General Questions Part 2

Question 1

RJ-11 Connector

Answer 1

Registered Jack 11 - 6 position, 2 conductor cable (6P2C) - This is the standard telephone cable used in households.

Question 2

RJ-45 Connector

Answer 2

Registered Jack 45 - 8 position, 8 conductor cable (8P8C) - This is the standard Ethernet cable.

Question 3

BNC Connector

Answer 3

Bayonet Neill-Concelman - Coaxial cable connector, used in DS3 WAN links. The cable is often rigid and bulky.

Question 4

DB-9, DB-25 Connector

Answer 4

D-Sub-miniature or D-Sub - These cable connectors range in size from 9 pins all the way to 50 pins on a single connector end. Ranges from A to E and each connector in the range has a different pin number, often used on older hardware such as modems, printers, and other peripherals.

Question 5

F-Connector

Answer 5

Standard cable television connector, typically paired with RG-6 coaxial cable.

Question 6

Fiber Communication

Answer 6

Transmission by light in the visible spectrum. Has no RF signal which makes it very difficult to monitor/tap/listen in on. The signal is slow to degrade and can be sent over miles. No RF interference.

Question 7

Multi-Mode Fiber

Answer 7

Short-range communications, up to 2 kilometres, inexpensive light source, ie LED.

Question 8

Single-Mode Fiber

Answer 8

Long-range communications, up to 100 kilometres, expensive light source, ie lasers

Question 9

UPC (Connector)

Answer 9

Ultra-Polished Connector - Ferrule end-face radius polished at a zero degree angle, high return loss.

Question 10

APC (Connector)

Answer 10

Angle-Polished Connector - Ferrule end-face radius polished at an eight degree angle, lower return loss.

Question 11

ST Connector

Answer 11

Straight Tip Connector - half-twist bayonet connector with rounded ends.

Question 12

SC Connector

Answer 12

Square Connector - round tip that simply uses push and pull force to connect and disconnect connector.

Question 13

LC Connector

Answer 13

Lucent Connector - this is a smaller square connector that often has a tab that can be pressed down much like the RJ-45 to ensure a secure connection.

Question 14

MT-RJ

Answer 14

Mechanical Transfer Register Jack - A connector for two fibers in a very small form factor.

Question 15

T568A

Answer 15

Wiring Standard color code used for wiring eight-position RJ-45 modular plugs. Provides backward compatibility to both one pair and two pair USOC wiring schemes. A is more common in Europe. Cable end:

White-Green
Green
White-Orange
Blue
White-Blue
Orange
White-Brown
Brown

Question 16

T568B

Answer 16

Wiring Standard color code used for wiring eight-position RJ-45 modular plugs. Provides backward compatibility to only one pair of the USOC wiring schemes. B is more common in the USA. Cable end:

White-Orange
Orange
White-Green
Blue
White-Blue
Green
White-Brown
Brown

Question 17

Straight-through cable

Answer 17

A cable that has both modular plugs on the ends with the same pin-outs. Also called patch cables. Pin 1 matches to pin 1, pin 2 matches to pin 2, etc.

Question 18

Cross-over cable

Answer 18

A cable that has different modular plug pin-outs on each end of the cable. Used when connecting a workstation to a workstation or a switch to a switch. Many devices these days do not need a cross-over cable to connect the devices, instead they use Auto-MDI-X which can automatically detect when to use a straight-through cable vs. a cross-over cable.

Question 19

Cable Infrastructure

Answer 19

Wire that runs from workstations to patch panels in networking closets. Patch panels then run cable to switches.

Question 20

66 Block

Answer 20

A type of punchdown block used to connect sets of wires in a telephone system. Used more often for analog voice, but can also be used for some digital links. Need to use wire and a punchdown tool to clip wires into block. Punchdown blocks were the predecessor to patch panels.

Question 21

110 Block

Answer 21

A type of punchdown block used to terminate runs of on-premises wiring in a structured cabling system. The designation 110 is also used to describe a type of insulation displacement contact (IDC) connector used to terminate twisted pair cables. Need to use wire and a punchdown tool to clip wires into block. Punchdown blocks were the predecessor to patch panels.

Question 22

Copper Patch Panel

Answer 22

Punch-down block on one side, RJ-45 connector on the other.

