Messer - 1. Networking Concepts (Part 1 of 2) Flashcards

Question 1

Q

To move data (e.g. HTTP) across a network, we need to package it up, encapsulate it within ___________ or ____________, which then needs to be encapsulated within ___________, which is then encapsulated within _____________.

Answer

A

TCP or UDP
IP
Ethernet

Question 2

Q

TCP and UDP are transported inside of, and encapsulated by ________.

Answer

A

IP Protocol

Question 3

Q

TCP and UDP operate at which layer of the OSI Model?

Answer

A

Layer 4 (Transport)

Question 4

Q

__________ allows us to use many different applications at the same time across a network, and is a nice feature of TCP and UDP.

Answer

A

Multiplexing

Question 5

Q

TCP stands for _____________.

Answer

A

Transmission Control Protocol

Question 6

Q

UDP stands for ________________.

Answer

A

User Datagram Protocol

Question 7

Q

How do TCP and UDP differ in terms of connections?

Answer

A

TCP is connection-oriented. A formal connection is made between separate devices on a network, data is transferred, and then the connection is formally terminated.

UDP is “connectionless.” There is no formal opening or closing of a connection. Data is sent whenever available, without acknowledgment from receiver.

Question 8

Q

How do TCP and UDP differ in terms of reliability?

Answer

A

TCP is “reliable.” It sends numbered data so if data is lost or out of order, it can recover from the error, re-order, and/or re-transmit the data.

UDP is “unreliable.” No error recovery. No re-ordering of data or retransmission.

Question 9

Q

In what way can UDP’s “connectionless unreliability” be an advantage?

Answer

A

No unnecessary overhead!

Question 10

Q

What is the purpose of a port number?

Answer

A

Port numbers are associated with different applications so data can be directed to the correct place within a device. (e.g. Port 80 - unencrypted web traffic)

Question 11

Q

What is a socket?

Answer

A

IP address + port number

[See notes - Feel like I’m missing stuff here]

Question 12

Q

What are the two types of port numbers?

Answer

A

Non-ephemeral / permanent (Commonly used by applications or services running on a server)

Ephemeral / temporary (Clients usually send randomly chosen port # when sending data)

Question 13

Q

TCP and UDP ports can be any between __________ and ___________.

Answer

A

0 and 65,535

Question 14

Q

Ports 0 to 1,023 are ______________.
Ports 1,024 to 49,151 are _________.
Ports 49,152 to 65,535 are __________.

Answer

A

System or well-known ports
User or registered ports
Dynamic, private, or ephemeral ports

Question 15

Q

What happens when TCP and UDP try to use the same port number simultaneously?

Answer

A

Nothing. There’s no conflict. e.g. One application can use TCP port 80 and another can use UDP port 80. (But wouldn’t normally see this.)

Question 16

Q

If we were to closely inspect an IP packet, what five things would we find?

Answer

A

Source IP Address
Destination IP Address
TCP/UDP Source Port (randomly selected)
TCP/UDP Destination Port
Application Data (e.g HTTP, VoIP, email data)

Question 17

Q

ICMP stands for ____________.

Answer

A

Internet Control Message Protocol

Question 18

Q

What is the purpose of ICMP?

Answer

A

It’s like text messaging for network devices. Devices can request and reply to administrative requests (e.g. “Hey, are you there?”). Can let other devices know things aren’t going well (e.g. trouble communicating).

Question 19

Q

Like TCP/UCP, ICMP is carried by ___________. However, it is not used for ______________.

Answer

A

IP

data transfer

Question 20

Q

Telnet stands for __________________.

Answer

A

Telecommunication Network

Question 21

Q

Telnet port?

Question 22

Q

What is the purpose of Telnet?

Answer

A

Log in to devices remotely and access via text-based console. Way to communicate to and administer servers, routers, switches, and other devices.

Question 23

Q

Why isn’t Telnet the best choice for production systems?

Answer

A

It’s non-encrypted (e.g. user name and password in the clear)

Question 24

Q

SSH stands for _________________.

Answer

A

Secure Shell

Question 25

Q

SSH port?

Question 26

Q

What is the purpose of SSH?

Answer

A

Same as Telnet, but encrypted.

Question 27

Q

DNS stands for _________________.

Answer

A

Domain Name System

Question 28

Q

DNS port?

Question 29

Q

SMTP stands for _________________.

Answer

A

Simple Mail Transfer Protocol

Question 30

Q

What is the purpose of DNS?

Answer

A

Converts IP addresses to more human-friendly domain names (e.g. 162.159.246.164 = www.professormesser.com)

Question 31

Q

SMTP port?

Question 32

Q

What is the purpose of SMTP?

Answer

A

Sending email (not receiving!)

Question 33

Q

FTP stands for _________________.

Answer

A

File Transfer Protocol

Question 34

Q

FTP Port?

Answer

A

tcp/20 (active mode data - actual data transfer)

tcp/21 (control - various commands)

Question 35

Q

What is the purpose of FTP?

Answer

A

Transferring files between systems

Question 36

Q

SFTP stands for _________________.

Answer

A

Secure File Transfer Protocol

Question 37

Q

SFTP port?

Question 38

Q

SFTP uses __________ as its underlying protocol, and therefore uses the same port number.

Question 39

Q

SFTP stands for _________________.

Answer

A

Trivial File Transfer Protocol

Question 40

Q

TFTP port?

Answer

A

udp/69 [think promiscuous]

Question 41

Q

What are the two main difference between TFTP and FTP / SFTP?

