NETWORK+ Flashcards

Question

Ethernet Header

Answer 1

contains destination and source MAC addresses as its first two fields.

Answer 2

tracks the state of communication between two TCP endpoints. (slower than UDP) 20-60 bits

Answer 3

source port, destination port, packet length (header and data), and a simple (and optional) checksum

Answer 4

a network configuration in which computers are linked to one another by numerous redundant connections. (no switch or hub)

Answer 5

connects each node to a central hub

Answer 6

network communication takes place over a single bus or channel. network communication takes place over a single bus or channel

Answer 7

a type of network configuration where devices are connected in a circular manner, forming a closed loop

Answer 8

made up of two or more topologies (expenisve , needs MSAL)

Answer 9

Peer to Peer - a decentralized platform whereby two individuals interact directly with each other, without intermediation by a third party. (equally privileged)

Answer 10

consists of a single central computer functioning as a server and directing several other computers(clients)

Answer 11

Local Area Network -a collection of devices connected together in one physical location, such as a building, office, or home.

Answer 12

Metropolitan Area Network -a computer network that connects computers within a metropolitan area, (bigger than LAN, smaller than WAN)

Answer 13

Wide Area Network -spans beyond a single building or large campus to include multiple locations spread across a specific geographic area, or even the world.

Answer 14

Wireless Local Area Network -links two or more devices using wireless communication to form a local area network within a limited area such as a home, school, computer laboratory, campus, or office building. (ex wifi)

Answer 15

Personal Area Network -connects electronic devices within a user's immediate area

Answer 16

Campus Area Network -made up of an interconnection of local area networks within a limited geographical area.

Answer 17

Storage Area Network -network of storage devices that can be accessed by multiple servers or computers, providing a shared pool of storage space. Each computer can access storage on the SAN as though they were local disks connected directly to the computer.

Answer 18

Software Defined Wide Area Network - a virtual WAN architecture that allows enterprises to leverage any combination of transport services – including MPLS, LTE and broadband internet services – to securely connect users to applications.

Answer 19

Multiprotocol Label Switching - routes traffic using the shortest path based on “labels,” rather than network addresses, to handle forwarding over private wide area networks. (technique for speeding up network connections)

Answer 20

Multipoint Generic Routing Encapsulation -connect multiple remote sites through a VPN multiple endpoints, resulting in a point to multipoint topology.

Answer 21

Generic Routing Encapsulation -developed by Cisco Systems that can encapsulate a wide variety of network layer protocols inside virtual point-to-point links or point-to-multipoint links over an Internet Protocol network

Answer 22

the point at which the telephone company's wiring ends and the customer's wiring begins (public to private)

Answer 23

(intelligent network interface device, INID) similar to NID but with newer technology and additional features. commonly used for complex types of telecom services, such as T1 lines (Verizon)

Answer 24

Virtual switches are also used to establish connections between virtual and physical networks and to carry a VM's traffic to other VMs or a physical network.

Answer 25

a virtualized Network Interface Card, used by a Virtual Machine as its network interface. A VNIC is assigned a MAC address

Answer 26

Network functions virtualization -replacement of network hardware with virtual machines. The virtual machines use a hypervisor to run networking software and processes such as routing and load balancing.

Answer 27

a software that you can use to run multiple virtual machines on a single physical machine

Answer 28

a reserved circuit between two communication points that is always active and rented monthly. Leased lines are dedicated, meaning that any bandwidth associated with the leased line is solely for private, organizational use.

Answer 29

various high-capacity transmission technologies that transmit data, voice, and video across long distances and at high speeds

Answer 30

Asymmetric digital subscriber line - a data communications technology that enables faster data transmission over copper telephone lines than a conventional voiceband modem can provide.

Answer 31

Data Over Cable Service Interface Specification -international telecommunications standard that permits the addition of high-bandwidth data transfer to an existing cable television system.

Answer 32

100Mbs 100mhz 1000Base-T

Answer 33

1Gbps (1000Mbs) 100mhz 1000Base-T

Answer 34

10Gbps 250mhz 10GBase-T Unshielded: 55 m Shielded: 100 m

Answer 35

10Gbps 500mhz 10GBase-T

Answer 36

10Gbps 600mhz 10GBase-T

Answer 37

40Gbps 2000mhz 40GBase-T

Answer 38

Coaxial cable and satellite signal transmission for residential or commercial installations

Answer 39

similar to coaxial cable, but with two inner conductors in a twisted pair instead of one (cheap fast)

Answer 40

White/Green Green White/Orange Blue White/Blue Orange White/Brown Brown

Answer 41

White/Orange Orange White/Green Blue White/Blue Green White/Brown Brown

Answer 42

Single-Mode Fiber -a single glass fiber strand used to transmit a single mode or ray of light (laser, higher bandwiths)

Answer 43

Mechanical Transfer Registered Jack -the connector houses two fibers and mates with locating pins on the plug. (small form factor)

Answer 44

Angled Physical Connect - 8°angel, minimizing the back reflection as a result (GREEN)

