Exam Flashcards

Question 1

Q

Class A IP

Answer

A

10.0.0.0 - 10.255.255.255
24 bits

Question 2

Q

Class B IP

Answer

A

172.16.0.0 - 172.31.255.255
20 bits

Question 3

Q

Class C IP

Answer

A

192.168.0.0 - 192.168.255.255
16 bits

Question 4

Q

802.11a

Answer

A

5 GHz
54 Mbit/s

Question 5

Q

802.11b

Answer

A

2.4 GHz
11 Mbit/s
better range than A, more frequency conflict

Question 6

Q

802.11g

Answer

A

2.4 Ghz
- 54 Mbit/s
-backwards compatible with b
- frequency conflicts

Question 7

Q

802.11n

Answer

A

5 GHz / 2.4
600 Mbit/s
-MIMO

Question 8

Q

802.11ac

Answer

A

5 GHz
- up to 160 MHz
- increased channel bonding
faster data transfer
- MU-MIMO
- 6.9 Gbit/s

Question 9

Q

802.11ax

Answer

A

wifi 5
- 5 GHz / 2.4 GHz
- 1201 megabits/s
- MU-MIMO
orthogonal frequency division
9.6 Gbit/s

Question 10

Q

PRTG

Answer

A

a lightweight standalone tool which will allow the administrator to easily scan for IPs

Question 11

Q

A server administrator is analyzing a normal Transmission Control Protocol (TCP) Teardown connection to their servers. How many FIN-WAIT states does the client go through during this process?

Question 12

Q

Sender Policy Framework (SPF)

Answer

A

TXT-based record that lists IP addresses or names of servers that can send email from a particular domain and combats sending of span

Question 13

Q

SRV (service record)

Answer

A

contains service name and port for a particular application
- locates VoIP or media servers

Question 14

Q

MX record

Answer

A

identifies email server for the domain
- must have associated A or AAAA record, not point to CNAME

Question 15

Q

What does ICANN manage?

Answer

A

generic top level domains, DNS

Question 16

Q

recursive lookup

Answer

A

server queries other name servers until it finds requested record or times out

Question 17

Q

iterative lookup

Answer

A

name server responds to query with either requested record or the address of a name server at lower level in hierarchy that is authoritative for the namespace

Question 18

Q

one DHCP server for multiple subnets

Answer

A

DHCP relay: forwarding DHCP traffics between subnets
UDP forwarding: more general application of DHCP relay

Question 19

Q

IMAP port

Question 20

Q

SMTP

Question 21

Q

SMTPS

Question 22

Q

POP3 port

Question 23

Q

POP3 SSL

Question 24

Q

IMAP SSL

Question 25

Q

active FTP

Answer

A

client sends PORT command specifying chosen port and server opens data connection between that port and TCP port 20 on server

Question 26

Q

RTCP

Answer

A

session on each RTP stream that monitors the quality of the connection and provides reports that the network stacks can use to tune QoS parameters

Question 27

Q

SIP

Answer

A

session initiation protocol
end user devices such as IP-enabled handsets or client and server web conference software

Question 28

Q

Microsoft SQL server port

Answer

A

TCP 1433
- allows clients to connect to database server over network and allow replication traffic to move between database servers

Question 29

Q

WSD/Airprint

Answer

A

allows for secure connections to a print device and allows it to advertise service capabilities over the network, provides plug-and-play installation for Windows and iOS devices, and uses bidirectional status messaging.

Question 30

Q

SSL/TLS port

Question 31

Q

Telnet

Question 32

Q

SSH port

Question 33

Q

SYSLOG port

Question 34

Q

SNTP

Answer

A

simple network time protocol
UDP 123
host that supports SNTP cannot act as time source for other hosts

Question 35

Q

Syslog alert, code 2

Answer

A

critical level

Question 36

Q

behavioral threat research

Answer

A

narrative commentary describing examples of attacks and the tactics, techniques, and procedures (TTPs) gathered through primary research sources.

