Misc.

Question 1

What is the newest IEEE WiFi standard and what frequency bands does it operate on?

Answer 1

WIFI-7 aka 802.11be = the latest WiFi standard with speeds up to 46Gbps, 320MHz channel width (double WIFI-6).

It operates on the 2.4/5/6GHZ frequency bands.

Question 2

What is band steering?

Answer 2

Band steering = WAP feature to optimise device connections/speeds = Directing clients connected to a WAP (Wireless Access Point) to the best frequency e.g. 2.4GHz if the 5GHz band is busy or has weak signal.

Question 3

What is the point of the 802.11h WiFi standard?

Answer 3

802.11h is a regulated wifi standard that forces WiFi capable devices/routers to have certain features:
-DFS = Dynamic Frequency Selection - the ability to detect and avoid frequency conflicts
-TPC = Transmit Power Control -regulates the power level of WiFi transmissions.

Question 4

What is a direct wireless connection between two devices, without using a WAP (WirelessAccessPoint) called?

Answer 4

IBSS (Independent Basic Service Set) or Ad hoc - connection.

Ad hoc = network configuration where devices are directly connected to each other for a particular purpose. Peer 2 Peer (P2P) connection/no AP’s or routers. E.g. bluetooth to connect to an IoT device.

Question 5

What is the BSSID? What two things is it comprised of?

Answer 5

BSSID is the unique identifier for a network device used to tell devices with the same SSID (given name) apart by other devices on the network.

BSSID is made up of the device MAC address combined with the SSID.

SSID + MAC address = BSSID

Question 6

What is an ESSID?

Answer 6

ESSID - Extensible SSID = allows seamless roaming between multiple configured WAP’s on the same network.

As soon as you get in range of a new better signal WAP the BSSID (MAC address+SSID) is gathered and connected to.

Question 7

What are active and passive devices in terms of providing network redundancy?

Answer 7

Active device is the one in use whereas the passive one is the one on standby to take over should the active device fail (failover) thereby providing network redundancy and minimising any down time.

Configuration and real-time session information like the routing table is constantly synchronised between these two devices so the failover can happen at anytime.

Can have an active-active setup but requires more setup (and higher setup costs). I.e. two active firewalls where only outbound traffic goes through one firewall and inbound traffic uses the other exclusively. This still provides redundancy and balances the network load.

Question 8

What is IPAM - Internet Protocol Address Management?

Answer 8

IPAM is a software/suite of tools to centralise the management of IP addresses within your network. E.g. manage DHCP reservations or link users to IP addresses and keep track of how many IP addresses in the range are available, etc.

Question 9

What’s an SLA?

Answer 9

Service Level Agreement (SLA) - is an agreed upon minimum level of service between a client and a provider. E.g. it may stipulate a 99.5% minimum infrastructure uptime or less than 2 hours unscheduled downtime per week, etc.

Question 10

What’s a site survey?

Answer 10

An assessment to evaluate Access Point locations, wireless landscape (heat map, WiFi map), any dead zones, temperatures, humidity etc. Basically all site conditions related to IT. This can then be used to optimise service by using frequencies that aren’t in use, plan where to put MDF and IDF.

Question 11

What is a golden or baseline configuration?

Answer 11

Predefined/working/ideal/stable setup for a system.
You can roll back to or compare against this golden configuration if a problem arises with your production configuration.

Question 12

What does NetFlow protocol do?

Answer 12

NetFlow gathers detailed statistics regarding data flow over the network/monitors network traffic for performance, troubleshooting and security monitoring. This collected data is then sent from all physical taps/switch port analysers to a NetFlow Collector which then stores the summary of data statistics and creates graphs etc as needed.

SolarWinds is a NetFlow analysis tool to process and visualise such NetFlow device data.

Question 13

What is SIEM?

Answer 13

A way of collecting syslog data from various network devices to manage security and error logging from a centralised SIEM - Security Information Event Management (e.g. Splunk).

SIEM allows for real time alerts, long term storage of events/logs, analysis over time for network events.

SIEM can be configured to only capture certain messages/data.

Question 14

What is Availability Monitoring?

Answer 14

Availability monitoring = tracking whether a device is reachable or not/up or down. Can set alarm to trigger if an interface becomes unreachable. Can be tracked over time.

Question 15

What is an RTO?

