Network Flashcards

Question

What is a Full-Mesh Topology?

Answer 1

Every node connects to every other node, providing optimal routing.

Answer 2

Requires centralized management and uses a wireless access point.

Answer 3

A decentralized wireless network with no routers or access points required.

Answer 4

* 802.11 * Bluetooth * RFID * NFC * Infrared (IR) * Z-Wave * Ant+

Answer 5

A reference model developed in 1977 by ISO consisting of 7 layers.

Answer 6

* Categorize functions of the network into layers * Compare technologies across manufacturers * Aid in troubleshooting networks

Answer 7

Physical Layer, responsible for transmission of bits across the network.

Answer 8

* Representation of bits * Wiring standards for connectors * Physical topology * Synchronizing bits * Bandwidth usage * Multiplexing strategy

Answer 9

Using electrical voltage for copper wiring or light for fiber optics.

Answer 10

The standard wiring for RJ-45 cables and ports.

Answer 11

* Bus * Ring * Star * Hub-and-Spoke * Full Mesh * Partial Mesh

Answer 12

* Asynchronous * Synchronous

Answer 13

A method where each session takes turns using time slots to share the medium.

Answer 14

Packages data into frames and transmits those frames on the network.

Answer 15

A 48-bit address assigned to a network interface card (NIC) by the manufacturer.

Answer 16

* Link Layer Control (LLC) * Media Access Control (MAC)

Answer 17

Forwards traffic (routing) with logical addresses.

Answer 18

* IPv4 * IPv6

Answer 19

A method where data is divided into packets and forwarded.

Answer 20

A connection-oriented protocol that ensures reliable transport of segments.

Answer 21

* TCP: Connection-oriented, reliable * UDP: Connectionless, unreliable

Answer 22

Manages sessions, including setup, maintenance, and teardown.

Answer 23

Formatting and securing data exchanged between systems.

Answer 24

Application-level services for user communication with the computer.

Answer 25

The process of putting headers (and sometimes trailers) around data.

Answer 26

The action of removing the encapsulation as data moves up the OSI layers.

Answer 27

To synchronize the connection during the three-way handshake.

Answer 28

It signals the teardown of a virtual connection.

Answer 29

To identify a network card on the local area network.

Answer 30

Indicates which protocol is encapsulated in the payload of the frame.

Answer 31

* E-mail (POP3, IMAP, SMTP) * Web Browsing (HTTP, HTTPS) * DNS * FTP, FTPS * Remote Access (TELNET, SSH) * SNMP

Answer 32

TCP/IP stack or the DoD Model

Answer 33

4-layer model

Answer 34

Physical and electrical characteristics

Answer 35

* Coaxial * Optical fiber * Twisted-pair copper cabling

Answer 36

Packages data into IP datagrams

Answer 37

* IP * ICMP * ARP * RARP

Answer 38

Communication session management between hosts

Answer 39

* TCP * UDP * RTP

Answer 40

TCP/IP application protocols

Answer 41

* HTTP * TELNET * FTP * SNMP * DNS * SMTP * SSL * TLS

Answer 42

0 to 65,535

Answer 43

Ports 0 to 1023

Answer 44

Short-lived transport port automatically selected from a predefined range

Answer 45

Transfers computer files between a client and server on a computer network

Answer 46

File access, file transfer, and file management over a reliable data stream

Answer 47

Provides bidirectional interactive text-oriented communication facility

Answer 48

Simple Mail Transfer Protocol (SMTP)

Answer 49

Dynamically assigns an IP address and other network configuration parameters to a client

Answer 50

Foundation of data communication for WWW

Answer 51

Communicates information about network connectivity issues back to the sender

Answer 52

Encapsulates a variety of network layer protocols inside a virtual link over an IP network

Answer 53

Protects data flows between peers at the network or packet processing layer

Answer 54

Integrity and authentication

Answer 55

Encryption and integrity for data packets

Answer 56

lightweight

Answer 57

SMTP TLS and LDAPS

Answer 58

Signaling and controlling multimedia communication sessions

Answer 59

Material used to transmit data over the network

Answer 60

* Copper * Fiber optic * Wireless

Answer 61

* Inner: Insulated conductor or center wire * Outer: Braided metal shield

Answer 62

Provides EMI resistance due to shielding

Answer 63

Used by local cable companies to connect individual homes

Answer 64

Carries composite video between two nearby devices

Answer 65

F-connector

Answer 66

Bayonet Neill-Concelman or British Naval Connector

Answer 67

Uses two inner conductors to carry data

Answer 68

Asynchronous serial communications and connecting to an external modem

Answer 69

Twisted Pair Cables

Answer 70

Unshielded Twisted Pair

Answer 71

* UTP: Cheaper, no shielding * STP: More expensive, has metallic shielding

Answer 72

Used in Ethernet networks

Answer 73

Commonly 2 or 4 pins

Answer 74

Theoretical measure of how much data could be transferred from a source to its destination