Question 37

Q

reputational threat intelligence

Answer

A

consists of lists of IP addresses and domains associated with malicious behavior and signatures of known file-based malware

Question 38

Q

TACACS+

Question 39

Q

process assessment

Answer

A

involves identifying critical systems and assets that support mission essential functions

Question 40

Q

Bastion servers

Answer

A

hosts in perimeter and not fully trusted
- proxy and web

Question 41

Q

CPE

Answer

A

customer premises equipment
equipment owned, managed, and supported by the customer as it falls beyond the demarcation point.

Question 42

Q

CWDM

Answer

A

coarse wavelength division multiplexing
supports up to 16 wavelengths and typically deploys four or eight bidirectional channels over a single fiber strand.

Question 43

Q

WDM

Answer

A

wavelength division multiplexing
a means of using a strand to transmit or receive more than one channel at a time.

Question 44

Q

BiDi

Answer

A

bidirectional
support, transmit, and receive signals over the same strand of fiber. This uses WDM to transmit the transmit (Tx) and receive (Rx) signals over slightly shifted wavelengths.

Question 45

Q

DWDM

Answer

A

dense wavelength division multiplexing
provisions a greater number of channels (20, 40, 80, or 160). This means that there is much less spacing between each channel and requires more precise and expensive lasers.

Question 46

Q

cable crimper

Answer

A

creates a patch cord that fixes a plug to a cable. The tools are specific to the type of connector and cable, although some have modular dies supporting a range of RJ-type plugs. Many crimpers also come with cable stripping capabilities.

Question 47

Q

block tool

Answer

A

terminates a group of connectors in one action.

Question 48

Q

punchdown tool

Answer

A

terminates a fixed cable and fixes conductors into an IDC. There are different IDC formats (66, 110, BIX, and Krone) that require different blades.

Question 49

Q

APC

Answer

A

Angled Physical Contacts (APCs) make for an even tighter connection and better return loss performance. APCs cannot mix with PC faces or UPCs

Question 50

Q

UPC

Answer

A

the cable and connector are polished to a higher standard than with PC.
- ultra physical contact

Question 51

Q

PC (physical contact)

Answer

A

faces of the connector and fiber tip are polished so that they curve slightly and fit together better, reducing return loss

Question 52

Q

Demarcs

Answer

A

special types of equipment rooms marking the point at which external cabling (located outside the plant) joins to the internal cabling (located on the premises).

Question 53

Q

cladding

Answer

A

reflects signals back into the waveguide as efficiently as possible so that the light signal travels along the waveguide by multiple internal reflections.

Question 54

Q

stackable switches

Answer

A

switches can connect together and operate as a group. The sysadmin can manage the switch stack as a single unit.

Question 55

Q

NIC teaming/port aggregation

Answer

A

combines two or more separate cabled links into a single logical channel

Question 56

Q

IGRP

Answer

A

interior gateway routing
older routing protocol, which is classful. Classful routing protocols do not carry subnet masks.

Question 57

Q

RIPv2 (routing internet protocol)

Answer

A

dynamic routing protocol that supports classless addressing, required for both subnetting and supernetting. The Internet has shifted towards a hierarchical routing structure by reengineering classful schemes.

Question 58

Q

EIGRP

Answer

A

enhanced interior gateway routing protocol
dynamic routing protocol that supports classless addressing, required for both subnetting and supernetting. Routers at the top of the hierarchy need to store only the high-level network prefixes.

Question 59

Q

OSPF

Answer

A

open shortest path first
dynamic routing protocol that supports classless addressing, required for both subnetting and supernetting.

Question 60

Q

BGP (border gateway protocol)

Answer

A

a path vector type that is part of the Exterior Gateway Protocol (EGP) class and runs over Transmission Control Protocol (TCP) port 179.

Question 61

Q

SMB port

Question 62

Q

What is the lowest ANSI/TIA/EIA copper Ethernet cabling category available in the form of shielded/foiled twisted pair (S/FTP), and is often recommended for use in healthcare settings?