Answer 45

Ultra Physical Contact -polished with no angle (BLUE)

Answer 46

"over the air" terrestrial television, cable television and universally for satellite television and cable modems, (RG-6/U r RG-59/U cable)

Answer 47

Small Form-Factor Pluggable -provide required optical or electrical reach via copper or fiber optic cables (transmit and receive at same time)

Answer 48

Enhanced Form-Factor Pluggable -an updated SPF version that supports higher speeds up to 10Gbps

Answer 49

Quad Small Form-Factor Pluggable -supports a maximum data transfer rate of up to 4 Gbps

Answer 50

Enhanced Quad Small Form-Factor Pluggable -supports a higher data transfer rate of up to 10 Gbps

Answer 51

older blocks which only supported up to CAT3

Answer 52

support up to CAT6 and provide better bandwidth

Answer 53

European/UK connector open-ended contact slots at a 45-degree angle to the wire

Answer 54

proprietary block developed originally by Nortel Networks.

Answer 55

maximum speed of 10 Mbps, uses twisted-pair copper cabling (home networks and small businesses)

Answer 56

maximum speed of 100 Mbps and also uses twisted-pair copper cabling to connect devices (large LAN's, office networks)

Answer 57

1300nm multimode light. maximum length: 2 kilometers for full duplex over multimode optical fiber.

Answer 58

850nm light -up to 300 meters. -lower cost alternative to 100Base-FX

Answer 59

850nm multimode light over multimode fibers. maximum length is 500 m, can reach longers

Answer 60

1300 or 1310nm single mode fiber and laser. maximum lenght 5km-10km

Answer 61

a port type for multi-mode fiber and uses 850 nm lasers

Answer 62

10-Gbps Ethernet standard that operates at ranges of up to 25 kilometers two 1310-nm single-mode fibers

Answer 63

Coarse Wavelength-Division Multiplexing -up to 18 wavelength channels transmitted over a dark fiber at the same time. wavelenghts:1310nm and 1550nm. 70km

Answer 64

Dense Wavelength-Division Multiplexing -up to 80 simultaneous wavelength channels, 0.8nm apart. connections can be amplified, used for transmitting data much longer distances.

Answer 65

Bidirectional wavelength-division multiplexing -transmission of optical channels on a fiber propagating simultaneously in both directions.

Answer 66

networking equipment assigns IP addresses in a private network.

Answer 67

Network Address Translation - a way to map multiple private addresses inside a local network to a public IP address before transferring the information onto the internet

Answer 68

Port Address Translation -allows a single public IP address to be used by multiple devices within a private network. accomplished by assigning each device a unique port number and routing incoming traffic accordingly.

Answer 69

Automatic Private IP Addressing -devices automatically assign IP addresses to themselves when they cannot get an IP address from a Dynamic DHCP

Answer 70

Extended Unique Identifier -allows a host to assign iteslf a unique 64-Bit IP Version 6 interface identifier (no need for manual DHCP in IPv4

Answer 71

one-to-many and many-to-many real-time communication over an IP infrastructure in a network (simultaneously)

Answer 72

one-to-one transmission from one point in the network to another point (one sender, one receiver)

Answer 73

multiple machines to share the same IP address, sent to closest device

Answer 74

Multimode fibers -for transporting light from a laser source to the place where it is needed

Answer 75

ensures each node's transmissions are received by all other nodes in the network; single communications channel

Answer 76

FF00::/8 -one to may

Answer 77

FC00::7 -packets to interface, private network

Answer 78

2000::/3 -internet routing

Answer 79

FE80::/10 -non-routable (like APIPA)

Answer 80

automatically assign IP address when no other assignment method available (like APIPA)

Answer 81

127.0.0.1 -allows the machine to connect to and communicate with itself

Answer 82

address of your router/ modem (hardware that sits between user's home network and the rest of the internet)

Answer 83

Variable Length Subnet Mask - all subnet masks can have varying sizes. enables network engineers to use multiple masks for different subnets of a single class A, B or C network.

Answer 84

1-127 -255.0.0.0 large number of hosts

Answer 85

10.0.0.0 to 10.255.255.255

Answer 86

128-191 -255.255.0.0 medium to large sized networks

Answer 87

172.16.0.0 to 172.31.255.255

Answer 88

192-223 -255.255.255.0 small local area networks (LANs).

Answer 89

192.168.0.0 to 192.168.255.255

Answer 90

224-239 not allocated to hosts and are used for multicasting

Answer 91

240-255C reserved for research purposes

Answer 92

Classless Inter-Domain Routing -IP address and a suffix that indicates network identifier bits in a specified format ex: /24

Answer 93

allows for the movement of data from one network to another. (encapsulation TCP, VPN encryption, private across public)

Answer 94

supports the simultaneous use of both IPv4 and IPv6 addresses

Answer 95

for IPv6 auto-configuration and routing. When enabled, messages are sent by router periodically and in response to solicitations

Answer 96

Stateless Address Auto-Configuration -enables each host on the network to auto-configure a unique IPv6 address without device keeping track of which address is assigned to which node.