Answer

A

1) TFTP only reads and writes files. Lacks all other functionality (e.g. directory listings, resuming interrupted file transfers, etc.)
2) No username / password for authentication

Question 42

Q

DHCP stands for _________________.

Answer

A

Dynamic Host Configuration Protocol

Question 43

Q

DHCP port?

Answer

A

udp/67
udp/68

[Note: I believe this is for DHCPv4 only. I think DHCPv6 uses udp/546 (client) and udp/547 (server)]

Question 44

Q

DHCP assigns a ___________ to a device when that device ___________.

Answer

A

IP Address

First starts up

Question 45

Q

What is the purpose of DHCP?

Answer

A

Automatically configure IP address, subnet mask, DNS settings, etc.

Question 46

Q

DHCP requires a _____________, which in a small organization or home is often integrated into a ________________.

Answer

A

DHCP server

SOHO router

Question 47

Q

What is the purpose of a subnet mask?

Answer

A

Divides IP address into two parts that identify host computer and network. (A host will then use the subnet mask to know if destination is on local or remote network.)

Question 48

Q

DHCP assigns __________ to devices in real-time from a _____________ as part of a ____________, which must be renewed at set intervals.

Answer

A

IP addresses
pool
lease

Question 49

Q

Every device has a unique identifier known as a ____________, which DHCP servers use for assigning _____________.

Answer

A

MAC Address

IP Addresses

Question 50

Q

HTTP stands for _________________.

Answer

A

Hypertext Transfer Protocol

Question 51

Q

HTTP port?

Question 52

Q

What is the purpose of HTTP?

Answer

A

Web server communication

Question 53

Q

HTTPS stands for _________________.

Answer

A

Hypertext Transfer Protocol Secure

Question 54

Q

HTTPS port?

Question 55

Q

SNMP stands for _________________.

Answer

A

Simple Network Management Protocol

Question 56

Q

SNMP port?

Question 57

Q

What is the purpose of SNMP?

Answer

A

Allows admins to monitor and configure network devices remotely. (e.g. servers, switches, routers, printers, etc.) You can gather a ton of information, like bandwidth being used, errors, device temps, even how much printer paper / toner is left.

Question 58

Q

Name two characteristics of SNMP v1

Answer

A

Structured tables

Unencrypted

Question 59

Q

Name three characteristics of SNMP v2

Answer

A

Bulk transfers (easily request and receive a lot of info)
Data type enhancements
Still unencrypted

Question 60

Q

Name three characteristics of SNMP v3

Answer

A

Message integrity
Authentication
Encryption

Question 61

Q

RDP stands for _________________.

Answer

A

Remote Desktop Protocol

Question 62

Q

RDP port?

Question 63

Q

What is the purpose of RDP?

Answer

A

Share a desktop from a remote location (e.g. allow help desk technician, remote administrator, scammer to see the screen of a remote computer)

Question 64

Q

The Windows application that uses RDP is called ______________.

Answer

A

Remote Desktop Connection

Answer 55

A

Network Time Protocol

Answer 56

A

To synchronize clock across network devices

Answer 57

A

Log files, authentication, outage details

Answer 58

A

Session Initiation Protocol

Answer 59

A

tcp/5060

tcp/5061

Answer 60

A

Voice over IP (VoIP). Setting up and managing sessions. Calling, ringing, hanging up.

Answer 61

A

Video conferencing
Instant messaging
File transfers

Answer 62

A

Server Message Block

Answer 63

A

Protocol used by Microsoft Windows for sharing files, printers, etc.

Answer 64

A

CIFS (Common Internet File System)

[Technically, CIFS was a particular implementation of SMB that’s now obsolete. But people often use terms interchangeably.]

Answer 65

A

NetBIOS

[Hope I have this one right. Very confusing info out there]

Answer 66

A

Post Office Protocol version 3

Answer 67

A

Basic email receiving functionality. (Not sending, like SMTP!)

Answer 68

A

Internet Message Access Protocol

Answer 69

A

More advanced email receiving functionality. (Not sending, like SMTP!)

Answer 70

A

POP3 retrieves messages from an email server (deleting them from server in the process).

IMAP does not remove messages, and allows for synchronization of inbox among multiple clients.

Answer 71

A

Lightweight Directory Access Protocol

Answer 72

A

Authentication protocol for directory services. Used as database to manage user and group privileges, allowing access to network devices such as printers, etc.

[This is a really tricky one. Not sure I got that entirely right.]

Answer 73

A

Lightweight Directory Access Protocol Secure

Answer 74

A

non-standard

SSL

Answer 75

A

Manages Voice over IP (VoIP) sessions (e.g. call, ring, hang up). (See also SIP)

Answer 76

A

Open Systems Interconnection

Answer 77

A

The seven layers computer systems use to communicate over a network

Answer 78

A

A Priest Saw Two Nuns Doing Pushups
All People Seem to Need Data Processing

Reverse: Please Do Not Throw Sausage Pizza Away

Answer 79

A

Application

Answer 80

A

Presentation

Answer 81

A

Transport

Answer 82

A

Data Link

Answer 83

A

Application

Physical

Answer 84

A

The physics of a network. The signaling, cabling, fiber optics, connectors, tools like punch-downs. Not about protocols. A physical layer problem would be something like a bad cable.

Answer 85

A

Device-to-device data transfer within a network. Defines protocols for that communication, like DLC, LLC, PPP. Switching, bridging, or having two devices communicate using MAC addresses and Ethernet Frames.

