N10-009-Section_6_Bonus Flashcards

Question 1

Q

List the 4 layers of the TCP/IP Stack

Answer

A

Application, Transport, Internet, Link

Question 2

Q

Describe the Application layer (TCP/IP)

Answer

A

Represents data users, encode and controls the dialog (Maps to the Application, Presentation, and Session layers of the OSI)

Question 3

Q

Describe the Transport layer (TCP/IP)

Answer

A

Supports communication between end devices across a diverse network (Maps to the Transport layers of the OSI)

Question 4

Q

Describe the Internet layer (TCP/IP)

Answer

A

Provides logical addressing and determines the best path through the network (Maps to the Internet layer of the OSI)

Question 5

Q

Describe the Link layer (TCP/IP)

Answer

A

Controls the hardware devices and media that make up the network (Maps to the Data-Link and physical layers of the OSI)

Question 6

Q

SONET

Answer

A

Backbone of the internet, as opposed to Ethernet as a standard, SONET works with higher level systems / Tier 1 internet

Question 7

Q

Define ARP

Answer

A

Address Resolution Protocol - If a computer has an IP address for another computer but doesn�t have the MAC, it will send out a broadcast to ask for the MAC associated with that IP so it can send frames to that computer. ARP resolves MAC addresses from IP addresses

Question 8

Q

What command can you run to see the stored ARP data on a computer (Windows)

Question 9

Q

Whats the Broadcast Address for ARP

Answer

A

FF:FF:FF:FF:FF:FF

Question 10

Q

Define IANA

Answer

A

Internet Assigned Numbers Authority - They made up the classes of IP addresses and hand IP ranges out to RIR (Regional Internet Registries)

Question 11

Q

Define RIR

Answer

A

Regional Internet Registries - organizations in charge of managing internet/ip standards for large sections of the world (North America, Asia, etc,,,) - RIRs give IP addresses to ISPs

Question 12

Q

What is ::1

Answer

A

Loopback address for IPv6

Question 13

Q

Static NAT (SNAT)

Answer

A

Static NAT is a one-to-one mapping between a private IP address and a public IP address. This means that each private IP address is permanently mapped to a specific public IP address. One-to-One Mapping: Each private IP is always mapped to the same public IP, regardless of when or how many times the private device communicates with external networks.

Question 14

Q

Dynamic NAT (DNAT) (pooled NAT)

Answer

A

Dynamic NAT automatically maps a private IP address to a public IP address from a pool of available public IPs. Unlike Static NAT, the mapping is not fixed and can change every time the private device sends traffic.

Question 15

Q

Port Triggering

Answer

A

Can trigger a different port to forward when receiving on a defined port. Example: FTP, you can set port forwarding to trigger ports 20 and 21 when a request is sent on port 20. Conditional Port Forwarding. Closes the forwarded port after the session is finished

Question 16

Q

Cisco IOS

Answer

A

Cisco CLI

Question 17

Q

What is IGMP?

Answer

A

Internet Group Management Protocol - Works on the Internet layer of the TCP/IP model. Used in Multicast, a video server will assign the data to a multicast address. 1 video stream can enter a network and the router will propagate the data to all computers who are requesting the stream.

Question 18

Q

What is in the IGMP Packet?

Answer

A

Source Address, Group Address, Checksum, Type - The group address is a multicast address that all computers on a network, who are requesting the video, can use to receive the stream.

Question 19

Q

What is tracert (Windows) or traceroute (Linux)

Answer

A

Command that allows you to check all the hops from your router to another

Question 20

Q

What is Pathping

Answer

A

Same as tracert but it uses a different protocol so it can succeed where tracert might fail

Question 21

Q

What is Wireshark

Answer

A

A protocol analyzer

Question 22

Q

Netstat

Answer

A

Command that will show the active connections on your computer

Question 23

Q

Netstat -n

Answer

A

Presents the results numerically (no dns names, just IP addresses)

Question 24

Q

Netstat -b

Answer

A

Shows the executable for each connection

Question 25

Q

Netstat -bn

Answer

A

Netstat with b and n switches

Question 26

Q

Netstat -a

Answer

A

Shows all active ports, even those without connections

Question 27

Q

Netstat -r

Answer

A

Shows the local routing table - nothing to do with netstat - same as route print

Question 28

Q

Microsoft IIS

Answer

A

Internet Information Service

Question 29

Q

Apache

Answer

A

Open source web server software (vs IIS)

Question 30

Q

What is the purpose of the Anonymous account on an FTP Server

Answer

A

This account allows public access to the FPT server

Question 31

Q

Traditional TLS (In Email Encryption)

Answer

A

Used the standard unencrypted ports to start the connection then switched over to the encrypted ports. IMAP 143 -> 993, POP 110 -> 995, SMTP 25 -> 465 (or 587)

Question 32

Q

TLS

Answer

A

TLS (Transport Layer Security) is a cryptographic protocol designed to provide secure communication over a computer network. It ensures:

Question 33

Q

STARTTLS

Answer

A

Still TLS, but at no time was it in an unencrypted state - All 3 protocols worked on 587 (although you may find questions that state it uses 465)

Question 34

Q

SSH uses an authentication key

Answer

A

SSH uses an authentication key

Question 35

Q

What is SNTP?