Answer 97

virtual interface created by dividing one physical interface into multiple logical interfaces (layer 3)

Answer 98

range of IP addresses that a DHCP server can distribute to clients on a specific network segment. defines the pool of available addresses

Answer 99

addresses taken from a DHCP scope that the DHCP server is not allowed to hand out

Answer 100

lets you assign a specific IP address to a specific device or whenever the device connects to the network

Answer 101

default lease time for the DHCP server is 24 hours

Answer 102

provides a way for DHCP clients to communicate with DHCP servers when none are available on its local subnet

Answer 103

forward broadcast and multicast packets received for a specific IP address

Answer 104

Canonical Name -resource record in the Domain Name System that maps one domain name to another. (convenient when running multiple services from a single IP address)

Answer 105

Mail Exchange -a DNS record that routes emails to specified mail servers

Answer 106

State of Authority (DNS) -the email address that you used to register your domain

Answer 107

Pointer (DNS) -provides the domain name associated with an IP address (opposite of "A")

Answer 108

Text -stores text notes on a DNS serverS

Answer 109

Service -used to identify computers hosting specific services (locate controllers in AD)

Answer 110

Name Server -indicates which DNS server is authoritative for that domain

Answer 111

the topmost part of a website's address and represents the ground level of the website's identity EX: poop.com

Answer 112

process of copying the contents of the zone file on a primary DNS server to a secondary DNS server

Answer 113

the final holder of the IP of the domain you are looking for.

Answer 114

like a stopwatch for how long to keep a DNS record.

Answer 115

temporary DNS storage on a device that contains DNS records of already visited domain names, uses TTL

Answer 116

takes an IP address and returns the domain name associated with that IP

Answer 117

resolve IP addresses to names

Answer 118

resolve names to IP addresses

Answer 119

one DNS server communicates with several other DNS servers to hunt down an IP address and return it to the client

Answer 120

client communicates directly with each DNS server involved in the lookup.

Answer 121

Network Time Protocol -protocol that allows the synchronization of system clocks (from desktops to servers)

Answer 122

hierarchy of time servers in an NTP network Stratum level (0-15) indicates the device's distance to the reference clock

Answer 123

Part 1: part of the network which enables the users to connect to the wired Ethernet Network (Ethernet Switches, Hubs)

Answer 124

Part 2: network grows beyond a certain size, it must be divided into multiple local (Access Layer) networks (Routers)

Answer 125

Part 3: backbone of a network, used to connect multiple Distribution Layer devices together (most powerful layer, fiber, redundancy)

Answer 126

a network architecture approach that enables the network to be intelligently and centrally controlled, or 'programmed,' using software applications

Answer 127

network programs and applications that communicate the desired network behavior and requirements to the underlying SDN control layer.

Answer 128

connects the application layer and the infrastructure layer (admin control)

Answer 129

underlying network of physical switches and routers in the network These devices forward network traffic to their destinations based on rules/policies from controller.

Answer 130

handles high-level network management and operations including network monitoring and customer billing

Answer 131

data center network topology that consists of two switching layers—a spine and leaf

Answer 132

uses network switches to connect servers and other devices in the same rack

Answer 133

part of computer network which interconnects networks, providing a path for the exchange of information between different LANs or subnetworks

Answer 134

Storage Area Network

Answer 135

Fibre Channel over Ethernet enables Fibre Channel (FC) communications to run directly over Ethernet.

Answer 136

connect computer data storage to servers in storage area networks (SAN) in commercial data centers.

Answer 137

Internet Small Computer Systems Interface -allows the SCSI command to be sent end-to-end over local-area networks (LANs), wide-area networks (WANs) or the internet

Answer 138

Software as a service -allows users to connect to and use cloud-based apps over the Internet (office 365, pay as you go)

Answer 139

Infrastructure as a Service -provides on-demand access to computing resources such as servers, storage, networking, and virtualization (hardware)

Answer 140

Platform as a Service -includes everything developers need to build, run, and manage applications (test, programming)

Answer 141

Desktop as a Service -a service provider delivers virtual desktops to end users over the Internet, licensed with a per-user subscription

Answer 142

Infrastructure as code ability to provision and support your computing infrastructure using code instead of manual processes and settings

Answer 143

virtual private network - stay private online by encrypting the connection between your device and the internet

Answer 144

used to reduce data traffic on a LAN (MAC address only)

Answer 145

operate VLANs and improve security (routing between network segments)

Answer 146

connects multiple PCs to a single network (OSI layer 1)

Answer 147

connects multiple devices on a single computer network

Answer 148

creates a single, aggregate network from multiple communication networks or network segments

Answer 149

process of distributing traffic among multiple servers to improve a service or application's performance and reliability.

Answer 150

agent or intermediary for the user, passing through all Web requests and responses.

Answer 151

node that amplifies incoming signals and rebroadcasts them over a wider area or higher network layer than the original signal.

Answer 152

used to connect the enterprise VoIP network with the telecommunications provider

Answer 153

Intrusion Prevention System -takes action to block the attempted intrusion or otherwise remediate the incident.