Question 63

Q

Cat 6

Answer

A

support 10GBASE-T standard speeds at a distance of up to 180 ft. (55 m).

Question 64

Q

Cat 5e

Answer

A

supports a maximum speed of 1 Gbps at a maximum distance of up to 328 ft (100 m)
- 1000BASE-T

Answer 51

A

support 10GBASE-T standard speeds at a distance of up to 328 ft (100 m).

Answer 52

A

support speeds up to 40 Gbps up to 100 ft (30 m)
- 40GBASE-T

Answer 53

A

early bayonet-style connector with a twist-and-push locking mechanism. ST was primarily used for multimode networks, however, it is no longer routinely utilized in Ethernet deployments.

Answer 54

A

a small-form-factor duplex connector with a snap-in design that is used in multimode networks.

Answer 55

A

small-form-factor connector with a push/pull tabbed design. The LC form factor is commonly used for Gigabit Ethernet and 10/40 GbE.

Answer 56

A

a push/pull connector that allows for easy insertion and removal. It may be utilized in either single-mode or multimode mode. It is frequently used in Gigabit Ethernet

Answer 57

A

the Simultaneous Authentication of Equals (SAE) protocol replaces the 4-way handshake, which has been found to be vulnerable to various attacks.

Answer 58

A

old protocol that is no longer safe to use, though it does not use the SAE protocol. WEP uses an outdated RC4 stream cipher to encrypt traffic.

Answer 59

A

designed to fix critical vulnerabilities in the earlier wired equivalent privacy (WEP) standard.

Answer 60

A

pre-shared key (PSK) authentication uses a passphrase to generate the key that is used to encrypt communications. It is also referred to as group authentication because a group of users share the same secret.

Answer 61

A

the time it takes for a transmission to reach the recipient, measured in milliseconds (ms)

Answer 62

A

a variation in the delay. Jitter manifests itself as an inconsistent rate of packet delivery.

Answer 63

A

SMTPS
- establishes the secure connection before any SMTP commands (HELO, for instance) are exchanged. This is also referred to as implicit TLS and only represents encryption at the level of the transport layer.

Answer 64

A

command that upgrades an existing unsecure connection to TLS. This is also referred to as explicit TLS or opportunistic TLS and only represents encryption at the level of the transport layer.

Answer 65

A

last 64 digits

Answer 66

A

appropriate for half-open scan
technique is faster as the scanning host sends a SYN packet to request a connection but does not complete the handshake. This method is typically used for stealthier scans, as it is less likely to be logged.

Answer 67

A

complete three-way handshakes
more visible in logs, not half-open

Answer 68

A

a powered device that performs signal regeneration and can capture all packets.

Answer 69

A

an unpowered device that physically copies the signal from the cabling to a monitor port. The monitor port will receive every frame, however, signal regeneration is not performed.

Answer 70

A

also known as port mirroring or port monitoring, allows the capture of network data as it flows through a network switch. Corrupt frames are dropped.

Answer 71

A

The network makes decisions about how traffic should be prioritized and where it should be switched, which, in turn, keeps the network itself operational.

Answer 72

A

comprises traffic that allows remote administration and monitoring of network appliances, such as SSH, SNMP, NetFlow, and syslog. Management traffic is typically directed to the appliance’s loopback address.

Answer 73

A

the amount of data loss that a system can sustain, measured in time units.

Answer 74

A

states the requirement for a business function. Downtime is calculated from the sum of scheduled service intervals (Agreed Service Time) plus unplanned outages over the period.

Answer 75

A

the period following a disaster that an individual IT system may remain offline

Answer 76

A

provides for protocol-specific inbound traffic. Reverse proxies can publish applications from the corporate network to the Internet in this way.

Answer 77

A

provides for protocol-specific outbound traffic. A multipurpose forward proxy is one configured with filters for multiple protocol types, such as HTTP, FTP, and SMTP.

Answer 78

A

the client must be configured with the proxy server address and port number to use it.