Answer 15

RTO - Recovery Time Objective = a measure of how long (time) it takes after an outage/disaster to get back to a normal operating service level.

RTO = how long to get back up and running again.

(Lower the better).

Question 16

What is an RPO?

Answer 16

RPO - Recovery Point Objective = a measure of how much data is lost between an outage and the previous backup/recovery point.

RPO can help determine how frequently backups should occur.

Question 17

What is MTTR in disaster recovery?

Answer 17

MTTR = Mean Time To Repair = the actual average time taken from an issue/outage occurring and being fully functional again.

e.g. how long to replace a broken router (shorter the better)

Question 18

What is MTBF in disaster recovery?

Answer 18

MTBF - Mean Time Between Failures = the average length of time systems/infrastructure are fully operational before unplanned outage/failure occurs.

(longer time the better)

Question 19

Site resiliency?

Answer 19

Site resiliency = ability to move operations/services to an alternative/backup/resiliency site location in the event of a site disaster/outage.

Cold site = empty building site, everything needs to be brought with you in the event of a disaster (takes a long time to get up and running again, but is cheap to have).

Hot site = exact replica of your primary site/duplicate all hardware and data from the primary site. (Can be up and running very quickly if the primary site fails, much more costly to keep running, maintaining than a Cold Site).

Question 20

What are Cold/Warm/Hot sites in terms of Disaster Recovery?

Answer 20

Cold site = empty building site, everything needs to be brought with you in the event of a disaster (takes a long time to get up and running again, but is cheap to have).

Warm site = somewhere between hot and cold sites, it has just enough hardware to get going again. Software must be sent/brought over from the primary site or from a backup location.

Hot site = exact replica of your primary site/duplicate all hardware and data from the primary site. (Can be up and running very quickly if the primary site fails, much more costly to keep running, maintaining than a Cold Site).

Question 21

What are tabletop exercises in relation to disaster recovery?

Answer 21

Tabletop exercises are where each department verbally walks through the steps they would take to recover from a hypothetical disaster/outage.

This is a good no-risk way to practice disaster recovery and identify potential problems that may arise in such an event.

Question 22

What is a Validation Test?

Answer 22

Validation Tests = real-world simulation of a disaster/outage and actually doing the steps to recover from it (generally in a virtualised clone of the infrastructure). E.g. implementing backups, meeting RPO and RTO targets, recovery plan.

Question 23

What is the file used in Local name resolution (not DNS)?

Answer 23

Hosts File is used in local name resolution - it is a list of domains linked to IP addresses/hostname. If a domain cannot be found in the hosts file list then DNS is used/queried to resolve/convert the Domain name to an IP address.

Question 24

What is the difference between a Forward Lookup and a Reverse DNS Lookup?

Answer 24

A forward lookup is where you input the FQDN and the DNS server returns the IP address.

Whereas, a Reverse DNS lookup is where you input the IP address and the DNS returns the FQDN.

Question 25

What is an Authoritative DNS Server?

Answer 25

Authoritative DNS Server = the zone authority that holds the original/official records for a Domain e.g. the A records, MX (Mail eXchange) records, etc. It is responsible for providing the most reliable and up-to-date information about the requested Domain.

Question 26

What is the potential problem with a Non-Authoritative DNS Server?

Answer 26

Non-Authoritative DNS Servers hold copies/caches of records received directly or indirectly from the authoritative DNS server. This means that they may not have been updated recently so could be wrong! The length of time these caches are kept for/deemed valid on a non-authoritative server is defined by the TTL in seconds.

Question 27

What is DNSSEC?

Answer 27

DNSSEC - Domain Name Server Security Extensions = is a configurable way of digitally signing DNS server responses to prove they come from a trusted source and that they haven’t been tampered with.

However, the responses are still transmitted in-the-clear so if the DNS traffic is captured people can still see what sites etc you are using.

Question 28

What is DoT and what is the default port it uses?

Answer 28

DoT - DNS over TLS = is a way of encrypting DNS traffic with TLS/SSL (commonly used to encrypt web traffic).

DoT uses port tcp/853 by default.

Question 29

What is DoH and what port does it use?

Answer 29

DNS over HTTPS (DoH) = is another way of encrypting DNS queries by encapsulating them in HTTPS (tcp/443) packets.

Question 30

What is a DNS Pointer Record (PTR)?