Answer 154

Intrusion Destection System -provide an alert about a potential incidentF

Answer 155

monitors incoming and outgoing network traffic and decides whether to allow or block specific traffic based on a defined set of security rules.

Answer 156

termination point for the VPN tunnels

Answer 157

Routing Information Protocol - distance-vector protocol that uses hop count to determine the best path (distance:120)

Answer 158

Open Shortest Path First -a link-state routing protocol used to find the best path between the source and the destination router using its own Shortest Path First (distance:110)

Answer 159

Enhanced Interior Gateway Routing Protocol - a distance-vector protocol to automate routing configuration and decisions on a network. (distance:90) (hybrid of link state and distance vector)

Answer 160

Border Gateway Protocol - exterior gateway protocol that enables exchange of routing and reachability info between autonomous systems (AS) on the internet.

Answer 161

send info about directly connected links to all the routers in the network

Answer 162

send their entire routing table to directly connected neighbors

Answer 163

the route that takes effect when no other route is available for an IP destination address

Answer 164

a measure of the trustworthiness of the source of the routing information (lower better/wins)

Answer 165

bandwidth management technique that delays the flow of certain types of network packets in order to ensure network performance for higher priority applications.

Answer 166

Quality of Service -refers to any technology that manages data traffic to reduce packet loss, latency and jitter on a network.

Answer 167

trunk ports will link switches, and access ports will link to end devices (802.3)

Answer 168

Link Aggregation Control Protocol - enables you to bundle several physical ports together to form a single logical channel (LAG) (802.3az)

Answer 169

simultaneous data transmission and receptions over one channel. device capable of bi-directional network data transmissions at the same time

Answer 170

devices can only transmit in one direction at one time

Answer 171

ensures that the transmitting device does not send more data to the receiving device than it can handle

Answer 172

on a network switch to send copy of network packets seen on one switch port (or an entire VLAN) to a network monitoring connection on another switch port.

Answer 173

enables you to configure each switch port with a unique list of the MAC addresses of devices that are authorized to access the network through that port.

Answer 174

Ethernet frames with more than 1500 bytes of payload, limit set by IEEE 802.3 standard (up to 9000 bytes)

Answer 175

auto-medium-dependent interface crossover -automatically detects the required cable connection type and configures the connection appropriately

Answer 176

media access control address tables where the switch stores information about the other Ethernet interfaces to which it is connected on a network

Answer 177

Power over Ethernet 802.3af , an deliver 15.4 watts over Cat5 cables.

Answer 178

Power Over Ethernet + 802.3at ,can deliver up to 30 watts over Cat 5 cables with 25.5 watts available to devices.

Answer 179

Spanning Tree Protocol IEEE 802.1D, a loop-prevention protocol that allows switches to communicate with each other in order to discover physical loops in a network. (layer 2)

Answer 180

Receives BPDUs only When a device is connected, the port will first enter the blocking state

Answer 181

The switch will listen for and send BPDUs.

Answer 182

Builds bridging table The switch will receive a superior BPDU, will stop sending its own BPDUs, and will relay the superior BPDUs.

Answer 183

Sends/receives user data The port is forwarding traffic.

Answer 184

The result of an administrative command that will disable the port.

Answer 185

Carrier-sense multiple access with collision detection -use a shared medium, where multiple devices connect to the same physical network segment. (MAC)

Answer 186

Address Resolution Protocol -connects an always-changing IP address to a fixed media access (MAC) address

Answer 187

Neighbor Discovery Protocol -ability of an IPv6 host to automatically generate its own IPv6 address

Answer 188

5GHz 20MHz 54Mbps (WiFi 2) (OFDM)

Answer 189

2.4GHz 20MHz 11Mbps (WiFi 1) (DSSS)

Answer 190

2.4GHz 20MHz 54Mbps (WiFi 3) (DSSS, OFDM)

Answer 191

2.4GHz/5.4GHz 20MHz/40MHz 600Mbps (WiFi 4)(OFDM, MIMO)

Answer 192

5GHz 20/40/80/160MHz 1.3Gbps (WiFi 5) (OFDM, MU-MIMO)

Answer 193

2.4GHz/5.4GHz 20/40/80/160MHz 10-12Gbps

Answer 194

Service Set Identifier

Answer 195

Basic Service Set (1 AP) -group of wireless devices served by a a single Access Point (AP)

Answer 196

Extended Service Set (more than 1 AP) -User can go from one cell to another without connection interrupt. combining one more Access Point in a switched network

Answer 197

Independent Basic service Set (Ad Hoc, 0 AP) -directly communicate together without any need to an Access Point

Answer 198

Wi-Fi Protected Access -used TKIP 256 bit ( temporal key integrity protocol)

Answer 199

relies on a shared passcode for access and is usually used in home environments. (AES, Advanced Encryption Standard)

Answer 200

Code-division multiple access - protocols used in (3G and 2G) wireless communication

Answer 201

Global System for Mobile Communications -(2G) standard employing time-division multiple-access (TDMA) spectrum-sharing, issued by the European Telecommunications Standards

Answer 202

Multiple-Input Multiple-Output -wireless technology that uses multiple transmitters and receivers to transfer more data at the same time

Answer 203

multi-user, multiple input, multiple output -allows a single access point (AP) to transmit data to multiple devices simultaneously. 802.11ac Wave 2 (Wi-Fi 5)

Answer 204

how much data can be downloaded or uploaded from your computer

Answer 205

amount of time it takes for a data packet to go from one place to another

Answer 206

time delay between when a signal is transmitted and when it's received over a network connection

Answer 207

SNMP PDU an agent can send an unrequested message to the manager to notify about an important event.