Answer 79

A

AKA forced/intercepting
intercepts client traffic without the client having to be reconfigured. A transparent proxy must be implemented on a switch or router or other inline network appliance

Answer 80

A

allows bridges or switches to organize themselves into a hierarchy. Each switch determines the shortest path to the root bridge by exchanging information with other switches. STP information is packaged as bridge protocol data unit (BPDU) multicast frames

Answer 81

A

performs some of the functions on an IPv6 network that ARP and ICMP perform under IPv4, such as address autoconfiguration, redirection, prefix discovery, and local address resolution.

Answer 82

A

task of resolving an IP address to a hardware address.

Answer 83

A

carries all the VLAN-to-VLAN traffic that must be routed

Answer 84

A

acts as an intermediary between the application requiring DNS resolution and a recursive DNS resolver.
function of a resolver is to perform recursive queries in response to requests from client systems

Answer 85

A

rely on authoritative DNS nameservers to tell them where to find certain domains.

Answer 86

A

a name server that manages the root zone of the Internet’s Domain Name System. It directly responds to queries for root zone records and returns a list of authoritative name servers for the relevant top-level domain for all other requests.

Answer 87

A

client accesses the Internet directly using its “native” IP configuration and DNS servers

Answer 88

A

Internet access is mediated by the corporate network, which will alter the client’s IP address and DNS servers and may use a proxy.

Answer 89

A

allows end-user devices, such as computers, printers, and smartphones to connect to the network.

Answer 90

A

offers fault-tolerant linkages between distinct access blocks and either the core or other distribution blocks.

Answer 91

A

provides a highly available network backbone. Routers or layer 3 switches in the core layer form a complete mesh topology with distribution layer switches

Answer 92

A

enables multiple hosts to share an IP address on the same network segment so that they can act as a default gateway.

Answer 93

A

allows the automatic assignment of IP routers to act as a default gateway on a single subnet.

Answer 94

A

allows multiple physical routers to serve as a single default gateway for a subnet, but it is a proprietary protocol developed by Cisco.

Answer 95

A

Data link layer

Answer 96

A

connects different networks and treats them as if they were one network

Answer 97

A

transfers data between nodes on the same logical segment
- ARP tables located here
- bridges

Answer 98

A

encapsulates onto a packet at the data link layer

Answer 99

A

provides logical addressing and packet forwarding between different networks
- wraps TCP segment at network layer

Answer 100

A

version of GRE protocol that supports point-to-multipoint links, such as hub and spoke dynamic VPN

Answer 101

A

operates as overlay network to configure point-to-point or point-to-multipoint links between nodes

Answer 102

A

provisions virtual network appliances such as switches, routers, and firewalls

Answer 103

A

nodes receive the data transmitted all at the same time, regardless of physical wiring layout of the network

Answer 104

A

wireless adapter allows connections to and from other devices, AKA IBSS

Answer 105

A

describes placement of nodes and how they are connected by the network media

Answer 106

A

describes flow of data through the network regardless of its physical layout

Answer 107

A

dedicated T1 or DS1 digital signal circuit

Answer 108

A

or data center 10 GbE (unofficially referred to as 10GBASE-CR) and 40 GbE (40GBASE-CR4) interconnections of up to about 5 meters for passive cable types and 10 meters for active cable types

Answer 109

A

used when agent informs monitor of a notable event, such as port failure

Answer 110

A

used for software to query the agent for a single object identifier

Answer 111

A

unidirectional signal for point-to-point wireless bridge connections
- common for outdoor use and long distances

Answer 112

A

parabolic or dome shaped antenna that is unidirectional
- expensive

Answer 113

A

donut shaped
- similar to round wireless routers businesses mount in office ceiling
- not good for outdoors

Answer 114

A

dome with rectangular feature with grid-like openings
expensive up-front and maintenance

Answer 115

A

ad hoc topology where the wireless adapter allows connections to and from other wireless devices

