GLOSSARY Flashcards

Question 1

Q

66 Block

Answer

A

Traditionally used in corporate environments for cross-connecting phone system cabling. As
10Mbps LANs started to grow in popularity in the late 1980s and early 1990s, these termination
blocks were used to cross-connect Category 3 UTP cabling. The electrical characteristics
(specifically, crosstalk) of a 66 block, however, do not support higher-speed LAN technologies, such
as 100Mbps Ethernet networks.

Question 2

Q

110 Block

Answer

A

Because 66 blocks are subject to too much crosstalk for higher-speed LAN connections,
110 blocks can be used to terminate a cable (such as a Category 5 cable) being used for those higherspeed LANs.

Question 3

Q

802.11a

Answer

A

Ratified in 1999, this standard supports speeds as high as 54Mbps. Other supported data
rates (which can be used if conditions are not suitable for the 54Mbps rate) include 6, 9, 12, 18, 24,
36, and 48Mbps. The 802.11a standard uses the 5GHz band and the OFDM transmission method.

Question 4

Q

802.11ac

Answer

A

An IEEE wireless networking standard operating in the 5GHz range, with increased
throughput compared to previous Wi-Fi IEEE standards.

Question 5

Q

802.11b

Answer

A

Ratified in 1999, this standard supports speeds as high as 11Mbps. However, 5.5Mbps is
another supported data rate. The 802.11b standard uses the 2.4GHz band and the DSSS transmission
method.

Question 6

Q

802.11g

Answer

A

Ratified in 2003, this standard supports speeds as high as 54Mbps. Like 802.11a, other
supported data rates include 6, 9, 12, 18, 24, 36, and 48Mbps. However, like 802.11b, 802.11g
operates in the 2.4GHz band, which allows it to offer backward compatibility to 802.11b devices.
802.11g can use either the OFDM or DSSS transmission method.

Question 7

Q

802.11n

Answer

A

Ratified in 2009, this standard supports a variety of speeds, depending on its
implementation. Although the speed of an 802.11n network could approach 300Mbps (through the use
of channel bonding), many 802.11n devices on the market have speed ratings in the 130 Mbps–
150Mbps range. Interestingly, an 802.11n WLAN can operate in the 2.4GHz band, the 5GHz band, or
both simultaneously. 802.11n uses the OFDM transmission method.

Question 8

Q

Acceptable Use Policy (AUP)

Answer

A

Identifies what users of a network are and are not allowed to do on that
network. For example, retrieving sports scores during working hours via an organization’s Internet
connection might be deemed inappropriate by an AUP.

Question 9

Q

Access Control List

Answer

A

Rules typically applied to router interfaces, which specify permitted and
denied traffic.

Question 10

Q

Address Resolution Protocol

Answer

A

An A RP request is a broadcast asking for the MAC address

corresponding to a known IP address. An A RP reply contains the requested MAC address.

Question 11

Q

Administrative Distance (AD)

Answer

A

A routing protocol’s index of believable. Routing protocols with a
smaller AD are considered more believable than routing protocols with a higher AD.

Question 12

Q

Advanced Encryption Standard

Answer

A

Released in 2001, A ES is typically considered the preferred
symmetric encryption algorithm. A ES is available in 128-bit key, 192-bit key, and 256-bit key
versions.

Question 13

Q

alerts

Answer

A

Various monitoring devices and services can provide you with automated alerting as to
network events. This is often a key element in network security to quickly learn when a potential

Question 14

Q

ANT+

Answer

A

A wireless protocol for monitoring sensor data such as a person’s heart rate or a car’s tire
pressure, as well as for controlling systems such as indoor lighting and television sets. ANT+ is
designed and maintained by the ANT+ Alliance, which is owned by Garmin. It is based on the ANT
protocol.

Question 15

Q

anycast

Answer

A

An any cast communication flow is a one-to-nearest (from the perspective of a router’s
routing table) flow.

Question 16

Q

application layer (OSI model)

Answer

A

Layer 7 of the OSI model. This layer provides application services to
a network. An important yet often-misunderstood concept is that end-user applications do not reside
at the application layer. Instead, the application layer supports services used by end-user
applications. Another function of the application layer is advertising available services.

Question 17

Q

application layer (TCP/IP stack)

Answer

A

Addresses concepts described by Layers 5, 6, and 7 (that is, the
session, presentation, and application layers) of the OSI model.

Question 18

Q

arp command

Answer

A

Can be used in either the Microsoft Windows or the UNIX environment to see what a
Layer 2 MAC address corresponds to in a Layer 3 IP address.

Question 19

Q

asset management

Answer

A

As related to networks, this is a formalized system of tracking network
components and managing the lifecycle of those components.

Question 20

Q

asset tracking tags

Answer

A

Tags applied to physical network assets to permit the monitoring of the location
of these devices.

Question 21

Q

asymmetric encryption

Answer

A

With asymmetric encryption, the sender and receiver of a packet use
different keys.

Question 22

Q

Asynchronous Transfer Mode

Answer

A

A Layer 2 WAN technology that interconnects sites using
virtual circuits. These virtual circuits are identified by a pair of numbers, called the VPI/VCI pair. A
virtual path identifier (VPI) identifies a logical path, which can contain multiple virtual circuits. A
virtual circuit identifier (VCI) identifies the unique logical circuit within a virtual path.

Question 23

Q

Authentication Header (AH)

Answer

A

An IPSec protocol that provides authentication and integrity services.
However, it does not provide encryption services.

Question 24

Q

authentication server

Answer

A

In a network using 802.1X user authentication, an authentication server
(typically, a RADIUS server) checks a supplicant’s credentials. If the credentials are acceptable, the
authentication server notifies the authenticator that the supplicant is allowed to communicate on a
network. The authentication server also gives the authenticator a key that can be used to securely
transmit data during the authenticator’s session with the supplicant.

Question 25

Q

authenticator

Answer

A

In a network using 802.1X user authentication, an authenticator forwards a supplicant’s
authentication request on to an authentication server. After the authentication server authenticates the
supplicant, the authenticator receives a key that is used to communicate securely during a session with
the supplicant.

Question 26

Q

Automatic Private IP Addressing

Answer

A

Allows a networked device to self-assign an IP address
from the 169.254.0.0/16 network. Note that this address is only usable on the device’s local subnet
(meaning that the IP address is not routable).

Question 27

Q

availability

Answer

A

The measure of a network’s uptime.

Question 28

Q

badges

Answer

A

Identifiers worn by employees of an organization to assist with physical security.

Question 29

Q

bandwidth

Answer

A

The measure of network throughput capable on a network media or path

Question 30

Q

baseline

Answer

A

A collection of data portraying the characteristics of a network under normal operating
conditions. Data collected while troubleshooting can then be contrasted against baseline data.

Question 31

Q

Basic Rate Interface

Answer

A

A BRI circuit contains two 64Kbps B channels and one 16Kbps D
channel. Although such a circuit can carry two simultaneous voice conversations, the two B channels
can be logically bonded together into a single virtual circuit (by using PPP’s multilink interface
feature) to offer a 128Kbps data path.