Answer 86

A

Communication between networks. This is the “routing” layer. Routers using IP addresses, fragmenting frames / data to traverse different networks

Answer 87

A

The functional and procedural means of transferring packets. This is the “post office” layer. It’s all about TCP and UDP, the most common protocols for transferring data across a network. TCP and UDP are almost synonymous with Transport Layer

Answer 88

A

Connections between computers. It establishes, manages, and terminates connections between local and remote application. Establishes procedures for checkpointing, suspending, restarting, and terminating a session. In modern TCP/IP system, session layer is non-existent and simply part of the TCP protocol.

[Borrowed from Wikipedia for this. Prof. Messer was pretty unclear]

Answer 89

A

Transforming data into a form an application accepts, or formatting application data to be sent across a network. May involve character encoding, encryption / decryption (SSL / TLS), or compression. Sometimes called “Syntax Layer.” Often combined with Layer 7 (Application).

[Odd that Presentation is not the layer involving user interaction.]

Answer 90

A

Users interacting directly with software. It’s the layer we see when using a browser window, transferring a file, reading email. It’s all about “your eyes.”

Answer 91

A

Layer 2 (Data Link)

[Intra-network]

Answer 92

A

Layer 1 (Physical)

[No protocols. Just raw data transfer]

Answer 93

A

Layer 3 (Network)

[Between networks]

Answer 94

A

Small Office / Home Office

Answer 95

A

A small local area network (LAN) that typically consists of fewer than 10 computers.

Answer 96

A

Header
Encapsulated Data
Trailer

Answer 97

A

Header (Preamble, SFD, Destination MAC, Source MAC, and Type)
Encapsulated data (Data and Pad)
Trailer (FCS)

Answer 98

A

Start Frame Delimiter

Designates end of an Ethernet Frame’s preamble

Answer 99

A

Frame Check Sequence

CRC checksum of Ethernet Frame for error-checking

Answer 100

A

Layer 2 (Data Link)

Answer 101

A

Layer 3 (Network) and higher
(e.g. IP info, TCP data, browsing info)

Answer 102

A

Protocol Data Unit

Answer 103

A

A specific block of information transferred over a network

Answer 104

A

All layers

But it’s called different things at each layer

Answer 105

A

Raw bits (1s or 0s) transmitted physically via the hardware

Answer 106

A

A frame (or series of bits)

Answer 107

A

A packet that contains the source and destination address

Answer 108

A

A segment that includes a TCP header and data

Answer 109

A

The data passed to the network connection

Answer 110

A

The data formatted for presentation

Answer 111

A

The data received or transmitted by a software application

Answer 112

A

Media Access Control Address

Answer 113

A

The unique “physical” address of a network device (also known as EUI-48)

Answer 114

A

48
6
hexadecimal

(e.g. 8c:2d:aa:4b:98:a7)

Answer 115

A

Manufacturer - Organizationally Unique Identifier (OUI)

Serial Number - Network Interface Controller-Specific

Answer 116

A

Half-duplex:
Cannot send and receive data simultaneously
All traffic sent to all devices
Collisions possible

Full duplex:
Can send and receive data simultaneously
Traffic intelligently directed to appropriate device
No collisions

Answer 117

A

Carrier Sense Multiple Access with Collision Detection

Answer 118

A

An early ethernet protocol that controlled communication in half-duplex networks

Answer 119

A

Every node on network must listen for a period of no activity before trying to send a message

Answer 120

A

Once a period of no activity occurs, every network node has equal opportunity to transmit a message

Answer 121

A

If two nodes on network start transmitting at the same time, the nodes will detect collision and take appropriate action

Answer 122

A

1) Listen for an opening (don’t transmit if network busy)
2) Once network is clear, attempt to send data
3) Handle collisions (Transmit jam signal so all devices know. Wait exponential back-off time and restart process)

Answer 123

A

By terminating transmission as soon as collision detected, thus shortening time required before a retry could be attempted.

Answer 124

A

Because in modern Ethernet networks, built with switches and full-duplex connections, each Ethernet segment, or collision domain, is now isolated.

Answer 125

A

Hub

Switch

Answer 126

A

Carrier Sense Multiple Access with Collision Avoidance

Answer 127

A

A newer ethernet protocol that controls communication in wireless networks (which are still half-duplex)

Answer 128

A

Wireless networks suffer from the “hidden node problem” or “hidden terminal problem.” Because nodes on a wireless network may not be in range of each other, they can not communicate directly, which makes collisions impossible to detect.

Answer 129

A

1) Listen for an opening (don’t transmit if network busy)
2) Once network is clear, wait random time and then attempt to send data
3) Wait for acknowledgement (ACK) from recipient. If not received, wait exponential back-off time and restart process

[So two main differences between CA and CD is random wait time prior to sending data, and the ACK handshake in lieu of collision detection]

Answer 130

A

Ready to Send / Clear to Send

Answer 131

A

An optional protocol used by CSMA/CA to address “hidden node problem” and reduce probability of collisions.

Answer 132

A

A wireless device asks permission to transmit from access point, which then grants permission. (i.e. Access point acts as traffic controller)

Answer 133

A

Introduces latency by adding another step in the CSMA/CA process. (Prior to the ACK handshake.)

Answer 134

A

When a network is small and doesn’t have any terminals / nodes that are out of range of each other. (i.e. isn’t susceptible to the “hidden node” problem)

Answer 135

A

When two nodes attempt to transmit data simultaneously, causing data loss. [Should move this card up higher]

Answer 136

A

When frames are corrupted

Answer 137

A

MAC addresses [and associated interfaces, I believe]

source MAC address of incoming traffic

Answer 138

A

CAM table, MAC forward table, MAC filter table, switching table, bridging table

Answer 139

A

loop

Spanning Tree Protocol (STP)

Answer 140

A

These are Fast Ethernet Interfaces. The first number is card number and second is interface number. (e.g. F0/2 would mean Slot 0 / Interface 2)

Answer 141

A

This is a Gigabit Interface.

