Network + Flashcards

Question

MAN distance

Answer 1

city or county

Answer 2

campus area or business park

Answer 3

room or building

Answer 4

around a person

Answer 5

how devices are connected by media

Answer 6

how the actual network traffic flows

Answer 7

uses a single cable where each device taps into by using either a vampire tap or a T connector

Answer 8

uses a cable running in a circular loop where each device connects to the ring but data travels in a singular direction

Answer 9

ring topology that uses an electronic token to prevent collosions when communicating on the network

Answer 10

uses two counter rotating rings for redundancy

Answer 11

- most popular phsical LAN topology - the central point of a star network is most likely going to be a switch

Answer 12

if the central device fails the whole network fails

Answer 13

uses a wireless access point as a centralized point and supports wireless security controls

Answer 14

decentralized wireless network which creates P2P connections and does not require a router or access

Answer 15

interconnection of different types of nodes, devices, or radios

Answer 16

OSI stands for open systems interconnection model

Answer 17

1. phsical 2. Data Link 3. Network 4. Transport 5. Session 6. Presentation 7. Application

Answer 18

- where transmission of bits across the network occurs includes phsical and electrical network characteristics

Answer 19

the phsical layer decides the topology of the network

Answer 20

uses start and stop bites to indicate when transmissions occur from the sender to the reciever

Answer 21

something like a voicemail is a good example

Answer 22

uses a refrence clock to coordinate the transmissions by both the sender and the reciever

Answer 23

divides our bandwidth into seperate channels

Answer 24

uses all availiable frequencies on a medium (cable to transmit data)

Answer 25

each session takes a turn using time slots to share the medium between users

Answer 26

multiplexing is getting more out of a limited network

Answer 27

- cable - ethernet - coaxial - hubs - access points - media converters

Answer 28

usually they repeat what they are told.

Answer 29

packages data into frames and transmit those frames on the network

Answer 30

the first 6 digits in a MAC address are the vendor code the second 6 are the unique value

Answer 31

provides connection services and allows acknowledgment of receipt of messages

Answer 32

NIC's Bridges Switches

Answer 33

forwards routing traffic with logical addressing - the routing layer - fragments frames to travers different networks

Answer 34

IPV4 and IPV6

Answer 35

the big question at layer 3 is how data should be forwarded or routed.

Answer 36

data is divided into packets and then forwarded based on IP address

Answer 37

dedicated communication link is established between two devices for the duration of the communication Like a phone call

Answer 38

data is divided into messages which may be stored then forwarded

Answer 39

a routing table

Answer 40

sends error messages and operational info to an IP address most commonly used ICMP is ping

Answer 41

Routers multi-layer switches ip and routers are the most common

Answer 42

the transport layer is the dividing line between what we call the upper layers of the OSI model and the lower layers of the OSI model

Answer 43

we are talking about the transport layer

Answer 44

- TCP -UDP

Answer 45

connection oriented protocol that is a reliable way to transport segments across the network

Answer 46

connectionless protocol that is an unreliable way to transport segments across the network

Answer 47

connectionless means it doesn't have to wait for connections

Answer 48

layer 4 is associated with segments almost exclusively because we use it with TCP - TCP and UDP operate at layer 4

Answer 49

udp is very good for audio and visual streaming

Answer 50

allows the clients to adjust the amount of data in each segment

Answer 51

- TCP & UDP - WAN accelerators - Load balancers and firewalls

Answer 52

keeps conversations separate to prevent intermingling of data - manages communication between devices start, stop ,restart - tunneling occurs at this layer

Answer 53

set up maintain tear down

Answer 54

checking of user credentials and assigning numbers to sessions to help identify them

Answer 55

ending of a session after the transfer is done or when the other party disconnects

Answer 56

formats the data to be exchanged and secures the data with proper encryption - Character encoding

Answer 57

when you think about layer 6 remember data formatting and encryption the presentation layer is responsible for formatting and encryption

Answer 58

data is formatted by the computer to have compatibility between different devices

Answer 59

used to scramble the data in transit to keep it secure from prying eyes and provide data confidentiality

Answer 60

provides application level services where users communicate with the computer

Answer 61

- email applications - web browsing - DNS - FTP -RDP

Answer 62

1. network interface 2. internet 3. transport 4. application

Answer 63

the top three layers of the OSI model are all called the application layer in the TCP/IP model so the session presentation and application layers

Answer 64

describes how to transmit bits across the network and determines how the network medium is going to be used

Answer 65

data is taken and packaged into IP datagrams

Answer 66

IP ICMP ARP Reverse ARP this is essentially the network layer of the OSI model so IP's - ARP etc

Answer 67

defines the level of service and the status of the connection being used by TCP, UDP, or RTP -support for end to end services - support fo multiplexing - support for port numbers mapping

Answer 68

dictates how programs are going to interface with the transport layer by conduction session management

Answer 69

logical opening on a system representing a service or application thats listening and waiting for the traffic

Answer 70

the well known or reserved port are 0-1023

Answer 71

1024-65,535

Answer 72

- source address -destination address - ip flags - protocol

Answer 73

port 22 provides secure remote control of another machine using a text based environment

Answer 74

port 22 provides secure file transfers

Answer 75

port 23 provides insecure remote control of another machine . remote access via the command prompt

Answer 76

port 25 provides the ability to send emails over the network

Answer 77

port 53 converts domain names to IP addresses and IP addresses to domain names

Answer 78

ports 67,68 automatically provide network parameters to your clients such as their assigned ip address, subnet mask, default gateway, and the DNS server they should use

Answer 79

port 69 UDP used as a lightweight file transfer method for sending configuration files or network booting of an operating system usually used for sending or recieving config file from a router or switch

Answer 80

port 80 used for insecure web browsing

Answer 81

port 110 used for recieving incoming emails

Answer 82

port 123 UDP used for keeping accurate time within a network

Answer 83

port 139 TCP used for file or printer sharing in a windows network

Answer 84

port 143 TCP a newer method of retrieving incoming emails which imporves upon the older POP3

Answer 85

ports 161,162 UDP used to collect data about network devices and monitor there status

Answer 86

ports 389 TCP used to provide directory services to your network

Answer 87

port 443 used for secure web browsing

Answer 88

port 445 TCP used for windows file and printer sharing services

Answer 89

port 514 UDP used to send logging data back to a centralized server

Answer 90

port 587 TCP secure and encrypted way to send emails

Answer 91

port 636 provide directory services in a secure way

Answer 92

port 995 secure and encrypted way to recieve emails

Answer 93

port 1433 used for communication from a client to the database engine

Answer 94

port 3306 used for communication from a client to Mysql database engine

Answer 95

port 3389 provides graphical remote control from another client to a server

Answer 96

TCP is a transport layer protocol that operates at layer 4 of the OSI model

Answer 97

TCP operates by conducting a three way handshake between a client and a server and then establishes the connection

Answer 98

TCP is considered connection oriented

Answer 99

UDP is considered fast and easy to use

Answer 100

ICMP is used to communicate information about network connectivity isssues back to the sender ping is a great example of ICMP

Answer 101

used as a simple and effective way to create a tunnel called a GRE tunnel over a public network

Answer 102

They do not

Answer 103

used to protect one or more data flowes between peers and it uses encryption

Answer 104

1. data confidentiality 2. data integrity 3. origin authentication 4. Anti-replay

Answer 105

AH and ESP

Answer 106

a protocol within IPSec that provides integrity and authentication

Answer 107

provides encryption and integrity for the data packets sent over IPSec

Answer 108

1. copper 2. fiber optic 3. wireless

Answer 109

matariel used to transmit data over the network

Answer 110

1. coaxial 2. twisted pair 3. serial

Answer 111

F-type connectors are a screw on type of connector

Answer 112

UTP or STP

Answer 113

UTP stands for unshielded twisted pair

Answer 114

shielded twisted pair

Answer 115

Deterministic and Contention based

Answer 116

very organized and orderly and requires an electronic token to transmit. Like a student in a classroom getting called on

Answer 117

very chaotic and can transmit whenever possible.

Answer 118

you can have collosions

Answer 119

contention

Answer 120

Ethernet prevents colisions with CSMA/CD

Answer 121

prevents collosions by using carrier-sensing to defer transmissions until no other stations are transmitting.