Answer 75

Actual measure of how much data transferred from a source to its destination

Answer 76

Under 70 meters

Answer 77

Contains the exact same pinout on both ends

Answer 78

Data Terminating Equipment

Answer 79

Data Communications Equipment

Answer 80

* Straight-through: DTE to DCE or DCE to DTE * Crossover: DTE to DTE or DCE to DCE

Answer 81

Medium Dependent Interface Crossover

Answer 82

Provides a fire-retardant chemical layer and minimizes dangerous fumes if on fire

Answer 83

Non-plenum Cable

Answer 84

* Multimode Fiber (MMF) * Single-Mode Fiber (SMF)

Answer 85

Used for longer distances and has a smaller core size

Answer 86

Larger core size allows for multiple modes of travel for light

Answer 87

Combines multiple signals into one signal over a single fiber using different wavelengths

Answer 88

* Higher bandwidth * Longer distances * Immune to EMI * Better security

Answer 89

* Less expensive * Easy to install * Inexpensive tools

Answer 90

Convert media from one format to another

Answer 91

Device that sends and receives data

Answer 92

* Full Duplex: Devices can communicate simultaneously * Half Duplex: Devices can either transmit or receive, but not both at the same time

Answer 93

Up to 4.25 Gbps

Answer 94

Enhanced SFP, supporting up to 16 Gbps

Answer 95

Connect the network's backbone to end user’s wall jacks

Answer 96

Entrance facilities where WAN connection enters a building

Answer 97

Connect wiring from the jack to a network switch in a flexible manner

Answer 98

Connect fiber jacks throughout the building to a single patch panel

Answer 99

To provide a standard for networking devices to communicate over a local area network (LAN) ## Footnote Ethernet has become the dominant technology for Layer 1 in networking.

Answer 100

Coax cables (10Base5, 10Base2) ## Footnote Ethernet has since transitioned to using twisted pair cables.

Answer 101

Maximum speed: 10 Mbps, Maximum distance: 100 meters

Answer 102

* Deterministic * Contention-based

Answer 103

Carrier Sense Multiple Access/Collision Detect

Answer 104

* Carrier Sense * Multiple Access * Collision Detect

Answer 105

Comprised of all devices on a shared Ethernet segment

Answer 106

Each port on a switch is a separate collision domain, reducing the chance of collisions

Answer 107

The measure of how many bits the network can transmit in 1 second (bps)

Answer 108

A Layer 1 device used to connect multiple network devices/workstations

Answer 109

* Passive Hub * Active Hub * Smart Hub

Answer 110

Analyzes source MAC addresses in frames and makes forwarding decisions based on destination MAC addresses

Answer 111

A switch is a Layer 2 device that learns MAC addresses and makes forwarding decisions based on them

Answer 112

To connect multiple networks together and make forwarding decisions based on logical network addresses

Answer 113

To allow different logical networks to share the same physical hardware while providing added security and efficiency

Answer 114

Power Over Ethernet; supplies electrical power over Ethernet cables

Answer 115

Up to 25.5 watts

Answer 116

To make a copy of all traffic destined for a port and send it to another port for analysis

Answer 117

A protocol that uses virtual IP and MAC addresses to provide an active and standby router

Answer 118

To protect the network by allowing or blocking traffic based on predefined security rules

Answer 119

* IDS recognizes attacks through signatures and anomalies * IPS recognizes and responds to attacks

Answer 120

To permit redundant links between switches and prevent traffic loops

Answer 121

* Blocking * Listening * Learning * Forwarding

Answer 122

Transmits multiple VLANs over the same physical cable, tagging each VLAN with a 4-byte identifier

Answer 123

Provides secure connections between remote users and a company network

Answer 124

To make requests to an external network on behalf of a client

Answer 125

Quality of Service

Answer 126

To connect multiple network segments and make Layer 3 routing decisions

Answer 127

Permits or denies traffic based on a device’s MAC address

Answer 128

It acts as a reference point for a spanning tree and is elected based on the lowest bridge ID

Answer 129

Supervisory Control and Data Acquisition

Answer 130

Written in dotted-decimal notation, e.g., 10.1.2.3 ## Footnote Each IPv4 address consists of 4 separate numbers divided by dots, known as octets.