Question 32

Q

basic service set

Answer

A

BSS - WLANs that have just one AP are called BSS WLANs. BSS WLANs are
said to run in infrastructure mode because wireless clients connect to an AP, which is typically
connected to a wired network infrastructure. A BSS network is often used in residential and SOHO
locations, where the signal strength provided by a single AP is sufficient to service all of the
WLAN’s wireless clients.

Question 33

Q

basic service set

Answer

A

BSS - WLANs that have just one AP are called BSS WLANs. BSS WLANs are
said to run in infrastructure mode because wireless clients connect to an AP, which is typically
connected to a wired network infrastructure. A BSS network is often used in residential and SOHO
locations, where the signal strength provided by a single AP is sufficient to service all of the
WLAN’s wireless clients.

Question 34

Q

biometrics

Answer

A

The use of unique characteristics of the body to provide access credentials and security.
For example, a thumbprint can be used to access a mobile device.

Question 35

Q

bit-error rate tester (BERT)

Answer

A

When troubleshooting a link where you suspect a high bit-error rate
(BER), you can use a piece of test equipment called a bit-error rate tester (BERT), which contains
both a pattern generator (which can generate a variety of bit patterns) and an error detector (which is
synchronized with the pattern generator and can determine the number of bit errors) and can calculate
a BER for the tested transmission link.

Question 36

Q

black-hole router

Answer

A

A router that drops packets that cannot be fragmented and are exceeding the MTU
size of an interface without notifying the sender.

Question 37

Q

block size

Answer

A

The number of IP addresses in a subnet, including the subnet’s address and the subnet’s
directed broadcast address.

Question 38

Q

Bluetooth

Answer

A

A wireless protocol for creating a personal area network, where a device such as a mobile
phone can send data to a headset, for example.

Question 39

Q

Bootstrap Protocol (BOOTP)

Answer

A

A legacy broadcast-based protocol used by networked devices to
obtain IP address information.

Question 40

Q

Border Gateway Protocol

Answer

A

Border Gateway Protocol (BGP) The only EGP in widespread use today. In fact, BGP is
considered to be the routing protocol that runs the Internet, which is an interconnection of multiple
autonomous systems. BGP is a path-vector routing protocol, meaning that it can use as its metric the
number of autonomous system hops that must be transited to reach a destination network, as opposed
to the number of required router hops.

Question 41

Q

basic service set

Answer

A

BSS - WLANs that have just one AP are called BSS WLANs. BSS WLANs are
said to run in infrastructure mode because wireless clients connect to an AP, which is typically
connected to a wired network infrastructure. A BSS network is often used in residential and SOHO
locations, where the signal strength provided by a single AP is sufficient to service all of the
WLAN’s wireless clients.

Question 42

Q

biometrics

Answer

A

The use of unique characteristics of the body to provide access credentials and security.
For example, a thumbprint can be used to access a mobile device.

Question 43

Q

bit-error rate tester (BERT)

Answer

A

When troubleshooting a link where you suspect a high bit-error rate
(BER), you can use a piece of test equipment called a bit-error rate tester (BERT), which contains
both a pattern generator (which can generate a variety of bit patterns) and an error detector (which is
synchronized with the pattern generator and can determine the number of bit errors) and can calculate
a BER for the tested transmission link.

Question 44

Q

black-hole router

Answer

A

A router that drops packets that cannot be fragmented and are exceeding the MTU
size of an interface without notifying the sender.

Question 45

Q

block size

Answer

A

The number of IP addresses in a subnet, including the subnet’s address and the subnet’s
directed broadcast address.

Question 46

Q

Bluetooth

Answer

A

A wireless protocol for creating a personal area network, where a device such as a mobile
phone can send data to a headset, for example.

Question 47

Q

Bootstrap Protocol (BOOTP)

Answer

A

A legacy broadcast-based protocol used by networked devices to
obtain IP address information.

Question 48

Q

Border Gateway Protocol

Answer

A

Border Gateway Protocol (BGP) The only EGP in widespread use today. In fact, BGP is
considered to be the routing protocol that runs the Internet, which is an interconnection of multiple
autonomous systems. BGP is a path-vector routing protocol, meaning that it can use as its metric the
number of autonomous system hops that must be transited to reach a destination network, as opposed
to the number of required router hops.

Question 49

Q

borrowed bits

Answer

A

Bits added to a classful subnet mask.

Question 50

Q

BPDU Guard

Answer

A

The ability of a switch to block a port where unexpected BPDUs are arriving from
another switch or attacker.

Question 51

Q

buffer overflow

Answer

A

This attack occurs when an attacker leverages a vulnerability in an application,
causing data to be written to a memory area (that is, a buffer) that’s being used by a different
application.

Question 52

Q

bus topology

Answer

A

Typically, this topology uses a cable running through the area requiring connectivity,
and devices to be networked can tap into that cable.

Question 53

Q

butt set

Answer

A

A piece of test equipment typically used by telephone technicians. The clips on a butt set canconnect to the tip and ring wires on a punch-down block (for example, a 66 block or a 110 block)
connecting to a telephone. This allows the technician to check the line (for example, to determine
whether a dial tone is present on the line and determine whether a call can be placed from the line).

Question 54

Q

basic service set

Answer

A

BSS - WLANs that have just one AP are called BSS WLANs. BSS WLANs are
said to run in infrastructure mode because wireless clients connect to an AP, which is typically
connected to a wired network infrastructure. A BSS network is often used in residential and SOHO
locations, where the signal strength provided by a single AP is sufficient to service all of the
WLAN’s wireless clients.

Question 55

Q

biometrics

Answer

A

The use of unique characteristics of the body to provide access credentials and security.
For example, a thumbprint can be used to access a mobile device.

Question 56

Q

bit-error rate tester (BERT)

Answer

A

When troubleshooting a link where you suspect a high bit-error rate
(BER), you can use a piece of test equipment called a bit-error rate tester (BERT), which contains
both a pattern generator (which can generate a variety of bit patterns) and an error detector (which is
synchronized with the pattern generator and can determine the number of bit errors) and can calculate
a BER for the tested transmission link.

Question 57

Q

black-hole router

Answer

A

A router that drops packets that cannot be fragmented and are exceeding the MTU
size of an interface without notifying the sender.

Question 58

Q

block size

Answer

A

The number of IP addresses in a subnet, including the subnet’s address and the subnet’s
directed broadcast address.

Question 59

Q

Bluetooth

Answer

A

A wireless protocol for creating a personal area network, where a device such as a mobile
phone can send data to a headset, for example.

Question 60

Q

Bootstrap Protocol (BOOTP)

Answer

A

A legacy broadcast-based protocol used by networked devices to
obtain IP address information.

Question 61

Q

Border Gateway Protocol

Answer

A

Border Gateway Protocol (BGP) The only EGP in widespread use today. In fact, BGP is
considered to be the routing protocol that runs the Internet, which is an interconnection of multiple
autonomous systems. BGP is a path-vector routing protocol, meaning that it can use as its metric the
number of autonomous system hops that must be transited to reach a destination network, as opposed
to the number of required router hops.

Question 62

Q

borrowed bits

Answer

A

Bits added to a classful subnet mask.

