Misc Things to Work On Flashcards
PKI
Public Key Infrastructure:
Gives secure email exchanges & web browsing & solves the problem of having to distribute the keys ahead of time
Kerberos
Port 88: Provides secure authentication over an insecure network
No passwords sent across network; ticketing system
Domain Controller = KDC (Key Distribution Center)
If authenticated, client is issued a TGT (Ticket Granting Ticket)
RADIUS
Remote Authentication Dial-In User Service:
Centralized administration of dial-up/VPN/Wifi network authentication
Supports EAP & 802.1x
Layer 7: Client-server protocol
UDP, AAA
Doesn’t support remote access protocols
Ports: 1812, 1813 (Authentication Messages, Accounting Messages)
Proprietary Ports: 1645, 1646 (Authentication Messages, Accounting Messages)
TACACS+
Terminal Access Controller Access Control System Plus:
Port 49
Performs role of authenticator in an 802.1x network
Supports all network protocols
Cisco proprietary
TCP
Use RADIUS for cross-platform capabilities
802.1x
A standardized framework used for port-based authentication on both wired & wireless networks
Supplicant
User requesting access to the network
Authenticator
Device through which the supplement is requesting access to the network
Authentication Server
Centralized device that performs the authentication (RADIUS/TACACS+ Server)
Most modern NACs use 802.1x
Can encapsulate EAP
Packet-Filtering Firewall
Permits/denies traffic based on packet header
Firewall: Stateless Packet Inspection
Allows or denies packets into the network based on the source and destination IP address or the traffic type (TCP, UDP, ICMP, etc.).
Firewall: Stateful Packet Inspection
Monitors the active sessions and connections on a network.
The process of stateful inspection determines which network packets should be allowed through the firewall by utilizing the information it gathered regarding active connections as well as the existing ACL rules.
Clean Agent System
Utilizes halocarbon or inert gas to suffocate a fire when the system is activated
Split-View DNS
An implementation in which separate DNS servers are provided for security and privacy management for internal and external networks
“Line protocol is down”
Means that the specified interface has been correctly configured and enabled, but the Ethernet cable might be disconnected from the switchport.
Cross Talk
When a signal transmitted on one copper twisted pair in a bundle radiates and potentially interferes with and degrades the transmission on another pair
Classless Routing
A type of routing where the router uses the default route to forward traffic if no other specific routes are found
OSPF, RIPv2, EIGRP, IS-IS
Asymmetric Routing
Network packets leave via one path and return via a different path
Asymmetric routing doesn’t cause any routing issues necessarily, but they do cause issues with dropped packet flows by our security devices like firewalls and unified threat management systems
Network Interface Commands: Show Route
Displays the current state of the routing table on the device
Typically you would use “show ip route”
Displays routing protocol labels in routing table
[160/5]
160 = administrative distance
5 = routing metric (lower the better)
Show ip route 131.119.0.0
Shows metrics for the specified network
Network Interface Commands: Show Config
Displays the current system configuration on the screen
Network Interface Commands: Show Interface
Displays statistics for the network interfaces on the device
Ex: show interface ethernet 1/1
Make sure bandwidth matches cable type
Otherwise cable may be damaged or wrong type
If using a SAN, make sure MTU > 1500
Check for APIPA = DHCP issue
Check for runts, giants, & errors
Check for collisions
There should be no collisions if operating at full duplex
SDN Layers: Application Layer
Focuses on the communication resource requests or info about the network as a whole
SDN Layers: Control Layer
Uses the information from the applications & decides how to route a data packet on the network
SDN Layers: Infrastructure Layer
Contains the network devices that receive info about where to move the data & then perform those movements
SDN Layers: Management Plane
Used to monitor traffic conditions & the status of the network