Answer 30

Pointer Record - is a DNS record type that is the reverse of an A or AAAA record i.e. it allows reverse lookups. It is stored in a reverse map zone file.

It stores FQDN’s that are sent back to clients assuming they do a DNS reverse lookup with the corresponding IP address.

I.e. if you search by IP address instead of human-readable FQDN then a Pointer Record (PTR) is searched to find the corresponding FQDN.

Question 31

What are NS/Name Server Records?

Answer 31

Name Server (NS) Records list the name servers for a domain. E.g. they point to the name of the DNS server where a domain is stored.

NS Records tell the system where to go to find the DNS records for a queried/searched domain.

Question 32

What is VNC the equivalent to on a non-Windows OS?

Answer 32

VNC (Virtual Network Computing) is equivalent to RDP (Windows only) for providing remote access to a desktop that’s not using Windows.

Question 33

What is API integration?

Answer 33

The process of connecting two+ apps or systems via their APIs (Application Programming Interfaces). This lets them share data/services between them in real-time.

Question 34

What is a Jump Box/Jump Server?

Answer 34

A jump box/server is a gateway server between a client and other servers/the network. Adding this middle server increases security as there is only a single point of entry to the network and therefore a reduced attack surface.

The jump box MUST be security hardened, require 2FA, enforce security updates etc as once someone is authed on the jump box/server they can then access the entire network!

Question 35

What is in-band management?

Answer 35

In-band management/IP access = managing devices and systems using the same network (IP) that they use for their primary operations.

Question 36

What is out-of-band management?

Answer 36

Out-of-band (OOB) management = managing devices and systems using a DIFFERENT network that they use for their primary operations, e.g. using a physical connection to the device, usb/serial connection, separate modem. (NOT THE IP THAT THE DEVICE IS ON).

Question 37

What is compliance?

Answer 37

Compliance = adhering to the laws, policies and regulations. Not being compliant may result in fines, imprisonment and being fired.

Question 38

What is data localisation?

Answer 38

Data Localisation = the practice of storing data from one region/country within that region/country as dictated by GDPR (General Data Protection Regulation - EU data protection regulation).

Data collected in Vegas stays in Vegas.

Question 39

What’s PCI DSS?

Answer 39

PCI DSS - Payment Card Industry Data Security Standard = a standard for protecting credit card information that’s digitally stored.

Companies that deal with credit cards are regularly audited (searched/inspected) to make sure they are in compliance with the PCI DSS.

6 control objectives:
-protect data
-maintain vulnerability management
-monitor and test networks
-maintain information security policy

Question 40

What two halves of a 48 bit MAC address are there?

Answer 40

OUI:NIC-serial

The first half is the OUI - Organisationally Unique Identifier - aka the manufacturers unique number.

The second half of a MAC address is the NIC specific serial number.

Question 41

What is MAC flooding?

Answer 41

An attack that flushes a switches cached MAC address table with tonnes of packets all from different source MAC addresses. This forces the default switch behaviour which is to forward a received packet with no matching cached MAC address to ALL switch interfaces. Aka makes it work like a hub which means the attacker can then receive all packets sent to that hub for their malicious gains.

The switch’s port security settings block flooding by limiting the number of addresses learned per port.

Question 42

What’s the updated/future version of the nslookup utility command?

Answer 42

dig - this more in depth version of the soon to be deprecated nslookup - shows where an IP address/domain is stored. The name server (ns) that it’s on - authoritative (authentic information/most reliable) or non-authoritative - a name server that has the info from the authoritative server for efficiency, however it may not be fully reliable if the info hasn’t been updated recently.

Question 43

What does the tcpdump command line tool do?

Answer 43

tcpdump = limited quick real-time packet capture and analysis. (Like a quick Wireshark command line equivalent).

Can save tcpdump as a .pcap file that can be viewed and analysed in depth by Wireshark.

Question 44

What does netstat -a show?

Answer 44

netstat (network statistics) -a shows all active connections/active listening open ports and what IP address they are communicating with.

Question 45

What is Operational Technology (OT)?

Answer 45

Operational Technology (OT) is the hardware and software that control industrial equipment and infrastructure such as the power grid, factory equipment.

SCADA and DCS (Distributed Control Systems) are examples of Operational Technology (OT).

Question 46

What is Insertion Loss?