Answer

A

Simple Network Time Protocol - Uses UDP to synchronize time - Uses Port 123

Question 36

Q

What is Stratum 0 (Network Time)

Answer

A

A level of time keeping devices that keep near perfect time - Atomic clocks, GPS, Radio Waves

Question 37

Q

What is Stratum 1-15 Server/Clients (Network Time)

Answer

A

Servers that synchronize within a few milliseconds of the stratum 0 devices, and so on and so forth

Question 38

Q

Exhausted DHCP scope

Answer

A

You’ve run out of addresses in the set scope (192.168.1.2-254) - Sometimes this can be because the lease time is set for too long and a bunch of devices still have leases that are no longer connected to the network

Question 39

Q

Net view

Answer

A

Lists what computers your computer can see within the workgroup

Question 40

Q

Net user

Answer

A

Lists who you are in terms of the network - what computer you are on and what the account name is

Question 41

Q

Net view \<computer_name></computer_name>

Answer

A

Lists the shares that the designated computer has available

Question 42

Q

Net use

Answer

A

Can map a drive - net use w: \server\share

Question 43

Q

Net share

Answer

A

Share a resource - net share nickname=C:\users\zach.lee\myfolder

Question 44

Q

Net accounts

Answer

A

Lists settings for account - password expiration and length info

Question 45

Q

Net start

Answer

A

Lists the network based services that are running on the system - can also start a stopped service

Question 46

Q

Net stop

Answer

A

Turn off a service - net stop “world wide Web Publishing Service”

Question 47

Q

NetBIOS

Answer

A

NetBIOS (Network Basic Input/Output System) is a software interface and networking protocol that allows applications on separate computers to communicate over a local area network (LAN). It was developed in the 1980s and is often used in Windows networks. This service also resolves names across a network, computers can communicate by name

Question 48

Q

LLMNR

Answer

A

The new NetBIOS - Linked Local Multicast Name Resolution

Question 49

Q

Windows Name Resolution

Answer

A

On a domain, its done through DNS, but off domain, there are options like NetBIOS and LLMNR

Question 50

Q

Nbtstat -n

Answer

A

Lists what the computer’s name is and if it is registered under said name

Question 51

Q

Registered Names

Answer

A

Windows systems keeps track if its name and propagates it through the network

Question 52

Q

Nbtstat -c

Answer

A

Lists the cache of names your computer knows about - doesn�t keep the cache for long

Question 53

Q

Nbtstat -a (system_name)

Answer

A

Like running nbtstat on another computer - shows its name information

Question 54

Q

Nbtstat -r

Answer

A

Lists stats on what the computers been doing on the network - what computers it’s been talking to

Question 55

Q

Nbtstat -R

Answer

A

Uppercase R - clears remote cache table

Question 56

Q

Nbtstat -RR

Answer

A

Uppercase RR - Rebroadcasts your registered information out on the network

Question 57

Q

Dynamic DNS (DDNS)

Answer

A

A service that automatically updates DNS records. If you have a device or server with a DHCP address, its difficult to map this to a domain name cause it might change. DDNS will keep track of these changes so its not an issue. There is a DDNS client on the device or router that will update the DDNS server if its IP address changes.

Question 58

Q

Ipconfig /displaydns

Answer

A

Lists the DNS cache on a computer

Question 59

Q

Nslookup

Answer

A

Name saver lookup - Most DNS servers are locked down and wont respond - You can get the answer to “Is this a DNS server?” and “is it running”? - Know what the output of this command looks like

Question 60

Q

DIG

Answer

A

Domain information groper - doesn�t come with windows - Needs software like EzDig - Can test DNS servers and query them for information - Most DNS servers are locked down and won’t respond - You can get the answer to “Is this a DNS server?” and “is it running”?

Question 61

Q

CIA of security

Answer

A

Confidentiality, Integrity, Availability

Question 62

Q

Non-repudiation

Answer

A

Non-repudiation in network security is a method to ensure that a user or a system cannot deny the authenticity of their actions or communications. It provides proof of data integrity and authenticity, typically through mechanisms like digital signatures and encryption, making it possible to verify the origin and integrity of data.