Answer 208

Object Identifier -an address that is used to differentiate between devices within the MIB hierarchy

Answer 209

Management Information Base -formatted text file within the SNMP manager designed to collect information and organize it into a hierarchical format

Answer 210

whenever traffic hits a rule which has been enabled for logging

Answer 211

produced and stored on the device each time a user makes a change to the configuration of a device.

Answer 212

a protocol that computer systems use to send event data logs to a central location for storage.

Answer 213

Emergency- system is unusable

Answer 214

Alert-action must be taken immediately

Answer 215

Critical-critical conditions

Answer 216

Error - error conditions

Answer 217

Warning - warning conditions

Answer 218

Notice - normal, but significant condition

Answer 219

Informational - informational messages

Answer 220

Debug - debug level messages

Answer 221

cyclic redundancy check - network method designed to detect errors in the data and information transmitted over the network

Answer 222

when a device (network device or host connected to the network) receives an Ethernet frame with a CRC value in the FCS field of the frame that does not match the CRC value

Answer 223

any frame whose size exceeds the maximum transmission unit (MTU) passes 1500bytes

Answer 224

a frame that is smaller than the minimum frame size for IEEE-802.3 standard frames (ethernet 64bytes)

Answer 225

indicates that router has a layer 3 packet to forward and is lacking some element of the layer 2 header that it needs to be able to forward the packet toward the next hop.

Answer 226

a snapshot, a collection of metrics about a network at a time of normal use

Answer 227

Source and destination IP address (TCP/UDP)

Answer 228

collective term for all approaches to prepare, support, and help individuals, teams, and organizations in making organizational change

Answer 229

written document, formally approved by the senior leadership team, that helps your organization before, during, and after a confirmed or suspected security incident.

Answer 230

process of maintaining or reestablishing vital infrastructure and systems following a natural or human-induced disaster

Answer 231

document outlining rules and guidelines for using an organization's IT resources, including networks, devices, and software defines acceptable and prohibited behaviors

Answer 232

procedures that mark the beginning and conclusion of an employee's tenure with an organization

Answer 233

identifies and helps prevent unsafe or inappropriate sharing, transfer, or use of sensitive data

Answer 234

identifies and helps prevent unsafe or inappropriate sharing, transfer, or use of sensitive data

Answer 235

visual representation of the organization of IT equipment within a server rack used to track and manage data center assets.

Answer 236

intermediate distribution frame -a remote room or closet connected to the MDF, in which you can expect to find hubs and patch panels.

Answer 237

Main Distribution Frame -main computer room for servers, hubs, routers, DSL's, etc. to reside

Answer 238

illustrates the flow of information through a network and shows how devices communicate with each other

Answer 239

A diagram that shows how a circuit works logically and electrically

Answer 240

helps visualize the wireless network coverage areas and data rates.

Answer 241

or gold build, is the standard, approved configuration of a system.

Answer 242

non-disclosure agreement -a legally binding contract that establishes a confidential relationship. protect their intellectual property and confidential information

Answer 243

service-level agreement -agreement between a service provider and a customer.

Answer 244

memorandum of understanding -nonbinding agreement that states each party's intentions to take action, conduct a business transaction, or form a new partnership.

Answer 245

creating more than one physical path between the server and its storage devices. (SAN)

Answer 246

the method of distributing network traffic equally across a pool of resources that support an application.

Answer 247

Network Interface Card teaming - process of combining multiple network cards together for performance, load balancing, and redundancy reasons

Answer 248

allows two or more IT devices, such as computers, to communicate with one another.

Answer 249

managing traffic between networks by forwarding data packets to their intended IP addresses, and allowing multiple devices to use the same Internet connection.

Answer 250

barrier between two networks identifying and blocking cyber threats while allowing appropriate traffic through.

Answer 251

uninterruptible power supply - provide backup power, protecting equipment from damage in the event of grid power failure

Answer 252

power distribution unit - a device with multiple power outlets that provides electrical protection and distributes power to IT equipment within a rack

Answer 253

Client machines connect to a load balancer that distributes their workloads across multiple active servers

Answer 254

Client machines connect to the main server, which handles the full workload, while a backup server remains on standby, only activating in the event of a failure.

Answer 255

Virtual Router Redundancy Protocol - IP routing redundancy protocol designed to allow for transparent failover at the first-hop IP router.