Question 23

Fiber Distribution Panel

Answer 23

Permanent fiber installation - Patch panel at both ends. Fiber can’t be bent so you’ll often find soft looping of the fiber cables in the Distribution panel which is called a service loop.

Question 24

Transceiver

Answer 24

An adapter/converter that is both a transmitter and a receiver. Provides a modular interface so you can add the transceiver that matches your network.

Question 25

Duplex Communication

Answer 25

Two fibers, one fiber only permits transmits and the other that only permits receives.

Question 26

Bi-Directional (BiDi) Transceivers

Answer 26

A fiber that allows traffic in both directions over a single fiber (signals use two different wavelengths). Can reduce the number of fiber runs by half.

Question 27

GBIC (Transceiver)

Answer 27

Gigabit Interface Converter - Relatively early and large devices that support both copper and fiber that is common on Gigabit networks. Standard was effectively replaced by SFPs.

Question 28

SFP (Transceiver)

Answer 28

Small Form-factor Pluggable - Commonly used to provide 1 Gbit/s fiber, 1 Gbit/s copper also available.

Question 29

SFP+ (Transceiver)

Answer 29

Enhanced Small Form-factor Pluggable - Same size as SFP transceivers and is common with 10 Gigabit Ethernet. Supports data rate up to 16 Gbit/s.

Question 30

QSFP (Transceiver)

Answer 30

Quad Small Form-factor Pluggable - 4-channel SFP with each channel providing 1 Gbit/s for a total of 4 Gbit/s. Essentially 4 SFPs in one.

Question 31

QSFP+ (Transceiver)

Answer 31

Enhanced Quad Small Form-factor Pluggable - 4-channel SFP with each channel providing 10 Gbit/s for a total of 40 Gbit/s. Essentially 4 SFP+s in one.

Question 32

100BASE-TX

Answer 32

100BASE-TX also called “Fast Ethernet” can carry traffic at the nominal rate of 100 Mbit/s. Often carried over Category 5 or better and can run a maximum of 100 meters between devices.

Question 33

1000BASE-T

Answer 33

1000BASE-T also called “Gigabit Ethernet” can carry traffic at the nominal rate of 1 Gbit/s. Often carried over Category 5 or better twisted pair copper cables and can run a maximum of 100 meters between devices. Frequency use of 125 MHz.

Question 34

1000BASE-SX

Answer 34

1000BASE-SX can carry traffic at the nominal rate of 1 Gbit/s. This is Gigabit Ethernet using NIR (Near Infrared) light wavelength. Often carried over multi-mode fiber and can run a maximum of 220 meters to 500 meters, depending on fiber type.

Question 35

1000BASE-LX

Answer 35

1000BASE-LX can carry traffic at the nominal rate of 1 Gbit/s. This is Gigabit Ethernet using long wavelength lasers. Carried over both Multi-mode and Single-mode fiber. Multi-mode can run a maximum of 550 meters whereas the Single-mode fiber can run a maximum of 5 kilometers.

Question 36

10 Gbit/s Ethernet

Answer 36

10GBASE-T can carry traffic at the nominal rate of 10 Gbit/s. Often carried over Category 6 or better twisted pair copper cables and can run varying lengths depending on cabling used. Cat 6 can run a maximum of 55 meters, both Cat 6A (Augmented) and Cat 7 can run a maximum of 100 meters. Frequency use of 500 MHz.

Question 37

Hub

Answer 37

A hub is a network hardware device used for connecting multiple network devices or workstations together. It acts as a repeater so traffic going in one port is repeated to every other port on the hub in half-duplex communication mode. A hub works at the physical layer (layer 1) of the OSI model. Hubs also participates in collision detection, forwarding a jam signal to all ports if it detects a collision.

Question 38

Bridge

Answer 38

A bridge is a computer networking device that creates a single aggregate network from multiple communication networks or network segments, “bridges” networks together. Bridges allow the ability to connect different topologies and different physical networks together. Bridges operate at the OSI Layer 2 and most bridges these days are simply wireless access points. Bridges distributes traffic based on MAC address and makes forwarding decisions in software.

Question 39

Switch

Answer 39

OSI layer 2 device which forwards traffic based on data link address. Switches are the core of an enterprise network and can provide Power over Ethernet (PoE).