Question 63

Q

Symmetric Encryption

Answer

A

A method of encryption in which data can be encrypted and decrypted with the same key - To decrypt you need an algorithm and the key

Question 64

Q

Asymmetric Encryption

Answer

A

Uses a public key and a private key - Public key to encrypt, private key to decrypt. (Key pair) - An algorithm is used to create a private and public key pair. The two are tied together mathematically, but cannot be derived from each other. Each side of the encryption has their own pair. Each side gives the other a copy of their public key. When sending info to side B, Side A can use Side B’s public key to encrypt the data, then send it to side B, then B can decrypt with its private key

Answer 64

A

An algorithm that will transform a chunk of data to a fixed size value (no matter the length of the original data) - This can be used to verify that data has not changed or is the same. Take the input data and run it through the Hash, then match the output of the hash

Answer 65

A

MD5, SHA1 and SHA2 (SHA2 = SHA256, and more)

Answer 66

A

Something you do (Signature), Something you exhibit (typing speed), Someone you know (Signed Cert from a trusted source), Someone you are (Location)

Answer 67

A

Mandatory Access Control - Label is put on the resource and that defines what you can do with the resource

Answer 68

A

Discretionary Access Control - Owner can be added to the resource - other people can be readers and writers

Answer 69

A

Radius provides AAA

Answer 70

A

The device - Computer / phone

Answer 71

A

The Access Point that has been setup for Radius

Answer 72

A

The server through which authentication is done

Answer 73

A

Part of the radius server but might not be the radius server itself. Could be a domain controller the radius server checks

Answer 74

A

The person signing in

Answer 75

A

A router / switch

Answer 76

A

The server through which authentication is done

Answer 77

A

Designed to do Authentication for local area networks. Kerberos is a Microsoft Product and a copy of Windows Server must be bought to use it.

Answer 78

A

When a computer is setup to be Domain Controller it automatically becomes a Kerberos KDC. KDC consists of 2 services, Authentication service and Ticket Granting Service

Answer 79

A

Ticket Granting Ticket - Given to a computer after authentication by the Authentication Service (Computer is now authenticated, but not authorized), the computer then timestamps the TGT and gives it back to the Ticket Granting Service, TGS timestamps it again and sends a Token back to the computer. The token can be used to authenticate to other computers on the network

Answer 80

A

Extensible Authentication Protocol - Allows multiple authentication methods to interplay with each other. Kerberos is mostly used over wired networks, PPP is used over wireless.

Answer 81

A

EAP Pre-shared key - Common key everyone uses to login

Answer 82

A

Protected Extensible Authentication Protocol - uses standard username and password

Answer 83

A

EAP-MD5 (Extensible Authentication Protocol - Message Digest 5) is an authentication method used in network security, particularly in wireless and PPP (Point-to-Point Protocol) environments. It employs the MD5 hashing algorithm to provide authentication for a user or device attempting to connect to a network.

Answer 84

A

EAP-TLS (Extensible Authentication Protocol - Transport Layer Security) is a highly secure EAP authentication method widely used in wireless networks and VPNs. It leverages TLS (the same protocol used for HTTPS) to provide strong mutual authentication between clients and servers.

Answer 85

A

EAP-TTLS (Extensible Authentication Protocol - Tunneled Transport Layer Security) is an EAP authentication method that enhances security by encapsulating client authentication within a secure TLS tunnel. It provides flexibility in how user credentials are transmitted while maintaining robust encryption.

Answer 86

A

Single password and username used to authenticate through multiple devices and resources - Managed by AD (or something else)

Answer 87

A

Systems on the same domain - the same domain means they have a trust relationship with each other

Answer 88

A

No third party vouching for the cert - it�s a cert created in house - Can be used if there is another level of trust somewhere, like “you work for me” so you trust the cert I generated is legit

Answer 89

A

Multiple users who trust each other. Over time, there is a bunch of people who trust other people who trust other people etc� Difficult to maintain

Answer 90

A

Change the default password on switches

Answer 91

A

Traditional VLAN

Answer 92

A

Prioritizing Voice traffic to improve Qos for voice

Answer 93

A

Virtualization of a Router so VLANs on the same switch can talk to each other without a separate router

Answer 94

A

You can use a router to connect between 2 VLANs

Answer 95

A

Protocol that allows trunking to happen across switches from different manufacturers - Needs to be enabled

Answer 96

A

VLAN Trunking Protocol - Cisco Proprietary - Used to automate the updating of multiple VLAN switches

Answer 97

A

Cable used to connect a computer to a switch or device. Uses the console port

Answer 98

A

To enter privileged mode

Answer 99

A

Regular mode

Answer 100

A

Privileged mode

Answer 101

A

Gives information about the switch configuration

Answer 102

A

Shows the information for Fast Ethernet port 1

Answer 103

A

Packets that are underneath the required Ethernet standard amount of bytes

Answer 104

A

Packets that are over the required Ethernet standard amount of bytes

Answer 105

A

Command that could be on a layer 2 switch or router - displays the routing table

Answer 106

A

To save your configuration changes - copys the altered configuration to the running configuration