Answer 142

A

Fast Ethernet has max speed of 100 Mbps

Gigabit Ethernet has max speed of 1,000 Mbps (10x faster)

Answer 143

A

The switch performs a unicast flood, which is when a switch receives a unicast frame and treats it as a broadcast frame, flooding the frame to everyone. When intended unknown device receives frame, it replies to sender and switch can then note the device’s interface location in MAC address table.

(Note 1: this is how hubs used to work.)
(Note 2: This is not the same as MAC flooding, a type of network attack)

Answer 144

A

Address Resolution Protocol

Answer 145

A

A method for workstations (note: not switches) to discover MAC addresses of devices across a network in order to communicate with them. Does this by sending ARP Broadcast, asking for MAC address of a particular IP address on the network.

Answer 146

A

A segment of a network where packet collisions can occur

Answer 147

A

hub

bridge, switch, or router

Answer 148

A

switches

full-duplex

Answer 149

A

broadcast domain

Answer 150

A

When a device sends info and everyone on a local IPv4 network receives it (within the limited scope of a broadcast domain)

ARP requests (seeking MAC address based on ipv4)
Operating system notifications
some dynamic routing protocols

Answer 151

A

If a network has too many devices, broadcasts can slow things down. One way to limit broadcasts is to separate the network with a router in the middle.

[My question is: If broadcasts can be stopped without an issue, why were they necessary in the first place?)

Answer 152

A

When one device sends info to another device (one-to-one relationship). Common in web browsing, file transfers, etc.

Note: There are two devices in a unicast

Answer 153

A

Doesn’t always scale optimally (e.g. for real-time streaming live media event)

Answer 154

A

multicasts

Answer 155

A

Broadcast is one-to-all. Multicast is one-to-many. Instead of delivering info to all devices, only sends to interested / subscribed systems.

Answer 156

A

Difficult to scale across large networks because all devices need to know how to deal with it. (So both broadcasts and multicasts have scaling issues.)

Answer 157

A

Protocol Data Unit (PDU)

Answer 158

A

Maximum Transmission Unit

Answer 159

A

The size of the largest Protocol Data Unit (PDU) that can be communicated in a single network layer transaction.

Technically, refers to the size of an IP packet on the network layer. But people sometimes refer to Ethernet maximum frame size as MTU.

Answer 160

A

Bytes (i.e. an octet of 8 bits)

Answer 161

A

Transmission Control Protocol (TCP)

Answer 162

A

The upside is greater efficiency (more data / less overhead). The downside is larger packets are slower and cause delays.

Answer 163

A

The data is fragmented (i.e. broken into smaller pieces)

[From what I understand, this can occur at Data Link layer as well as Network layer]

Answer 164

A

Increased overhead
If you lose fragment, you lose entire packet
Sometimes you don’t know fragmentation is happening

Answer 165

A

Because it is difficult to the know MTU for an entire path. And automated methods are often inaccurate (especially when ICMP is filtered for security reason). Fortunately, MTUs don’t need to be configured often. Usually once is enough.

[Unclear what he means by “entire path.” Through the OSI layers?]

Answer 166

A

1,500 bytes

[Be careful. This refers to max size of an IP packet or other payload that fits inside an Ethernet Frame. The Ethernet Frame itself will be a bit bigger due to headers]

Answer 167

A

1,518 bytes (Standard Ethernet header of 14 bytes and FCS of 4 bytes at the end)

Answer 168

A

1) Tunneled traffics (e.g. VPNs). Because you need to put additional headers around your data. Tunnel may be smaller than your local Ethernet segment.
2) Some apps don’t want their data fragmented. Might send packets with a Don’t Fragment (DF) set in IP header

Answer 169

A

ping -f -l 1472 8.8.8.8

-f means don’t fragment
-l specifies length
The IP is Google’s DNS server

Just keep lowering the length until the ping succeeds.

Answer 170

A

Dividing a computer network into smaller physical or logical components. Helpful for security, performance, and separating different logical areas of a network.

(May also be referred to as network segregation, network partitioning, and network isolation)

Answer 171

A

A local area network (LAN) is a collection of devices connected together in one physical location, such as a building, office, or home. A LAN can be small or large, ranging from a home network with one user to an enterprise network with thousands of users and devices in an office or school.

Regardless of size, a LAN’s single defining characteristic is that it connects devices that are in a single, limited area.

Answer 172

A

A virtual local area network (VLAN) is a logical group of workstations, servers and network devices that appear to be on the same LAN despite their geographical distribution. A VLAN allows a network of computers and users to communicate in a simulated environment as if they exist in a single LAN and are sharing a single broadcast and multicast domain.

[Another definition I saw somewhere: any broadcast domain that is segregated and isolated at the data link layer OSI layer 2]

Answer 173

A

VLANs are implemented to achieve scalability, security and ease of network management and can quickly adapt to changes in network requirements and relocation of workstations and server nodes.

Answer 174

A

An 802.1Q Trunk is a single physical connection between two switches that allows for numerous VLANs to be transmitted over that connection. (Think how a single tree trunk can support numerous branches.)

Without a trunk, having VLANs on multiple switches wouldn’t scale well. There simply aren’t enough available interfaces / ports.