Answer 131

Subnet mask ## Footnote The subnet mask determines which part of the IP address is the network and which part is the host.

Answer 132

Network portion and Host portion

Answer 133

Used for testing and refers to the device itself ## Footnote Most commonly represented as 127.0.0.1.

Answer 134

Publicly managed by ICANN and must be purchased through an ISP

Answer 135

Not routable outside the local area network and can be used by anyone

Answer 136

Network Address Translation; allows routing of private IPs through a public IP

Answer 137

Dynamically assigned by the OS when DHCP server is unavailable ## Footnote APIPA uses the range of 169.254.x.x.

Answer 138

Dynamic Host Configuration Protocol

Answer 139

Defines the network portion of an IP address

Answer 140

More efficient use of IP addresses, enables separation of networks for security, and enables bandwidth control

Answer 141

* Unicast * Multicast * Broadcast

Answer 142

Provides enough IP addresses for generations to come

Answer 143

* Unicast Addresses * Link-local Address * Multicast Addresses * Anycast Addresses

Answer 144

Discovers the current network and selects its own host ID based on its MAC address

Answer 145

Used to learn Layer 2 addresses on the network

Answer 146

Classless Interdomain Routing

Answer 147

Allows subnets of various sizes to be used

Answer 148

* RIPv2 * OSPF * IS-IS * EIGRP * BGP

Answer 149

A table to convert from binary to decimal

Answer 150

* IP * Subnet mask * Default gateway * DNS server * WINS server

Answer 151

False ## Footnote IPv6 primarily uses auto-configuration methods.

Answer 152

An IP address that does not correlate to an actual physical network interface

Answer 153

Defines the class of IP address and the default subnet mask

Answer 154

Forward traffic between subnets, internal and external networks, or between two external networks.

Answer 155

A network segment where devices can communicate directly with each other using broadcast messages.

Answer 156

Multilayer switches.

Answer 157

Helps determine the best route entry for the network.

Answer 158

A route entry with the longest prefix.

Answer 159

Routes learned by physical connection between routers.

Answer 160

A route manually configured by an administrator.

Answer 161

0.0.0.0/0; sent when the router doesn't know a specific route.

Answer 162

Protocols that learn routes by exchanging information between routers.

Answer 163

A route learned on one interface from being advertised back out of that same interface.

Answer 164

A method that advertises a route back out of the same interface with an infinite metric.

Answer 165

Protocols that operate within an autonomous system.

Answer 166

Protocols that operate between autonomous systems.

Answer 167

Sends a full copy of the routing table to directly connected neighbors at regular intervals.

Answer 168

Requires all routers to know about the paths that all other routers can reach.

Answer 169

An Interior Gateway Protocol that uses hop count as a metric.

Answer 170

An Interior Gateway Protocol that uses cost as a metric based on link speed.

Answer 171

An advanced distance-vector protocol that uses bandwidth and delay, making it a hybrid of distance-vector and link-state.

Answer 172

An External Gateway Protocol that uses the number of autonomous system hops.

Answer 173

The believability of a routing protocol; lower AD is more believable.

Answer 174

Values assigned to a route to determine the preferred path.

Answer 175

Network Address Translation; translates private IP addresses to public IP addresses.

Answer 176

Port Address Translation; uses port numbers instead of IP addresses for translation.

Answer 177

IP addresses automatically assigned from a pool.

Answer 178

IP addresses manually assigned.

Answer 179

Internet Group Management Protocol; used by clients and routers to manage multicast group memberships.

Answer 180

Protocol Independent Multicast; routes multicast traffic between multicast-enabled routers.

Answer 181

Assigns IP addresses and provides subnet mask, default gateway, and DNS server.

Answer 182

Domain Name System.

Answer 183

Sharing information between DNS servers about domain names and associated IP addresses.

Answer 184

Network Time Protocol; synchronizes clocks between systems over a packet-switched network.

Answer 185

Discover, Offer, Request, and Acknowledge.

Answer 186

A complete domain name including all levels, such as subdomain and top-level domain.