Answer 107

A

Cisco coined the term - a port with no IP address - to differentiate it from router ports or network card ports - Don�t work on layer 3

Answer 108

A

Root switch - when switches are plugged in they negotiate based on distance to each switch which switch should be the boss

Answer 109

A

Solution to prevent malicious switches from being plugged in and designating themselves as the root bridge. Once the Root Bridge is established, the MAC address is cached so that all switches know if there is an imposter trying to act as the Root Bridge

Answer 110

A

Bridge Protocol Data Units Guard - Ports can be configured to only work for computers and not for other switches. This guards against another switch being plugged in. When switches are plugged in they send out BPDUs and the ports with BPDU Guard enabled, will disable themselves

Answer 111

A

You can designate ports on a switch to know that they are connected to a DHCP server, that way if another DHCP server is plugged in the switch can detect and ignore/disable

Answer 112

A

Combining 2 ports on a switch to increase bandwidth. If you have a trunk port that is overwhelmed, you can bond another port to it to help with the load

Answer 113

A

Create a group first, then add the ports to that group

Answer 114

A

A group in a cisco switch for port bonding

Answer 115

A

One port needs to be active on one of the 2 devices (or both ports active). If both are passive it won’t work

Answer 116

A

A DNS server that can load balance to multiple servers hosting the same information - All servers will be in a lookup zone

Answer 117

A

The DNS server will have reverse lookup zones to see where the client is coming from, then it can delegate that traffic to the closest server

Answer 118

A

Requires some software that is in the same location as the server - This software/box can manage the load for a group of servers

Answer 119

A

Servers can have a separate network they can talk to each other on, this way they can verify data and make sure they all are the same

Answer 120

A

A Robust firewall that sits between our computers and a DMZ - Or another section of your network that needs to be blocked

Answer 121

A

DNS can be a little difficult on IPv6 cause addresses are aggregated and distributed from on high by DHCPv6, your clients will often get DNS server info from the router<ISP. Most of the time this is fine, but if you need to use an internal DNS server it can mess things up

Answer 122

A

Remote Desktop Client - Unencrypted

Answer 123

A

Tunnel is when you create a secure connection between two networks or devices, then run an app through the secure connection - SSH creates a secure connection, then VNC runs on the SSH connection so it is secure - Tunning is to provide encryption where there normally isnt

Answer 124

A

Bidirectional Wavelength Division Multiplexing - Fiber technology - Allows a single fiber connection to carry multiple signals by using a different wavelength and/or color

Answer 125

A

Dense Wavelength Division Multiplexing - More popular than BWDM, Allows a single fiber connection to carry multiple signals by using a different wavelength and/or color - Supports 150 signals

Answer 126

A

Coarse Wavelength Division Multiplexing - Simpler than DWDM but cheaper

Answer 127

A

Private WANs (Wide Area Networks) are networks that connect geographically dispersed locations using private, dedicated connections instead of public infrastructure like the internet. These networks are typically used by organizations to securely connect their various sites (such as branch offices, data centers, and remote locations) over long distances.

Answer 128

A

Private WAN technology - Multiprotocol Label Switching - Provides more efficient connections - Uses a label system within packets to direct

Answer 129

A

Private WAN technology - Metropolitan Area Network (MAN) Secure Private Network within a city that doesn�t use the internet, so doesn�t need to be as secure. Cheaper

Answer 130

A

Download and upload are the same

Answer 131

A

Higher speed download than upload

Answer 132

A

Would plug into a telephone and filter out the DSL noise

Answer 133

A

Very High bit rate DSL - Same tech but uses fiber

Answer 134

A

Cable modems don’t like when the MAC address of what they are plugged into changes. MAC Address Clone is how a router can grab and use the MAC address from a computer to make the cable modem happy

Answer 135

A

The company Citrix used Independent Computing Architecture for the first remote desktops

Answer 136

A

Carrier-Sense Multiple Access with Collision Avoidance - Part of 802.11 - Wireless clients don�t send anything unless the coast is clear to avoid collisions

Answer 137

A

Digital Sequence Spread-Spectrum - Old - One form of the actual transmission of data - the Singal is spread across the sub frequencies of a single channel so that if one copy gets stopped the others get through

Answer 138

A

Orthogonal frequency-driven multiplexing - Newer - One form of the actual transmission of data - Wider range of spread than DSSS - used on 5Ghz spectrum

Answer 139

A

You can limit the amount of DHCP leases that can be distributed for security reasons

Answer 140

A

Allows you to connect wirelessly to the AP instead of plugging straight in

Answer 141

A

Means clients can connect to the AP, but not to each other, even though they are on the same broadcast domain

Answer 142

A

When software is used on a network to trick clients into thinking they need to re-connect (re-authenticate) to the wifi so they can connect to the Evil Twin

Answer 143

A

Reflection (Metal), Refraction (Glass), Absorption (Concrete), and Attenuation (Distance)

Answer 144

A

Uses Mesh WAPs - Uses 1 main WAP - other nodes communicate among each other and transmit back to the WAP

Answer 145

A

Forget and re-connect

Answer 146

A

Causes slowness - not enough WAPs for the clients

Answer 147

A

Computer, 2. Hypervisor, 3. Virtual Machine, 4. VDHX

Answer 148

A

Hypervisor that runs ontop of the OS (Hyper-V)

Answer 149

A

Hypervisor that boots up as the computer - VMWare?

