Network+ Flashcards
OSI model layers
- Physical
- Data Link
- Network
- Transport
- Session
- Presentation
- Application
which OSI layer handles IP addresses?
Layer 3 - Network
Which OSI layer deals with MAC addresses?
Layer 2 - Data Link
Which OSI layer assembles and disassembles packets?
Layer 4 - Transport
Which OSI layer uses port numbers?
Layer 5 - Session
length of a frame
up to 1500 bytes
where is a game generated and eaten up?
NIC
device that connects host to a central location where they share bandwidth
hub
command to display MAC addresses
ipconfig /a
length of a MAC address
48 bits
device that connects multiple LANs
router
device that connects multiple hosts within the same network
switch
what is the current standard for coaxial cabling?
RG-6
what is the resistance of RG-6?
75 Ohms
most common RG-6 connector
F-type
type of cable where two inner conductors share an outer conductor
twinaxial/twinax cable
advantages of coaxial cable
resistant to EMI
resistant to physical damage
disadvantages of coaxial cable
inflexible
expensive
max distance of UTP
100 meters
difference between multimode and single mode fiber optic cabling
multimode uses LED signals, single mode uses lasers
standard that defines ethernet
IEEE 802.3
components of an ethernet frame
preamble, destination MAC, source MAC, data type, data, pad, FSC (frame check sequence)
ITA/EIA-568A wire order
Brown, Brown/White, Orange, Blue/White, Blue, Orange/White, Green, Green/white
TIA/EIA-568B color order
Brown, Brown/White, Green, Blue/White, Blue/Green/White. Orange, Orange/White
type of port on a switch that allows you to use a straight through cable instead of a crossover cable
uplink port
protocol that delegates one switch to be in charge and prevent switching loops
spanning tree protocol (STP)
netstat -n
presents results numerically
netstat -b
shows executable for every connection
netstat -o
shows executable and process ID for every connection
netstat -a
shows all active ports
netstat -r
shows the local routing table (identical to route print)
tool that lists all open ports and network connections on your computer
netstat
what are the two most popular web server softwares?
Microsoft IIS and Apache (open source)
protocol analyzer that’s integrated with a frame capture tool
wireshark
a command that’s a variant of ping and quicker than tracert
pathping
tool that verifies the upload and download speeds to an individual computer
bandwidth speedtester
protocol analyzer integrated with a frame capture tool
wireshark
netstat -n
presents results numerically
netstat -b
shows executable for every connection; needs admin
netstat -o
shows executable and process ID for every connection
netstat -a
shows all active ports
netstat -r
shows the local routing table
IP version that uses A Record
IPv4
IP version that uses AAAA Record
IPv6
an algorithm that does not encrypt but verifies data, creates a fixed size hash value
cryptographic hash
what are two common hashes?
MD5 and SHA-1
an access control that uses labels
Mandatory Access Control (MAC)
access control that gives creators control over permissions and provides more flexibility
Discretionary Access Control (DAC)
access control that assigns rights and permissions to a group
Role-based Access Control (RBAC)
client that handles authentication requests from supplicants and provides AAA
RADIUS client
a bridging device that connects into an ethernet network and communicates via radio waves to wireless clients
WAP
the method used to prevent wireless collisions
CSMA/CA (carrier sense multiple access with collision avoidance)
what are the current fastest 802.11 standards?
802.11n and 802.11ac
type of antenna used on exterior walls
patch antenna
encryption protocol used with WPA
Temporal Key Integrity Protocol (TKIP)
type of encryption protocol used with WPA2
CCMP-AES
What are three ways to implement wireless security?
- disable SSID broadcast
- use MAC filtering
- limit the number of DHCP-issued addresses
difference between rogue access points and evil twins
evil twins are intentional, rogue access points can be accidental
monitors traffic, sets up various zones or access areas, and define services’ access to specific WAP destination
wireless controller
environmental issues that can affect the wireless signal
interference, reflections, and absorption
what are some sources of interference?
other WAPs, wireless mice and keyboards, and microwaves
enablles virtualization to occur and emulates the physical hardware
hypervisor
disk storage delivered as a service over TCP/IP (file level)
Network Attached Storage (NAS)
specialized LAN that transfers data at block-level with a special protocol
Storage Area Network (SAN)
what two types of connections do SANs use?