Answer 116

A

agent that informs the SNMP monitor of a notable event
- sysadmin can set threshold for triggering traps for each value

Answer 117

A

frame that is larger than the max permissible size (1518 bytes)

Answer 118

A

frame smaller than minimum size (64 bytes for ethernet)
- collision usually causes them

Answer 119

A

snapshot of a known good configuration and how a device operates at that known good configuration

Answer 120

A

measures whether an interface is working or not
- configure link state of a given port on a switch or router to turn it on or off

Answer 121

A

packet analyzer that can measure network traffic statistics

Answer 122

A

total capacity to process network traffic

Answer 123

A

prelim or exploratory agreement to express an intent to work together

Answer 124

A

detailed diagram of wiring and port locations

Answer 125

A

records position of each appliance in the rack

Answer 126

A

shows detailed info about termination of twisted pairs in RJ-45 or RJ-48C jack or IDC

Answer 127

A

critical planning tool to ensure WLAN delivers acceptable data rates to supported number of devices in physical locations

Answer 128

A

intermediate distribution frames
- provide termination for access layer switches that serve a given area
- essential for distributing network connections from the MDF to specific locations or devices within a facility, ensuring comprehensive network access and efficiency in communication flow

Answer 129

A

main distribution frame
location for distribution/core level internal switching
serves as location for termination of external WAN circuits

Answer 130

A

total operational time divided by number of failures
KPI measuring expected lifetime of a product

Answer 131

A

mean time it takes to correct fault to point of restoration and recovery of network services
- KPI

Answer 132

A

states requirement for a business function, used to measure level of high availability

Answer 133

A

takes longer to setup
may be an empty building with a lease agreement in place to install whatever equipment the company requires when necessary

Answer 134

A

can failover almost immediately
- site is already within organization’s ownership and is ready to deploy

Answer 135

A

requirement that latest data set will need to be loaded

Answer 136

A

group of servers, each known as node, that provides redundancy and fault tolerance for critical applications

Answer 137

A

defines a PNAC mechanism, which means that the switch/router performs some sort of authentication of the attached device before activating the port

Answer 138

A

port based network access control
switch/router performs type of authentication of attached device before activating port

Answer 139

A

authenticates admin access to routers and switches
- TCP port 49

Answer 140

A

used in VPN implementation, manages remote and wireless authentication infrastructures

Answer 141

A

form of eavesdropping where attacker makes an independent connection between two victims and steals information to use fraudulently

Answer 142

A

sends a stream of spoofed de-auth frames to cause a client to deauthenticate from the AP

Answer 143

A

compromises name resolution, redirects users to fraudulent sites

Answer 144

A

attacker redirects IP address to MAC address of a computer that is not the intended recipient

Answer 145

A

practice of using wifi sniffer to detect WLANs and then either using unsecured ones or trying to break into them with WEP and WPA cracking tools

Answer 146

A

distributed reflection denial of service
adversary spoofs the victim’s IP address and attempts to open connections with servers which direct responses to the victim server, rapidly consuming bandwidth

Answer 147

A

attacker implements an amplification factor and dramatically increases the bandwidth sent to a victim during DDoS attack

Answer 148

A

malicious program or script set to run under particular circumstances

Answer 149

A

means of redirecting users from legitimate website to malicious one
- corrupts the way the computer performs internet name resolution

Answer 150

A

ransomware that encrypts data files and user is unable to access files without obtaining the private encryption key

Answer 151

A

access point that can implement a similar port-security mechanism to switches
- allows for device authentication using digital certificates

Answer 152

A

supports encryption of data logs as they travel over the network to a target system like an analytics server

Answer 153

A

applies an additional layer of segmentation by restricting the ability of hosts within a VLAN to communicate directly with one another

Answer 154

A

policy that is designed to mitigate the risk from route processor vulnerabilities

Answer 155

A

causes switch to inspect DHCP traffic arriving on access ports to ensure host is not trying to spoof its MAC address
- can be. used to prevent rogue DHCP servers from operating on the network