Question 63

Q

BPDU Guard

Answer

A

The ability of a switch to block a port where unexpected BPDUs are arriving from
another switch or attacker.

Question 64

Q

buffer overflow

Answer

A

This attack occurs when an attacker leverages a vulnerability in an application,
causing data to be written to a memory area (that is, a buffer) that’s being used by a different
application.

Answer 65

A

Typically, this topology uses a cable running through the area requiring connectivity,
and devices to be networked can tap into that cable.

Answer 66

A

A piece of test equipment typically used by telephone technicians. The clips on a butt set canconnect to the tip and ring wires on a punch-down block (for example, a 66 block or a 110 block)
connecting to a telephone. This allows the technician to check the line (for example, to determine
whether a dial tone is present on the line and determine whether a call can be placed from the line).

Answer 67

A

If you are working with existing cable and want to determine its category, or if you
simply want to test the supported frequency range (and therefore data throughput) of the cable, you
can use a cable certifier.

Answer 68

A

Attaches to the same coaxial cable (typically in a residence) that provides television
programming. A cable modem can use predetermined frequency ranges to transmit and receive data
over that coaxial cable.

Answer 69

A

A cable tester can check the conductors in an Ethernet cable. It contains two parts. By
connecting these parts of the cable tester to each end of a cable under test, you can check the wires in
the cable for continuity (that is, check to make sure that there are no opens, or breaks, in a conductor).
In addition, you can verify an RJ-45 connector’s pin-outs (which are wires connected to the
appropriate pins on an RJ-45 connector).

Answer 70

A

An interconnection of networks located in nearby buildings (for
example, buildings on a college campus).

Answer 71

A

Typically a web page designed to collect the username and password of a user trying
to gain access to a network or application.

Answer 72

A

Just as CSMA/CD is needed for
half-duplex Ethernet connections, CSMA/CA is needed for WLAN connections because of their halfduplex operation. Similar to how an Ethernet device listens to an Ethernet segment to determine
whether a frame exists on the segment, a WLAN device listens for a transmission on a wireless
channel to determine whether it is safe to transmit. In addition, the collision-avoidance part of the
CSMA/CA algorithm causes wireless devices to wait for a random back-off time before transmitting.

Answer 73

A

Used on an Ethernet network to help
prevent a collision from occurring and to recover if a collision does occur. CSMA/CD is only needed
on half-duplex connections.

Answer 74

A

A building containing a telephone company’s telephone-switching equipment.
COs are categorized into five hierarchical classes. A Class 1 CO is a long-distance office serving a
regional area. A Class 2 CO is a second-level long-distance office; that is, it is subordinate to a Class
1 office. A Class 3 CO is a third-level long-distance office. A Class 4 CO is a fourth-level longdistance office, which provides telephone subscribers access to a live operator. A Class 5 CO is at
the bottom of the five-layer hierarchy and physically connects to customer devices in a local area.

Answer 75

A

Like PAP, CHAP performs one-way
authentication. However, authentication is performed through a three-way handshake (challenge,
response, and acceptance messages) between a server and a client. The three-way handshake allows
a client to be authenticated without sending credential information across a network.

Answer 76

A

A building containing a telephone company’s telephone-switching equipment.
COs are categorized into five hierarchical classes. A Class 1 CO is a long-distance office serving a
regional area. A Class 2 CO is a second-level long-distance office; that is, it is subordinate to a Class
1 office. A Class 3 CO is a third-level long-distance office. A Class 4 CO is a fourth-level longdistance office, which provides telephone subscribers access to a live operator. A Class 5 CO is at
the bottom of the five-layer hierarchy and physically connects to customer devices in a local area.

Answer 77

A

Like PAP, CHAP performs one-way
authentication. However, authentication is performed through a three-way handshake (challenge,
response, and acceptance messages) between a server and a client. The three-way handshake allows
a client to be authenticated without sending credential information across a network.

Answer 78

A

A common
variant of HMAC frequently used in email systems. Like CHAP, CRAM-MD5 only performs one-way
authentication (the server authenticates the client).

Answer 79

A

A common
variant of HMAC frequently used in email systems. Like CHAP, CRAM-MD5 only performs one-way
authentication (the server authenticates the client).

Answer 80

A

This important documentation explains the process whereby

changes are permitted in the network. This often consists of a series of approvals and testing steps.

Answer 81

A

With channel bonding, two wireless bands can be logically bonded together,
forming a band with twice the bandwidth of an individual band. Some literature calls channel bonding
40MHz mode, which refers to the bonding of two adjacent 20MHz bands into a 40MHz band.

Answer 82

A

Acts as a digital modem that terminates a digital

circuit (for example, a T1 or an E1 circuit).

Answer 83

A

A connection that is brought up on an as-needed basis. A circuitswitched connection is analogous to a phone call, where you pick up a phone and dial a number, and a
connection is established based on the number you dial.

Answer 84

A

A classful mask is the default subnet mask applied to Class A, B, and C IPv4 networks.
Specifically, Class A networks have a classful mask of 255.0.0.0. Class B networks have a classful
mask of 255.255.0.0, and Class C networks have a classful mask of 255.255.255.0.

Answer 85

A

Classification is the process of placing traffic into different categories.

Answer 86

A

Shortens a classful subnet mask by removing right-justified 1s
from a classful mask. As a result, CIDR allows contiguous classful networks to be aggregated. This
process is sometimes called route aggregation.

Answer 87

A

Defines the device an end user uses to access a network. This device might be a workstation,
laptop, smartphone with wireless capabilities, tablet, or variety of other end-user terminal devices.

Answer 88

A

In a client/server network, a dedicated server (for example, a file server or a
print server) provides shared access to a resource (for example, files or a printer). Clients (for
example, PCs) on the network with appropriate privilege levels can gain access to those shared
resources.

Answer 89

A

Also known as a remote-access VPN, a client-to-site VPN interconnects a remote
user with a site, as an alternative to dial-up or ISDN connectivity, at a reduced cost.

Answer 90

A

Connecting systems together with the intent of delivering network services from the cluster
to increase responsiveness and capacity. This solution also increases availability and redundancy.

Answer 91

A

Also known as coax, a coaxial cable is composed of two conductors. One of the
conductors is an inner insulated conductor. This inner conductor is surrounded by another conductor.
This second conductor is sometimes made of a metallic foil or woven wire.

Answer 92

A

An example of multiple access, where several transmitters
can send information simultaneously over a single communication channel. This allows several users
to share a band of frequencies. CDMA is used as the access method in many mobile phone standards.

Answer 93

A

These are redundant sites for a network, and they require time and effort to bring online.

Answer 94

A

A collision occurs when two devices on an Ethernet network simultaneously transmit a
frame. Because an Ethernet segment cannot handle more than one frame at a time, both frames become
corrupted.

Answer 95

A

The CIR of an interface is the average traffic rate over the period
of a second.

Answer 96

A

An open standard variant of HSRP (Hot Standby

Router Protocol), which provides first-hop router redundancy.