Answer 187

Address Records that link a hostname to an IPv4 address.

Answer 188

Canonical Name Record used to point a domain to another domain name.

Answer 189

Mail Exchange Record used to direct emails to a mail server.

Answer 190

Start of Authority Record used to store important information about a domain or zone.

Answer 191

Pointer Record used to correlate an IP address with a domain name.

Answer 192

Stores machine-readable data in the domain name system.

Answer 193

Name Server Record indicating which DNS name server is authoritative for a domain.

Answer 194

It is the authoritative one for a domain ## Footnote The DNS name server is responsible for resolving domain names into IP addresses.

Answer 195

External DNS is essential for making domain names accessible on the internet.

Answer 196

Also known as a DNS cache located on an individual host

Answer 197

It involves querying multiple DNS servers to find the required information.

Answer 198

DNS resolver will continually query DNS servers until it finds the one with the IP for the domain

Answer 199

Synchronizes clocks between systems communicating over a packet-switched, variable-latency data network ## Footnote It is crucial for ensuring accurate timekeeping across networked systems.

Answer 200

Port 123 ## Footnote NTP uses UDP for communication.

Answer 201

15 stratum levels ## Footnote Stratum levels indicate the distance from the reference clock.

Answer 202

80% of traffic stays on the LAN, while only 20% goes to WAN ## Footnote This principle was commonly invoked in the early 1990s but has changed over time.

Answer 203

* Dedicated leased line * Circuit-switched connection * Packet-switched connection ## Footnote Each type has its own characteristics and use cases.

Answer 204

Logical connection that connects two sites through a service provider’s facility ## Footnote It is more expensive because the customer does not share bandwidth with others.

Answer 205

Connection is brought up only when needed, like making a phone call ## Footnote This on-demand bandwidth can provide cost savings.

Answer 206

Always on, like a dedicated leased line, but multiple customers share the bandwidth

Answer 207

* Copper wires * Fiber-optic cable * Electric power lines ## Footnote Each type has its own advantages and applications.

Answer 208

Up to 2.7 Mbps ## Footnote BPL utilizes existing power line infrastructure.

Answer 209

* Low-band Frequencies: 600-850 MHz * Mid-band Frequencies: 2.5 to 3.7 GHz * High-band Frequencies: 25-39 GHz ## Footnote Each band offers different speeds and coverage.

Answer 210

A cellular technology that converts voice during a call into data

Answer 211

A cellular technology that uses code division to split up the channel

Answer 212

Worldwide Interoperability for Microwave Access ## Footnote It requires an antenna installed on the roof for connectivity.

Answer 213

Frame relay connects sites through virtual circuits.

Answer 214

Layer 2 WAN technology operating using Permanent Virtual Circuits (PVCs) and Switched Virtual Circuits (SVCs) ## Footnote It uses fixed-length cells to increase transmission speed.

Answer 215

Supports multiple protocols on the same network ## Footnote Used by service providers for efficient data forwarding.

Answer 216

Allows Internet to be used as WAN connection for secure site-to-site communication ## Footnote It includes authentication and encryption to secure traffic.

Answer 217

A virtual WAN architecture that allows enterprises to leverage any combination of transport services ## Footnote It reduces bottlenecks caused by traditional WAN architecture.

Answer 218

Used to terminate the digital signals at customer’s demarcation point

Answer 219

* Basic Rate Interface (BRI) * Primary Rate Interface (PRI) ## Footnote BRI offers two 64-kbps channels, while PRI offers a 1.472-Mbps data path.

Answer 220

53.3 kbps ## Footnote This is due to accessing a single 64-kbps channel at a time.

Answer 221

Wireless Local Area Network ## Footnote WLAN allows users to roam within a coverage area.

Answer 222

IEEE 802.11 ## Footnote Other wireless options include Bluetooth, Infrared, NFC, Ant+, and Z-Wave.

Answer 223

Wireless devices communicate directly without a centralized access point ## Footnote This type of network allows peer-to-peer connections.

Answer 224

Expands wired LAN into the wireless domain ## Footnote It connects wired LAN and wireless devices into the same subnet.

Answer 225

A Wireless Router is a gateway device that connects wireless devices to the Internet ## Footnote It often combines features like AP, router, switch, and firewall.

Answer 226

* Independent Basic Service Set (IBSS) * Basic Service Set (BSS) * Extended Service Set (ESS) ## Footnote These service sets define how wireless devices communicate.