Answer 175

A

ISL (Inter-Switch LInk

Answer 176

A

Ethernet Frame
VLAN header field
TPID (Tag Protocol Identifier) (Identifies protocol)
VLAN ID (Identifies destination)

Answer 177

A

32 bits long
16 bits long
12 bits long
4,094 VLANs per trunk

[The remaining 4 bits is for Quality of Service (QoS)]

Answer 178

A

Normal Range: 1 to 1,005
Extended Range: 1,006 to 4,094
Reserved: 0 and 4,095

Answer 179

A

Spanning Tree Protocol

Answer 180

A

Spanning Tree Protocol (STP) prevents loops on switched networks. Loops occur when two switches are connected with more than one cable, allowing them to send traffic back and forth forever (or until a cable is pulled). This can bring down a network.

Answer 181

A

8021.D

[“D” is for “what dumbass plugged in a second cable?”]

Answer 182

A

root switch
root port
closest to the root switch

Answer 183

A

Root Port (RP) - Allows traffic to traverse this particular interface
Designated Port (DP) - The other interfaces on switch that allow traffic
Blocked Port (BP) - Any interface on a switch that might create a loop

Answer 184

A

Blocking: All traffic is stopped and port does not participate in frame forwarding. When initializing, this is the default state for all ports. (20 seconds)

Listening: If a port is a designated or root port, it moves to the listening state where it listens for changes in topology. No data transmission occurs at this point. Non-designated ports stay in the blocking state. (15 seconds)

Learning: Designated and root ports prepare to participate in frame forwarding and begin to populate the CAM table (i.e. MAC Address table). (15 seconds)

Forwarding: Designated and root ports are now actively forwarding frames.

Disabled: Administrator has turned off the port.

Answer 185

A

Traffic can take a longer, more circuitous path than we might expect, as it navigates around blocked ports.

Answer 186

A

STP has to converge the network and restructure which devices are connected through the Spanning Tree (and presumably which ports are active).

Answer 187

A

Rapid Spanning Tree Protocol

Answer 188

A

Much-needed update to STP, and the latest standard. It has a faster convergence process, reducing the wait time from 50 seconds to 6 seconds. Backwards compatible with STP. Can mix both in same network. Very similar processes.

Answer 189

A

8021.W

[“W” is still for “what dumbass plugged in a second cable?”]

Answer 190

A

speed (e.g. 10, 100, 1,000, or even faster)
duplex (e.g. half-duplex v. full-duplex)
auto-negotiate (v. manual)

Answer 191

A

Switch Virtual Interface (SVI)

Answer 192

A

A Switch Virtual Interface (SVI) is a virtual layer 3 interface on a switch that can route to other broadcast domains (or VLANs). It allows traffic to be routed between VLANs by providing a default gateway for the VLAN (without having an actual physical router).

[Remember that switches operate on layer 2]
[Confusing concept. Wasn’t mentioned by Prof. Messer]

Answer 193

A

A separate VLAN configured to transport traffic generated by end devices such as computers, servers, printers, access points, etc (i.e. user-generated data).

Answer 194

A

A separate VLAN for managing the switch from a remote location by using protocols such as telnet, SSH, SNMP, syslog etc. Normally the Management VLAN is VLAN 1, but you can use any VLAN as a management VLAN. Cisco recommends not to use VLAN 1 and not to use any VLAN that carries user data traffic as Management VLAN.

Answer 195

A

The primary VLAN which is loaded onto a managed switch after booting up. A new, out-of-the-box switch normally has all its ports assigned to VLAN 1 by default. This means that if you connect multiple devices on any number of physical ports on the switch, by default, all devices will be able to communicate with each other.

[From what I understand, Default VLAN will always be assigned to VLAN 1. Cannot be changed.]

Answer 196

A

A designated destination for untagged traffic. (i.e. traffic where the frames have not been encapsulated with 802.1q tags.) When a Cisco switch receives an Ethernet frame without a tag on an 802.1Q enabled interface, it will assume that it belongs to the native VLAN.

[I do wonder WHY you would have untagged frames in the first place]

[From what I understand, by default, the Native VLAN will be assigned to VLAN 1. But unlike the Default VLAN, this can be changed.]

[Native VLANs can pose a security risk]

Answer 197

A

An access port is assigned to a single VLAN. The frames that arrive on an access port are assumed to be part of the access VLAN, and are therefore untagged. This port type is configured on switch ports that are connected to devices with a normal network card (e.g. a workstation).

A trunk port is connected to another switch. This port type can carry traffic of multiple VLANs. Therefore, frames must be tagged.

Answer 198

A

A demilitarized zone (DMZ) is a physical or logical subnetwork that contains and exposes an organization’s external-facing services to an untrusted, usually larger, network such as the Internet. (i.e. Allows people outside the network to access some resources, without accessing others.)

Answer 199

A

Power over Ethernet

Answer 200

A

Power over Ethernet (PoE) provides power over an Ethernet cable in addition to data. (i.e. One wire for both network and electricity.) Often used in VoIP phones, remote security cameras, and wireless access points. Helpful in difficult-to-power areas.

[Really started with VoIP phones. Folks wanted them to operate like old-fashioned landlines, which were powered by a single phone cable]

Answer 201

A

Power Sourcing Equipment

Answer 202

A

Power sourcing equipment (PSE) are devices that provide power on the Ethernet cable (PoE). They are available as End-spans or Mid-spans

Answer 203

A

PSE devices are available as End-spans or Mid-spans. An End-span device is usually a network switch that can provide PoE power on each port. End-span PSEs typically are used in new installations where a new switch or router is required. Mid-span devices are often added to an existing network to add PoE capabilities.

Answer 204

A

In PoE, Mode A refers to power being injected onto the Ethernet cable on pins 1,2,3, and 6 and is usually found in End-span devices. Mode B means injecting power onto pins 4,5,7, and 8 and is usually found in Midspan devices.