Answer 97

A

If an interface’s output queue fills to capacity, newly arriving packets arediscarded (or tail dropped). Congestion avoidance can prevent this behavior. RED (Random Early
Detection) is an example of a congestion-avoidance mechanism.

Answer 98

A

When a device, such as a switch or a router, receives traffic faster than it
can be transmitted, the device attempts to buffer (or store) the extra traffic until bandwidth becomes
available. This buffering process is called queuing or congestion management.

Answer 99

A

A dedicated appliance whose role is to locally cache content received from a remote
network (for example, a destination on the Internet). Subsequent requests for that content can be
serviced locally, from the content engine, thus reducing bandwidth demand on a WAN.

Answer 100

A

Can be used to load-balance requests for content across a group of servers containing
that content. If one of the servers in the group needs to have maintenance performed, that server could
be administratively removed from the group, as defined on the content switch. As a result, the content
switch can help maximize uptime when performing server maintenance. It minimizes the load on
individual servers by distributing its load across multiple identical servers. A content switch also
allows a network to scale because one or more additional servers could be added to the server group
defined on the content switch if the load on existing servers increases.

Answer 101

A

Used to attach a connector (for example, an RJ-45 connector) to the end of an unshielded
twisted-pair (UTP) cable.

Answer 102

A

One way to electrically or optically represent a binary 1 or 0 is to use
current state modulation, which represents a binary 1 with the presence of voltage (on a copper
cable) or the presence of light (on a fiber-optic cable). Similarly, the absence of light or voltage
represents a binary 0.

Answer 103

A

This device resides at a customer site. A router, as an example,
can be a CPE that connects a customer with an MPLS service provider.

Answer 104

A

A mathematical algorithm that is executed on a data string by both
the sender and the receiver of the data string. If the calculated CRC values match, the receiver can
conclude that the data string was not corrupted during transmission.

Answer 105

A

As Layer 2 of the OSI model, this layer is concerned with the packaging of data into
frames and transmitting those frames on a network, performing error detection/correction, uniquely
identifying network devices with an address, and handling flow control.

Answer 106

A

A ratio of radiated power to a reference value. In the case of dBi, the reference value is
the signal strength (that is, the power) radiated from an isotropic antenna, which represents a
theoretical antenna that radiates an equal amount of power in all directions (in a spherical pattern).
An isotropic antenna is considered to have gain of 0 dBi.

Answer 107

A

A loss of signal power. If a transmission’s dB loss is too great, the transmission
cannot be properly interpreted by the intended recipient.

Answer 108

A

A logical connection interconnecting two sites. This logical connection might
physically connect through a service provider’s facility or a telephone company’s central office. The
expense of a dedicated leased line is typically higher than other WAN technologies offering similar
data rates, because with a dedicated leased line, a customer does not have to share bandwidth with
other customers.

Answer 109

A

The IP address of a router (or multilayer switch) to which a networked device
sends traffic destined for a subnet other than the device’s local subnet.

Answer 110

A

A default static route is an administratively configured entry in a router’s routing
table that specifies where traffic for all unknown networks should be sent.

Answer 111

A

Also known as a demarcation point or a demarc extension, this is the point in a telephone
network where the maintenance responsibility passes from a telephone company to a subscriber
(unless the subscriber purchased an inside wiring plan). This demarc is typically a box mounted to
the outside of a customer’s building (for example, a residence).

Answer 112

A

Often contains servers that should be accessible from the Internet. This
approach would, for example, allow users on the Internet to initiate an email or a web session coming
into an organization’s email or web server. However, other protocols would be blocked.

Answer 113

A

A DoS attack floods a system with an excessive amount of traffic or
requests, which consumes the system’s processing resources and prevents the system from responding
to many legitimate requests.

Answer 114

A

In an STP topology, every network segment has a single designated port, which is the
port on that segment that is closest to the root bridge, in terms of cost. Therefore, all ports on a root
bridge are designated ports.

Answer 115

A

A type of partial backup of a data set. All data that has changed since the last full
backup is targeted by the backup job.

Answer 116

A

As its name suggests, DiffServ differentiates between multiple
traffic flows. Specifically, packets are marked, and routers and switches can then make decisions (for
example, dropping or forwarding decisions) based on those markings.

Answer 117

A

Can resolve an FQDN to an IP address on UNIX hosts.

Answer 118

A

A group of technologies that provide high-speed data transmission over
existing telephone wiring. DSL has several variants, which vary in data rates and distance limitations.
Three of the more popular DSL variants include asymmetric DSL (ADSL), symmetric DSL (DSL),
and very high bit-rate DSL (VDSL).

Answer 119

A

Modulates data over an entire range of frequencies using
a series of symbols called chips. A chip is shorter in duration than a bit, meaning that chips are
transmitted at a higher rate than the actual data. These chips not only represent encoded data to be
transmitted, but also what appears to be random data. Because both parties involved in a DSSS
communication know which chips represent actual data and which chips do not, if a third-party
intercepted a DSSS transmission, it would be difficult for that party to eavesdrop on the data because
he would not easily know which chips represented valid bits. DSSS is more subject to environmental
factors, as opposed to FHSS and OFDM, because it uses an entire frequency spectrum.

Answer 120

A

A category of routing protocol that sends a full copy of its routing table to its directly
attached neighbors.

Answer 121

A

A method of writing an IPv4 address or subnet mask, where groups of 8 bits
(called octets) are separated by periods.

Answer 122

A

The ability of a network interface to run multiple protocols, such as IP and IPv6

Answer 123

A

Dynamically assigns IP address information (for
example, IP address, subnet mask, DNS server’s IP address, and default gateway’s IP address) to
network devices.

Answer 124

A

The process of securing the network

against a rogue DHCP server attack or other types of DHCP security attacks.

Answer 125

A

The IPv6 version of DHCP

Answer 126

A

An overlay VPN approach where VPN connections are

dynamically established and secured.

Answer 127

A

A variant of NAT in which inside local addresses are automatically assigned
an inside global address from a pool of available addresses.

Answer 128

A

An E1 circuit contains 32 channels, in contrast to the 24 channels on a T1 circuit. Only 30 of those
32 channels, however, can transmit data (or voice or video). Specifically, the first of those 32
channels is reserved for framing and synchronization, and the seventeenth channel is reserved for
signaling (that is, to set up, maintain, and tear down a session).

Answer 129

A

A digital circuit in the same E-carrier family of standards as an E1. An E3 circuit’s available
bandwidth is 34.4Mbps.

Answer 130

A

Resides at the edge of an MPLS service provider’s cloud and

interconnects a service provider to one or more customers.

Answer 131

A

An electromagnetic waveform that can be received by network
cable (possibly corrupting data traveling on the cable) or radiated from a network cable (possibly
interfering with data traveling on another cable).

Answer 132

A

To prevent static electricity in your body from damaging
electrical components on a circuit board, you can wear an ESD wrist strap. The strap is equipped
with a clip that you can attach to something with a ground potential (for example, a large metal desk).
While wearing the wrist strap, if you have any static buildup in your body, the static flows to the
object with a ground potential to which your strap is clipped, thus avoiding damage to any electrical
components that you might touch.

Answer 133

A

An IPSec protocol that provides authentication, integrity,

and encryption services.