Answer 122

each area of the network that shares a single segment is known as a collision domain collision domain devices in a group whose frames can collide with each other

Answer 123

increases scalability of a network by creating multiple collision domains

Answer 124

measures how many bits the network can transmit per second

Answer 125

multimode fiber can reach distances of 200-500 meters

Answer 126

single mode fiber can go up to 40 kilometers

Answer 127

maximum distance of a 100 meters

Answer 128

Using CAT 6 at 100 meters will limit the speed from 10 Gbps to 1 Gbps

Answer 129

Using CAT 6 at under 55 meters can reach 10 Gbps of speed

Answer 130

single mode fiber

Answer 131

fiber for long distances you need to use single mode

Answer 132

also known as a multi-layer repeater it is a layer 1 device that connects multiple network devices and workstations.

Answer 133

1. Passive hub 2. active hub 3. smart hub

Answer 134

repeats signal with no amplification

Answer 135

repeats signal with amplification

Answer 136

active hub with enhanced features like SNMP

Answer 137

analyzes source MAC address and makes intelligent forwarding decscions based on the destination MAC in the frames

Answer 138

also known as a multiport bridge it is a layer 2 device that connects multiple network segments together .

Answer 139

a switch is essentially a multi-port bridge

Answer 140

a router is a layer three device

Answer 141

layer 3 device that connects multiple networks and makes forwarding decisions based on logical network information

Answer 142

makes layer 3 routing decisions and then interconnects entire networks not just the network segments

Answer 143

layer 2 device focused on MAC addresses

Answer 144

layer 3 device focused on IP addresses

Answer 145

1. VLANs 2. Trunking 3. STP 4. Link aggregation 5. power over ethernet 6. Port monitoring 7. User authentication

Answer 146

combines multiple phsical connections into a single logical connection to minimize or prevent congestion

Answer 147

IEEE 802.3ad

Answer 148

switches are full duplex which means every port can operate at 100mbps

Answer 149

supplies electrical power over ethernet and requires cat 5 or higher copper cable.

Answer 150

the benefit of power over ethernet is instead of needing two seperate cables for power and data you can use one cord for both

Answer 151

makes a copy of all traffic destined for a port and sends it to another port

Answer 152

1. port mirrioring 2. secure shell ssh 3. ot-of-band-management 4. first hop redundancy 5. MAC filtering 6. traffic filtering

Answer 153

keeps all network configurations devices on a seperate network

Answer 154

uses hot standby router protocol to create a virtual IP and MAC addresses to provide active and stanby routers

Answer 155

permits or denies traffic based on a device's MAC address

Answer 156

permits redundant links between switches and prevents loopong of network traffic STP is the IEEE 802.1d standard

Answer 157

used instead of STP for larger network environments

Answer 158

allows different logical networks to share the same phscial hardware and provides added security and efficiency

Answer 159

Routers start to come into play once we leave our local area network

Answer 160

forwards traffic between subnets, between an an internal and external network or between two external networks

Answer 161

each subnet or external network is going to be its own broadcast domain

Answer 162

if you are using an external switch it is functioning as a router

Answer 163

routers make there routing decisions by using a routing table

Answer 164

helps determine which route entry is the best fit for the network

Answer 165

routers use an arp cache to map an IP address to a given MAC address

Answer 166

1. Directly connected route 2. Static route 3. Dynamic route

Answer 167

learned by physical connections between routers

Answer 168

- manually configured by an admin - there is always one default standard route in every router that is 0.0.0.0/0

Answer 169

learned by exchanging information between routers routers send routes to other routes

Answer 170

1. split horizon 2. Poising reverse

Answer 171

prevents a route learned on one interface from being advertised back out on the same interface.

Answer 172

causes a route received on one interface to be advertised back out on the same interface with a metric considered to be infinite

Answer 173

1. internal 2. external

Answer 174

1. interior gateway protocol IGP - operates within an autonomous system - Example: Intranet We use this routing protocol to route within our internal networks

Answer 175

1. Exterior gateway protocol EGP - operate between autonomous systems - example Internet BGP is one of the most commonly used routing protocols for EGP

Answer 176

Distance vector routing algorithm simplifies the routing process by assuming the cost of every link is one unit. Therefore, the efficiency of transmission can be measured by the number of links to reach the destination. In Distance vector routing, the cost is based on hop count

Answer 177

time it takes for routers to update their routing table in response to a topology change

Answer 178

prevents updates for a specific period of time and speeds up convergence

Answer 179

number of routers from the source router through which data must pass to reach the destination network

Answer 180

requires all the routers to know about the paths that all other routers can reach in the network every node constructs a map of the connectivity to the network, in the form of a graph, showing which nodes are connected to which other nodes. Examples of link state routing protocols include OSPF and ISIS

Answer 181

Interior routing protocol a distance vector protocol that uses hop count - maximum number of hops it can do is 16

Answer 182

1. updates every 30 seconds 2. easy to configure 3. Runs over UDP

Answer 183

1. a link state protocol that uses cost 2. interior gateway protocol

Answer 184

OSPF is known as a classless protocol, classless routing protocols are those protocols that include subnet mask information when the routing table or updates are exchanged

Answer 185

a link state protocol that also uses cost and functions like the OSPF protocol but is not widely popular - interior routing protocol

Answer 186

hybrid of distance vector and link state protocols that uses bandwidth and delay - interior routing protocol cisco protocol

Answer 187

a path vector that uses the number of autonmous system hops instead of router hops/ bgp is an external routing protocol - this is more concerned with how many systems you have to go through

Answer 188

if a route has a lower administrative distance the route is more believable

Answer 189

translates private IP addresses to public IP addresses for routing over public networks

Answer 190

1. DNAT Dynamic NAT 2. SNAT static NAT 3. PAT port address translation

Answer 191

automatically assigns an IP address from a pool and gives a one to one translation

Answer 192

manually assign an IP address and gives one to one translation static Nat was primarily used as a security feature

Answer 193

most common one used today sharing on one public IP by multiple private IP addresses which gives a many to one translation

Answer 194

private ip address refrencing an inside device

Answer 195

public IP address refrencing from an inside device

Answer 196

public IP address referencing an outside device

Answer 197

private IP address refrencing an outside device

Answer 198

private ip address refrencing an outside device

Answer 199

multicast sender sends traffic to a class D IP address known as a multicast group main goal of multicast routing is to send the traffic only to devices that wish to recieve the traffic the two primary protocols used for multicast routing are IGMP and PIM

Answer 200

IGMP internet group management protocol PIM protocol independent multicast

Answer 201

lets routers know which interfaces have multicast recievers and allow clients to join a multicast group

Answer 202

routes multicast traffic between multicast enabled routers

Answer 203

allows multiple virtual instances to exist on a single physical server

Answer 204

enables virtualization to occur and emulates the physical hardware

Answer 205

VMWare ESXi Microsoft Hyper-V Virtual box Vmware Workstation

Answer 206

bare metal hypervisor is when you just run the hypervisor as the OS

Answer 207

disk storage delivered as a service over TCP/IP

Answer 208

specialized LAN that transfers data at block level with a special protocol To the users it looks and acts like a local drive A storage area network or storage network is a computer network which provides access to consolidated, block-level data storage. SANs are primarily used to access data storage devices, such as disk arrays and tape libraries from servers so that the devices appear to the operating system as direct-attached storage

Answer 209

special purpose hardware providing 1-16 GBPS of storage area network speed

Answer 210

removes the need for specialized hardware and runs FC over ethernet frames

Answer 211

lowers cost and relies on configuration that allows jumbo frames over the network

Answer 212

virtualized storage technology that uses a switched fabric topology and features very high throughput and very low latency

Answer 213

overcomes the problem of all virtual servers being on one broadcast domain

Answer 214

a desktop computer that is run on a browser using the web

Answer 215

provides an easy to use front end to configure physical and virtual devices through a network

Answer 216

digitizes voice traffic to be treated like other traffic on the network

Answer 217

VOIP uses a protocol known as SIP Sip is used to setup and manage voip sessions SIP can also extend voice communication to include video conferencing, instant messaging, file transfers and more

Answer 218

used to setup, maintain, and tear down calls

Answer 219

systems and users only have access with other devices inside the same private cloud or system

Answer 220

systems and users interact with devices on public networks such as the internet and other clouds

Answer 221

combination of public and private clouds

Answer 222

collaborative effort where infrastructure is shared between several orgs from a specific community with the same concerns

Answer 223

allows for the outsourcing of a network service provider

Answer 224

allows for the outsourcing of infrastructure of the servers and desktops to a service provider

Answer 225

users interact with a web based application and the details of how it works are hidden – examples of Saas products include m065 and google docs

Answer 226

provides a platform for companies that develop applications without the need for infrastructure – digital ocean

Answer 227

provides a desktop environment that is accessible through the internet in the form of a cloud desktop or virtual desktop environment

Answer 228

attempts to match the resources allocated with the actual amount of resource needed at any given point and time

Answer 229

elasticity is focused on meeting the sudden increase and decreases in a workload

Answer 230

handles the growing workload required to maintain good performance and efficiency for a given software or application

Answer 231

Scalability is common to be used long term elastic approaches can change every day or every minute

Answer 232

increases the power of the existing resources in the working environment

Answer 233

adding additional resources to help handle the extra load being experienced adding additional instances instead of moving to a larger instance size

Answer 234

allowing customers to share computing resources in a public or private cloud

Answer 235

1. better storage 2. better use of resources 3. lower overall cost

Answer 236

occurs when an attacker break out of one of the isolated VMs and begins to directly interact with the underlying hypervisor

Answer 237

enables managing and provisioning of infrastructure through code instead of through manual processes

Answer 238

To use IAC effectively we need to use scripted automation and orchestration

Answer 239

process of arranging or coordinating the installation and configuration of multiple systems

Answer 240

any system that is different from the standard configuration template

Answer 241

extends pre-existing on premise data center into the providers network to directly connect to your virtual private cloud network establishes a secure, dedicated connection from your infrastructure into AWS.

