Misc Terms

Question 1

SCADA / ICS

Answer 1

Supervisory Control and Data Acquisition system
- large scale, multisite Industrial Control System

distributed control systems for equipment managed by a PC
- power generation, refining, manufacturing equipment, etc.

Must be segmented so no access from outside

Question 2

RIP

Answer 2

Routing Information Protocol

-distance vector routing
-decides how many ‘hop’ away another network is

Question 3

EIGRP

Answer 3

Enhanced Interior Gateway Routing Protocol

-distance vector routing
-decides how many ‘hops’ away another network is

Question 4

OSPF

Answer 4

Open Shortest Path First

-link state routing
-info passed between routers is related to the current connectivity
(if its up you can get there. If its down you cant)

Question 5

BGP

Answer 5

Border Gateway Protocol

-determines route based on paths, network policies, or configured pre-set rules

Question 6

CSMA / CD

Answer 6

CS - Carrier Sense
-is there a carrier? is anyone communicating?

MA - Multiple Access
-more than one device on the network

CD - Collision Detection
-collision - two stations talking at once
-identify when data gets garbled

Question 7

CSMA / CD operation

Answer 7

Listen for an opening (dont transmit if the network is busy)

Send a frame of data (send data whenever you can, no queue)

If a collision occurs, transmit a jam signal letting everyone know a collision occurred and wait a random amount of time then resend

Question 8

NDP

Answer 8

Neighbor Discovery Protocol

-operated using multicast with ICMPv6
-neighbor MAC discovery (replaces IPv4 ARP)

-SLAAC (Stateless Address AutoConfig) congifs IP without DHCP server

Question 9

802.3af

Answer 9

PoE

15 watts of DC power
max current of 350 mA

Question 10

802.3at

Answer 10

PoE+

25.5 watts of DC power
max current of 600 mA

Question 11

802.1Q

Answer 11

trunking

adding a VLAN header to an Ethernet frame

VLAN IDs are 12 bits long

Question 12

STP

Answer 12

Spanning Tree Protocol

-loop protection with switches

Question 13

STP port states

Answer 13

blocking - not forwarding to prevent loop

listening - not forwarding and cleaning the MAC table

learning - not forwarding and adding to the MAC table

forwarding - data passes through and is fully operational

disabled - admin has turned off the port

Question 14

LAG

Answer 14

Link AGgregation

-multiple interfaces act like one big interface

Question 15

LACP

Answer 15

Link Aggregation Control Protocol

• adds additional automation and management

Question 16

jumbo frames

Answer 16

ethernet frames with more than 1500 bytes of payload

• up to 9216 bytes
  -ethernet devices must support jumbo frames

Question 17

MDI

Answer 17

Media Dependent Interface

• network interface card

Question 18

MDI-X

Answer 18

Media Dependent Interface Crossover

-network switch

Question 19

Antenna performance is measured in ___

Answer 19

dB

• double power every 3dB of gain

Question 20

Yagi antenna

Answer 20

very directional and high gain

Question 21

Parabolic antenna

Answer 21

focus the signal to a single point

Question 22

Route Poisoning

Answer 22

-method to prevent a router from sending packets through a route that has become invalid with computer networks

-achieved through changing the route’s metric to a value that exceeds the max allowable hop count so that the route is advertised as unavailable

Question 23

Split Horizon

Answer 23

-route advertisement

-method of preventing routing loops in distance vector routing protocols by prohibiting a router from advertising a route back onto the interface from which it learned

Question 24

Can browsers have group policy block lists?

Answer 24

yes

they can block access to a domain via a given URL

not the whole domain because other parts might be fine - like a particular repository on GitHub may be bad, but the entirety of GitHub is not bad

Question 25

CPP

Answer 25

Control Plane Policing

• feature allows users to configure quality of service (QoS) filter that manages the traffic flow of control plane packets to protect the control plane of Cisco IOS routers and switches against recon and DoS attacks

Question 26

System Logging Protocol

Answer 26

Syslog

uses port 514

Question 27

SIP

Answer 27

Session Initiation Protocol

• signaling protocol for initiating, maintaining and terminating real time sessions that include voice, video and messaging apps
• uses port 5060 and 5061

Question 28

VRRP

Answer 28

Virtual Router Redundancy Protocol

• Protocol used for automatic assignment of available IP routers to participating hosts in order to increase availability and reliability of routing paths via automatic default gateway selections
• uses port 112

Question 29

You are configuring a point-to-point link and want to ensure it is configured for the most efficient use of your limited pool of available public IP addresses. Which of the following subnet masks would be best in this scenario?

1. /30
2. /24
3. /28
4. /29

Answer 29

1. /30

• the most efficient subnet mask would actual be /31 which only provides 2 addresses\
• /30 consists of 4 IPs, the first being the network IP, the last the broadcast address, and the other two IPs can be assigned to the routers on either end of the point-to-point network

Question 30

Unmanaged switches

Answer 30

only have one broadcast domain

• routers and managed switches can break up broadcast domains

Question 31

LACP

Answer 31

Link Aggregation Control Protocol

• provides a method of bonding several physical ports to form a single logical channel
• defined in the 802.3ad standard

Question 32

LLDP

Answer 32

Link Layer Discovery Protocol

• vendor-neutral link layer protocol used by network devices for advertising their identity, capabilities, and neighbors

Question 33

L2TP

Answer 33

Layer 2 Tunneling Protocol

• tunneling protocol used to support VPNs or as part of delivery services by ISPs

Question 34

IaC

Answer 34

Infrastructure as Code

• designed w/ idea that a well coded description of the server or network operating environment will produce consistent results across an enterprise

Question 35

Convergence

Answer 35

convergence on a routed network occurs when all routers learn the route to all connected networks

• when all routers “agree” on what the network typology looks like

Question 36

CRC

Answer 36

Cyclic Redundancy Checksum

• an error detecting code to detect changes in raw data as it transits the network
• CRC number is the number of packets that failed the chekcsum and the packets are rejected

Question 37

BGP

Answer 37

• used to route data between autonomous systems (AS)
  
  • AS are a collection of networks w/in the same admin domain
• the routers within an AS use an interior gateway protocol such as RIP or OSPF
• AS are layer 3

Question 38

Patch antenna

Answer 38

low profile antennas

Question 39

Whip antennas

Answer 39

vertical and onmidirectional usually used indoors

Question 40

Defense in Depth

Answer 40

Multiple mode of protection

• IPS, NGFW, etc.