Answer 150

A

Benefit of virtualization - the ability to take a VM and add more system resources

Answer 151

A

Cloud providers can setup different accounts with different permissions to hold to the principle of least privilege

Answer 152

A

Virtual Desktop Interface - Not the same as DaaS - more in-house servers that provide a windows (or other) desktop and apps - Like how a student can login with a chromebook

Answer 153

A

Automation in IT is the process of using scripts or tools to perform repetitive tasks without human intervention. It covers a wide range of tasks, from installing software and deploying applications to testing code and monitoring systems.

Answer 154

A

Orchestration involves coordinating and managing a series of automated tasks across multiple systems or services to achieve a goal. It�s typically used to manage more complex workflows where multiple automated tasks need to interact in a specific order.

Answer 155

A

Orchestration goes beyond individual task automation to handle the entire process or workflow, which might involve multiple services, environments, or dependencies.

Answer 156

A

Centralized configuration of multiple switches on a network

Answer 157

A

Device that manages the SAN storage - connects with a special connection - Fiber Channel or iSCSI or Fiber Channel over Ethernet (FCoE)

Answer 158

A

Several Network Cards/Paths to connect the SAN. For redundancy

Answer 159

A

Host Bus Adapter - connects a computer to a Fiber Channel connection

Answer 160

A

A group of racks served by a single top of rack switch (or 2 for redundancy)

Answer 161

A

Infrastructure Plane: SDN - This plane consists of the physical and virtual networking devices (switches, routers, etc.) that make up the network�s hardware layer. It underpins all other planes, as it includes the tangible elements through which data flows.

Answer 162

A

Application Plane: The application plane in SDN contains network applications and services that can request resources from the control plane. These applications can include things like security, load balancing, or network monitoring tools, providing functionality based on network insights and control policies.

Answer 163

A

Power Distribution Unit - Takes AC from the grid and usually converts to DC (but not always) distributes the power to the devices in a rack -

Answer 164

A

Diagram of IP addresses and how stuff connects - not concerned with how stuff is laid out physically

Answer 165

A

Documentation of the baseline CPU/Power and other usages so it can be compared against times of high usage or issues

Answer 166

A

Campus Area Network - several buildings connected together

Answer 167

A

Personal Area Network - bluetooth devices that are connected

Answer 168

A

Voip on steroids - Phones/systems with cameras/mics and screens for video conferencing/real time - Has devices and servers that support

Answer 169

A

Video Conferencing is one way, everyone can hear/see the speaker - with Real Time everyone can talk at once (Teams)

Answer 170

A

Unified Communications Device - Camera Phone

Answer 171

A

Unified Communications Gateway - Device to connect UC devices to other UC devices across networks

Answer 172

A

A bunch of UC Gateways that work together to promote QoS for UC traffic

Answer 173

A

Realtime Transfer Protocol - used in Unified Communications - UDP port 5004, 5005

Answer 174

A

Session Initiation Protocol - used in Unified Communications - TCP ports 5060, 5061

Answer 175

A

International Telecommunication Union protocol - controls and switches how audio/video travel over a network TCP port 1720

Answer 176

A

Media Gateway Control Protocol - UDP/TCP ports 2427, 2727

Answer 177

A

Industrial Control Systems - Where automation is used to control processes

Answer 178

A

A PC that controls some part of an industry machine - can be sensors or actuators

Answer 179

A

The place where a human can interact with the ICS server and monitor or make changes

Answer 180

A

Distributed Computer/Control Systems - Extension of ICS - Several systems each controlled by an ICS server, then a main DCS server to control them all

Answer 181

A

Supervisory Control and Data Acquisition - Designed for long distance stuff like Oil piplines or railways - ICS systems need to be more ready to control cause it may take time before a human can get onsite and interact - SCADA has a remote terminal unit (not used in traditional ICS)

Answer 182

A

Programmable Logic Controller - A computer (no monitor/keyboard) to run a system, usually has a special OS that is for the machine

Answer 183

A

Human Machine Interface - a computer with an interface specific to the machine being monitored