Fibre Channel (FC) or iSCSI
lowers cost and relies on configuration that allows jumbo frames over the network
IP Small Computer System Interface (iSCSI)
virtualized storage technology that uses a switched fabric topology and features very high throughput and very low latency
InfiniBand
provides an easy-to-use front end to configure physical and virtual devices throughout the network
software-defined networking (SDN)
hypervisor that runs on top of the OS
Type 2 hypervisor
hypervisor that boots off of the system
Type 1 or bare metal
What are three benefits of virtualization?
- saves power
- hardware consolidation
- system recovery
aspects of cloud computing
scalability, elasticity, multitenancy, security implications
the management of infrastructure in a descriptive model, using the same versioning as developers use for source code
Infrastructure as Code (IaC)
a network architecture that describes how physical network devices will be virtualized
Network Function Virtualization (NFV)
What are five ways to help ensure high availability of data?
- redundancy protocols
- load balancing
- clustering
- uninterruptible power supplies (UPSes)
- generators
what are the three layers connected by three-tiered architecture in the classic data center?
access, distribution, and core
What are five hardening techniques for IoT devices?
- use separate SSID
- create a long PSK
- put device(s) on a separate VLAN
- periodically update firmware
- use access control lists (ACLs)
What are the four steps of the forensic process?
- secure the area
- document the scene
- collect evidence
- interface with authorities (submit forensics report)
What type of attack can DHCP servers be used to perform?
on-path (man-in-the-middle)
Data traveling through which layers of the OSI model does de-encapsulation take place?
Layers 1 to 7
method used on Layer 2 of the OSI model in 802.1q to identity ethernet traffic as part of a specific VLAN
tagging
on which layer of the OSI model does tunneling take place?
Layer 2
tool used to create long fiber optic cable lengths by combining multiple cables together, or to repair a break in a fiber optic cable
fusion splicer
the process of varying one or more properties of a periodic waveform, called the carrier signal, with a separate signal that typically contains information to be transmitted
modulation
what are three common types of modulation?
- Orthogonal frequency-division multiplexing (OFDM)
- Quadrature Amplitude Modulation (QAM)
- Quadrature Phase-shift keying (PSK)
space between floors used to circulate air conditioning ductwork, piping, electrical an network cables throughout the building
plenum
flag used to terminate a connection between two hosts when the sender believes something has gone wrong with the TCP connection between them
RST (reset)
flag used to request that the connection be terminated. This usually occurs at the end of a session and allows for the system to release the reserved resources that were set aside for this connection
FIN (finish)
flag that is set in the first packet sent from the sender to a receiver as a means of establishing a TCP connection and initiating a three-way handshake
SYN (synchronization)
what are the seven severity levels?
0 - emergency, system unstable
1 - alert condition, needs correction immediately
2 - critical condition, failure in the system’s primary application, requires immediate attention
3 - error condition, something preventing proper function
4 - warning condition, error may occur if action not taken soon
5 - notice condition, unusual events
6 - information condition, no action required
7 - debugging condition, info for developers
type of antenna for outside wireless applications where you want directional control of the signal and over longer distances
parabolic
type of unidirectional antenna that can focus the transmission over a long distance
yagi
a standardized protocol designed to exchange routing and reachability information between autonomous systems on the internet
Border Gateway Protocol (BGP)
SNMPv3 option that ensures that the communications are sent with authentication and privacy
authPriv
maximum amount of data, measured in time, that an organization is willing to lose during an outage
RPO (recovery time objective)
implementation where separate DNS servers are provided for security and privacy management for internal and external networks
Split Domain Name System (Split DNS)
security feature that enables an interface to retain dynamically learned MAC addresses when the switch is restarted or if the interface goes down and is brought back online
port security
most common way to perform an on-path attack on a wireless network
evil twin
802.3ad protocol used to group numerous physical ports to make one high bandwidth path
LACP (Link Aggregation Control Protocol)
authentication protocol developed by Cisco that provides authentication, authorization, and accounting services
TACACS+
which OSI layer do ATM cells operate at?