Answer 205

A

PoE: IEEE 802.3af-2003
15.4 watts DC power
Maximum current of 350 mA

Answer 206

A

PoE+: IEEE 802.3at-2009
25.5 watts DC power
Maximum current of 600 mA

Answer 207

A

Used on a network switch to send copy of network packets seen on one switch port (or an entire VLAN) to a network monitoring connection on another switch port. Commonly used for de-bugging / troubleshooting or intrusion detection.

aka network tap or switch port analyzer (SPAN)

Answer 208

A

Intrusion Prevention System (IPS) or Intrusion Detection and Prevention System (IDPS)

Answer 209

A

The process of selecting a path for traffic (i.e. IP packets) in a network or across multiple networks.

Answer 210

A

the next step or “hop”

destination IP address

Answer 211

A

A database that keeps track of paths, like a map, and uses these to determine which way to forward traffic

Answer 212

A

static and dynamic

Answer 213

A

In static routing, the administrator determines the routes by manually updating routing tables.

In dynamic routing, the routing tables are updated automatically in (almost) real-time, as routers send route updates to other routers.

Answer 214

A

Advantages:

    - Easy to configure and manage on smaller networks
    - No overhead from routing protocols (CPU, memory, bandwidth)
    - Easy to configure on sub networks (only one way out)
    - More secure - no routing protocols to analyze

Disadvantages:

    - Difficult to administer on larger networks
    - No automatic method to prevent routing loops (which are easy to create)
    - If there's a network change, you have to manually update the routes
    - No automatic rerouting if an outage occurs

[Obviously, these are reversed for dynamic routing]

Answer 215

A

The route that takes effect when no other route is available for an IP destination address. (i.e. when no specific address of a next-hop host is available from the routing table)

Answer 216

A

“gateway of last resort”

Answer 217

A

Autonomous System

Answer 218

A

Autonomous System (AS) is a connected group of one or more IP prefixes run by one or more network operators which has a SINGLE and CLEARLY DEFINED routing policy. (As defined by RFC 1930, Section 3)

Answer 219

A

Interior Gateway Policy

Answer 220

A

Protocol used for exchanging routing information between gateways (commonly routers) WITHIN an autonomous system (AS).

Answer 221

A

Exterior Gateway Policy

Answer 222

A

Protocol used for exchanging routing information between gateways ACROSS different, neighboring autonomous systems (AS).

[Note: Can refer to a specific obsolete protocol used in the 1980s. Or can refer to a class of protocols, including BGP, that are still used today]

Answer 223

A

OSPFv2 (Open Shortest Path First)
RIPv2 (Routing Information Protocol version 2)
EIGRP (Enhanced Interior Gateway Routing Protocol) (Cisco systems)

[Should maybe make separate cards for each of these]

Answer 224

A

OSPFv3 (Open Shortest Path First)
RIPng (RIP next generation) (Routing Information Protocol)
EIGRP for IPv6 (Enhanced Interior Gateway Routing Protocol)

Answer 225

A

Border Gateway Protocol

Answer 226

A

Depending on how you define EGP, it is either:

a) The successor / replacement for EGP

or

b) The most popular type of EGP currently in use

Answer 227

A

Protocols that allow routers to share information about the network with other routers to allow them to select the best path to reach a destination. (Different routing protocols have different ways of determining best path, and of recovering from network changes like an outage.)

Answer 228

A

Distance-vector
Link-state
Hybrid

Answer 229

A

The deciding “vector” is the “distance” of another network (i.e. how many “hops” away it is).

Answer 230

A

Pros:

- Usually automatic (very little configuration)
- Good for smaller networks

Cons:

- A route with more hops (greater distance) might actually be faster!
- Doesn't scale well to very large networks

Answer 231

A

RIP, RIPv2, and Cisco’s EIGRP

Answer 232

A

Concerned with quality and speed of connection (as opposed to “hops” or distance)

Answer 233

A

Pros:

- Speed obviously
- Flexible and scalable, used most often in large networks.

Cons:
-Requires more memory and processing power than distance-vector

Answer 234

A

A little link-state, a little distance-vector. (i.e. So it’s looking at distance or number of hops as well as connectivity / speed).

Answer 235

A

BGP (Border Gateway Protocol). Determines route based on paths, network policies, or configured rule-sets

Answer 236

A

IP address
network
host (computer)

Answer 237

A

Allows for a LOT more IP addresses, so much more scalable for all people / devices on the planet.

Answer 238

A

1) Remove leading zeroes in each section

2) Abbreviate 2+ consecutive groups of zeroes with double colons (You can only do this once per address)

Answer 239

A

That an IPv6 contains 8 groups of 4 (You may not be able to expand the double colons without knowing this)

Answer 240

A

A technique that involves running both IPv4 and IPv6 on a network. Interfaces are assigned multiple address types and router maintains both IPv4 and IPv6 routing tables.

Answer 241

A

When one protocol encloses (i.e. encapsulates) in its datagram another complete data packet that uses a different communications protocol. Often used for privacy or security (e.g. VPN or SSH), but can also be used for handling IPv6 traffic on an IPv4 network (or vice versa).

Answer 242

A

An IPv6 transition technique that involves encapsulating IPv6 packets into IPv4 for transport across an IPv4 network.

[Notice it’s 6 TO 4, as opposed to 4 IN 6]

Answer 243

A

involves encapsulating IPv4 packets into IPv6 for transport across an IPv6 network.