Answer 156

A

allows access to the network when the network is down
- can be used to remotely reboot devices

Answer 157

A

designed to connect an analog modem and provide remote access over a dial-up link

Answer 158

A

configuring virtual network interface and IP address on the device to use for management functions and connecting to it via one of the normal ethernet ports

Answer 159

A

used to secure communication between hosts on a private network

Answer 160

A

used for communication between VPN gateways across an unsecured network

Answer 161

A

allows internet access that is mediated by the corporate network that will alter client’s IP address and DNS servers may use proxy

Answer 162

A

used to secure IPv4/6 communications on local networks and as remote access protocol

Answer 163

A

provides confidentiality, IA, used to encrypt packet rather than simply calculating a hash
- attaches three fields to the packet, header, trailer, and integrity check

Answer 164

A

performs a cryptographic hash on the whole packet, including IP header

Answer 165

A

used to verify that a cable meets its specifications such as bandwidth and frequency

Answer 166

A

assist in inserting wires into patch panels or punch down blocks

Answer 167

A

connector used for diagnosing transmission problems on parallel and serial ports

Answer 168

A

happens when two conductors join, usually because insulating wire is damaged or poorly wired connector

Answer 169

A

joins two fiber optic cables together by performing a precise alignment between the two strands and then permanently joining them

Answer 170

A

creates a patch cord and fixes a plug to a cable
- RJ-45 connector to an ethernet cable

Answer 171

A

locates breaks in fiber by sending light pulses down the cable and timing how long it takes for any reflections to bounce back from the break

Answer 172

A

testing electrical circuits

Answer 173

A

reports detailed info on cable’s physical and electrical properties, including crosstalk, attenuation, noise, and resistance

Answer 174

A

ensure each channel has sufficient power

Answer 175

A

show ip cache flow

Answer 176

A

show ip flow-export

Answer 177

A

command that displays NetFlow IP entries

Answer 178

A

interrogate frames received by a network adapter using a special driver
- read packets on a port and save the information to a file on disk

Answer 179

A

software used in conjunction with packet sniffer
- used later to examine data gathered from packet sniffer

Answer 180

A

common packet analyzer used to display contents of .pcap files

Answer 181

A

highly adaptable, open-source network/port scanner used to scan hosts/ports to locate services and detect vulnerabilities

Answer 182

A

firewall ruleset for outgoing connections

Answer 183

A

firewall ruleset for incoming connections

Answer 184

A

firewall ruleset for connections passing through server

Answer 185

A

handled packets that have just arrived and determines via priority how to handle the packets depending on whether it is used for local processing or forwarding
- processed first before other chains

Answer 186

A

utility tool that uses TCP/UDP connections to read and write in a network
- used for both attacking and security

Answer 187

A

internet protocol address management
scans DHCP and DNS servers and logs IP address usage to database
can be used to remotely manage and reconfigure DHCP and DNS server

Answer 188

A

used to edit rules enforced by Linux kernel firewall

Answer 189

A

refers to the orientation of the wave propagating from the antenna to maximize signal strength

Answer 190

A

cable access TV

Answer 191

A

hybrid fiber coax
- combine with fiber optic core network with coax links to CPE

Answer 192

A

switch models designed to provide high-speed connectivity to a rack of server appliances

Answer 193

A

interior gateway protocol
identifies routes WITHIN an AS

Answer 194

A

exterior gateway protocol
identifies routes BETWEEN autonomous systems

Answer 195

A

F type connectors

Answer 196

A

AP mediates communications between client devices and can also provide a bridge to a cabled network segment

Answer 197

A

traffic that enters or leaves the data center from a system physically residing outside the datacenter
- North = exiting
- South = entering

Answer 198

A

data flow within a datacenter. For example, if we are using a spine and leaf architecture, any data flow between the various servers in the datacenter, even if it goes between different leaves, would be considered east-west traffic

Brainscape's Knowledge GenomeTM

Exam Flashcards

Brainscape's Knowledge Genome^TM