Answer 242

any facility that businesses and other orgs use to organize, process, store, and disseminate large amounts of data

Answer 243

1. core 2. Distribution aggregation 3. access edge

Answer 244

- big fast expensive routers - backbone of the cloud network

Answer 245

- provides boundary definitions by implementing ACL's and policies - layer three switches - packets are being properly routed

Answer 246

- connect to endpoint devices - regular switches

Answer 247

1. Application layer 2. control layer 3. infrastructure layer 4. management plane

Answer 248

focuses on the communication resource requests or info about the network as a whole

Answer 249

uses the information from the application and decides how to route a packet on the network

Answer 250

contains the network devices that receive information about where to provide the data and then perform those movements

Answer 251

used to monitor traffic conditions and the status of the network.

Answer 252

By using a spine and leaf architecture we can give faster speeds and lower latency than the traditional three-tiered hierarchy

Answer 253

North: traffic that is exiting the datacenter South: traffic that is entering the datacenter

Answer 254

refers to dataflows within a datacenter

Answer 255

very organized and orderly requires an electronic token to transmit. Like a student raising his hand and getting called on

Answer 256

very chaotic and can transmit whenever possible the problem with this method is you have collisions

Answer 257

ethernet uses contention based network access

Answer 258

ethernet prevents collisions with something known as CSMA/CD

Answer 259

prevents collisions by using carrier sensing to defer transmissions until no other stations are transmitting

Answer 260

each area of the network that shares a single segment is known as a collision domain

Answer 261

increases scalability of a network by creating multiple collision domains

Answer 262

measures how many bits the network can transmit per second

Answer 263

100 meters

Answer 264

Using CAT 6 at 100 meters will limit the speed from 10 Gbps to 1 Gbps

Answer 265

Using CAT 6 at under 55 meters can reach 10 Gbps of speed

Answer 266

Multimode fibers deal with shorter distances something in the 200 to 500 meter range

Answer 267

use single mode fiber for long distances

Answer 268

you need to use multimode fiber for short distances

Answer 269

also known as a multiport repeater it is a layer 1 device that connects multiple network devices and workstations

Answer 270

1. passive hub 2. active hub 3. smart hub

Answer 271

repeats single with no amplification

Answer 272

repeats signal with amplification used for long distances

Answer 273

active hub with enhanced features like snmp

Answer 274

analyzes source MAC addresses and makes intelligent forwarding decisions based on the destination MAC in the frames

Answer 275

also known as a multiport bridge, it is a layer 2 device that connects multiple network segments together. A switch is essentially a multi-port bridge

Answer 276

Layer 3 device that connects multiple networks and makes forwarding decisions based on logical network information

Answer 277

makes layer 3 routing decisions and then interconnects entire networks not just network segments

Answer 278

layer 2 device focused on MAC addresses

Answer 279

layer three device focused on IP addresses

Answer 280

VLAN's Trunking STP Link aggregation Power over ethernet Port monitoring User authentication

Answer 281

combines multiple physical connections into a single logical connection to minimize or prevent congestion

Answer 282

Link aggregation standard IEEE 802.3ad

Answer 283

link aggregation is a solution for the problem of congestion. congestion can occur when all ports operate at the same speed

Answer 284

switches are full duplex which means every port can operate at 100mbps

Answer 285

supplies electrical power over ethernet and requires cat 5 or higher copper cable. the benefit of this is instead of needing two separate cables for power and data you can use one for booth

Answer 286

makes a copy of all traffic destined for a port and sends it to another port

Answer 287

keeps all network configuration devices on a separate network

Answer 288

FHRP is used to prevent network failure at a default gateway. This is achieved by configuring multiple routers with the same IP address and Mac address, thus presenting an illusion of a single virtual router to the hosts in a Local Area Network (LAN). this helps with redundancy

Answer 289

permits or denies traffic based on a devices MAC address

Answer 290

permits or denies traffic based on IP address or application ports

Answer 291

It governance is used to provide a comprehensive security management framework for the org

Answer 292

1. Policies 2. standards 3. baseline 4. Guidelines 5. Procedures

Answer 293

defines the role of security inside of an org and establishes the desired end state for the security program

Answer 294

1. organizational 2. system specific 3. issue specific

Answer 295

provides frameworks to meet the business goals and define the roles, responsibilities, and teams associated with it

Answer 296

these address the specific technology, application, network or computer

Answer 297

addresses a specific security issue such as email privacy, employee termination procedures, or other specific issues

Answer 298

implements a policy in an org

Answer 299

creates a reference point in network architecture and design

Answer 300

recommended action that allows for exceptions and allowances in unique situations and recommends actions

Answer 301

detailed step-by-step instructions created to ensure personnel can perform a given task or series of actions

Answer 302

structured way of changing the state of a computer system, network, or IT procedure

Answer 303

contains instructions on how to help network and system admins, detect, respond to, and recover from network security incidents

Answer 304

1. preparation 2. identification 3. containment 4. Eradication 5. recovery 6. lessons learned

Answer 305

Documents how an org can quickly resume work after an unplanned incident

Answer 306

outlines how a business will continue operating during an unplanned disruption in service

Answer 307

describes the approach to maintaining an asset from creation to disposal

Answer 308

1. planning 2. design 3. transition 4. operations 5. retirement

Answer 309

a step-by-step instructions compiled by an org to help its employees carry out routine operations

Answer 310

a set of rules created to improve computer security by motivating users to create and properly store secure passwords

Answer 311

a set of rules that restricts the ways in which a network resource may be used and sets guidelines on how it should be used

Answer 312

allows employees to access enterprise networks and systems using there personal devices

Answer 313

a document which outlines and defines acceptable methods of remotely connecting to the internal network

Answer 314

A documented policy that describes all the requirements for integrating a new hire into the company and its cultures

Answer 315

A documented policy that covers all the steps to successfully part ways with an employee who's leaving the company

Answer 316

a document that outlines how to protect the organizations systems, networks and data from threats

Answer 317

A document defining how orgs can share and protect data Goal of a data loss prevention policy minimizes accidental or malicious data loss

Answer 318

Defines what data is confidential and cannot be shared outside of the relationship

Answer 319

non-binding agreement between two or more organizations to detail what common actions they intend to take

Answer 320

Documents the quality, availability, and responsibilities agreed upon by a service provider and client

Answer 321

the process of administering and managing computer networks

Answer 322

shows the actual physical arrangement of the components that make up the network

Answer 323

illustrates the flow of data across a network and shows how devices communicate with each other

Answer 324

Planning and designing of a wireless network to deliver the required wireless solution

Answer 325

determines If a site has the right amount of power, space, and cooling to support a new upgrade or installation

Answer 326

set of specifications for an information system, or a configuration item within a system, that has been formally reviewed and agreed on

Answer 327

monitors the performance from the end user's workstation to the final destination they are trying to reach

Answer 328

1. latency 2. Bandwidth 3. Jitter

Answer 329

time it takes for data to reach its destination across the network. latency is reported in milliseconds

Answer 330

maximum rate of data transfer across a given network.

Answer 331

this is the actual measure of how much data is successfully transferred from the source to the destination

Answer 332

when a time delay in the sending of data packets over a network connection occurs

Answer 333

monitor a device's temperature, CPU usage, and memory which could indicate if it is operating properly or is about to fail

Answer 334

monitor a devices temperature CPU usage and memory which could indicate if it is operating properly or if it is about to fail

Answer 335

used to set off an alarm when temperature reaches dangerous conditions.