Answer 134

A

A Cisco proprietary protocol. Although
EIGRP is popular in Cisco-only networks, it is less popular in mixed-vendor networks. Like OSPF,
EIGRP is an IGP with very fast convergence and high scalability. EIGRP is considered to be an
advanced distance vector or a hybrid routing protocol.

Answer 135

A

In the context of wireless networking, this refers to using a centralized
authentication server such as RADIUS for authentication, instead of a preshared key (PSK)

Answer 136

A

Ethernet is a Layer 1 technology developed by Xerox and encompasses a variety of
standards that specify various media types, speeds, and distance limitations.

Answer 137

A

A device that is postured to appear like a legitimate access point on the network to carry out
a wireless attack.

Answer 138

A

WLANs containing more than one AP are called ESS WLANs. Like
BSS WLANs, ESS WLANs operate in infrastructure mode. When you have more than one AP, take
care to prevent one AP from interfering with another. Specifically, nonoverlapping channels (that is,
channels 1, 6, and 11 for the 2.4GHz band) should be selected for adjacent wireless coverage areas.

Answer 139

A

A method in IPv6 to calculate a unique host address

portion for a node.

Answer 140

A

A routing protocol that operates between autonomous systems,
which are networks under different administrative control. Border Gateway Protocol (BGP) is the
only EGP in widespread use today.

Answer 141

A

Technology that permits SAN traffic of FC over the Ethernet

media.

Answer 142

A

A protocol capable of transferring files over a network.

Answer 143

A

Uses SSL technology to secure the FTP file transfer.

Answer 144

A

Primarily a network security appliance, a firewall can protect a trusted network (for
example, a corporate LAN) from an untrusted network (for example, the Internet) by allowing the
trusted network to send traffic into the untrusted network and receive the return traffic from the
untrusted network, while blocking traffic for sessions that were initiated on the untrusted network.

Answer 145

A

Serves as a preventive control against denial of service (DoS) or distributed denial of
service (DDoS) attacks. A Flood Guard is available either as a standalone device or as a firewall
component. It is capable of monitoring network traffic to identify DoS attacks in progress generated
through packet flooding.

Answer 146

A

A Layer 2 WAN technology that interconnects sites using virtual circuits. These virtual
circuits are identified by locally significant data-link connection identifiers (DLCIs).

Answer 147

A

Allows the participants in a communication to hop
between predetermined frequencies. Security is enhanced because the participants can predict the
next frequency to be used but a third party cannot easily predict the next frequency. FHSS can also
provision extra bandwidth by simultaneously using more than one frequency.

Answer 148

A

An FTP bounce attack uses the FTP PORT command to covertly open a connection with
a remote system. Specifically, an attacker connects to an FTP server and uses the PORT command to
cause the FTP server to open a communications channel with the intended victim, which might allow
a connection from the FTP server, while a connection directly from the attacker might be denied.

Answer 149

A

A backup job that ensures all data is backed up, regardless of when this data may have
been backed up previously.

Answer 150

A

This connection allows a device to simultaneously transmit and receive data.

Answer 151

A

Directly connects every site to every other site.

Answer 152

A

A virtual perimeter of a geographic area. You might create a wireless geofence boundary
around a data center to start an alarm if equipment leaves the perimeter.

Answer 153

A

A standard developed by the European
Telecommunications Standards Institute (ETSI) to describe the protocols for second-generation
digital cellular networks used by mobile devices such as tablets. GSM was first deployed in Finland
in December 1991. As of 2014, it has become the global standard for mobile communications, with
over 90% market share, operating in over 219 countries and territories.

Answer 154

A

A free variant of pretty good privacy (PGP), which is an asymmetric
encryption algorithm.

Answer 155

A

A half-duplex connection allows a device to either receive or transmit data at any one
time. However, a half-duplex device cannot simultaneously transmit and receive.

Answer 156

A

A network appliance dedicated to the purpose of acting as a firewall. This
appliance can have multiple interfaces for connecting to areas of a network requiring varying levels
of security.

Answer 157

A

The software and processes for managing the IP addresses used in an
organization.

Answer 158

A

A network containing more than one honey pot

Answer 159

A

Acts as a distracter. Specifically, a system designated as a honey pot appears to be an
attractive attack target. One school of thought on the use of a honey pot is to place one or more honeypot systems in a network to entice attackers into thinking the system is real. The attackers then use
their resources attacking the honey pot, resulting in their leaving the real servers alone.

Answer 160

A

An HIPS system is a computer running intrusion prevention software for the
purpose of protecting the computer from attacks.

Answer 161

A

Can resolve an FQDN to an IP address on hosts.

Answer 162

A

Redundant data center locations that are ready to replace a failed data center with little to
no time or effort.

Answer 163

A

An Ethernet hub is an older technology used to interconnect network components, such as clients
and servers. Hubs vary in their number of available ports. A hub does not perform an inspection of
the traffic it passes. Rather, a hub simply receives traffic in a port and repeats that traffic out all of its
other ports.

Answer 164

A

When interconnecting multiple sites (for example, multiple corporate

locations) via WAN links, a hub-and-spoke topology has a WAN link from each remote site (a spoke
site) to the main site (the hub site).

Answer 165

A

A method of securing web traffic over the Internet

using Secure Socket Layer and Transport Layer Security technology.

Answer 166

A

A backup job that only backs up the changed data since the last incremental
backup.

Answer 167

A

A WLAN can be created without the use of an AP. Such a
configuration, called an IBSS, is said to work in an ad hoc fashion. An ad hoc WLAN is useful for
temporary connections between wireless devices. For example, you might temporarily interconnect
two laptop computers to transfer a few files.

Answer 168

A

A wireless line-of-sight technology that might be found in an Internet of Things
deployment.

Answer 169

A

Providing network infrastructure as a service using cloud

technologies.

Answer 170

A

In network security, this refers to an attacker who resides inside the network. Often,
this might be an employee of the company.

Answer 171

A

Often referred to as hard QoS because IntServ can make strict
bandwidth reservations. IntServ uses signaling among network devices to provide bandwidth
reservations. Resource Reservation Protocol (RSVP) is an example of an IntServ approach to QoS.
Because IntServ must be configured on every router along a packet’s path, a primary drawback of
IntServ is its lack of scalability.

Answer 172

A

A digital telephony technology that supports multiple
64Kbps channels (known as bearer channels or B channels) on a single connection. ISDN was
popular back in the 1980s for connecting PBXs, which are telephone switches owned and operated
by a company, to a telephone company’s central office. ISDN has the ability to carry voice, video, or
data over its B channels. ISDN also offers a robust set of signaling protocols: Q.921 for Layer 2
signaling and Q.931 for Layer 3 signaling. These signaling protocols run on a separate channel in an
ISDN circuit (known as the delta channel, data channel, or D channel).

Answer 173

A

A routing protocol that operates within an autonomous system,
which is a network under a single administrative control. OSPF and EIGRP are popular examples of
IGPs.