Answer 256

first hop redundancy protocol - protect the default gateway used on a subnetwork by allowing two or more routers to provide backup for that address

Answer 257

Mean time to repair -the average time it takes to repair a system

Answer 258

Mean Time Between Failure -measures the mean time between repairable product or service failures

Answer 259

Recovery Time Objective -measures the quantity of time that passes during an incident before reaching the business continuity plan’s (BCP) threshold of acceptability

Answer 260

Recovery Point Objective -defines the quantity of data (or service time) that can be lost before unacceptable consequences occur.

Answer 261

confidentiality, integrity and availability

Answer 262

common vulnerabilities and exposures -system provides a reference method for publicly known information-security vulnerabilities and exposures.

Answer 263

vulnerability or security hole in a computer system unknown to its owners, developers or anyone capable of mitigating it.

Answer 264

a user is given the minimum levels of access – or permissions – needed to perform his/her job functions.

Answer 265

a method of restricting network access based on the roles of individual users within an enterprise

Answer 266

no one is trusted by default from inside or outside the network, and verification is required from everyone trying to gain access to resources on the network

Answer 267

strategy that leverages multiple security measures to protect an organization's assets

Answer 268

network security technique that divides a network into smaller, distinct sub-networks

Answer 269

a separate network used for placing web servers, e-mail servers, FTP servers and other public servers to gain access from or to the internet.

Answer 270

an attempt to ensure that no single individual has the capability of executing a particular task/set of tasks.

Answer 271

Network Access Control -the process of restricting unauthorized users and devices from gaining access to a corporate or private network.

Answer 272

designed to look, feel, and act just like a network packed tight with valuable resources (to catch hackers)

Answer 273

Terminal Access Controller Access-Control System used for administrative access to network devices such as routers and switches or devices in the network -separates Authentication, Authorization, and Accounting.

Answer 274

Remote Authentication Dial-In User Service -a networking protocol that authorizes and authenticates users who access a remote network.

Answer 275

protocol for authenticating service requests between trusted hosts across an untrusted network, such as the internet

Answer 276

authenticates the port, and port security manages network access for all MAC addresses, including that of the client

Answer 277

Extensible Authentication Protocol -used to pass the authentication information between the supplicant (the Wi-Fi workstation) and the authentication server (Microsoft IAS or other)

Answer 278

builds a baseline view of your organisation's security capabilities end-to-end. The ultimate aim of such an assessment is to build maturity in the organisation's cyber resilience strategy to minimise the risk of cyber-attacks and data breaches.

Answer 279

Security information and event management -is a security solution that helps organizations detect threats before they disrupt business.

Answer 280

attackers place themselves between two devices (often a web browser and a web server) and intercept or modify communications between the two

Answer 281

fake info is entered into the cache of a domain name server, resulting in DNS queries producing an incorrect reply, sending users to the wrong website.

Answer 282

allows an attacker to send frames to a device on a different VLAN.

Answer 283

attack in which a malicious actor sends falsified ARP (Address Resolution Protocol) messages over a local area network. results in the linking of an attacker's MAC address with the IP address of a legitimate computer or server on the network.

Answer 284

DHCP server on a network which is not under the administrative control of the network staff

Answer 285

Rogue Access Point -a wireless access point plugged into an organization's network that the security team does not know exists.

Answer 286

An evil twin attack is a rogue Wi-Fi access point (AP) that masquerades as a legitimate one,

Answer 287

when a hacker or compromised system sits in between two uncompromised people or systems and deciphers the information they're passing to each other, including passwords

Answer 288

a commonly employed tactic by malicious actors to alter the Media Access Control (MAC) address of their device to mimic that of another device present on the network.

Answer 289

creation of Internet Protocol packets with a false source IP address, for the purpose of impersonating another computing system

Answer 290

sending deauthentication frames to target devices, causing them to disconnect from the network and temporarily denying them access

Answer 291

Router Advertisement Guard provides support for allowing the network administrator to block or reject unwanted or rogue router advertisement (RA) guard messages that arrive at the network device platform.

Answer 292

enables you to configure each switch port with a unique list of the MAC addresses of devices that are authorized to access the network through that port.

Answer 293

Dynamic ARP Inspection protects networks against man-in-the-middle ARP spoofing attacks

Answer 294

mechanism that allows us to policy the coming traffic to the Control Plane.

Answer 295

LAN is used to connect a group of devices such as computers and printers to a server via cables, VLANs allow multiple LANs and associated devices to communicate via wireless internet.

Answer 296

Unused or “empty” ports within any network device pose a security risk, as someone might plug a cable into them and connect an unauthorised device to the network

Answer 297

snooping feature determines whether traffic sources are trusted or untrusted.

Answer 298

Access Control List -made up of rules that either allow access to a computer environment or deny it

Answer 299

a method of restricting network access based on the roles of individual users within an enterprise

Answer 300

Explicitly allows traffic that matches the rule to pass, and then implicitly denies everything else disallows any traffic through the firewall that isn't explicitly (specifically created rule) set.