Question 41

Rollover Cable

Answer 41

• Cisco console cable
• used to connect to management interfaces
• serial cable “standard” proposed by David Yost
• used in conjunction with serial port connectors

–newer switches and routers use USB

– serial (DB9) connectors are also used

Question 42

EIGRP

Answer 42

routing protocol commonly used with Cisco

Question 43

CSMA/CD

Answer 43

carrier sense multiple access / collision detection

Question 44

FCoE

Answer 44

Fiber Channel over Ethernet

Question 45

WDM

Answer 45

Wavelength-Division Multiplexing

• bidirectional communication over a single strand of fiber

Question 46

CWDM

Answer 46

Course Wavelength Division Multiplexing

• 10GBASE-LX4 use 4 3.125 Gbit/sec carriers at 4 different wavelengths

Question 47

DWDM

Answer 47

Dense Wavelength Division Multiplexing

• Multiplex multiple OC carriers into a single fiber
• adds 160 signals, increases to 1.6 Tb/sec

Question 48

ARP

Answer 48

Address Resolution Protocol

• determines a MAC address based on IP via a table
• command “arp -a” views local ARP table

Question 49

IP Class A

Answer 49

leading bits 0xxx

1-127

Question 50

IP Class B

Answer 50

leading bits 10xx

128-191

Question 51

IP Class C

Answer 51

leading bits 110x

192-223

Question 52

IP Class D

Answer 52

multicast

leading bits 1110

224-239

Question 53

IP Class E

Answer 53

Reserved

leading bits 1111

240-254

Question 54

IBSS

Answer 54

Independent Basic Server Set

• two devices communicate directly using 802.11
• no AP required
• Ad hoc (created for a particular purpose w/o any previous planning)
• temporary or long term communication

Question 55

A net admin is trying to power off a Cisco switch, but it is not working. The admin needs to be in which mode to perform this task?

1. Global configuration
2. User
3. Auto-negotiate
4. Enable

Answer 55

Enable
- privilege or enable mode allows the user to reboot, shutdown, backup and restore

______________________________________________________

Global configuration
- allows users to write config updates

User
- read only mode, commands can report config, show sys stats, or run basic troubleshooting tools

Autonegotiate
- has to do with with port speed and duplex

Question 56

When a switch needs to connect to another switch, communication would fail if both interfaces use _________

Answer 56

Media Interface Crosser (MDI-X)

Question 57

Ethernet frames, excluding the preamble, is __________ bits

Answer 57

1518 bits

• the payload can normally be between 46 and 1500 bytes

Question 58

Active Tap

Answer 58

A powered device that performs signal regeneration

• it “taps” the network to allow the admin to troubleshoot frames

Question 59

SPAN

Answer 59

Switched Port ANalyzer / mirror port

• refers to a sensor, attached to a specifically configured port on the switch, that receives copies of frames
• this method is not completely reliable

Question 60

Passive Tap

Answer 60

• box with ports for incoming and outgoing network cable and an inductor or optical splitter that physically copies the signaling from the cabling to the mirror port

Question 61

I/G

Answer 61

• bit of MAC address that determines whether the frame addresses an individual node (0) or a group (1)
• the latter is for broadcast and multicast traffic

Question 62

Stackable switches

Answer 62

• can be connected together and operate as a group
• can be managed as a single unit

Question 63

OUI

Answer 63

Organizationally Unique Identifier

• the first six hex digits (3 bytes or octets) of a MAC
• identifies the manufacturer

– the last six of the MAC are the serial number

Question 64

Default Route

Answer 64

• a route when no other routes match
  – the “gateway of last resort”
• a remote site may have only one route
  – go that way -> rest of world

*destination of 0.0.0.0 /0

• can simplify the routing process
  – works in conjunction with other routing protocols

Question 65

MOU

Answer 65

Memorandum of Understanding

• both sides agree on the contents
• usually includes statements of confidentiality
• informal letters of intent; not a signed contract

Question 66

DAI

Answer 66

Dynamic ARP Inspection

• ARP has no built in security
• prevents on-path attacks
• relies on DHCP snooping for intel
  –knowing every devices’ IP is valuable info

-intercepts all ARP requests and responses
– invalid IP-to-MAC bindings are dropped
– only valid requests make it through

Question 67

Out of Band Management

Answer 67

?

Question 68

BPDU Guard

Answer 68

Bridge Protocol Data Units
a “portfast” feature that protects switches using STP
prevents attacks by blocking BPDUs sent by unauth. devices bc these could these could force the network into constant state of reconvergence

For CISCO switches

Question 69

Flood Guard

Answer 69

Used to guard against DoS/DDoS attacks
-common type is SYN floods (SYN is the first packet sent in the 3-way TCP handshake)

Question 70

What would commonly be labeled on a CSU/DSU?

Answer 70

(Channel Service Unit/Data Service Unit - a piece of hardware that converts a digital data frame from LAN communication technology into a frame appropriate for a WAN and vice versa)

Circuit ID

Get more info about function and use cases