Answer 174

A

The documentation related to a distribution
frame in a central office or customer premises, which cross-connects the user cable media to
individual user line circuits and may serve as a distribution point for multipair cables from the main
distribution frame (MDF) or combined distribution frame (CDF) to individual cables connected to
equipment in areas remote from these frames.

Answer 175

A

A link-state routing protocol similar in its
operation to OSPF. IS-IS uses a configurable-yet-dimensionless metric associated with an interface
and runs Dijkstra’s shortest path first algorithm. Although using IS-IS as an IGP offers the scalability,
fast convergence, and vendor-interoperability benefits of OSPF, it has not been deployed as widely as
OSPF.

Answer 176

A

A multicast protocol used between clients and

routers to let routers know which of their interfaces has a multicast receiver attached.

Answer 177

A

A protocol used to set up an IPSec session.

Answer 178

A

This layer of the TCP/IP stack maps to Layer 3 (network layer) of the OSI model.
Although multiple routed protocols (for example, IPv4 and IPv6) may reside at the OSI model’s
network layer, the Internet layer of the TCP/IP stack focuses on IP as the protocol to be routed through
a network.

Answer 179

A

Negotiates parameters

for an IPSec session.

Answer 180

A

IPS devices can recognize the signature of a well-known attack
and respond to stop the attack. An IPS device resides inline with the traffic flow, unlike an IDS
sensor.

Answer 181

A

IP Security (IPSec) A type of VPN that provides confidentiality, integrity, and authentication.

Answer 182

A

A Microsoft Windows command that can be used to display IP address
configuration parameters on a PC. In addition, if DHCP is used by the PC, the ipconfig command can
be used to release and renew a DHCP lease, which is often useful during troubleshooting.

Answer 183

A

The software firewall that is included with most Linux distributions.

Answer 184

A

The uneven arrival of packets.

Answer 185

A

A client/server authentication protocol that supports mutual authentication between a client
and a server. Kerberos uses the concept of a trusted third party (a key distribution center) that hands
out tickets to be used instead of a username and password combination.

Answer 186

A

A device on a key ring that can provide security functions in the network.

Answer 187

A

Resides inside a service provider’s MPLS cloud and makes frameforwarding decisions based on labels applied to frames.

Answer 188

A

The measure of delay in a network.

Answer 189

A

A VPN protocol designed (by Cisco Systems) with the intent of
providing a tunneling protocol for PPP. Like L2TP, L2F lacks native security features.

Answer 190

A

A VPN protocol that lacks security features, such as encryption.
However, L2TP can still be used for a secure VPN connection if it is combined with another protocol
that provides encryption.

Answer 191

A

As defined by the IEEE 802.3ad standard, link aggregation allows multiple physical
connections to be logically bundled into a single logical connection.

Answer 192

A

To make the most of the limited bandwidth available on slower speed links, you might
choose to implement compression or link fragmentation and interleaving (LFI). These QoS
mechanisms are examples of link efficiency mechanisms.

Answer 193

A

A link-local IP address is a nonroutable IP address usable only on a local
subnet.

Answer 194

A

A category of routing protocol that maintains a topology of a network and uses an algorithm
to determine the shortest path to a destination network.

Answer 195

A

Sent by routers in a network to advertise the networks the routers
know how to reach. Routers use those LSAs to construct a topological map of a network. The
algorithm run against this topological map is Dijkstra’s shortest path first algorithm.

Answer 196

A

Distributing client requests among different network resources that can provide the
same service or data.

Answer 197

A

Interconnects network components within a local region (for example,
within a building).

Answer 198

A

A connection between a customer’s premises and a local telephone company’s central
office.

Answer 199

A

Various types of locks are a key element in physical security for the networks. Locks can also
exist on the network devices themselves.

Answer 200

A

This is an attacker’s malicious code that resides in a software system and will be
triggered when certain conditions are met.

Answer 201

A

A logical network diagram details the network path from a logical perspective as
opposed to a physical one.

Answer 202

A

The actual traffic flow of a network determines the network’s logical topology.

Answer 203

A

A loopback interface on a network device is a logical (virtual) interface that is often used
for testing purposes.

Answer 204

A

Radiates power at relatively equal power levels in all directions
(somewhat similar to the theoretical isotropic antenna). Omnidirectional antennas are popular in
residential WLANs and SOHO locations.

Answer 205

A

Alters bits within a frame, cell, or packet to indicate how a network should treat that traffic.
Marking alone does not change how a network treats a packet. Other tools (such as queuing tools)
can, however, reference markings and make decisions (for example, forwarding decisions or
dropping decisions) based on those markings.

Answer 206

A

Devices need to be interconnected via some sort of media. This media could be copper
cabling. Alternatively, it could be a fiber-optic cable. Media might not even be a cable, as is the case
with wireless networks, where radio waves travel through the media of air.

Answer 207

A

A value assigned to a route. Lower metrics are preferred over higher metrics.

Answer 208

A

A device that permits a remote connection to the Internet or other remote networks. This
device might be dial-up or newer technologies such as cable.

Answer 209

A

This physical security approach uses sensors to detect motion in a secured area.

Answer 210

A

A multicast communication flow is a one-to-many flow.

Answer 211

A

Similar to two-factor authentication, multifactor authentication requires
two or more types of successful authentication before granting access to a network.

Answer 212

A

Like a router, a multilayer switch can make traffic forwarding decisions based on
Layer 3 information. Although multilayer switches more closely approach wire-speed throughput than
most routers, routers tend to have a greater feature set and are capable of supporting more interface
types than a multilayer switch.

Answer 213

A

multiple-input multiple-output (MIMO) MIMO uses multiple antennas for transmission and
reception. These antennas do not interfere with one another, thanks to MIMO’s use of spatial
multiplexing, which encodes data based on the antenna from which the data will be transmitted. Both
reliability and throughput can be increased with MIMO’s simultaneous use of multiple antennas.

Answer 214

A

Displays NetBIOS information for IP-based networks. The nbt prefix of the
nbtstat command refers to NetBIOS over TCP/IP, which is called NBT (or NetBT). This command
can, for example, display a listing of NetBIOS device names learned by a Microsoft Windows–based
PC.

Answer 215

A

Any process whereby network elements can discover each other on the network.
In the case of EIGRP, hello packets are used, for example.

Answer 216

A

A network-vulnerability scanner available from Tenable Network Security.

Answer 217

A

Can display a variety of information about IP-based connections on a Windows or
UNIX host.

Answer 218

A

The network interface layer of the TCP/IP stack (also known as the network
access layer) encompasses the technologies addressed by Layers 1 and 2 (that is, the physical and
data link layers) of the OSI model.

Answer 219

A

Layer 3 of the OSI model. This layer is primarily concerned with forwarding databased on logical addresses.

Answer 220

A

An IP address on the next router to which traffic should be forwarded.

Answer 221

A

This management tool permits the scanning of the network for hosts and services.

Answer 222

A

In STP terms, nondesignated ports block traffic to create a loop-free topology.

Answer 223

A

Many network devices and technologies support notifications for key events. These are
often used in the area of security.

Answer 224

A

Can resolve an FQDN to an IP address on Microsoft Windows and UNIX hosts.