Answer 301

"client isolation," "AP isolation" and "SSID isolation," prevents users on a Wi-Fi network from reaching other devices in the same Wi-Fi network (SSID) as well as computers and servers in the wired network

Answer 302

Preshared keys -secret key that has been established between the parties who are authorized to use it by means of some secure method

Answer 303

Extensible Authentication Protocol -used to pass the authentication information between the supplicant (the Wi-Fi workstation) and the authentication server (Microsoft IAS or other).

Answer 304

allows businesses to target specific geographic areas and deliver personalized, location-based content or offers to their target audience

Answer 305

allow multiple users' traffic to flow through each VPN tunnel

Answer 306

a type of VPN that connects a single device, such as a laptop or smartphone, to a remote network, such as a corporate or cloud network.

Answer 307

Users connect through a web browser and use HTTPS connections

Answer 308

sending part of your traffic through a VPN and part of it through the open network

Answer 309

using your VPN for all your traffic,

Answer 310

Virtual network computing is a screen-sharing tool that also lets the remote computer take control. (RDP doesn't screen share)

Answer 311

used to manage devices through telnet/SSH, using the network itself as a media

Answer 312

uses terminal server that is connected to a management port of each controlled device.

Answer 313

-Camera - Motion detection - Asset tags - Tamper detection

Answer 314

- Employee training - Access control hardware - Badge readers - Biometrics - Locking racks - Locking cabinets - Access control vestibule (previously known as a mantrap) - Smart lockers

Answer 315

- Factory reset/wipe configuration - Sanitize devices for disposal

Answer 316

Identify the problem: - Gather information - Question users - Identify symptoms - Determine if anything has changed - Duplicate the problem, if possible - Approach multiple problems individually

Answer 317

Establish a theory of probable cause: - Question the obvious - Consider multiple approaches - Top-to-bottom/ bottom-to-top OSI model - Divide and conquer

Answer 318

Test the theory to determine the cause: - If the theory is confirmed, determine the next steps to resolve the problem - If the theory is not confirmed, reestablish a new theory or escalate

Answer 319

Establish a plan of action to resolve the problem and identify potential effects

Answer 320

Implement the solution or escalate as necessary

Answer 321

Verify full system functionality and, if applicable, implement preventive measures

Answer 322

Document findings, actions, outcomes, and lessons learned

Answer 323

Ping, Iperf, and Wireshark

Answer 324

type of null-modem cable that is used to connect a computer terminal to a router's console port

Answer 325

to connect two computers or similar devices directly together, such as computers or hubs

Answer 326

loss of communication signal strength that is measured in decibels.

Answer 327

When an intended connection is missing

Answer 328

unintended connection exists

Answer 329

causes problems when both ends of the connection attempt to transfer data at the same time

Answer 330

Transmit and receive reversed -occurs when a cross over cable is used with two devices that should be using a straight through cable

Answer 331

a simple test that confirms that each wire is terminated correctly, with no opens or shorts

Answer 332

Optical Time Domain Reflectometer -device that tests the integrity of a fiber cable and is used for the building, certifying, maintaining, and troubleshooting fiber optic systems.

Answer 333

the machine used to weld (fuse) two optical fibers together

Answer 334

measures and displays signal amplitude (strength) as it varies by frequency within its frequency range (spectrum)

Answer 335

a special light meter that measures how much light is coming out of the end of the fiber optic cable

Answer 336

to monitor data traffic and analyze captured signals as they travel across communication channels.

Answer 337

probe a host or server to identify open ports

Answer 338

measure throughput

Answer 339

monitoring, troubleshooting, and in-depth examination, interpretation, and analysis of network traffic flow data.

Answer 340

Received Signal Strength Indicator -relative received signal strength in a wireless environment, in arbitrary units

Answer 341

Trivial File Transfer Protocol (UDP/69) a simple protocol for exchanging files between two TCP/IP machines

Answer 342

Equivalent isotropic radiated power -the total radiated power from a transmitter antenna times the numerical directivity of the antenna in the direction of the receiver

Answer 343

data table stored in a router or a network host that lists the routes to particular network destinations, and in some cases, metrics associated with those routes.

Answer 344

It allows authentication, authorization, and accounting of remote users who want to access network resources (RADIUS)

Answer 345

a set of metrics used in network performance monitoring to define the normal working conditions of an enterprise network infrastructure

Answer 346

when two or more data packets try to occupy the same network channel at the same time.

Answer 347

a way to distribute routing protocols updates quickly to every node in a large network.

Answer 348

when network switches are connected together in such a way that network traffic loops around infinitely instead of traversing the hops needed to travel from source to destination

Answer 349

has multiple routes for incoming and outgoing network traffic.

Answer 350

an issue that occurs when the routers forward packets such that the same single packet ends up back at the same router

Answer 351

Authentication, Authorization, Accounting, Auditing -maps a domain name to the IP address (Version 6) of the computer hosting the domain.