Answer 336

In order to measure traffic in our network we can either use full packet capture or netflow data

Answer 337

captures the entire packet, including the header and the payload for all traffic entering and leaving a network

Answer 338

relies on a flow connector to record the metadata and statistics about network traffic rather then recording each frame

Answer 339

defines a particular traffic flow based on the different packets that share the same characteristics.

Answer 340

passively monitors a network like a sniffer but only logs full packet capture of data of potential interest

Answer 341

creates graphs showing traffic flows through the network interfaces of routers and switches by polling the appliances using snmp

Answer 342

used to count selective packet discards SDP that have occurred

Answer 343

drops low priority packets when the CPU is too busy so it can save capacity for higher priority packets as a form of Qos

Answer 344

an ethernet frame that is less than 64 bytes in size

Answer 345

any ethernet frame that exceeds the 802.3 frame size of 1518 bytes

Answer 346

occurs when the interface fails to buffer the incoming packets

Answer 347

CRC number of packets received that failed the cyclic redundancy checksum or CRC check upon receipt

Answer 348

used to count the number of packets where a CRC error and a non-integer number of octets was received

Answer 349

used to count the number of packets that the interface ignored since the hardware interface was low on internal buffers

Answer 350

number of times the sender has operated faster then the router can handle, causing buffers or packets dropped

Answer 351

used to count any frames that are transmitted and are larger than 1518 bytes Babble is for transmission giant is for received

Answer 352

used to count the number of collision that occur after the interface has started transmitting its frame

Answer 353

used to count the number of frames that were transmitted successfully after waiting because the media was busy

Answer 354

number of times a packet was not output from the output hold queue because of a shortage of shared memory

Answer 355

1. confidentiality 2. integrity 3. availability

Answer 356

keep data private and safe using encryption and authentication to access resources

Answer 357

ensures the data can only be read or decoded by the intended recipient

Answer 358

sender and receiver use the same key to encrypt and decrypt a message

Answer 359

1. DES 2. Triple DES 3. AES

Answer 360

a 56-bit encryption key to secure data. today this is considered weak encryption

Answer 361

uses three 56-bit keys which gives a total key strength of 168 bits

Answer 362

Preferred symmetric encryption standard today and is available in 128-bit, 192-bit, and 256-bit keys

Answer 363

Symmetric encryption is almost a 1000x faster than asymmetric encryption

Answer 364

The overhead with symmetric encryption is making sure that all the users have the key who need to use it

Answer 365

Sender and receiver use different keys to encrypt and decrypt a message

Answer 366

gives secure email exchanges and web browsing and solves the problem of having to distribute the keys ahead of time

Answer 367

PKI is where we encrypt the data from an email sender to an email receiver

Answer 368

ensures data was not modified in transit and verifies it came from its original source

Answer 369

We ensure we have integrity in our networks and applications by using hashing

Answer 370

runs a string of data through an algorithm, creates a hash that serves as a unique individual fingerprint for a file or data set

Answer 371

measures data accessibility and is increased by designing redundant networks

Answer 372

a person or event that has the potential for impacting a valuable resource in a negative manner

Answer 373

occurs when one machine continually floods a victim with request for services

Answer 374

occurs when an attacker initiates multiple TCP sessions but never completes them

Answer 375

occurs when an attacker sends a ping to a subnet broadcast address with a source IP spoofed to be that of the victim server

Answer 376

occurs when an attacker uses multiple computers to ask for access to the same server at the same time

Answer 377

a collection of compromised computers under the control of a master node

Answer 378

any of the individually compromised computers within a botnet

Answer 379

occurs when an attacker puts themselves between the victim and the intended destination

Answer 380

occurs when an attacker guesses the session ID that is in use between a client and a server and takes over the authenticated session

Answer 381

occurs when an attacker manipulates known vulnerabilities within DNS to reroute traffic from one site to a fake version of the site

Answer 382

DNSSEC was created to combat DNS poisioning

Answer 383

uses encrypted digital signatures when passing DNS information between servers to help protect it from poisoning

Answer 384

a DHCP server on a network which is not under the administrative control of the network admins

Answer 385

occurs when an attacker masquerades as another person by falsifying their identity

Answer 386

modifying the source address of an IP packet to hide the identity of the sender or impersonate another client

Answer 387

IP spoofing is focused at layer 3 of the OSI model

Answer 388

changing the MAC address to pretend the use of a different network interface card or device

Answer 389

relies on a list of all known and authorized MAC addresses

Answer 390

sends falsified ARP messages over a local area network

Answer 391

the purpose of ARP is to create a binding between a MAC address and an IP address inside of a LAN

Answer 392

to prevent ARP poisoning set up good VLAN segmentation within your network

Answer 393

ability to send traffic from one VLAN to another, bypassing the VLAN segmentation you have configured with your layer 2 networks

Answer 394

1. Double tagging 2. Switch spoofing

Answer 395

connecting to an interface on the switch using access mode with the same VLAN as the native untagged VLAN on the trunk

Answer 396

Attempting to conduct a dynamic trunking protocol DTP negotiation

Answer 397

designed to infiltrate a computer system and possibly damage it without the users consent or knowledge

Answer 398

made up of malicious code that is run on a machine without the users knowledge and infects it whenever that code is run

Answer 399

a piece of malicious software that can replicate itself without user interaction

Answer 400

a piece of malicious software disguised as a piece of harmless or desirable software

Answer 401

restricts access to a victims computer system or files until a ransom or payment is received

Answer 402

gathers information about you without your consent

Answer 403

designed to gain administrative control over a computer system or network device without being detected

Answer 404

a wireless acess point that has been installed on a secure network without authorization from a local network admin

Answer 405

use of IT systems, devices, software applications, or services without the explicit approval of the IT department

Answer 406

wireless access point that uses the same SSID as your own network

Answer 407

attempt to interupt communication between an end user and the wireless access point

Answer 408

captures wireless data packets as they go across the airwaves

Answer 409

any attempt to manipulate users to reveal confidential information or perform actions detrimental to a systems security

Answer 410

sending an email in an attempt to get a user to click on it

Answer 411

more targetd form of phising

Answer 412

focused on key executives within an org or other key leaders, executives and managers in the company.

Answer 413

entering a secure portion of the organizations building by following an authorized person into the area without their knowledge or consent

Answer 414

an employee or other trusted insider who uses their authorized network access in unauthorized ways to harm the company

Answer 415

asesses cyber risk posture and exposure to threats caused by misconfiguration and patching delays

Answer 416

1. Define mission critical components 2. identify strengths weaknesses and security issues 3. strengthen your position 4. stay in control

Answer 417

used to identify understand and evaluate potential hazards in the workplace

Answer 418

the disciplined examaniation of the processes used by the org against a set of criteria

Answer 419

the assessment of a prospective vendor to determine if they can effectively meet the obligations and the needs of the business

Answer 420

using the lowest level of permissions or privielegs needed in order to complete a job function or admin task

Answer 421

- an access method where access is determined by the owner of the resource

Answer 422

1. every object in a system has to have an owner 2. Each owner must determine the access rights and permissions for each object

Answer 423

An access control policy where the computer system gets to decide who gets access to what objects

Answer 424

An access control model that is controlled by the system but focuses on a set of permissions versus an individual permission Creating groups makes it easy to control permissions based around actual job functions

Answer 425

a security framework that requires users to be authenticated and authorized before being granted access to applications and data

Answer 426

1. Reexamine all default access controls 2. Employ a variety of prevention techniques and defense in depth 3. Enable real-time monitoring and controls to identify and stop malicious activity quickly 4. Ensure the networks zero-trust architecture aligns to a broader security strategy

Answer 427

cybersecurity approach in which a series of defensive mechanisms are layered in order to protect valuable data and information

Answer 428

a perimeter network that protects an organizations internal local area network from untrusted traffic only allows people from the outside internet to access certain resources within your network

Answer 429

subnet in the network architecture that uses a single firewall with three interfaces to connect three dissimilar networks Used in networks that have both public and private areas, a screened subnet lets users access the internet without exposing the local area network to internet-based cyber attacks or data breaches. It does this by establishing a network between an internal network and an external/presumed hostile network, such as the internet. This ensures that there is no single vulnerable point that could potentially compromise the entire enterprise network. It uses three network interfaces: Interface 1 is the public interface connected to the internet. Interface 2 connects to the demilitarized zone (DMZ) to which hosted public services are attached. Interface 3 connects to the intranet to provide access to and from internal networks. The subnet's main purpose is to isolate the DMZ and its publicly accessible resources from the intranet, thereby minimizing external attention and possible attacks on that subnet. The architecture makes it more difficult to attack the intranet, especially when a properly configured firewall is combined with the use of private IP addresses on one or both of these subnets. Even if the firewall itself is compromised, an attacker won't be able to access the intranet.