Answer 225

A

A grouping of 8 bits. An IPv4 address consists of four octets (that is, a total of 32 bits).

Answer 226

A

The term onsite in the context of virtualization technologies refers to hosting virtual devices on
hardware physically located in a corporate data center.

Answer 227

A

A broken strand of copper that prevents current from flowing through a circuit.

Answer 228

A

Similar to a dedicated leased line, because most packet-switched
networks are always on. However, unlike a dedicated leased line, packet-switched connections allowmultiple customers to share a service provider’s bandwidth.

Answer 229

A

A hybrid of a hub-and-spoke topology and a full-mesh topology. A partialmesh topology can be designed to provide an optimal route between selected sites, while avoiding
the expense of interconnecting every site to every other site.

Answer 230

A

Allows interconnected devices (for example, PCs) to share their resources
with one another. These resources could be, for example, files or printers.

Answer 231

A

In the context of wireless networking, this refers to using a preshared key (PSK)
instead of a centralized server, such as RADIUS, for authentication.

Answer 232

A

This network attack uses email or other messages to attempt to capture the authentication
information (or other information) from an end user.

Answer 233

A

These diagrams provide a map of the physical layout of the network.

Answer 234

A

Layer 1 of the OSI model. This layer is concerned with the transmission of bits on a
network.

Answer 235

A

The way a network’s components are physically interconnected determines the
network’s physical topology.

Answer 236

A

One of the most commonly used command-line commands, ping can check IP
connectivity between two network devices. Multiple platforms (for example, routers, switches, and
hosts) support the ping command.

Answer 237

A

Plenum cabling is fire retardant and minimizes toxic fumes released by network cabling if
that cable were to catch on fire. As a result, plenum cabling is often a requirement of local fire codes
for cable in raised flooring or in other open-air return ducts.

Answer 238

A

This feature of a distance-vector routing protocol causes a route received on one
interface to be advertised back out of that same interface with a metric considered to be infinite.

Answer 239

A

Joining multiple network device ports together for increased bandwidth and
redundancy.

Answer 240

A

In the context of wireless networking, this refers to using a preshared key (PSK)
instead of a centralized server, such as RADIUS, for authentication.

Answer 241

A

This network attack uses email or other messages to attempt to capture the authentication
information (or other information) from an end user.

Answer 242

A

These diagrams provide a map of the physical layout of the network.

Answer 243

A

Layer 1 of the OSI model. This layer is concerned with the transmission of bits on a
network.

Answer 244

A

The way a network’s components are physically interconnected determines the
network’s physical topology.

Answer 245

A

One of the most commonly used command-line commands, ping can check IP
connectivity between two network devices. Multiple platforms (for example, routers, switches, and
hosts) support the ping command.

Answer 246

A

Plenum cabling is fire retardant and minimizes toxic fumes released by network cabling if
that cable were to catch on fire. As a result, plenum cabling is often a requirement of local fire codes
for cable in raised flooring or in other open-air return ducts.

Answer 247

A

This feature of a distance-vector routing protocol causes a route received on one
interface to be advertised back out of that same interface with a metric considered to be infinite.

Answer 248

A

Joining multiple network device ports together for increased bandwidth and
redundancy.

Answer 249

A

Intercepts requests being sent from a client and forwards those requests on to their
intended destination. The proxy server then sends any return traffic to the client that initiated the
session. This provides address hiding for the client. Also, some proxy servers conserve WAN
bandwidth by offering a content-caching function. In addition, some proxy servers offer URL filtering
to, for example, block users from accessing social networking sites during working hours.

Answer 250

A

When terminating wires on a punch-down block (for example, a 110 block), you
should use a punch-down tool, which is designed to properly insert an insulated wire between two
contact blades in a punch-down block, without damaging the blades.

Answer 251

A

A diagram of the network devices mounted in a physical or virtual rack of equipment.

Answer 252

A

The measure of how error-free a network transmits packets.

Answer 253

A

In a ring topology, traffic flows in a circular fashion around a closed network loop
(that is, a ring). Typically, a ring topology sends data, in a single direction, to each connected device
in turn, until the intended destination receives the data.

Answer 254

A

An access point that is not permitted on the network.

Answer 255

A

A switch protection mechanism for STP. The switch ensures that superior BPDU
messages are ignored.

Answer 256

A

In an STP topology, every nonroot bridge has a single root port, which is the port on that
switch that is closest to the root bridge, in terms of cost.

Answer 257

A

Can add, modify, or delete routes in the IP routing table of Microsoft Windows and
UNIX hosts. In addition, the route command can be used to view the IP routing table of Microsoft
Windows hosts.

Answer 258

A

Allows routes learned by one routing protocol to be injected into the routing
process of another routing protocol.

Answer 259

A

A protocol with an addressing scheme (for example, IP) that defines different
network addresses.

Answer 260

A

A router is considered a Layer 3 device, meaning that it makes its forwarding decisions based
on logical network addresses. Most modern networks use IP addressing.

Answer 261

A

A routing protocol (for example, RIP, OSPF, or EIGRP) that advertises route
information between routers, which describes how to reach specified destination networks.

Answer 262

A

Provides WAN access to sites where terrestrial WAN solutions are
unavailable. Satellite WAN connections can suffer from long round-trip delay (which can be
unacceptable for latency-sensitive applications) and are susceptible to poor weather conditions.

Answer 263

A

A continually changing document that dictates a set of guidelines for network use.
These guidelines complement organizational objectives by specifying rules for how a network is
used.

Answer 264

A

As its name suggests, a server serves up resources to a network. These resources might
include email access as provided by an email server, web pages as provided by a web server, or
files available on a file server.

Answer 265

A

As Layer 5 of the OSI model, it’s responsible for setting up, maintaining, and tearing
down sessions.

Answer 266

A

A short occurs when two copper connectors touch each other, resulting in current flowing
through that short rather than the attached electrical circuit, because the short has lower resistance.

Answer 267

A

Interconnects two sites, as an alternative to a leased line, at a reduced cost.

Answer 268

A

Any pocket-sized card with embedded integrated circuits. Often, smart cards are used
for network security, specifically authentication.

Answer 269

A

A backup method where a point-in-time capture of the data is performed.

Answer 270

A

Attackers sometimes use social techniques (which often leverage people’s desire
to be helpful) to obtain confidential information. For example, an attacker might pose as a member of
an IT department and ask a company employee for her login credentials in order for the “IT staff to
test the connection.” This type of attack is called social engineering.

Answer 271

A

Often referred to as the “brains” of the SDN

network, this device sends commands to the network devices to have configurations made.

Answer 272

A

A computer running firewall software. For example, the software firewall could
protect the computer itself (for instance, preventing incoming connections to the computer).
Alternatively, a software firewall could be a computer with more than one network interface card that
runs firewall software to filter traffic flowing through the computer.

Answer 273

A

This feature of a distance-vector routing protocol prevents a route learned on one
interface from being advertised back out of that same interface.

Answer 274

A

In a star topology, a network has a central point (for example, a switch) from which all
attached devices radiate.