[Notice it’s 4 IN 6, as opposed to 6 TO 4]

Answer 244

A

2002

e.g. 2002:CB00:71FF:0:fe64:3486:d398:3346

Answer 245

A

relay router

IP Protocol 41

Answer 246

A

Common IPv6 transition configuration that tunnels IPv6 through a NAT translated IPv4 network without need for a special IPV6 router.

Taredo is for Windows. Miredo is an open source version of Taredo for Linux, BSD Unix, and Mac OS X

Answer 247

A

Basically any device on a network capable of sending, receiving, or forwarding data that has some form of identification (e.g. MAC address or IP Address).

Examples: Computers, routers, modems, switches, hubs, bridges, servers, and printers

Answer 248

A

A host is a type of node, usually an endpoint that provides data or a service, that has an IP address. (e.g. a server, possibly a printer, but not a router)

All hosts are nodes, but not all nodes are hosts.

Answer 249

A

Neighbor Discovery Protocol

Answer 250

A

Protocol used for IPv6 traffic that allows different nodes to advertise their existence to neighbors, and learn about existence (and availability) of neighbors.

Answer 251

A

multicast

ICMPv6

Answer 252

A

Automatic address configuration (SLAAC)
Duplicate address detection (DAD)
Router discovery (RS / RA)
MAC discovery
MTU discovery

Answer 253

A

Stateless Address Autoconfiguration

Answer 254

A

An NDP (Neighbor Discovery Protocol) service for IPv6 that automatically configures an IP address without a DHCP server.

Answer 255

A

Duplicate Address Detection

Answer 256

A

An NDP (Neighbor Discovery Protocol) service for IPv6 that prevents duplicate IP address.

Answer 257

A

Router Solicitation (RS) and Router Advertisement (RA)

Answer 258

A

Part of the NDP (Neighbor Discovery Protocol) service for IPv6 that involves router discovery.

Answer 259

A

Routers send RS (router solicitation) messages to all IPv6 routers using ff02::2 address
Routers are listening for this. Will send back a unicast frame with RA (router advertisement) address of that local router

(Routers also send unsolicited RA messages from multicast destination of ff02::1)

Answer 260

A

prefix value = IPv6 network

prefix length = Local subnet mask

Answer 261

A

Neighbor Solicitation (NS) and Neighbor Advertisement (RA)

Answer 262

A

Basically, it’s how devices in an IPv6 network discover the MAC addresses of other network devices so they can communicate. Because remember, IPv6 does not use Address Resolution Protocol (ARP).

Answer 263

A

Neighbor Solicitation (NS) - Sends out IPv6 address as multicast to get MAC address (Might also send out NS to test whether IP address is already taken or available)
Neighbor Advertisement (NA) - Device with that IPv6 address sends back MAC address

Answer 264

A

RS/RA is for router discovery. NS/NA is for devices like workstations to find MAC address of other devices.

Answer 265

A

Controlling bandwidth usage (e.g. who uses it, when, and for what purpose). Involves setting higher priority for important apps.

[I believe it could be considered a QoS method]

Answer 266

A

Quality of Service

Answer 267

A

Describes the strategies used to manage and increase the flow of network traffic. Enables administrators to predict bandwidth use, monitor that use, and control it to ensure that bandwidth is available to the applications that need it most (e.g. latency sensitive apps)

Answer 268

A

Latency sensitive apps need bandwidth for quick delivery, and are therefore prioritized by QoS methods. (e.g. videoconferencing, streaming video, and VoIP)

Latency insensitive apps would include web traffic, faxing, or large backups via FTP.

Answer 269

A

CoS
DiffServ

[Messer refers to these as standards of QoS. But one of my books refers to them as components of QoS. A little unclear]

Answer 270

A

Class of Service

Answer 271

A

A QoS standard / component that differentiates types of payloads being transmitted. Usually applied in intranet (not from ISP). Involves Ethernet frame headers in 802.1Q trunks. So between switches in OSI Layer 2 (Data Link).

[See also DiffServ]

Answer 272

A

Differentiated Services

Answer 273

A

A QoS standard / component that differentiates types of payloads being transmitted.
QoS bits are enabled in the IPv4 header by routers in OSI Layer 3 (Network).

[See also CoS]

Answer 274

A

Differentiated Service Code Point

Answer 275

A

These are the QoS values placed in the DS (Differentiated Services) field in an IPv4 header by DiffServ.

Answer 276

A

Network Address Translation

Answer 277

A

A process/technology where a router translates an internal host’s private IP address into its public IP address for outgoing traffic, and vice versa for incoming traffic.

Allows many computers to “hide” behind a single IP Address. Important due to IPv4 address pace being exhausted. (Also helps with security.)

Answer 278

A

private
public
public
private

[NOTE: NAT allows you to use whatever addressing scheme you want, but common to use private IP addresses]

Answer 279

A

0.0.0 - 10.255.255.255
16.0.0 - 172.31.255.255
168.0.0 - 192.168.255.255

Answer 280

A

Port Address Translation

Answer 281

A

A common type of NAT where all systems on a LAN are translated to the same IP address, but with different port number assignments. And then the router will place its own port number on the outward-facing IP address. (e.g. 10.10.20.50:3233 -> 94.1.1.1:1055)

The router maintains a NAT Table to track its translations so inbound replies can be transmitted back to original client.

Answer 282

A

NAT overload

Answer 283

A

The NATed addresses are dynamic / temporary, and communication with Internet must be initiated by internal client. So not good for services that need to be permanently accessible from Internet. (e.g. email or web server)

[I think this is accurate]

Answer 284

A

Static Network Address Translation

Answer 285

A

A one-to-one mapping of a private IP address to a static unchanging public IP address. This enables an internal system, such as a mail server, to have a private IP address and still be reachable over the Internet.