Answer 184

A

Dangers that can expose a network to attacks

Answer 185

A

Dangers that can interfere will daily operations and productions

Answer 186

A

Acceptable Use Policy - Document that states the limits of use on a device, defines ownership of the device, defines what websites you can access or what software you can use

Answer 187

A

Remote Access Policy - Defines how you can connect to a network from outsite the network, you have to use a VPN, or an Ipsec VPN

Answer 188

A

Defines the password requirements

Answer 189

A

How to lift heavy objects, equipment handling and safety

Answer 190

A

Nondisclosure Agreement - binds you to silence about certain things

Answer 191

A

Any ruleset that controls how you handle licensing for certain products, usage, transfer of licenses (to another entity) License renewal

Answer 192

A

Restrictions on information that is sent outside the US, military info, nuclear info, license keys

Answer 193

A

Strategic Change: This type of change involves long-term goals and typically affects the organization’s overall direction or objectives. Strategic changes might include adopting new technologies to stay competitive, aligning network design with business goals, or implementing wide-scale security policies. They are often high-level, planned changes that require significant resources and planning because they impact the organization�s future path.

Answer 194

A

Infrastructure Change: This is more focused on modifying the network�s physical or virtual infrastructure to improve performance, scalability, or reliability. Infrastructure changes might include upgrades to network hardware (like routers, switches), introducing more bandwidth, or making adjustments to support new software applications. These changes are generally operational and are often performed as part of routine network maintenance.

Answer 195

A

Type of Change, 2. Configuration Process, 3. Rollback Process, 4. Potential Impact, 5. Notification (of the org, to the change)

Answer 196

A

Documentation

Answer 197

A

External Threats, Internal Threats

Answer 198

A

Malware, hackers, social engineers

Answer 199

A

Employees - bad actors or accidents

Answer 200

A

Old computer, unpatched software

Answer 201

A

Posture Assessment refers to the evaluation of an organization�s overall security status. This process involves examining the network, devices, software, policies, and user behavior to determine how well they align with security best practices and regulatory requirements. A posture assessment aims to identify vulnerabilities, assess potential threats, and determine the level of risk the organization faces.

Answer 202

A

Vendor Assessment, Process Assessment

Answer 203

A

Single IP address that several servers in a cluster use. So from the outside it only looks like one server, but the inside has redundancy and load balancing

Answer 204

A

The ability of a system to withstand disruptive events or component failure

Answer 205

A

Artosis Pylon

Answer 206

A

Memorandum of Understanding - Defines an agreement between two parties, used where a legally binding contract is inappropriate - All hospitals in a city make an MOU to take each others patients in case of a disaster

Answer 207

A

Multi-Source Agreement - Serves in lou of a standard - Two companies can agree to make parts for their proprietary equipment that work with each other. Might eventually become a standard

Answer 208

A

Statement of Work - Legal contract between two parties (vendor and customer) - Defines services to be performed, time frame/deliverables, defines milestones/progress

Answer 209

A

Secure the area, 2. Document the Scene, 3. Collect Evidence, 4. Interface with Authorities

Answer 210

A

Paper trail of who has what access to what evidence as it progresses through authorities

Answer 211

A

Process of an organization preserving and organizing data in anticipation of a pending legal case

Answer 212

A

The process of requesting the data and providing it in a legal way

Answer 213

A

Allows user to bring their own device for work purposes. The policy can define how the device is used and what may be wiped in the offboarding process.

Answer 214

A

Corporate-owned, Business only - Business owns all devices

Answer 215

A

Corporate-owned, personally Enabled - Business owned, but the user will receive some guidelines on how they can use the device for personal stuff

Answer 216

A

Choose your own device - Users can

Answer 217

A

A layered system of security measures. 1. Perimeter, 2. Network, 3. Host/Endpoint, 4. Application, 5. Data

Answer 218

A

Doors/locks

Answer 219

A

Security can be implemented using network segmentation enforcement (VLANs) and network access control

Answer 220

A

Endpoint security, updates

Answer 221

A

Apps can be tested on a VM to make sure they don�t create vulnerabilities on the network

Answer 222

A

Separation of duties - no user has access to every part of a system or process, encryption probably

Answer 223

A

A type of DoS attack, just a ton of nonsense to deny service, ping flood, UDP flood

Answer 224

A

A type of DoS attack, does something unusual with the underlying protocol (DNS, HTTPS) that causes the server to do weird things and keep it from answering quickly. Syn Flood, or SYN/TCP attack. Client will continuously send SYNs to the server and never wait for a SYN ACK response.