Routers inside of switches are sometimes called “layer 3 switches”.

• Switch (Layer 2)
• Router (Layer 3)

Question 40

Router

Answer 40

OSI layer 3 device which routes traffic between IP subnets. Capable of supporting both copper and fiber networks and can connect diverse network types together.

Routers inside of switches are sometimes called “layer 3 switches”.

• Switch (Layer 2)
• Router (Layer 3)

Question 41

Firewall

Answer 41

A firewall is a network security system that monitors and controls incoming and outgoing network traffic based on predetermined security rules, filters traffic by port number, and can encrypt traffic in and out of the network. Firewalls often sit on the ingress/egress of the network and most firewalls operate at layer 3 of the OSI model.

Question 42

Wireless access point (WAP)

Answer 42

OSI layer 2 device that extends the wired network onto the wireless network. A WAP is a bridge.

Question 43

Wireless range extender

Answer 43

A device that takes an existing signal from a wireless router or wireless access point and rebroadcasts (repeater) it to extend the reach of a wireless network.

Question 44

Multilayer switches

Answer 44

A multilayer switch is a network device that has the ability to operate at higher layers of the OSI model. A multilayer switch can perform the functions of a switch as well as that of a router. A switch (Layer 2) and router (Layer 3) in the same physical device. Switching still operates at OSI Layer 2, routing still operates at OSI Layer 3.

• Switch (Layer 2)
• Router (Layer 3)

Question 45

Wireless networks

Answer 45

Wireless networks are often accompanied by physical networks and the wireless portion is just an extension to the physical network. Typically wireless networks ino office don’t just have a single access point and the access points may not even be in the same building. When moving between a wireless and physical connection in the same network, the transition is seamless. Wireless networks might have different access policies, security policies, and AP configs.

Question 46

Wireless LAN controllers

Answer 46

Wireless LAN controllers are used in combination with the Lightweight Access Point Protocol (LWAPP) to manage light-weight access points in large quantities by the network administrator or network operations center. The WLAN controller automatically handles the configuration of wireless access-points from a single “pane of glass”. The controller offers centralized management of WAPs, performance and security monitoring, report on access point use, and can be paired with access points.

Question 47

Balancing the load

Answer 47

Balancing the load is the ability to balance traffic across two or more WAN links without using complex routing protocols like BGP. This ability is invisible to the end-user and is frequently done in large-scale implementations such as web server farms and database farms. These servers are fault tolerant and server outages have no effect.

Question 48

Load balancer

Answer 48

A load balancer is a device that acts as a reverse proxy and distributes network or application traffic across a number of servers. Load balancers are used to increase capacity (concurrent users) and reliability of applications. Load balancers offer faster response times, caching, prioritization, QoS, and encryption/decryption.

Question 49

IDS and IPS

Answer 49

Intrusion Detection System / Intrusion Prevention
System. Both systems watch network traffic and known exploits against operating systems, applications, etc. such as buffer overflows, cross-site scripting, other
vulnerabilities. Intrusion Detection System will alarm or alert if an abnormality is detected. Intrusion Prevention
System stops threats before they get into the network

Question 50

Proxy Server

Answer 50

A proxy server acts as a gateway between you and the internet. It’s an intermediary server separating end users from the external websites they browse. Proxies receive user requests and sends the request on their behalf (the proxy). Useful for caching information, access control, URL filtering, and content scanning. Some applications may need to know how to
use the proxy and some proxies are invisible (transparent).

Question 51

Application proxies

Answer 51

An application proxy sits between the protected network and the network you want to be protected from. Every time an application makes a request, the application intercepts the request to the destination system. The application proxy initiates its own request, as opposed to actually passing the client’s initial request.

Question 52

VPN concentrator

Answer 52

A VPN (Virutal Private Network) concentrator is a type of networking device that provides secure creation of VPN connections and delivery of messages between VPN nodes. It is a type of router device, built specifically for creating and managing VPN communication infrastructures. VPN concentrator are often integrated into a firewall and can provide encryption/decryption to the access device.

Question 53

Remote access VPN

Answer 53

A remote access VPN works by creating a virtual tunnel between an employee’s device and the company’s network. This tunnel goes through the public internet but the data sent back and forth through it is protected by encryption and security protocols to help keep it private and secure. It’s essentially on-demand access from a remote device.