Answer 46

Insertion Loss = the loss/degradation of signal strength and or power when a device is inserted into a network. Measured in decibels (dB) and shows the weakening of signal as it goes through the component (e.g. due to resistance of the cable/wire).

Question 47

Near End CrossTalk (NEXT) vs Far End CrossTalk (FEXT)?

Answer 47

Near End CrossTalk (NEXT) is the interference measured at the transmitting end of a cable/device.

Far End CrossTalk (FEXT) is the interference measured at the furthest point from the transmitting device.

To troubleshoot crosstalk (XT) check your wires (twisted copper pairs) are tightly twisted and make sure the RJ45 connector is crimped properly onto the wires.

CAT6A ethernet cable has cable spacers to physically separate the wires to reduce crosstalk (XT).

Question 48

What are the three tiers of the three-tier hierarchical network model? 3

Answer 48

Three-Tier Hierarchical network Model is split into 3 layers:
Core Layer - core routers - connects different site locations etc, backbone of the network
Distribution Layer - VLAN’s, firewalls, access, aggregates data from access layer switches
Access Layer - the layer the end users actually connect to. Point of entry for end users.

It is only used for large networks.

Question 49

What is a collapsed core network architecture? 2

Answer 49

Collapsed Core network Architecture consists of two layers: Core Layer and an Access layer. It is designed for small networks and businesses.

The Distribution Layer from the three-tier hierarchical model is collapsed/merged into the core layer.

Easier to manage than a three tier. E.g. a spine and leaf design is an example of a collapsed core network architecture.

Question 50

What is the difference between Unicast and Multicast communication?

Answer 50

Unicast = one-to-one (uni) communication via an IP address.

Multicast = one-to-many (multi) via a multicast group address. E.g. streaming a video to multiple PC’s at once.

Question 51

What IP version does Anycast work with?

Answer 51

Anycast ONLY works with IPv6 and is where data is sent to the nearest/most optimal destination (that all share the same address) as determined by routing protocols. E.g. to optimise CDN (Content Delivery Network) to get your content to you faster and DNS.

Question 52

What is Anycast communication?

Answer 52

Anycast = one to ANY (one) of the closest devices with the same address (CDN etc server selection of the nearest host server to the client for optimal download speeds).

Question 53

What is the purpose of a Voice VLAN?

Answer 53

Voice VLAN - is designed to prioritise and separate voice traffic (VoIP) from other network traffic to ensure QoS - reduce latency, jitter and packet loss for VoIP traffic.

Question 54

What is a DHCP exclusion range?

Answer 54

DHCP exclusion range is a preconfigured range of IP’s NOT to be used for dynamic address assignment. i.e. NOT to be used for DHCP (maybe you want to use that range for CCTV cameras or whatever else on your network). Prevents IP conflicts.

Question 55

What information DOESN’T SLAAC provide that DHCP server does?

Answer 55

SLAAC doesn’t provide DNS server information by default - so need to configure DHCPv6 for it.

Question 56

What is RPO?

Answer 56

Recovery Point Objective (RPO) - maximum acceptable amount of DATA LOSS measured in TIME before a disaster occurs. So backups must be taken BEFORE the RPO time/data limit. So if RPO is one hour (says you can lose up to an hours worth of data) then data should be backed up in intervals of less than one hour.

RPO = maximum age of files that must be recovered from backup should a disaster occur without significant losses.

RPO = max data loss

Question 57

What is a Recovery Time Objective (RTO)?

Answer 57

RTO - Recovery Time Objective = a time target (time window) in which a business must be restored to normal operational level after a disaster to avoid unacceptable consequences/losses.

RTO = maximum acceptable time limit to recover operations to normal operations after a disaster.

RTO = tolerable maximum downtime.

Question 58

What is RTO vs RPO?

Answer 58

RTO = tolerable downtime
RPO = tolerable data loss (measured in time)

Question 59

What is Mean Time Between Failure (MTBF)?

Answer 59

MTBF - Mean Time Between Failure = measure of reliability of a device/system, average time between failures of a system/component during its operational lifespan.

MTBF - how often it breaks over it’s lifespan/reliability

Question 60

What is MTTR Mean Time To Repair a measure of?

Answer 60

MTTR = how long, on average, it takes to repair a component (e.g. how long to replace an SSD).