Answer 430

prevents fraud and abuse by distributing carious tasks and approval authorities across a number of different users

Answer 431

authenticates or proves an identity using more than one method

Answer 432

a. Usernames b. Passwords c. PIN d. Answers to questions

Answer 433

a. smartcards b. RSA key fobs c. RFID tags

Answer 434

a. fingerprints b. Retina scans c. Voice prints

Answer 435

a. How you sign your name b. How you draw a pattern

Answer 436

a. Geotagging b. geofencing

Answer 437

the process of determining whether someone or something is who or what it claims to be

Answer 438

validates a username and password combination against an LDAP server as a form of authentication The Lightweight Directory Access Protocol is a common method of accessing data over the network.

Answer 439

focused on authentication and authorization with a windows domain environment

Answer 440

provides centralized administration of dial-up, VPN, and wireless network authentication

Answer 441

used to perform the role of an authenticator in an 802.1x network

Answer 442

a standardized framework that’s used for port-based authentication on both wired and wireless networks

Answer 443

1. supplicant a. Device or user requesting access to the network 2. authenticator a. Switch wireless access point 3. Authentication server a. Centralized device that performs the authentication

Answer 444

allows for numerous different mechanisms of authentication

Answer 445

utilizes simple passwords and the challenge handshake authentication process to provide remote access authentication

Answer 446

uses public key infrastructure with a digital certificate being installed on both the client and the server

Answer 447

requires a digital certificate on the server and a password on the client for its authentication

Answer 448

uses a protected access credential to establish mutual authentication between devices

Answer 449

uses server certificates and Microsoft's AD databases to authenticate a clients password

Answer 450

ensures a device is scanned to determine its current state of security prior to being allowed network access

Answer 451

a piece of software installed on a device requesting access to the network

Answer 452

requires the users to connect to the network and go to a web based captive portal to download an agent on their devices

Answer 453

IEEE 802.1x

Answer 454

used in port-based network access control

Answer 455

defines access periods for given hosts using a time-based schedule / only logging in during approved times

Answer 456

evaluates the location of the endpoint requesting access using IP or GPS geolocation

Answer 457

reevaluates a device's authentication when its being used to do something / looking at the role of the device and figure out if it is doing something it should or should not be able to do

Answer 458

uses a complex admission policy that might enforce a series of rules with the use of logical statements

Answer 459

an electronic detection mechanism that can record the version of the IOS used by a switch

Answer 460

open systems interconnection model

Answer 461

layer 1 is the physical layer

Answer 462

- Where transmission of bits across the network occurs and includes physical and electrical network characteristics - Data is transferred in bytes at this layer series of 1s and 0s

Answer 463

The physical layer also decides the topology of the network

Answer 464

Another issue to be aware of at layer 1 is how is communication synchronized

Answer 465

Asynchronous communication is something like a voicemail, the communication happens out of sync or out of time uses start and stop bits to indicate when transmissions occur from the sender to the receiver

Answer 466

uses a reference clock to coordinate the transmissions by both the sender and receiver

Answer 467

divides our bandwidth into separate channels

Answer 468

uses all available frequencies on a medium (cable) to transmit data A telephone is a good example of baseband communication Aka using all the bandwidth allocated to that phone line Baseband uses a reference clock Wired home ethernet network is also going to use baseband

Answer 469

Each session takes a turn using time slots to share the medium between users

Answer 470

Dynamically allocates the time slots on an as-needed basis

Answer 471

Divides the medium (that cable) into channels based on the frequency and each session is transmitted over different channel

Answer 472

multiplexing is getting more out of a limited network

Answer 473

Cable Ethernet Coaxial Hubs Access points Media converters Layer 1 devices simple repeating what they are told

Answer 474

Packages data into frames and transmits those frames on the network

Answer 475

Physical addressing system of a device which operates on a logical topology Uses a 48 byte address assigned to a network interface card

Answer 476

The first 6 digits in a mac address are the vendor code the second 6 digits are the unique value

Answer 477

provides connection services and allows acknowledgment of receipt of messages

Answer 478

LLC provides basic error control functions

Answer 479

services /apps web browsers files

Answer 480

encoding compression encryption

Answer 481

managing sessions

Answer 482

a set of rules or a way for computers to do things

Answer 483

Phsical datat link network transport session presentation application

Answer 484

application presentation session

Answer 485

Application transport network Data link phsical

Answer 486

the network layer or internet layer

Answer 487

data link layer network internet layer

Answer 488

arp is used to map IP address's to MAC adresses's

Answer 489

the application layer

Answer 490

the phsical layer

Answer 491

a spot where we connect our network to an internet service provider

Answer 492

Generic routing encapsulation

Answer 493

an overlay network is a computer network that is layered on top of another network

Answer 494

underlay network represents the actual interfaces and paths that are being used as traffic is being forwarded on networks

Answer 495

how networks are layed out.

Answer 496

1. device configuration reviews 2. routing tables 3. interface status 4. VLAN assignments 5. Network performance baselines

Answer 497

most network devices have two configs a startup config and a running config

Answer 498

stored in NVRAM and contains the commands needed to initially configure a router

Answer 499

actively being used by the router at that moment

Answer 500

show startup-config

Answer 501

show running-config

Answer 502

"route print"

Answer 503

practice of segmenting an IT organazations network, seperating users into respective network sections

Answer 504

defines the normal working conditions of an enterprise network infastructure

Answer 505

assigns devices with an IP address and also provides them a subnet mask, default gateway and DNS server.

Answer 506

converts domain names to IP addresses using hierarchical and decentralized system of naming

Answer 507

sharing of information between DNS servers about which domain names they have and there associated IP addresses

Answer 508

Synchronizes clocks between systems communicating over a packet switched variable latency data network

Answer 509

DHCP must provide and IP address, subnet mask, default gateway and DNS server to each client to effectively access the internet

Answer 510

DHCP reservations allow the DHCP server to pre-set an IP address to a specific client based on its MAC address. DHCP reservations are usually used with servers or printers on your internal network and are rarely used with end-user devices

Answer 511

provides an IP address to every machine on the network and eliminates configuration errors

Answer 512

a list of valid IP addresses available for assignment or lease to a client computer or endpoint device on any given subnet

Answer 513

excludes some IP addresses being handed out to devices unless they meet a certain condition

Answer 514

with DHCP we can automate setup of all our devices when they join the network

Answer 515

when a device joins the network its going to do what we call a discovery "hey DHCP server I need an IP address"

Answer 516

1. Discover 2. Offer 3. Request 4. Acknowledge D.O.R.A

Answer 517

1. IP address 2. Subnet Mask 3. Default Gateway IP 4. DNS Server IP

Answer 518

DHCP relay is used when the client device and the DHCP server are not located on the same subnet or network

Answer 519

helps network clients find a website using human-readable hostnames instead of numeric IP addresses

Answer 520

Examples of fully qualified domain names www.diontraining.com Mail.diontraining.com Ftp.diontraining.com

Answer 521

1. Root - Answers requests in the root zone 2. Top-level domain - .com .net 3. Second-level domain - Diontraining.com google.com 4. Subdomain - Support.diontraining.com 5. Host - Refers to a specific machine

Answer 522

links a hostname to an IPV4 address

Answer 523

links a hostname to an IPv6 address

Answer 524

points a domain name to another domain or subdomain essentially a domain redirect

Answer 525

Directs email to a mail server

Answer 526

stores important information about a domain or zone ?

Answer 527

corelates an IP address with a domain name These are essentially the opposite of A records

Answer 528

Adds text into the DNS record

Answer 529

specifies a host and port for a specific service

Answer 530

Type of DNS server that stores all the DNS records for a given name

Answer 531

sends DNS records data from the primary nameserver to the secondary nameserver. Zone transfers use the TCP protocol to transfer data

Answer 532

determines what the domain name is for a given IP address.

Answer 533

uses DNS to find the IP address for a given network

Answer 534

allows cloud instances on the same network to access each other using internal DNS names

Answer 535

records created around the domain names from a central authority and used on the public internet An external DNS is a publicly accessible third-party domain name server that's generally open for anyone on the internet to access and update. External DNS allows you to query for the IP address of a domain. An external DNS provider is also known as a public DNS provider.