[This has more to do with incoming traffic. Does not have the same dynamic / temporary shortcomings of PAT. Note that ports are not used, so it’s a one-to-one translation, meaning you DO need to use additional public IP addresses. Wasteful in that regard.]

[There’s also Dynamic NAT, which does the same kind of one-to-one mapping, but it draws IP address from pool of first available. Deals more with outbound traffic. Not to be confused with Destination NAT.]

Answer 286

A

Destination Network Address Translation

Answer 287

A

A kind of NAT that provides 24x7 access from outside network to a service hosted inside network. Used to direct authorized inbound traffic to appropriate services or apps on network. (e.g. Web server, gaming server, security system, etc.). We map / configure external IP + port number to an internal IP + port.

[So this is about incoming traffic. Interestingly, Messer says SNAT and DNAT are basically synonyms. Another book distinguishes them, but it’s not clear how. This appears to use port numbers, whereas SNAT doesn’t. Very confusing]

Answer 288

A

Port Forwarding

[As in Destination NAT. Not Dynamic NAT]

Answer 289

A

Access Control List

Answer 290

A

A list of allowed or nonallowed services, ports, websites, etc.

A way to allow or disallow traffic to parts of our network (i.e. a packet filter)
Can be used for NAT, QoS, etc.
Commonly configured in router
Can apply to ingress traffic (incoming), egress traffic (outgoing), or both
Can evaluate on different criteria (e.g. source IP, destination IP, TCP and UDP port numbers, ICMP, etc.)

Answer 291

A

Tuples are an ordered list, like an array, except it’s immutable (unchanging). They’re basically the columns in a firewall policy used to determine whether to block or allow traffic (e.g. Source IP, destination IP, port number, time of day, application, etc.).

[pronounced “tupple”]

Answer 292

A

allow
top to bottom

[Once it finds a match, it will allow and skip the rest]

Answer 293

A

It means default denial. Most firewalls are written with a denial at the bottom, so if you’ve gone through every single allow rule, and there’s no match, access is denied.

Answer 294

A

Rule Number Remote IP Remote Port Local Port Protocol Action
1 ALL ANY 22 TCP Allow

Answer 295

A

A dedicated, physical transmission channel (i.e. circuit) is established between endpoints before data ever passes, and reserved until disconnected. (Basically always uses phone lines?)

Examples:

POTS / PSTN (e.g. landline phone technologies)
T1 / T3 (or E1 / E3 in Europe) (creates circuit between two sites)
ISDN (uses phone number to call another ISDN modem)

[See also: packet switching]

Answer 296

A

Advantages: Connection is always there if you need it. More reliable. Better audio quality. Generally more secure. (Communication paths are exclusive to two parties)

Disadvantages: Inefficient use of network bandwidth. Networks more expensive to use, build, maintain

Answer 297

A

Plain Old Telephone Service

Answer 298

A

Public Switched Telephone Network

Answer 299

A

Integrated Services Digital Network

Answer 300

A

Messages are broken into smaller pieces called packets and sent across a network shared with everyone. Each packet is assigned a source, destination, and intermediate node addresses. (Basically always uses Internet?)

Examples:

SONET (Synchronous Optical Network) [fiber optics]
ATM (Asynchronous Transfer Mode) [Actually both packet and circuit switching??]
DSL (Digital Subscriber Line) [
Frame relay
MPLS (Multiprotocol Label Switching)
Cable modem
Satellite
Wireless network (home)

[Hopefully Messer discusses some of these later?]

Answer 301

A

Advantages: Transmits data fastest way possible. Multiple users share same network. More efficient use of bandwidth. Cheaper networks.

Disadvantages: Poor connections and call quality. More vulnerable to security threats. Unpredictable latency

Answer 302

A

Software Defined Networking

Answer 303

A

An approach to networking that allows network administrators to programmatically manage network behavior dynamically via open interfaces and provide abstraction of lower-level functionality.

SDN (software-defined networking) centralizes the control of data flow by using software. In this process determinations that were traditionally handled by routers and switches, are now handled by the SDN controller. The SDN controller integrates the functions of device configuration and device management into a single software interface. This simplifies device management as every physical or virtual device can be accessed, monitored and configured. The software interface or dashboard allows administrators to control devices simultaneously as a group, making it a clear alternative to individual device access. SDN will play a major role in Cloud technologies.

Answer 304

A

Agile / flexible: Changes can be made dynamically on the fly at any time. (e.g. More capacity can be provided on network where it’s needed)
Centrally managed: One central console. Don’t need to login multiple places. Can control entire network from one screen

-Programmatically configured: Automation. No human intervention needed (e.g. if network becomes congested or needs more resources, can
be deployed automatically)

-Open standards / vendor neutral: A standard interface to the network (i.e. For the software part of it)

Answer 305

A

Allows for a single physical switch to manage multiple virtual hosts, which each contain things like web server, database server, test server, etc. Allows for separation of these virtual devices into their own VLANs. You can group these resources, so web servers are on their own VLAN, database servers on another, etc.

Provides a centralized control point for VMs and virtual server clusters across multiple points. This simplifies network management and reduces errors. On each physical host, an agent is installed. A supervisor module on the distributed switch then controls the hosts.

[Had a VERY hard time finding decent info on this. Not sure how accurate this is.]

Brainscape's Knowledge GenomeTM

Messer - 1. Networking Concepts (Part 1 of 2) Flashcards

Brainscape's Knowledge Genome^TM