Answer 225

A

A type of DoS attack, attacks the application directly that keeps the app on the server from resolving quickly. Slow Loris Attack - client will initiate the session with the server, and never respond making the server wait for responses that never come

Answer 226

A

Smurf attack - Attacker spoofs the websites IP address so everyone on the network starts talking back to the target

Answer 227

A

Command and Control - when malware is propagated from a single computer throughout a network to create a botnet

Answer 228

A

URL highjacking - www.googel.com

Answer 229

A

When an org doesn�t update their domain and someone else grabbed it first

Answer 230

A

A Replay Attack is a type of network attack where an attacker intercepts valid data transmissions and re-sends them to deceive the recipient into thinking it�s legitimate communication. In essence, the attacker “replays” or duplicates a previously captured message to gain unauthorized access or perform an action on behalf of the sender.

Answer 231

A

Makes a server provide a downgraded level of security (for a webpage) so it can be exploited

Answer 232

A

Two people are already talking, and someone gets in the middle of the session and injects information

Answer 233

A

Department of Defense standard for wiping data - drive has to face at least 3 passes of reformatting

Answer 234

A

Not exactly malicious, but annoying

Answer 235

A

Keyloggers, hides and tracks data

Answer 236

A

A Remote Access Trojan (RAT) is a type of malware that provides an attacker with unauthorized remote access to a victim’s computer. Once a RAT is installed on a target system, it allows the attacker to monitor user behavior, access sensitive information, activate the webcam or microphone, capture keystrokes, and control files and applications remotely.

Answer 237

A

Locks a computer/files until you pay

Answer 238

A

Opening in a software for maintenance

Answer 239

A

Dumpster Diving, Phishing/Whaling, Shoulder Surfing, Eavesdropping, Tailgating/piggypacking, Access Control Vestibule (Mantrap), Masquerading (impersonating)

Answer 240

A

Common Vulnerabilities and Exposure - A list of common vulnerabilities. Each vulnerability has an ID number

Answer 241

A

CVE Numbering Authority

Answer 242

A

The unknown flaw that a hacker finds

Answer 243

A

The method the hacker uses to attack the vulnerability

Answer 244

A

An attack with no known vulnerability, the attack itself (in the 3 steps)

Answer 245

A

Outside Lighting, Signage (warning sign), Security Guards

Answer 246

A

Fence, Mantrap, Air gaps (separates important cables from everything else), Safe/Cabinets, Locks, Cable Locks, Screen Filters

Answer 247

A

Strong Fences that can stop vehicles (15,000lb). K4=30mph, K8=40, K12=50

Answer 248

A

Alarms, Cameras, Motion Detectors, Log FIles

Answer 249

A

Security Guard Guarding a broken fence

Answer 250

A

Dynamic ARP Inspection - Cisco - Compiles a list of known-good MACs and Ips

Answer 251

A

Term for port security

Answer 252

A

Or unneeded network services such as ICMP

Answer 253

A

RA is unsecure, RA guard protects from rogue RA messages

Answer 254

A

Control Plane Policing (CoPP) is a feature used in networking devices (such as routers and switches) to protect the control plane by regulating and controlling traffic destined for it. The control plane is responsible for processing network control traffic (like routing updates, management protocols, and ICMP messages). If left unprotected, it can be overwhelmed by malicious or excessive traffic, leading to degraded performance or even denial of service.

Answer 255

A

The router on the internet side of a DMZ

Answer 256

A

The firewall at the edge of a network

Answer 257

A

Unified Threat Management - Firewall/VPN Endpoint/Proxy/Anti-Malware - Threat Management at every level

Answer 258

A

Original Firewall - Filters based primarily on IPs and MAC - Weakness is that you have to identify and tell the firewall literally what to block - it�s a dumb firewall

Answer 259

A

Smart Firewall - Creates a State Table - Keeps track of what is going out so that it expects what will be coming back in

Answer 260

A

Deep Packet Inspection - Firewalls can look and block based on application and context - Application or Context Aware (runs at Layer 7 of OSI)

Answer 261

A

Link State, Temperature, Electrical Load, Duplex and Speed, Send and receive traffic, CRC errors, Giants and Runts, Encapsulation Errors

Answer 262

A

Frames or Packets that are malformed or fractured

Answer 263

A

Measure the amount of packets a device can’t handle

Answer 264

A

File Integrity Monitoring (FIM) is a security control that tracks and detects changes to files and directories in a system. It helps ensure the integrity of critical system and configuration files by monitoring for unauthorized or suspicious modifications, additions, or deletions.

Answer 265

A

The act of a database creating different tables to subset data in smaller chunks (Clinic_Location_Information, Clinic_ISP_Info, instead of all in the same row)

Answer 266

A

Write Once, Read Many

Answer 267

A

Software - system Monitoring software/graphs

Answer 268

A

Software - system Monitoring software/graphs

Answer 269

A

Elasticsearch, Logstash, Kibana - Software - system Monitoring software/graphs

Answer 270

A

Transmitter (TX)/Receiver (RX) Transposed refers to a common connectivity issue where the transmit (TX) and receive (RX) connections are swapped between two devices during cable setup. This miswiring prevents proper communication because the transmitting signal from one device fails to align with the receiving signal of the other device.