Answer 536

tells the DNS resolver how long to cache a query before requesting a new one

Answer 537

DNS server communicates with several other DNS servers to hunt down the IP address and return to the client

Answer 538

synchronizes clocks between systems communicating over a packet-switched variable-latency data network

Answer 539

Essentially keeps all the devices on the same time

Answer 540

NTP data is going to be sent over UDP using port 123

Answer 541

ensures you have the proper coverage and helps prevent overlap between wireless access points coverage zones and channels

Answer 542

used to capture and analyze signals and data traffic over a communications channel Example wireshark

Answer 543

used to capture packets running over a network connection in real time and then save them for later analysis

Answer 544

wireshark is both a protocol analyzer and has packet capture functionality

Answer 545

verifies the real world throughput from a client device all the way out to the internet and back this is like the WIFI speed tests you do at work

Answer 546

the speed from your client to the endpoint device and back.

Answer 547

gathers an active measurement of the maximum achievable bandwidth of an IP based network Iperf is a tool for network performance measurement and tuning. It is a cross-platform tool that can produce standardized performance measurements for any network. Iperf has client and server functionality, and can create data streams to measure the throughput between the two ends in one or both directions

Answer 548

performs monitoring troubleshooting and in-depth inspection, interpretation and synthesis of traffic flow data

Answer 549

protocol for exchanging files between two TCP/IP machines port 69

Answer 550

ping checks the connectivity between two devices and usually is used to see if a device is up and is often used for network troubleshooting

Answer 551

ping can use IPV6 with the -6 option.

Answer 552

displays the path between device and its destination showing the source and destination IP address for each hop along the way

Answer 553

a hop is any router or firewall that is in the path of the transmission from the client to the destination

Answer 554

Ipconfig displays all of the current TCP/IP network config values and refreshes DHCP and DNS settings for a windows client/ server

Answer 555

ipconfig /release

Answer 556

Ipconfig /renew

Answer 557

Ipconfig /all

Answer 558

ifconfig -v eth0

Answer 559

Ip – assigns an address to a network interface or configures network interface parameters on a Unix, Linux, or OSX operating system

Answer 560

used to query the DNS to provide the mapping between domain names and IP addresses or other DNS records

Answer 561

nslookup google.com

Answer 562

nslookup 8.8.8.8

Answer 563

used to conduct queries against DNS nameservers and is only available for Linux, Unix and OS X systems by default

Answer 564

ARP command is used to display and modify entries in the address resolution protocol cache on a system.

Answer 565

route is used to view and manipulate the IP routing table in a windows osx or linux system

Answer 566

route that takes effect when no other route is available for an IP destination address

Answer 567

route print

Answer 568

used to view the current connection and statistics for devices communicating using the NetBIOS over TCP/IP protocol

Answer 569

displays information for IP based connections on a client including its current sessions its source and destination IP's and port numbers.

Answer 570

Tcpdump – allows for the display of TCP/IP and other packets being transmitted or received over the network to the clients screen

Answer 571

1. routers 2. switches 3. firewalls refers to any of these above items regardless of the brand or manufacturer

Answer 572

displays statistics for the network interfaces on the device

Answer 573

show config - displays the current system configuration on the screen

Answer 574

VLAN trunking protocol multiple VLANS in a single link

Answer 575

occurs when two hosts on the network transmit at the same time which causes the signals to combine on the network medium

Answer 576

collisions can occur in both wired and wireless networks

Answer 577

network segment where simultaneous data transmissions collide with each other

Answer 578

Use any layer 2 device to break apart collision domains like a switch or a bridge

Answer 579

1. turn off auto negotiation 2. hardcode to lower speed 3. change to half duplex.

Answer 580

occurs when a network system is overwhelmed by continuous or multicast or broadcast traffic A broadcast storm or broadcast radiation is the accumulation of broadcast and multicast traffic on a computer network. Extreme amounts of broadcast traffic constitute a "broadcast storm". It can consume sufficient network resources so as to render the network unable to transport normal traffic.

Answer 581

a logical division of a computer network where all nodes can reach each other by broadcast at the data link layer

Answer 582

we can use a router

Answer 583

1. too large singular broadcast domain 2. large volume of DHCP requests 3. loops are created in the switching environment

Answer 584

1. enable bridge protocol data units 2. enforce a maximum number of MAC address's per port 3. break up large broadcast domains using routers and layer 3 switches

Answer 585

listens to multicast messages on a network and keeps track of the MAC addresses being used

Answer 586

to prevent issues on your network relating to duplicate MAC addresses you can enable port security on your switches.

Answer 587

occurs when another computer on the same network has an identical IP to another workstation or server on the same network (This can also be a DHCP server issue)

Answer 588

Duplicate IP addressing issues usually come from using static IP address's

Answer 589

Static IP address issue DHCP server issue Rogue DHCP server

Answer 590

no specific host is associated with the multicast MAC address in the CAM table of the switch. To fix this issue we need to disable multicast traffic on the switchport

Answer 591

Network packets leave via one path and return via a different path

Answer 592

when a router cannot reach a destination because there is a missing route in the routing table

Answer 593

occurs whenever there is more than one path between the source and the destination devices.

Answer 594

to prevent a switching loop you have to enable STP or spanning tree protocol

Answer 595

switching loops are usually an issue with how stp is configured

Answer 596

formed when an error occurs in the operation of the routing algorithm and creates a circular route amongst a group of network devices

Answer 597

split horizon route poisoning

Answer 598

routing configuration that stops a route from being advertised back in the direction where it came from. In computer networking, split-horizon route advertisement is a method of preventing routing loops in distance-vector routing protocols by prohibiting a router from advertising a route back onto the interface from which it was learned

Answer 599

increasing a routers metric to an infinitely high number after detecting one of its connected routes has failed Route poisoning is a method of quickly forgetting outdated routing information from other router's routing tables by changing its hop count to be unreachable (higher than the maximum number of hops allowed) and sending a routing update.

Answer 600

prevents bad routes from being restored and passed to other routers by accident

Answer 601

automatically assigns an IP address, subnet mask, default gateway and DNS servers IP address to a client when it joins the network

Answer 602

a DHCP server on a network which is not under the administrative control of the network admins

Answer 603

1. DHCP snooping 2. Port Security 3. Intrusion Detection system

Answer 604

Occurs when the DHCP server runs out of Valid IPs to assign to the clients requesting access on the network

Answer 605

1. IP address 2. Subnet Mask 3. Default Gateway IP 4. DNS Server IP

Answer 606

runs on an individual computer or device connected to the network to protect that one device

Answer 607

Deployed in line with the network traffic flow to monitor and filter incoming and outgoing network traffic based on established rule sets.

Answer 608

Access to protected resources from unprotected networks is not working Access to unprotected resources from protected networks is not working Access to the firewall and its configurations is not working

Answer 609

Issues can usually be broken down into "either traffic is not going through the firewall or not going to the firewall properly "

Answer 610

provides security by blocking unauthorized users and allowing authorized users to access specific resources

Answer 611

show access lists

Answer 612

When writing an ACL rule keep these things in mind Ensure there are no typos in your rules Verify the protocol and port numbers referenced by the rule are correct Verify the source and destination addresses are referenced by the rule Did you include the correct IP and subnet mask Verify the order of rules is being verified correctly

Answer 613

Are the A records and CNAME records properly created ? We can verify this using NSlookup Is the TTL or time to live set properly

Answer 614

time and delay that occurs whenever users request a particular domain name

Answer 615

by using DNS servers that are closer to our users

Answer 616

NTP packets not being received NTP packets not being processed NTP packets have errors or packet lost

Answer 617

Ensure proper connection between clients and servers Verify communication between clients and servers using MAC address Verify communication between clients and servers using the IP addresses

Answer 618

theoretical speed of data going across the network

Answer 619

actual speed of data on the network

Answer 620

estimated measure of the power level that a radio frequency client device is receiving from a wireless access point or wireless router (otherwise known as signal strength)

Answer 621

radio frequency waves extend outward in all directions away from the antenna and the wireless access point to an equal power level

Answer 622

produces radio frequency waves extending outward in two directions

Answer 623

a unidirectional antenna that sends the radio frequency waves in only one direction (commonly used for site to site connections)

Answer 624

allows the radio waves to be transmitted in only one direction over a longer distance then a yagi

Answer 625

For indoor use you are more likely to use omnidirectional and unidirectional antennas

Answer 626

a statistic or measure of the amount of airtime utilization that occurs for a particular frequency or channel

Answer 627

In order to have a fast wireless network you want to keep your channel utilization under 30% to have a faster wireless network