Answer 275

A

One way to electrically or optically represent a binary 1 or 0 is to use
the transition between a voltage level (for example, going from a state of no voltage to a state of
voltage, or vice versa, on a copper cable) or the transition of having light or no light on a fiber-optic
cable to represent a binary 1. Similarly, a binary 0 is represented by having no transition in a voltagelevel or light level from one time period to the next. This approach of representing binary digits is
called state transition modulation.

Answer 276

A

Inspects traffic leaving the inside network as it goes out to the Internet. Then, when
returning traffic from the same session (as identified by source and destination IP addresses and port
numbers) attempts to enter the inside network, the stateful firewall permits that traffic. The process of
inspecting traffic to identify unique sessions is called stateful inspection.

Answer 277

A

A 32-bit value (in IPv4) that indicates what portion of the IP address is the network ID
versus what portion is the host ID.

Answer 278

A

In a network using 802.1X user authentication, a supplicant is the device that wants to gain
access to a network.

Answer 279

A

Like an Ethernet hub, an Ethernet switch interconnects network components. Like a hub,
switches are available with a variety of port densities. However, unlike a hub, a switch doesn’t
simply take traffic in on one port and forward copies of that traffic out all other ports. Rather, a
switch learns which devices reside off of which ports. As a result, when traffic comes in a switch
port, the switch interrogates the traffic to see where it’s destined. Then, based on what the switch has
learned, it forwards the traffic out of the appropriate port and not out all of the other ports.

Answer 280

A

With symmetric encryption, both the sender and the receiver of a packet use
the same key (a shared key) for encryption and decryption.

Answer 281

A

In the same T-carrier family of standards as a T1, a T3 circuit offers an increased bandwidth
capacity. Whereas a T1 circuit combines 24 DS0s into a single physical connection to offer
1.544Mbps of bandwidth, a T3 circuit combines 672 DS0s into a single physical connection, with a
resulting bandwidth capacity of 44.7Mbps.

Answer 282

A

Also known as the DoD model, this four-layer model (as opposed to the seven-layer
OSI model) targets the suite of TCP/IP protocols.

Answer 283

A

A common packet analyzer that runs under the command line. It allows the user to displayTCP/IP and other packets being transmitted or received over a network to which the computer is
attached.

Answer 284

A

A telephone company. Some countries have government-maintained telcos, and other countries
have multiple telcos that compete with one another.

Answer 285

A

A method of remote access for network devices that does not provide any security
mechanisms.

Answer 286

A

The red and green wires found in RJ-11 wall jacks, which carry voice, ringing voltage,
and signaling information between an analog device (for example, a phone or a modem) and an RJ-11
wall jack.

Answer 287

A

Sometimes called a fox and hound, a toner probe allows you to place a tone generator at
one end of the connection (for example, in someone’s office) and use a probe on the punch-down
block to audibly detect to which pair of wires the tone generator is connected.

Answer 288

A

A UNIX command that displays every router hop along the path from a source
host to a destination host on an IP network. Information about the router hop can include the IP
address of the router hop and the round-trip delay of that router hop.

Answer 289

A

A Microsoft Windows–based command that displays every router hop along the
path from a source host to a destination host on an IP network. Information about a router hop can
include such information as the IP address of the router hop and the round-trip delay of that router
hop.

Answer 290

A

Instead of making a minimum amount of bandwidth available for specific traffictypes, you might want to limit available bandwidth. Both policing and shaping tools can accomplish
this objective. Collectively, these tools are called traffic conditioners. Traffic shaping delays excess
traffic by buffering it as opposed to dropping the excess traffic.

Answer 291

A

As Layer 4 of the OSI model, it acts as a dividing line between the
upper layers and the lower layers. Specifically, messages are taken from the upper layers (Layers 5–
7) and encapsulated into segments for transmission to the lower layers (Layers 1–3). Similarly, data
streams coming from lower layers are decapsulated and sent to Layer 5 (the session layer) or some
other upper layer, depending on the protocol.

Answer 292

A

The transport layer of the TCP/IP stack maps to Layer 4 (transport
layer) of the OSI model. The two primary protocols found at the TCP/IP stack’s transport layer are
TCP and UDP

Answer 293

A

A problem report explaining the details of an issue being experienced in a network.

Answer 294

A

In the context of an Ethernet network, this is a single physical or logical connection that
simultaneously carries traffic for multiple VLANs. However, a trunk also refers to an interconnection
between telephone switches, in the context of telephony.

Answer 295

A

Transmitting traffic with additional encapsulation.

Answer 296

A

Today’s most popular media type is twisted-pair cable, where individually
insulated copper strands are intertwined into a twisted-pair cable. Two categories of twisted-pair
cable include shielded twisted pair (STP) and unshielded twisted pair (UTP).

Answer 297

A

A unicast communication flow is a one-to-one flow.

Answer 298

A

Unidirectional antennas can focus their power in a specific direction, thus
avoiding potential interference with other wireless devices and perhaps reaching greater distances
than those possible with omnidirectional antennas. One application for unidirectional antennas is
interconnecting two nearby buildings.

Answer 299

A

A form of physical security where cameras monitor a network area

Answer 300

A

A virtual desktop solution allows a user to store data in a centralized data center, as
opposed to the hard drive of his local computer. Then, with appropriate authentication credentials,
that user can access his data from various remote devices (for example, his smartphone or another
computer).

Answer 301

A

Usually a VoIP telephony solution hosted by a service provider, which interconnects
with a company’s existing telephone system

Answer 302

A

Allows a single physical server to host multiple virtual instances of various operating
systems. This allows, for example, a single physical server to simultaneously host multiple Microsoft
Windows servers and multiple Linux servers.

Answer 303

A

Performs Layer 2 functions (for example, VLAN separation and filtering) between
various server instances running on a single physical server.

Answer 304

A

If an open WLAN (or a WLAN whose SSID and authentication credentials are known)
is found in a public place, a user might write a symbol on a wall (or some other nearby structure) to
let others know the characteristics of the discovered network. This practice, which is a variant of the
decades-old practice of hobos leaving symbols as messages to fellow hobos, is called war chalking.

Answer 305

A

Searching for Wi-Fi wireless networks by a person in a moving vehicle, using a laptop
or smartphone. Software for war driving is freely available on the Internet.

Answer 306

A

A redundant site that can be brought online with minimal time and effort.

Answer 307

A

An interconnection between two devices in a WAN.

Answer 308

A

Attaches to a wired network and provides access to that wired network for
wirelessly attached clients, like a wireless AP. However, a wireless router is configured such that the
wired interface that connects to the rest of the network (or to the Internet) is on a different IP network
than the wireless clients. Typically, a wireless router performs NATing between these two IP address
spaces.

Answer 309

A

A wireless communications protocol used primarily for home automation. It is a mesh
network using low-energy radio waves to communicate from appliance to appliance, allowing for
wireless control of residential appliances and other devices, such as lighting control, security
systems, thermostats, windows, locks, swimming pools, and garage door openers.

Answer 310

A

A technology that performs three basic functions: assigning link-local IP addresses,
resolving computer names to IP addresses, and locating network services.

Brainscape's Knowledge GenomeTM

GLOSSARY Flashcards

Brainscape's Knowledge Genome^TM