to encrypt packet rather than simply calculating a hash - attaches three fields to the packet, header, trailer, and integrity check

Answer 147

performs a cryptographic hash on the whole packet, including IP header

Answer 148

used to verify that a cable meets its specifications such as bandwidth and frequency

Answer 149

assist in inserting wires into patch panels or punch down blocks

Answer 150

connector used for diagnosing transmission problems on parallel and serial ports

Answer 151

happens when two conductors join, usually because insulating wire is damaged or poorly wired connector

Answer 152

joins two fiber optic cables together by performing a precise alignment between the two strands and then permanently joining them

Answer 153

creates a patch cord and fixes a plug to a cable - RJ-45 connector to an ethernet cable

Answer 154

locates breaks in fiber by sending light pulses down the cable and timing how long it takes for any reflections to bounce back from the break

Answer 155

testing electrical circuits

Answer 156

reports detailed info on cable's physical and electrical properties, including crosstalk, attenuation, noise, and resistance

Answer 157

ensure each channel has sufficient power

Answer 158

show ip cache flow

Answer 159

show ip flow-export

Answer 160

command that displays NetFlow IP entries

Answer 161

interrogate frames received by a network adapter using a special driver - read packets on a port and save the information to a file on disk

Answer 162

software used in conjunction with packet sniffer - used later to examine data gathered from packet sniffer

Answer 163

common packet analyzer used to display contents of .pcap files

Answer 164

highly adaptable, open-source network/port scanner used to scan hosts/ports to locate services and detect vulnerabilities

Answer 165

firewall ruleset for outgoing connections

Answer 166

firewall ruleset for incoming connections

Answer 167

firewall ruleset for connections passing through server

Answer 168

handled packets that have just arrived and determines via priority how to handle the packets depending on whether it is used for local processing or forwarding - processed first before other chains

Answer 169

utility tool that uses TCP/UDP connections to read and write in a network - used for both attacking and security

Answer 170

- internet protocol address management - scans DHCP and DNS servers and logs IP address usage to database - can be used to remotely manage and reconfigure DHCP and DNS server

Answer 171

used to edit rules enforced by Linux kernel firewall

Answer 172

refers to the orientation of the wave propagating from the antenna to maximize signal strength

Answer 173

cable access TV

Answer 174

hybrid fiber coax - combine with fiber optic core network with coax links to CPE

Answer 175

switch models designed to provide high-speed connectivity to a rack of server appliances

Answer 176

- interior gateway protocol - identifies routes WITHIN an AS

Answer 177

- exterior gateway protocol - identifies routes BETWEEN autonomous systems

Answer 178

F type connectors

Answer 179

AP mediates communications between client devices and can also provide a bridge to a cabled network segment

Answer 180

traffic that enters or leaves the data center from a system physically residing outside the datacenter - North = exiting - South = entering

Answer 181

data flow within a datacenter. For example, if we are using a spine and leaf architecture, any data flow between the various servers in the datacenter, even if it goes between different leaves, would be considered east-west traffic