Answer 628

Access points and clients form a single broadcast domain when they operate on the same channel

Answer 629

listens to see if another device is actively transmitting on the channel before attempting to send frames on the channel

Answer 630

Wireless client sends a probe request to discover any 802.11 wireless networks in proximity to itself (broadcast message) Receiving access point checks to see if it can support the data rate the client requested Wireless client sends a low-level 802.11 authentication frame to the access point to begin authentication Access point receives the authentication frame and responds with an acknowledgment to continue the handshake Wireless client chooses the access point it wants to associate with and sends an association request Access point processes the association request if the information sent matches its capabilities Client is fully connected and associated and can now conduct any data transfer it needs and use the wireless network

Answer 631

Scan airwaves Find access points Request association Authenticate Contact the DHCP server

Answer 632

a measure of how much area around a wireless transmitter is there sufficient signal strength for wireless devices to utilize

Answer 633

Signal booster Larger antenna Wireless repeater Second access point

Answer 634

occurs when multiple wireless networks communicate on the same channel using the same frequency

Answer 635

occurs when the transmitted signal bounces off walls and other phsical objects and then is redirected to the reciever

Answer 636

1. Idle timeout 2. Session timeout 3. Manual deletion 4. Wireless network change 5. Authentication timeout 6. Access point radio reset

Answer 637

Captive portals usually rely on 802.1x, and 802.1x uses RADIUS for authentication. The IEEE 802.1x standard is a network authentication protocol that opens ports for network access when an organization authenticates a user's identity and authorizes them for access to the network. This defines port security. The user's identity is determined based on their credentials or certificate, which is confirmed by the RADIUS server.

Answer 638

where transmission of bits across the network occurs data is transferred in bytes at this layer series of 1s and 0s

Answer 639

measure of how well a computer network can respond to connectivity and performance demands that are placed on it

Answer 640

being up and operational

Answer 641

not dropping packets

Answer 642

measures average time it takes to repair a network device when it breaks

Answer 643

measures average time between when failures occur on a device

Answer 644

redundancy is achieved using a single device or multiple devices

Answer 645

using a group of network interface cards for load balancing and failover on a server or other device

Answer 646

Cisco's proprietary first hop redundancy protocol which allows for an active and a standby router to be used together

Answer 647

IETF's open standard variant of HSRP which allows for an active router and multiple standby routers

Answer 648

Cisco's proprietary first-hop redundancy which focuses on load balancing over redundancy Cisco protocol

Answer 649

achieves redundancy by having multiple links between the network devices where load balancers over multiple links can occur

Answer 650

Examine technical and operational goals What is the function of this network What are you trying to accomplish with this network Identify the budget to fund high availability features This can get really expensive Categorize business applications into profiles Establish performance standards for high availability solutions Define how to manage and measure the high availability solutions

Answer 651

Cold site Warm site Hot site Cloud site

Answer 652

an available building that does not have any hardware or software in place or configure Recovery with a cold site is going to be slow and time consuming

Answer 653

an available building that already contains a lot of the equipment Recovery is going to be fairly quick

Answer 654

an available building that already has the equipment and data in place and configured Very minimal downtime but this is very expensive

Answer 655

allows for the creation of a recovery version of an organizations enterprise network in the cloud

Answer 656

duration of time and service level within which a business process must be restored after a disaster to avoid unacceptable consequences

Answer 657

complete backup of every single file on a machine

Answer 658

only backs up data that changed since the last backup

Answer 659

only backs up the data since the last full backup

Answer 660

provides emergency power to a load when the input power source or main power fails

Answer 661

Distributes electric power to racks of computers and network equipment located within a data center

Answer 662

1. dedicated lease lines 2. circuit switched 3. packet switched connections

Answer 663

logical connection that connects two sites through a service providers facility or a telephone

Answer 664

a dedicated lease line is a single pipe going from your service providers office to your business office

Answer 665

connection is brought up only when needed similiar to making a phone call. essentially this is full access when you need it but when you dont need it its not there

Answer 666

works like an always-on dedicated lease line but multiple customers share the same bandwidth

Answer 667

1. cellular 2. microwave 3. satelite 4. high-frequency radio

Answer 668

1. WCDMA 2. HSPA 3. HSPA +

Answer 669

used by the UTMS standard and could reach data speeds of up to 2 MBPS

Answer 670

reaches speeds of up to 14.4 mbps and is sometimes referred to as 3.5 G

Answer 671

reaches speeds of up to 50 MBPS and is sometimes reffered to as 3.75 G

Answer 672

low-band, mid-band, high-band as you go up in the bands you get higher speeds but less coverage

Answer 673

a cellular tech that takes the voice during a call then converts it to digital data

Answer 674

a cellular technology that uses code division to split up a channel

Answer 675

uses a beam of radio waves in the microwave requency range to transmit info between two fixxed locations

Answer 676

a method osusing communication satelites located in space to connect a user to the internet

Answer 677

terminates the digital signals at the customers location

Answer 678

these are dedicated leased lines

Answer 679

T1 has a speed of 1.544 mbps

Answer 680

T3 has a speed of 44.7 MBPS

Answer 681

E1 has a speed of 2.0 mbps

Answer 682

less expensive and more common than specialized serial ports used in a CSU/DSU environment service provider gives you an ethernet jack that you can plug into your router An increasingly popular leased line is one called Metro Ethernet. This is ethernet that you would connect in a regional area or a city area and be able to simply have ethernet at both ends of the connection. We would normally use a T1, or E1, or some other type of WAN. So this is not something that you commonly see, but you can obviously see the advantages. All of your equipment already has ethernet on it, so why not simply plug-in and not use any additional equipment just to connect sites together.

Answer 683

commonly used layer 2 protocol on dedicated lease lines to transmit multiple layer 3 protocols such as IP and IPX

Answer 684

performs one-way authentication between a client and a server

Answer 685

performs one way auth using a three-way handshake

Answer 686

they are not secure at all because they are sent in the clear

Answer 687

chap uses hashed credentials which are way more secure then PAP

Answer 688

a network protocol for encapsulation point-to-point protocol frames inside ethernet frames

Answer 689

uses a cable television infastructure that is made up of hybrid fiber-coax distribution network

Answer 690

cable modems

Answer 691

cable modems transmit and recieve over cable television infastructure

Answer 692

used in remote, rural, or disconnected locations where other connections are not available weather can weaken signals satelite usually has higher latency because of the distance it has to travel

Answer 693

runs on public switchedtelephone network PTSN which consists of all telephone carriers from around the world

Answer 694

an older technology designed to carry voice, video, or data over B bearer channels / puts and bind channels together

Answer 695

creates virtual circuits to connect remote LANs to WANs Wan technology was a departure from circuit switched T1s with frame relay lan traffic is encapsulated into frame relay frames Frame relay was replaced with MPLS MPLS is the defualt for WAN's nowadays

Answer 696

layer 1 tech that uses fiber as its media and has high data rates which range from 155 mbps to 10 gbps or more multiplex digital signals over optical cable

Answer 697

ATM deals with Fiber and SONET networks

Answer 698

allows traffic to be dynamically routed based on load conditions and path availability / this is primarily used by service providers on there backbone networks

Answer 699

allows internet to be used as WAN connection for secure site-to-site communication - allows remote sites to build the VPN between each other and tear it down - cisco protocol

Answer 700

allows for leveraging any combo of transport services to securely connect users to their applications / essentially a software based WAN architecture

Answer 701

Enables one node to communicate with many other nodes essentially creating a point-to-multipoint link MGRE is often used in DMVPN

Answer 702

You can use MGRE at your main office to connect branch offices back to it

Answer 703

MGRE is usually going to be combined with DMVPN MGRE is used to create tunnels from one node to multiple nodes

Answer 704

theoretical speed of data going across the network

Answer 705

actual speed of data on the network

Answer 706

estimated measure of the power level that a radio frequency client device is receiving from a wireless access point or wireless router (otherwise known as signal strength)

Answer 707

maximum power radiated from an ideal isotropic antenna, given its antenna gain, and the transmitter power of the radio frequency system

Answer 708

An omnidirectional antenna is considered Isotropix

Answer 709

Most wireless access points are going to use omni directional antennas

Answer 710

radio frequency waves extend outward in all directions away from the antenna and the wireless access point to an equal power level

Answer 711

produces radio frequency waves extending outward in two directions

Answer 712

a unidirectional antenna that sends the radio frequency waves in only one direction (commonly used for site to site connections)

Answer 713

allows the radio waves to be transmitted in only one direction over a longer distance than a yagi antenna (commonly used for site to site connections)