Question 54

AAA framework

Answer 54

Authentication, Authorization, and Accounting.

Identification - This is who you claim to be
Authentication - Prove you are who you say you are
Authorization - Based on your identification and authentication, what access do you have?
Accounting - Resources used, login time, data sent and received, logout time, etc.

Question 55

RADIUS (protocol)

Answer 55

RADIUS (Remote Authentication Dial-in User Service) is a client/server protocol and software that enables remote access servers to communicate with a central server to authenticate dial-in users and authorize their access to the requested system or service. One of the more common AAA protocols because it’s supported on a wide variety of platforms and devices such as routers, switches, and firewalls.

Question 56

UTM/All-in-one security appliance

Answer 56

UTM (Unified Threat Management) is an approach to information security where a single hardware or software installation provides multiple security functions. UTM simplifies information-security management by providing a single management and reporting point for the security administrator rather than managing multiple products from different vendors. Instead of having several single-function appliances, all needing individual familiarity, attention and support, network administrators can centrally administer their security defenses from one computer. UTM’s can provide URL filter/content inspection, malware inspection, spam filter, CSU/DSU, router and switch, firewall, IDS/IPS, bandwidth shaper, and VPN endpoint.

Question 57

NGFW

Answer 57

NGFW (Next-Generation Firewalls) is a part of the third generation of firewall technology, combining a traditional firewall with other network device filtering functions, such as an application firewall using in-line deep packet inspection (DPI), an intrusion prevention system (IPS). Other techniques might also be employed, such as TLS/SSL encrypted traffic inspection, website filtering, QoS/bandwidth management, antivirus inspection and third-party identity management integration (i.e. LDAP, RADIUS, Active Directory). NGFW’s are Layer 7 (application layer) firewalls,

Question 58

Content filtering

Answer 58

Content filtering is the idea of allowing or blocking traffic based on the data that’s inside of data packets. Specifically, data that’s in the application section of the packet itself. This allows for corporate control of outbound and inbound data and can be used to filter sensitive materials, control of inappropriate content, used as parental controls, or as a compliment to an Anti-virus, anti-malware.

Question 59

Network Virtualization

Answer 59

Network Virtualization is the process of combining hardware and software network resources along with network functionality into a single, software-based administrative entity, a virtual network. Network virtualization involves platform virtualization, often combined with resource virtualization.

Question 60

Hypervisor

Answer 60

A hypervisor (or virtual machine manager, VMM) is computer software, firmware or hardware that creates and runs virtual machines. A computer on which a hypervisor runs one or more virtual machines is called a host machine, and each virtual machine is called a guest machine.

Question 61

What is a NAS?

Answer 61

NAS (Network Attached Storage) is a file-level (as opposed to block-level) computer data storage server connected to a computer network providing data access to a heterogeneous group of clients. NAS is specialized for serving files either by its hardware, software, or configuration. It is often manufactured as a computer appliance.

Question 62

Jumbo Frame

Answer 62

Jumbo frames are Ethernet frames with more than 1500 bytes of payload, the limit set by the IEEE 802.3 standard. Conventionally, jumbo frames can carry up to 9,216 bytes (9,000 is the accepted norm). Many Gigabit Ethernet switches and Gigabit Ethernet network interface cards can support jumbo frames. Some Fast Ethernet switches and Fast Ethernet network interface cards can also support jumbo frames. Jumbo frames increase transfer efficiency as fewer packets need to be switched/routed.

Question 63

Fibre Channel (FC)

Answer 63

FC (Fibre Channel) is a high-speed data transfer protocol (commonly running at 1, 2, 4, 8, 16, 32, 64, and 128 gigabit per second rates) providing in-order, lossless delivery of raw block data. Fibre Channel is primarily used to connect computer data storage to servers in storage area networks (SAN) in commercial data centers. Fibre Channel networks form a switched fabric because the switches in a network operate in unison as one big switch. Fibre Channel typically runs on optical fiber cables within and between data centers, but can also run on copper cabling.

Question 64

FCoE

Answer 64

FCoE (Fibre Channel over Ethernet) is a computer network technology that encapsulates Fibre Channel frames over Ethernet networks. This allows Fibre Channel to use 10 Gigabit Ethernet networks (or higher speeds) while preserving the Fibre Channel protocol. No special networking hardware needed, but FCoE is not routable.