Answer 271

A

Mismatch (Transceivers) refers to an incompatibility or misalignment between the specifications or operational parameters of transceivers, which can lead to communication errors, degraded performance, or failure to establish a connection.

Answer 272

A

Signal Strength (Transceivers) refers to the power level of a transmitted or received signal in a transceiver system. A transceiver, which combines both a transmitter and receiver, relies on signal strength to determine the quality and reliability of communication.

Answer 273

A

Industrial Internet of Things - IoT but for industry

Answer 274

A

Jump Box/Jump Host in the context of CompTIA Network+ refers to a secure, controlled system that acts as an intermediary or “gateway” for accessing and managing devices or systems within a network, typically in a secured or isolated environment (e.g., DMZ or internal network).

Answer 275

A

In-Band vs Out-of-Band Management refers to two methods of accessing and managing network devices like routers, switches, and servers for configuration, troubleshooting, and maintenance.

Answer 276

A

In networking, prefix length refers to the number of bits used to represent the network portion of an IP address. It is commonly expressed in CIDR (Classless Inter-Domain Routing) notation, where the prefix length is written after the IP address, separated by a slash (e.g., 192.168.1.0/24). The prefix length determines how many bits of the IP address are used to identify the network, and the remaining bits identify hosts within that network.

Answer 277

A

VIP (Virtual IP Address) is an IP address that is not tied to a specific physical network interface or device but instead represents an abstracted address used in various networking scenarios. A VIP allows for better management, load balancing, and redundancy across a network.

Answer 278

A

A VLAN Database is a configuration on network devices (such as switches or routers) that contains the list of VLANs (Virtual Local Area Networks) configured within the network. This database is used to manage VLAN IDs, their associated names, and sometimes the VLAN-specific settings like ports, IP addresses, and routing configurations. It helps network devices understand the structure of VLANs in the network and how to handle traffic accordingly.

Answer 279

A

In wireless networking, OWE stands for Opportunistic Wireless Encryption. It is a security feature introduced as part of the Wi-Fi Alliance’s WPA3 standard to enhance the security of open Wi-Fi networks (those without a password). This connection blocks connection to other devices on the network.

Answer 280

A

Control and provisioning of WAPs - Manages multiple WAPs from one place

Answer 281

A

In the context of networking, rack or server management, the terms port-side exhaust and port-side intake typically refer to the airflow direction and positioning of cooling systems in data centers or server racks. These terms are especially relevant for managing server cooling and optimizing airflow to prevent overheating and ensure the efficient operation of networking equipment and servers.

Answer 282

A

Direct Connect (often referred to as AWS Direct Connect, but also applicable in other cloud environments) is a cloud service offering that provides a dedicated, private network connection between a user�s on-premises infrastructure and a cloud service provider (such as Amazon Web Services - AWS, Microsoft Azure, or Google Cloud). The primary goal of Direct Connect is to provide a more reliable, consistent, and secure network connection compared to using the public internet.

Answer 283

A

Network Security Groups (NSGs) are a key component of cloud security, particularly in services like Microsoft Azure and other cloud platforms. NSGs act as virtual firewalls that control inbound and outbound traffic to and from network interfaces (NICs), virtual machines (VMs), subnets, or other cloud resources within a Virtual Network (VNet).

Answer 284

A

Network Security Lists (NSLs) are a security feature in cloud environments, specifically in services like Oracle Cloud Infrastructure (OCI), that allow you to define security rules to control traffic flow to and from resources within a Virtual Cloud Network (VCN).

Answer 285

A

Port 69 - TFTP (Trivial File Transfer Protocol) is a simple, connectionless file transfer protocol that is primarily used for transferring small files over a local network. TFTP is based on UDP (User Datagram Protocol), which makes it faster than protocols like FTP or SFTP but also less reliable because it does not have built-in error recovery mechanisms or connection management.

Answer 286

A

Port 514 - Syslog (System Logging Protocol) is a standardized protocol used to collect and store log messages from network devices, servers, and other systems in a network. It allows for centralized logging and monitoring of system events, making it easier for administrators to track and troubleshoot issues.

Answer 287

A

Port 636 - LDAP over SSL (often referred to as LDAPS) is a secure version of the Lightweight Directory Access Protocol (LDAP), which is used for accessing and maintaining distributed directory information services over a network. LDAPS encrypts the LDAP communication by using SSL/TLS (Secure Sockets Layer/Transport Layer Security) to secure the connection between the client and the LDAP server.

Answer 288

A

5060/5061

Brainscape's Knowledge GenomeTM

N10-009-Section_6_Bonus Flashcards

Brainscape's Knowledge Genome^TM