Misc. Flashcards

1
Q

What is the newest IEEE WiFi standard and what frequency bands does it operate on?

A

WIFI-7 aka 802.11be = the latest WiFi standard with speeds up to 46Gbps, 320MHz channel width (double WIFI-6).

It operates on the 2.4/5/6GHZ frequency bands.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What is band steering?

A

Band steering = WAP feature to optimise device connections/speeds = Directing clients connected to a WAP (Wireless Access Point) to the best frequency e.g. 2.4GHz if the 5GHz band is busy or has weak signal.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What is the point of the 802.11h WiFi standard?

A

802.11h is a regulated wifi standard that forces WiFi capable devices/routers to have certain features:
-DFS = Dynamic Frequency Selection - the ability to detect and avoid frequency conflicts
-TPC = Transmit Power Control -regulates the power level of WiFi transmissions.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What is a direct wireless connection between two devices, without using a WAP (WirelessAccessPoint) called?

A

IBSS (Independent Basic Service Set) or Ad hoc - connection.

Ad hoc = network configuration where devices are directly connected to each other for a particular purpose. Peer 2 Peer (P2P) connection/no AP’s or routers. E.g. bluetooth to connect to an IoT device.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What is the BSSID? What two things is it comprised of?

A

BSSID is the unique identifier for a network device used to tell devices with the same SSID (given name) apart by other devices on the network.

BSSID is made up of the device MAC address combined with the SSID.

SSID + MAC address = BSSID

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What is an ESSID?

A

ESSID - Extensible SSID = allows seamless roaming between multiple configured WAP’s on the same network.

As soon as you get in range of a new better signal WAP the BSSID (MAC address+SSID) is gathered and connected to.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What are active and passive devices in terms of providing network redundancy?

A

Active device is the one in use whereas the passive one is the one on standby to take over should the active device fail (failover) thereby providing network redundancy and minimising any down time.

Configuration and real-time session information like the routing table is constantly synchronised between these two devices so the failover can happen at anytime.

Can have an active-active setup but requires more setup (and higher setup costs). I.e. two active firewalls where only outbound traffic goes through one firewall and inbound traffic uses the other exclusively. This still provides redundancy and balances the network load.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What is IPAM - Internet Protocol Address Management?

A

IPAM is a software/suite of tools to centralise the management of IP addresses within your network. E.g. manage DHCP reservations or link users to IP addresses and keep track of how many IP addresses in the range are available, etc.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What’s an SLA?

A

Service Level Agreement (SLA) - is an agreed upon minimum level of service between a client and a provider. E.g. it may stipulate a 99.5% minimum infrastructure uptime or less than 2 hours unscheduled downtime per week, etc.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What’s a site survey?

A

An assessment to evaluate Access Point locations, wireless landscape (heat map, WiFi map), any dead zones, temperatures, humidity etc. Basically all site conditions related to IT. This can then be used to optimise service by using frequencies that aren’t in use, plan where to put MDF and IDF.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What is a golden or baseline configuration?

A

Predefined/working/ideal/stable setup for a system.
You can roll back to or compare against this golden configuration is a problem arises with your production configuration.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What does NetFlow protocol do?

A

NetFlow gathers detailed statistics regarding data flow over the network/monitors network traffic for performance, troubleshooting and security monitoring. This collected data is then sent from all physical taps/switch port analysers to a NetFlow Collector which then stores the summary of data statistics and creates graphs etc as needed.

SolarWinds is a NetFlow analysis tool to process and visualise such NetFlow device data.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What is SIEM?

A

A way of collecting syslog data from various network devices to manage security and error logging from a centralised SIEM - Security Information Event Management (e.g. Splunk).

SIEM allows for real time alerts, long term storage of events/logs, analysis over time for network events.

SIEM can be configured to only capture certain messages/data.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

What is Availability Monitoring?

A

Availability monitoring = tracking whether a device is reachable or not/up or down. Can set alarm to trigger if an interface becomes unreachable. Can be tracked over time.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

What is an RTO?

A

RTO - Recovery Time Objective = a measure of how long (time) it takes after an outage/disaster to get back to a normal operating service level.

RTO = how long to get back up and running again.

(Lower the better).

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

What is an RPO?

A

RPO - Recovery Point Objective = a measure of how much data is lost between an outage and the previous backup/recovery point.

RPO can help determine how frequently backups should occur.

17
Q

What is MTTR in disaster recovery?

A

MTTR = Mean Time To Repair = the actual average time taken from an issue/outage occurring and being fully functional again.

e.g. how long to replace a broken router (shorter the better)

18
Q

What is MTBF in disaster recovery?

A

MTBF - Mean Time Between Failures = the average length of time systems/infrastructure are fully operational before unplanned outage/failure occurs.

(longer time the better)

19
Q

Site resiliency?

A

Site resiliency = ability to move operations/services to an alternative/backup/resiliency site location in the event of a site disaster/outage.