Data Link (Layer 2)
maximum rate of data transfer across a given network
bandwidth
what tool would you use to determine where a cable break occured
time-domain reflectometer
an attack where the attacker sends a large number of requests to one or more legitimate DNS servers while using a spoofed source IP of the targeted victim. The DNS server then replies to the spoofed IP and unknowingly floods the targeted victim with responses to DNS requests that it never sent.
reflective DNS attack
two methods of allowing multiple devices on a LAN to be mapped to a single public IP address to conserve IP addresses
NAT (network Address Translation) and PAT (Port Address Translation)
technique where private IP addresses are translated into public IP addresses
NAT (Network Address Translation)
technique where private IP addresses are translated into a single public IP address and their traffic is segregated by port numbers
PAT (Port Address Translation)
tool used to measure the magnitude of an input signal’s frequency
spectrum analyzer
tool used to accurately identify the location of a cable pair or conductor within a wiring bundle, cross-connection point, or at the remote end
tone generator
tool that measures the voltage, resistance, and amperage of a cable or conduit
multimeter
tool used to verify the electrical connections in a twisted pair or coaxial cable
cable tester
tool used to certify the performance of new fiber optics links and detect problems with existing fiber links, can provide an approx. location of a break
Optical Time Domain Reflectometer (OTDR)
IPv6 communication type that sends a packet to the nearest interface that shares a common address in a routing table
anycast
approach to security that unified endpoint security tech, user or system authentication, and network security enforcement. Restricts access to authorized devices by placing it into an automated testing area first
Network Access Control (NAC)
network authentication protocol that opens ports for network access when an organization authenticates a user’s identity and authorizes them for access to the network
IEEE 802.1x
At which layer of the OSI model do ping requests occur?
Layer 3 (Network Layer)
what are the software defined networking layers?
Application - communication resource requests or info about the network
Control - uses information from the applications to decide how to route a data packet on the network
Infrastructure - switches and routers, physical hardware
Infrastructure - physical networking devices
Management Plane - monitors traffic conditions, status of network, allows admin to oversee network operations
what mode do devices operate in when connected to a hub?
half-duplex
communication mode where devices cannot listen and talk at the same time
half-duplex
what network device allows devices to operate in full duplex mode?
switch
communication mode that allows devices to listen and talk simultaneously
full duplex
maximum distance of copper cables
100 meters
what happens to the speed of CAT 6 at 100 meters?
speed goes from 10 Gbps to 1 Gbps
what can the speed of CAT 6 be at under 55 meters?
10 Gbps
what is the distance range of multimode fibers?
200 - 500 meter range
which is better for longer distances, single mode or multi mode fibers?
single mode
what does S is not Single mean?
Ethernet standards with S in the name are multimode, not single mode
ex. 100BASE-SX = multimode
which ethernet standard works with both single mode and multimode?
1000BASE-LX
what is IEEE 802.3ad?
link aggregation
what is the ethernet standard for power over ethernet?
PoE 802.3af
what is the ethernet standard for power over ethernet plus?
PoE+ 802.3at
what is the wattage of PoE 802.3af?
15.4 watts
what is the wattage of PoE+ 802.3at?
25.5 watts
what is 802.1x used for?
user authentication
flag used to ensure data is given priority and is processed at the sending or receiving ends
PSH (push)
what is the ideal range for humidity?