Answer 227

A network topology that may not use centralized control ## Footnote It combines wireless range and various technologies like Wi-Fi and Cellular.

Answer 228

10% to 15% coverage overlap ## Footnote This helps maintain the desired coverage area.

Answer 229

To determine coverage areas and produce a heat map ## Footnote This helps in planning AP placement.

Answer 230

Direct-Sequence Spread Spectrum ## Footnote It modulates data over an entire range of frequencies.

Answer 231

2.4 GHz to 2.5 GHz ## Footnote This range includes channels that avoid overlapping other signals.

Answer 232

WPA replaced WEP and its weaknesses with stronger security measures ## Footnote WPA uses TKIP and provides a Message Integrity Check.

Answer 233

Configures an AP with a listing of permitted MAC addresses ## Footnote It acts like an Access Control List (ACL) for network access.

Answer 234

Extensible Authentication Protocol ## Footnote It is used for authentication in both wireless and wired networks.

Answer 235

Enables virtualization to occur ## Footnote It emulates the physical hardware for virtual machines.

Answer 236

Ability to outsource your telephone system using VoIP

Answer 237

* Network as a Service (NaaS) * Infrastructure as a Service (IaaS) * Software as a Service (SaaS) * Platform as a Service (PaaS) ## Footnote Each model offers different cloud services.

Answer 238

Radio Frequency Interference ## Footnote It is caused by using similar frequencies to WLAN.

Answer 239

Performing reconnaissance looking for unsecured wireless networks ## Footnote It involves searching for accessible networks from a vehicle.

Answer 240

Outsourcing of the infrastructure of servers or desktops to a service provider.

Answer 241

User interacts with a web-based application, details hidden from users.

Answer 242

A development platform for companies developing applications without needing infrastructure.

Answer 243

Outsourcing of the network to a service provider, hosted off-site.

Answer 244

Charged by hours, processing power, or bandwidth used like utility services.

Answer 245

* Amazon Web Services (AWS) * Microsoft’s Azure

Answer 246

Provides a desktop environment accessible through the Internet.

Answer 247

Matches resources allocated with actual resource needs at any time.

Answer 248

Handles growing workload for performance and efficiency.

Answer 249

Increasing the power of existing resources in the working environment.

Answer 250

Adding additional resources to help handle extra load.

Answer 251

Customers to share computing resources in a public or private cloud.

Answer 252

Occurs when an attacker breaks out of an isolated VM to interact with the hypervisor.

Answer 253

Managing and provisioning infrastructure through code instead of manual processes.

Answer 254

Arranging or coordinating the installation and configuration of multiple systems.

Answer 255

Establishes a secure connection between on-premises network and provider’s global network.

Answer 256

* Confidentiality * Integrity * Availability

Answer 257

Keeping data private and safe through encryption and authentication.

Answer 258

Both sender and receiver use the same key.

Answer 259

Uses different keys for the sender and receiver.

Answer 260

Ensures data has not been modified in transit.

Answer 261

Flooding a network so legitimate requests cannot be processed.

Answer 262

A quality or characteristic that allows a threat to be realized.

Answer 263

A newly discovered vulnerability not yet known to the vendor.

Answer 264

Identification, evaluation, and prioritization of risks.

Answer 265

Evaluates the security of an IT infrastructure by exploiting vulnerabilities.

Answer 266

Using the lowest level of permissions needed to complete a job.

Answer 267

Users must be authenticated and authorized before access.

Answer 268

Layering defensive mechanisms to protect data.

Answer 269

Authenticates identity using more than one method.

Answer 270

Guesses passwords by checking every word in a word list.

Answer 271

To counteract any attempts at unauthorized access to a network.

Answer 272

Authenticating or proving an identity using more than one method, including: * Something you know * Something you have * Something you are * Something you do * Somewhere you are

Answer 273

An attack that guesses the password by attempting to check every single word or phrase contained within a word list.

Answer 274

An attack that tries every possible combination until the password is figured out.

Answer 275

A minimum of 12 characters with: * Uppercase * Lowercase * Numbers * Special characters

Answer 276

A combination of dictionary and brute force attacks.

Answer 277

The process of determining whether someone or something is who or what it claims to be.

Answer 278

A protocol that validates a username and password combination against an LDAP server.

Answer 279

Port 389 for LDAP and Port 636 for LDAP Secure.