Cold site = empty building site, everything needs to be brought with you in the event of a disaster (takes a long time to get up and running again, but is cheap to have).

Hot site = exact replica of your primary site/duplicate all hardware and data from the primary site. (Can be up and running very quickly if the primary site fails, much more costly to keep running, maintaining than a Cold Site).

20
Q

What are Cold/Warm/Hot sites in terms of Disaster Recovery?

A

Cold site = empty building site, everything needs to be brought with you in the event of a disaster (takes a long time to get up and running again, but is cheap to have).

Warm site = somewhere between hot and cold sites, it has just enough hardware to get going again. Software must be sent/brought over from the primary site or from a backup location.

Hot site = exact replica of your primary site/duplicate all hardware and data from the primary site. (Can be up and running very quickly if the primary site fails, much more costly to keep running, maintaining than a Cold Site).

21
Q

What are tabletop exercises in relation to disaster recovery?

A

Tabletop exercises are where each department verbally walks through the steps they would take to recover from a hypothetical disaster/outage.

This is a good no-risk way to practice disaster recovery and identify potential problems that may arise in such an event.

22
Q

What is a Validation Test?

A

Validation Tests = real-world simulation of a disaster/outage and actually doing the steps to recover from it (generally in a virtualised clone of the infrastructure). E.g. implementing backups, meeting RPO and RTO targets, recovery plan.

23
Q

What is the file used in Local name resolution (not DNS)?

A

Hosts File is used in local name resolution - it is a list of domains linked to IP addresses/hostname. If a domain cannot be found in the hosts file list then DNS is used/queried to resolve/convert the Domain name to an IP address.

24
Q

What is the difference between a Forward Lookup and a Reverse DNS Lookup?

A

A forward lookup is where you input the FQDN and the DNS server returns the IP address.

Whereas, a Reverse DNS lookup is where you input the IP address and the DNS returns the FQDN.

25
Q

What is an Authoritative DNS Server?

A

Authoritative DNS Server = the zone authority that holds the original/official records for a Domain e.g. the A records, MX (Mail eXchange) records, etc. It is responsible for providing the most reliable and up-to-date information about the requested Domain.

26
Q

What is the potential problem with a Non-Authoritative DNS Server?

A

Non-Authoritative DNS Servers hold copies/caches of records received directly or indirectly from the authoritative DNS server. This means that they may not have been updated recently so could be wrong! The length of time these caches are kept for/deemed valid on a non-authoritative server is defined by the TTL in seconds.

27
Q

What is DNSSEC?

A

DNSSEC - Domain Name Server Security Extensions = is a configurable way of digitally signing DNS server responses to prove they come from a trusted source and that they haven’t been tampered with.

However, the responses are still transmitted in-the-clear so if the DNS traffic is captured people can still see what sites etc you are using.

28
Q

What is DoT and what is the default port it uses?

A

DoT - DNS over TLS = is a way of encrypting DNS traffic with TLS/SSL (commonly used to encrypt web traffic).

DoT uses port tcp/853 by default.

29
Q

What is DoH and what port does it use?

A

DNS over HTTPS (DoH) = is another way of encrypting DNS queries by encapsulating them in HTTPS (tcp/443) packets.

30
Q

What is a DNS Pointer Record (PTR)?

A

Pointer Record - is a DNS record type that is the reverse of an A or AAAA record i.e. it allows reverse lookups. It is stored in a reverse map zone file.

It stores FQDN’s that are sent back to clients assuming they do a DNS reverse lookup with the corresponding IP address.

I.e. if you search by IP address instead of human-readable FQDN then a Pointer Record (PTR) is searched to find the corresponding FQDN.

31
Q

What are NS/Name Server Records?

A

Name Server (NS) Records list the name servers for a domain. E.g. they point to the name of the DNS server where a domain is stored.

NS Records tell the system where to go to find the DNS records for a queried/searched domain.

32
Q

What is VNC the equivalent to on a non-Windows OS?

A

VNC (Virtual Network Computing) is equivalent to RDP (Windows only) for providing remote access to a desktop that’s not using Windows.

33
Q

What is API integration?

A

The process of connecting two+ apps or systems via their APIs (Application Programming Interfaces). This lets them share data/services between them in real-time.

34
Q

What is a Jump Box/Jump Server?

A

A jump box/server is a gateway server between a client and other servers/the network. Adding this middle server increases security as there is only a single point of entry to the network and therefore a reduced attack surface.

The jump box MUST be security hardened, require 2FA, enforce security updates etc as once someone is authed on the jump box/server they can then access the entire network!

35
Q

What is in-band management?

A

In-band management/IP access = managing devices and systems using the same network (IP) that they use for their primary operations.

36
Q

What is out-of-band management?

A

Out-of-band (OOB) management = managing devices and systems using a DIFFERENT network that they use for their primary operations, e.g. using a physical connection to the device, usb/serial connection, separate modem. (NOT THE IP THAT THE DEVICE IS ON).