Question 65

iSCSI

Answer 65

iSCSI (Internet Small Computer Systems Interface) is an Internet Protocol (IP) based storage networking standard for linking data storage facilities, making a remote disk look and operate like a local disk. It provides block-level access to storage devices by carrying SCSI commands over a TCP/IP network. Is often used to manage storage over long distances and can be managed quite well in software. iSCSI was created by IBM and Cisco, now an RFC standard.

Question 66

InfiniBand

Answer 66

InfiniBand (IB) is a computer networking communications standard used in high-performance computing that features very high throughput and very low latency. InfiniBand is also used as either a direct or switched interconnect between servers and storage systems, as well as an interconnect between storage systems. InfiniBand is popular in research and supercomputers, with speeds as high as 100 Gbit/sec and 200 Gbit/sec being common. Links can be aggregated for higher throughput (4x, 8x, 12x links). Copper and Fiber options are available using QSFP connectors.

Question 67

DSL

Answer 67

DSL (Digital Subscriber Line) is a family of technologies that are used to transmit digital data over telephone lines. In telecommunications marketing, the term DSL is widely understood to mean asymmetric digital subscriber line (ADSL), the most commonly installed DSL technology, for Internet access. The reason it’s called ADSL is because the download speed is faster than the upload speed (asymmetric). Has a range of 10,000 feet from the central office (CO).

Question 68

Metro Ethernet

Answer 68

A Metro Ethernet network is a metropolitan area network (MAN) that is based on Ethernet standards. It is commonly used to connect subscribers to a larger service network or the Internet. Businesses can also use metropolitan-area Ethernet to connect their own offices to each other.

Question 69

Cable broadband

Answer 69

Cable broadband is a method of delivering high-speed Internet to residences and businesses using cable television infrastructure. While DSL uses old-fashioned copper telephone wires, cable broadband uses the same coaxial copper cables that deliver sound and video to cable television subscribers. Allows transmission across multiple frequencies and can accommodate different traffic types.

Question 70

MPLS

Answer 70

MPLS (Multiprotocol Label Switching) is a routing technique in telecommunications networks that directs data from one node to the next based on short path labels rather than long network addresses, thus avoiding complex lookups in a routing table and speeding traffic flows. The labels identify virtual links (paths) between distant nodes rather than endpoints. MPLS can encapsulate packets of various network protocols, hence the “multiprotocol” reference on its name. MPLS supports a range of access technologies, including T1/E1, ATM, Frame Relay, and DSL.

Question 71

MPLS pushing and popping

Answer 71

Push: When an IP packet enters an MPLS domain, the ingress node adds a new label to the packet between the Layer 2 header and the IP header.

Pop: When a packet leaves the MPLS domain, the label is popped out of (removed from) the MPLS packet.

Question 72

ATM (WAN Technology)

Answer 72

ATM (Asynchronous Transfer Mode) is a telecommunications standard for carriage of user traffic, including telephony (voice), data, and video signals. ATM was developed to meet the needs of the Broadband Integrated Services Digital Network (ISDN) and designed to integrate telecommunication networks. Additionally, it was designed for networks that must handle both traditional high-throughput data traffic and real-time, low-latency content such as voice and video. ATM is a core protocol used in the SONET/SDH backbone of the public switched telephone network (PSTN) and in the Integrated Services Digital Network (ISDN), but has largely been superseded in favor of next-generation networks based in Internet Protocol (IP) technology.

Question 73

Frame relay

Answer 73

Frame relay is a packet-switching telecommunication service designed for cost-efficient data transmission for intermittent traffic between local area networks (LANs) and between endpoints in wide area networks (WANs). LAN traffic is encapsulated into frame relay frames and Frames are passed into the “cloud”. Originally designed for transport across Integrated Services Digital Network (ISDN) infrastructure, it is still in use today but has been effectively replaced by MPLS (Multiprotocol Label Switching).

Question 74

PPP

Answer 74

PPP (Point-to-Point Protocol) - A data link layer (layer 2) communications protocol between two routers directly without any host or any other networking in between. It can provide connection authentication, transmission encryption, error detection, and compression.