Answer 280

To organize and manage everything on the network, including clients, servers, devices, and users.

Answer 281

Authentication and authorization within a Windows domain environment.

Answer 282

Remote Authentication Dial-In User Service.

Answer 283

Provides centralized administration of: * Authentication * Authorization * Accounting

Answer 284

Port 1812 for authentication messages and Port 1813 for accounting messages.

Answer 285

A protocol used to perform the role of an authenticator in an 802.1x network.

Answer 286

A standardized framework used for port-based authentication on both wired and wireless networks.

Answer 287

A protocol that allows for numerous different mechanisms of authentication.

Answer 288

Simple passwords and the challenge handshake authentication process.

Answer 289

A protocol that uses public key infrastructure with a digital certificate installed on both the client and the server.

Answer 290

A digital certificate on the server and a password on the client for authentication.

Answer 291

A system that ensures a device is scanned for its current state of security before being allowed network access.

Answer 292

A piece of software installed on a device requesting access to the network.

Answer 293

A Persistent Agent is installed on the device, while a Non-Persistent Agent requires users to download an agent via a web-based captive portal.

Answer 294

Access periods for given hosts on a time-based schedule.

Answer 295

Security control used during an event to find out whether something malicious may have happened.

Answer 296

A unique identifier for a piece of equipment, such as a serial number, code, or barcode.

Answer 297

A method to ensure that network equipment has not been modified once labeled and stored.

Answer 298

An electronic detection mechanism that can record the version of the IOS used by a switch.

Answer 299

To ensure that a system no longer needed by an organization is properly managed.

Answer 300

The process of exposing a hard drive to a powerful magnetic field to wipe previously written data.

Answer 301

Removing data that cannot be reconstructed using any known forensic techniques.

Answer 302

Leftover pieces of data that may exist in the hard drive which are no longer needed.

Answer 303

Attacks on: * Confidentiality * Integrity * Availability

Answer 304

Occurs when one machine continually floods a victim with requests for services ## Footnote This attack can overwhelm the target's resources, making it unavailable to legitimate users.

Answer 305

Occurs when an attacker initiates multiple TCP sessions, but never completes them ## Footnote This type of DoS attack exploits the TCP handshake process.

Answer 306

Occurs when an attacker sends a ping to a subnet broadcast address with the source IP spoofed to be that of the victim server

Answer 307

Occurs when an attacker uses multiple computers to ask for access to the same server at the same time ## Footnote DDoS attacks are more complex and difficult to mitigate than DoS attacks.

Answer 308

A collection of compromised computers under the control of a master node ## Footnote Botnets are often used to conduct DDoS attacks.

Answer 309

Any of the individually compromised computers ## Footnote Zombies are typically used as part of a botnet.

Answer 310

Occurs when an attacker puts themselves between the victim and the intended destination ## Footnote This allows the attacker to intercept and potentially alter communication.

Answer 311

Occurs when an attacker guesses the session ID that is in use between a client and a server and takes over the authenticated session ## Footnote Successful session hijacking can lead to unauthorized access to sensitive information.

Answer 312

Occurs when an attacker manipulates known vulnerabilities within the DNS to reroute traffic from one site to a fake version of that site

Answer 313

Uses encrypted digital signatures when passing DNS information between servers to help protect it from poisoning

Answer 314

A DHCP server on a network which is not under the administrative control of the network administrators ## Footnote This can lead to network misconfigurations and security vulnerabilities.

Answer 315

Occurs when an attacker masquerades as another person by falsifying their identity ## Footnote Spoofing can happen at various levels, including IP and MAC addresses.

Answer 316

Modifying the source address of an IP packet to hide the identity of the sender or impersonate another client ## Footnote IP spoofing is focused at Layer 3 of the OSI model.

Answer 317

Changing the MAC address to pretend the use of a different network interface card or device ## Footnote This can be used to bypass MAC address filtering.

Answer 318

Sending falsified ARP messages over a local area network ## Footnote ARP spoofing can be used as a precursor to other attacks.

Answer 319

Ability to send traffic from one VLAN into another, bypassing the VLAN segmentation configured within Layer 2 networks

Answer 320

Designed to infiltrate a computer system and possibly damage it without the user’s knowledge or consent ## Footnote Types of malware include viruses, worms, and ransomware.

Answer 321

Made up of malicious code that is run on a machine without the user’s knowledge and infects it whenever that code is run ## Footnote Viruses often spread through infected files or programs.