Answer 714

For indoor use you are more likely to use omnidirectional and unidirectional antennas

Answer 715

the orientation of the electric field or transmission from the Antenna

Answer 716

Most Wi-Fi networks use vertical polarization

Answer 717

a statistic or measure of the amount of airtime utilization that occurs for a particular frequency or channel

Answer 718

In order to have a fast wireless network you want to keep your channel utilization under 30% to have a faster wireless network

Answer 719

expand on this

Answer 720

listens to see if another device is actively transmitting on the channel before attempting to send frames on the channel

Answer 721

process of planning and designing a wireless network to provide the required wireless solution

Answer 722

1. Wireless client sends a probe request to discover any 802.11 wireless networks in proximity to itself (broadcast message) 2. Receiving access point checks to see if it can support the data rate the client requested 3. Wireless client sends a low-level 802.11 authentication frame to the access point to begin authentication 4. Access point receives the authentication frame and responds with an acknowledgment to continue the handshake 5. Wireless client chooses the access point it wants to associate with and sends an association request 6. Access point processes the association request if the information sent matches its capabilities Client is fully connected and associated and can now conduct any data transfer it needs and use the wireless network

Answer 723

Scan airwaves Find access points Request association Authenticate Contact the DHCP server

Answer 724

a measure of how much area around a wireless transmitter there is sufficient signal strength for wireless devices to utilize

Answer 725

by conducting a wireless site survey

Answer 726

Signal booster Larger antenna Wireless repeater Second access point

Answer 727

occurs when multiple wireless networks communicate on the same channel using the same frequency

Answer 728

reduction of signal strength between the transmission and receipt of the signal

Answer 729

occurs when the transmitted signal bounces off walls and other physical objects and then is redirected to the receiver

Answer 730

Idle timeout Session timeout Manual deletion Wireless network change Authentication timeout Access point radio reset

Answer 731

a natural language name used to identify a wireless network in an 802.11 network

Answer 732

a web page displayed to newly-connected WI-FI users before being granted broader access to network resources

Answer 733

redirects all traffic to a web server which then redirects them to a captive portal using a 302 HTTP status code

Answer 734

sends error messages and operational information indicating the success or failure of communicating with another IP address

Answer 735

the client is redirected by the onboard DNS server to the captive portal webpage

Answer 736

Captive portals usually rely on 802.1x, and 802.1x uses RADIUS for authentication. The IEEE 802.1x standard is a network authentication protocol that opens ports for network access when an organization authenticates a user's identity and authorizes them for access to the network. This defines port security. The user's identity is determined based on their credentials or certificate, which is confirmed by the RADIUS server.

Answer 737

measure of how well a computer network can respond to connectivity and performance demands that are placed upon it

Answer 738

being up and operational

Answer 739

not dropping packets

Answer 740

measures average time it takes to repair a network device when it breaks / want this to be a very small number

Answer 741

measures average time between when failures occur on a device / want this to be a very large number

Answer 742

Redundancy is achieved using a single device or multiple devices

Answer 743

using a group of network interface cards for load balancing and failover on a server or other device

Answer 744

used if the default gateway goes down and clients couldn’t leave the subnet

Answer 745

cisco's proprietary first-hop redundancy protocol which allows for an active and a standby router to be used together

Answer 746

IETF's open standard variant of HSRP which allows for an active router and multiple standby routers

Answer 747

Cisco's proprietary first-hop redundancy which focuses on load balancing over redundancy

Answer 748

allows the user to combine numerous physical Ethernet links into one logical link, which helps create load balancing in the interfaces.

Answer 749

1. Examine technical and operational goals a. What is the function of this network b. What are you trying to accomplish with this network 2. Identify the budget to fund high availability features a. This can get really expensive 3. Categorize business applications into profiles 4. Establish performance standards for high availability solutions Define how to manage and measure the high availability solutions

Answer 750

Cold site Warm site Hot site Cloud site

Answer 751

an available building that does not have any hardware or software in place or configure Recovery with a cold site is going to be slow and time consuming

Answer 752

an available building that already contains a lot of the equipment Recovery is going to be fairly quick

Answer 753

an available building that already has the equipment and data in place and configured Very minimal downtime but this is very expensive

Answer 754

allows for the creation of a recovery version of an organizations enterprise network in the cloud

Answer 755

duration of time and service level within which a business process must be restored after a disaster to avoid unacceptable consequences

Answer 756

RTO answers the question of how much time did it take to recover after the notification of a business process disruption

Answer 757

Use either a hot site or a cloud site for low RTO situations

Answer 758

interval of time during a disruption before data lost exceeds the Business Continuity plan maximum allowable threshold or tolerance

Answer 759

Full backup – complete backup of every single file on a machine Incremental backup – only backs up data that changed since the last backup Differential backup – only backs up the data since the last full backup Snapshot – read only copy of your data from a point in time

Answer 760

provides emergency power to a load when the input power source or main power fails

Answer 761

Distributes electric power especially to racks of computers and network equipment located within a data center

Answer 762

Generally a PDU is combined with a UPS or generator to provide power during a blackout

Answer 763

using a sprinkler system and pipes that always contain water – a leak in the pipe could be very dangerous we should not use this

Answer 764

enables strategic optimization of network performance based on different types of traffic

Answer 765

Delay Jitter Drops

Answer 766

the time a packet travels from the source to the destination – measured in miliseconds – this is a big deal with voice or streaming video

Answer 767

uneven arrival of packets which is especially harmful in VOIP traffic

Answer 768

occurs during link congestion when a routers interface queue overflows and cause packet loss

Answer 769

is going to be the lowest bandwidth of the device in the network stream

Answer 770

to categorize traffic, apply a policy, and prioritize traffic in accordance with a Qos Policy a family of evolving Internet standards that provides ways to give preferential treatment to certain types of IP traffic

Answer 771

best effort No QOS traffic is first in and first out Integrated services Hard QOS Traffic has strict bandwidth reservations Differentiated services Soft QOS Has differentiation of data types where routers and switches can make decisions based on markings and fluctuate traffic

Answer 772

Classification Traffic is placed into different categories Marking Alters bits within a frame, cell, or packet which indicates handling of traffic Congestion Management Determines the order in which packets are sent out an interface based on priorities assigned to those packets Congestion avoidance Newly avoided packets would be discarded if the devices output queue fills to capacity Policing and shaping Policing – typically discards packets exceeding the configured rate limit Shaping - Allows buffer to delay traffic from exceeding the configured rate Link efficiency Packet payload is compressed to conserve bandwidth VOIP payload can be reduced by 50%

Answer 773

no collosions cannot happen in full duplex mode

Answer 774

useful for testing physical ports sends traffic out one port and right back into the port

Answer 775

software defined networking in a wide area network a WAN built for the cloud

Answer 776

port bonding / link aggregation multiple interfaces acts like one big interface

Answer 777

link aggregaton control protocol you can combine 4 10 GB ports to equal 40GB ports

Answer 778

the routing layer! IP addresses operate at the network layer

Answer 779

100 meters

Answer 780

coaxial twisted pair serial

Answer 781

RG-6 is commonly used by ISP's to connect internet to your home

Answer 782

F-type BNC

Answer 783

commonly used in cable tv this is a skrew in type of connection

Answer 784

this is a push in connector used with coaxial cable

Answer 785

twinaxial cables are used for very short range high speed connections between devices

Answer 786

twisted pair you use these at work all the time its on every desk at flagship

Answer 787

0-100 meters

Answer 788

commonly used for data transfer

Answer 789

1000base-T 100 meters 10Gbase-T 100 meters 40G base-t - 30 meters

Answer 790

IMAP and POP3 are used for incoming mail communication

Answer 791

1. Server IP address 2. protocol = TCP/UDP 3. Server application port number 4. client IP address 5. protocol 6. client port number

Answer 792

one station sending information to another station web surfing and file transfers are unicast traffic

Answer 793

a protocol data unit is a unit of transmission the PDU's are different groups of Data at different OSI layers Ethernet operates on a frame of data the TCP PDU is a segment the UDP PDU is a datagram

Answer 794

802.1W RSTP has a faster convergence this took the convergence time from 30 to 50 seconds to 6 you can use both STP and RSTP in a network and they can coexist

Answer 795

OSPF RIP EIGRP

Answer 796

128 bits long

Answer 797

10.0.0.0-10.255.255.255 172.16.0.0-172.31.255.255 192.168.0.0-192.168.255.255

Answer 798

in a SAN network environment

Answer 799

ACL's are used to deny or allow traffic