40-60%
type of trap message that has a OID to distinguish each message as a unique message being received using SNMP
granular
the structure of the management data of a device subsystem using a hierarchical namespace containing object identifiers (OID)
Management Information Base (MIB)
SNMP trap that may be configured to contain all information about a given alert or event
verbose
in SNMP, asynchronous notifications sent from the managed agent to the manager to notify it of significant events in real time
trap messages
a method of preventing routing loops in distance-vector routing protocols by prohibiting a router from advertising a route back onto the interface from which it was learned
split-horizon route advertisement
a method to prevent a router from sending packets through a route that has become invalid within computer networks by changing the route’s metric to a value that exceeds the maximum allowable hop count so that the route is advertised as unreachable
route poisoning
tool used to connect a network cable (such as Cat 5e) to a patch panel, 110-block, or the inside portion of a wall jack
punchdown tool
tool used to join the internal wires of a twisted pair cable with metallic pins housed inside a plastic connector, such as an RJ-45 connector
cable crimper
type of attack by stealing or predicting a valid session token to gain unauthorized access to the web server
session highjacking
an unintended connection between two points in a cable or wire allowing current to flow where it should not
short
occurs within a twisted pair cable when the pairs become untwisted or no shielding or insulation remains
crosstalk
standard used to define VLAN tagging for Ethernet frames and the accompanying procedures to be used by bridges and switches in handling such frames
IEEE 801.q
standard that defines STP (Spanning Tree Protocol)
IEEE 802.1d
what devices are used to split up broadcast domains?
Router
devices that split up broadcast domains
routers, VLANs, layer 3 switch
a password-based authentication protocol used by Point to Point Protocol (PPP) to validate users
Password Authentication Protocl (PAP)
an approach to cybersecurity in which a series of defensive mechanisms are layered in order to protect valuable data and information
Defense in Depth
provides a method to control the bonding of several physical ports to form a single logical channel
LACP (Link Aggregation Protocol)
a mechanism used within computer network infrastructures to speed up the time it takes a data packet to flow from one node to another. The label-based switching mechanism enables the network packets to flow on any protocol
MPLS (Multi-protocol label switching)
Which remote access tool that allows you to connect to a desktop remotely and see their screen is open-source?
VNC (Virtual Network Computing)
an attack where the attacker is able to send traffic from one VLAN into another by either double tagging the traffic or conducting switch spoofing
VLAN Hopping
what is the first flag used in a three way handshake?
SYN
type of denial of service attack that targets communication between a user and a Wi-Fi wireless access point by causing the wireless client to disconnect from the wireless network and then reconnect, during which time an attacker can conduct a packet capture of the authentication handshake and use that to attempt to brute force the network’s pre-shared key
deauthentication attack
a broadcast domain that is partitioned and isolated in a computer network at the data link layer.
VLAN
type of data center that is equipped but no customer data
warm site
which wireless standard uses MU-MIMO on non-overlapping channels to increase the wireless network’s bandwidth?
802.11ac
technology that allows a wireless access point to communicate with multiple devices simultaneously to decrease the time each device has to wait for a signal and dramatically speeds up the entire wireless network
MU-MIMO (Multi-user, Multiple-input, Multiple-output technology)
what happens to data in each layer of the OSI model?
Layers 5, 6, 7 - data transmitted
Layer 4 - data encapsulated into segments
Layer 3 - segments encapsulated into packets
Layer 2 - packets encapsulated into frames
Layer 1 - frames encapsulated into bits
DHCP security techniques that can configure a LAN switch to prevent malicious or malformed DHCP traffic or rogue DHCP servers
DHCP snooping
command used on a Cisco networking device to display the current state of the routing table for a given network device
show route
Which cellular technology is compromised of LTE and LTE-A to provide higher data speeds than previous cellular data protocols?
4G
the sending of unsolicited messages over Bluetooth to Bluetooth-enabled devices such as mobile phones, PDAs, or laptop computers, sending a vCard which typically contains a message in the name field to another Bluetooth-enabled device via the OBEX protocol.
bluejacking
cross-platform, open-source tool used to scan IP addresses and ports on a target network, and to detect running services, applications, or operating systems on that network’s clients, servers, and devices
nmap, or Network Mapper
authentication protocol that uses strong encryption to securely send data over insecure networks
Kerberos