Question 75

PPPoE

Answer 75

PPPoE (Point-to-Point Protocol over Ethernet) - A network protocol for encapsulating PPP (Point-to-Point Protocol) frames inside Ethernet frames. Common on DSL networks and PPP can provide connection authentication, transmission encryption, error detection, and compression.

Question 76

DMVPN

Answer 76

DMVPN (Dynamic Multipoint Virtual Private Network) - A dynamic tunneling form of a virtual private network (VPN) supported on Cisco IOS-based routers, Huawei AR G3 routers and USG firewalls, and on Unix-like operating systems. Creates a dynamic mesh VPN network without having to pre-configure all possible tunnel end-point peers, including IPsec (Internet Protocol Security) and ISAKMP (Internet Security Association and Key Management Protocol) peers.

Question 77

SIP trunking

Answer 77

SIP (Session Initiation Protocol) trunking is a method of sending voice and other unified communications services over the internet. It works with an IP-PBX (Private Branch Exchange). SIP trunking replaces traditional telephone lines or PRIs (Primary Rate Interface). It acts as a control protocol for VoIP

• Traditional PBX connectivity uses T1/ISDN
• 23 voice channels, 1 signaling channel
• When the lines are full, you get a busy signal
• Use SIP/VoIP to communicate to an IP-PBX provider
• More efficient use of bandwidth
• Less expensive than ISDN lines
• More phone system options

Question 78

Demarcation point

Answer 78

The Demarcation point or the Demarc is the point where your on-premises physical wired network ends and the with Internet Service Provider’s network begins. The Demarcation point is used everywhere from enterprise offices to your own home.

Question 79

CSU/DSU

Answer 79

A CSU/DSU (Channel Service Unit/Data Service Unit) is a hardware device about the size of an external modem that sits between the router and the circuit which converts a digital data frame from the local area network (LAN) into a frame appropriate for a wide-area network (WAN), controlled by the network provider, the ISP. The DSU connects to the DTE (Data Terminal Equipment).

Question 80

Internal operating procedures

Answer 80

Organization policies, processes, and procedures. Documentation is the driving factor behind organization policies, such as how to’s, testing routines, change control, downtime procedures, facilities issues, software upgrades, etc. The IOP needs to be accessible so that everyone can review and understand the policies.

Question 81

Logical network maps

Answer 81

Network diagrams, or maps, are visuals that use symbols/icons/shapes to depict the different objects and connections in a network. Logical network diagrams focus in on how traffic flows across the network, IP addresses, admin domains, how domains are routed, control points, and so on.

Question 82

Physical network maps

Answer 82

Network diagrams, or maps, are visuals that use symbols/icons/shapes to depict the different objects and connections in a network. A physical network diagram will, ideally, show the network topology exactly as it is: with all of the devices and the connections between them. Because physical diagrams depict all of the physical aspects of the network, they will likely include: ports, cables, racks, servers, specific models, and so on.

Question 83

Change management

Answer 83

Change management is how a change to the network or production environment is managed. Change management is often involved when there is an upgrade to software, firewall configuration change, or when modifying switch ports. Change management needs to have clear policies as changes will occur very frequently and can often be overlooked or ignored.

Question 84

Labeling

Answer 84

Labeling is simply identifying your devices and wiring with sufficient labels so that if you were to leave, someone else could comprehend what something does and where it goes. Best practice is to create a standardized format so that everything is consistent.

Question 85

System labeling

Answer 85

System used to uniquely identify workstation, servers, and other devices on the network. Often done using asset tags, system names, and serial numbers. These identifiers need to be clearly visible to both users and admins.

Question 86

Circuit labeling

Answer 86

Circuit labeling is labeling of WAN network devices such as the Demarc interface, the CSU/DSU (Channel Service Unit/Data Service Unit), router, WAN provider Circuit ID, WAN provider phone number.

Question 87

Patch panel labeling

Answer 87

Labeling ports on a patch panel to identify the use of a specific port. Patch panels don’t have a lot of real estate for labeling so incremental numbers and letters are often used as descriptors.

Question 88

Baselines

Answer 88

A baseline is a performance metric which is used as a point of reference. Often used to identify anomalies, application response time, network throughput, etc.

Examine the past to predict the future which is useful for planning.