Answer 352

Advanced Encryption Standard -an algorithm that uses the same key to encrypt and decrypt protected data

Answer 353

British Naval Connector/Bayonet Neill-Concelman -miniature quick connect/disconnect radio frequency connector used for coaxial cable

Answer 354

Content Addressable Memory (table) -system memory construct used by Ethernet switch logic which stores information such as MAC addresses available on physical ports with their associated VLAN Parameters.

Answer 355

Cyclic Redundancy Check a network method designed to detect errors in the data and information transmitted over the network

Answer 356

Carrier-Sense Multiple Access with Collision Avoidance - reduce the frequency of these collisions and provide a plan at the same time on how to proceed if a collision does occur

Answer 357

Channel Service Unit -converts a digital data frame from local area network (LAN) communication technology into a frame appropriate for a wide area network (WAN) and vice versa.

Answer 358

Data Loss Prevention -identifies and helps prevent unsafe or inappropriate sharing, transfer, or use of sensitive data

Answer 359

Dense Wavelength Division Multiplexing -an optical transmission technology that uses multiple wavelengths of light to combine several data streams onto a single optical fiber.

Answer 360

Data Service Unit converts a digital data frame from local area network (LAN) communication technology into a frame appropriate for a wide area network (WAN) and vice versa. (CSU/DSU)

Answer 361

Electronic Industries Association -specializes in ensuring compatibility and interchangeability between equipment from different manufacturers.

Answer 362

Extended Unique Identifier a method we can use to automatically configure IPv6 host addresses

Answer 363

encapsulating security payload authentication mechanism authenticates only the IP datagram portion of the IP packet.

Answer 364

Gigabit Interface Converter - modular transceiver that is typically used to connect a device, such as a switch or router, to a network via a fiber optic or copper cable.

Answer 365

Global System for Mobile Communications -European Standard

Answer 366

High Availability -operate at a high level, continuously, without intervention, for a given time period.

Answer 367

Industrial Control System -combinations of control components (e.g., electrical, mechanical, hydraulic, pneumatic) that act together to achieve an industrial objective

Answer 368

Internet Group Management Protocol -a protocol that allows several devices to share one IP address so they can all receive the same data

Answer 369

Media Access Control/Medium Access Control -layer that controls the hardware responsible for interaction with the wired or wireless transmission medium.

Answer 370

Multipoint Generic Routing Encapsulation -used to connect multiple remote sites through a VPN

Answer 371

Management Information Base -a hierarchical database that contains configuration and other vital management information of SNMP devices in the form of data objects.

Answer 372

Network Attached Storage -a file-dedicated storage device that makes data continuously available for employees to collaborate effectively over a network.

Answer 373

Network Function Virtualization - virtual machines use a hypervisor to run networking software and processes such as routing and load balancing.

Answer 374

Next-Generation Firewall -security appliance that processes network traffic and applies rules to block potentially dangerous traffic. Newer firewall, better

Answer 375

Network Interface Card -a hardware component, typically a circuit board or chip, installed on a computer so it can connect to a network.

Answer 376

Open Systems Interconnection -a framework for transmitting messages between any two entities in a network

Answer 377

Port Address Translation -an extension of Network Address Translation (NAT) that permits multiple devices on a LAN to be mapped to a single public IP address to conserve IP addresses.

Answer 378

Pointer Record -provides the domain name associated with an IP address. (DNS, opposite of "A")

Answer 379

Quality of Service -control traffic and ensure the performance of critical applications with limited network capacity.

Answer 380

Request for Comment -contains specifications and organizational notes about topics related to the internet and computer networking, such as routing, addressing and transport technologies.

Answer 381

Real Time Streaming Protocol -a network protocol used for controlling the delivery of real-time multimedia data, such as audio and video, over IP networks

Answer 382

Supervisory Control and Data Acquisition -used for controlling, monitoring, and analyzing industrial devices and processes

Answer 383

Small Form-factor Pluggable -allows devices to communicate with one another through data transmission

Answer 384

Session Initiation Protocol -a signaling protocol that enables the Voice Over Internet Protocol (VoIP) by defining the messages sent between endpoints and managing the actual elements of a call.

Answer 385

Server Message Block -enables file sharing, printer sharing, network browsing, and inter-process communication (through named pipes) over a computer network

Answer 386

Secure Sockets Layer -communication protocol, or set of rules, that creates a secure connection between two devices or applications on a network

Answer 387

Uniform Resource Locator -a location or address identifying where documents can be found on the internet.

Answer 388

Virtual IP - IP addresses that are not tethered to particular machines.

Answer 389

Temporal Key Integrity Protocol -encrypts each data packet with a unique encryption key.

Answer 390

Transport Layer Security -encrypts data sent over the Internet to ensure that eavesdroppers and hackers are unable to see what you transmit

Answer 391

Transmit and Receive

Answer 392

Telecommunications Industry Association/Electronic Industries Alliance -

Answer 393

Wavelength Division Multiplexing -increases bandwidth by allowing different data streams at different frequencies to be sent simultaneously over a single optical fiber network

NETWORK+ Flashcards

PASS THE EXAM