Question 89

(FCIP)

Answer 89

FCIP (Fibre Channel over IP) is an Internet Protocol (IP) created for storage technology. It encapsulate Fibre Channel data into IP packets allowing Fibre Channel tunneling often used to connect servers and storage over geographical distances.

Question 90

DOCSIS

Answer 90

DOCSIS (Data Over Cable Service Interface
Specification) is an international telecommunications standard that permits the addition of high-speed data transfer to an existing cable television (CATV) system. It is used by many cable television operators to provide Internet access over their existing hybrid fiber-coaxial (HFC) infrastructure.

Question 91

SAN

Answer 91

SAN (Storage Area Network) is a computer network which provides access to consolidated, block-level data storage. SANs are primarily used to access storage devices, such as disk arrays and tape libraries from servers so that the devices appear to the operating system as direct-attached storage. A SAN typically is a dedicated network of storage devices not accessible through the local area network (LAN).

Question 92

Loop protection

Answer 92

Loop protection consists of enabling STP (spanning tree protocol) on network switches. Looping can be taken advantage of by attackers to initiate DoS attacks because of its repetitive nature. When transmissions loop, they needlessly consume bandwidth and disrupt network services and often times are somewhat difficult to troubleshoot.

Question 93

BPDU guard

Answer 93

BPDU (Bridge Protocol Data Unit) Guard feature is used to protect the Layer 2 Spanning Tree Protocol (STP) Topology from BPDU related attacks. BPDU Guard feature must be enabled on a port that should never receive a BPDU from its connected device. If a switch port which is configured with Spanning Tree Protocol (STP) PortFast feature, it must be connected to an end device. BPDU guard disables the port upon BPDU reception if PortFast is enabled on the port. The disablement effectively denies devices behind such ports from participation in STP.

Question 94

Root guard

Answer 94

Root guard allows the device to participate in STP as long as the device does not try to become the root. If root guard blocks the port, subsequent recovery is automatic. Recovery occurs as soon as the offending device ceases to send superior BPDUs.

Question 95

Flood guard

Answer 95

Flood guards serve as preventive control against denial-of-service (DoS) or distributed denial-of-service (DDoS) attacks. Flood guards are available either as standalone devices or as firewall components. It is capable of monitoring network traffic to identify DoS attacks in progress generated through packet flooding and can be configured to specify the maximum number of source MAC addresses on a particular interface. Once the maximum has been exceeded, port security activates and usually the interface is disabled by default. Flood guards maintain a list of every source MAC address.

Question 96

DHCP snooping

Answer 96

DHCP Snooping is a layer 2 security technology incorporated into the operating system of a capable network switch that drops DHCP traffic determined to be unacceptable. DHCP Snooping prevents unauthorized (rogue) DHCP servers offering IP addresses to DHCP clients. The DHCP Snooping feature performs the following activities:

• Validates DHCP messages from untrusted sources and filters out invalid messages.
• Builds and maintains the DHCP Snooping binding database, which contains information about untrusted hosts with leased IP addresses.
• Utilizes the DHCP Snooping binding database to validate subsequent requests from untrusted hosts.

Question 97

Segmenting the network

Answer 97

Network segmentation is the concept of taking a computer network and breaking it down, logically and physically, into multiple smaller fragments. This is done to increase performance, security, compliance, and makes change control much easier.

Question 98

Physical segmentation

Answer 98

Physical segmentation involves breaking down a large network into many smaller physical components. It normally involves investing in additional hardware such as switches, routers, and access points. While physical segmentation can seem like the easy approach to breaking up a network, it’s often very costly and can lead to unintended issues.

Question 99

Logical segmentation

Answer 99

Logical segmentation is the more popular method of fragmenting a network into manageable chunks. Typically, logical segmentation doesn’t require new hardware, provided the infrastructure is already managed. Instead, logical segmentation uses concepts already built into network infrastructure such as creating separate virtual local area networks (VLANs) that share a physical switch, or dividing different asset types into different Layer 3 subnets and using a router to pass data between the subnets.

Question 100

DMZ

Answer 100

A DMZ (demilitarized zone), also sometimes known as a perimeter network or a screened subnetwork, is a physical or logical subnet that separates an internal local area network (LAN) from other untrusted networks, usually the public internet.