Answer 322

A piece of malicious software that can replicate itself without user interaction ## Footnote Worms often exploit vulnerabilities in software to spread.

Answer 323

Restricts access to a victim’s computer system or files until a ransom or payment is received ## Footnote Ransomware attacks can lead to significant financial losses.

Answer 324

A wireless access point that has been installed on a secure network without authorization from a local network administrator ## Footnote This can create security vulnerabilities and potential data breaches.

Answer 325

Any attempt to manipulate users to reveal confidential information or perform actions detrimental to a system’s security ## Footnote Social engineering exploits human psychology rather than technical vulnerabilities.

Answer 326

Sending an email in an attempt to get a user to click a link ## Footnote Phishing attacks often impersonate legitimate organizations.

Answer 327

More targeted form of phishing ## Footnote Spearphishing usually targets specific individuals or organizations.

Answer 328

A specific type of malware that is tied to either a logical event or a specific time ## Footnote Logic bombs can be triggered by certain conditions being met.

Answer 329

Uses a set of rules defining the traffic types permitted or denied through the device ## Footnote Firewalls can be software or hardware-based.

Answer 330

Inspects traffic as part of a session and recognizes where the traffic originated ## Footnote This allows stateful firewalls to provide more robust security compared to stateless firewalls.

Answer 331

Third-generation firewall that conducts deep packet inspection and packet filtering ## Footnote NGFWs provide advanced features like application awareness.

Answer 332

Set of rules applied to router interfaces that permit or deny certain traffic ## Footnote ACLs can be used to control traffic flow in a network.

Answer 333

Monitors network traffic for suspicious activity and alerts administrators ## Footnote IDS can be network-based (NIDS) or host-based (HIDS).

Answer 334

Establishes a secure connection between a client and a server over an untrusted public network like the Internet ## Footnote VPNs encrypt data to protect it from eavesdropping.

Answer 335

Provides cryptography and reliability using the upper layers of the OSI model, specifically Layers 5, 6, and 7 ## Footnote SSL is commonly used for secure web browsing.

Answer 336

Authentication and encryption of packets to create a secure encrypted communication path between computers

Answer 337

Allows two systems that don’t know each other to be able to exchange keys and trust each other

Answer 338

RTR1 initiates creation of IPSec tunnel after PC1 sends traffic to PC2 ## Footnote This initiates the key exchange and security association negotiation.

Answer 339

Negotiates Security Association (SA) to form ISAKMP tunnel

Answer 340

Transport Mode uses packet’s original IP header; Tunneling Mode encapsulates the entire packet ## Footnote Transport Mode is typically used for client-to-site VPNs, while Tunneling Mode is for site-to-site VPNs.

Answer 341

Connectionless data integrity and data origin authentication for IP datagrams

Answer 342

Provides authentication, integrity, replay protection, and data confidentiality ## Footnote It is used in both transport and tunneling modes.

Answer 343

Any device that can communicate with an SNMP manager known as the management information base (MIB) ## Footnote Managed devices include routers, switches, and servers.

Answer 344

Used to send and receive data from managed devices back to a centralized network management station

Answer 345

Sent trap messages get a unique objective identifier to distinguish each message ## Footnote This allows for better tracking and management of alerts.

Answer 346

The structure of the management data of a device subsystem using a hierarchical namespace containing object identifiers ## Footnote It is critical for SNMP operations.

Answer 347

Default community strings of public (read-only) or private (read-write) are considered a security risk

Answer 348

Three security enhancements: integrity, authentication, and confidentiality ## Footnote These enhancements significantly improve SNMP security.

Answer 349

Sends system log or event messages to a central server, called a syslog server ## Footnote This centralizes logging for easier management.

Answer 350

Provides real-time or near-real-time analysis of security alerts generated by network hardware and applications

Answer 351

Contains information about the traffic flows on the network ## Footnote Traffic logs allow for investigation of any abnormalities.

Answer 352

Contains a sequence of events for a particular activity ## Footnote It is essential for compliance and forensic investigations.

Answer 353

Involves planning, testing, implementing, and auditing of software patches

Answer 354

Specifies minimum password length, complexity, periodic changes, and limits on password reuse ## Footnote This helps enforce strong password practices.

Answer 355

Prevents unauthorized access to a switchport by identifying and limiting the MAC addresses of the hosts that are allowed

Answer 356

Provides security by inspecting DHCP traffic, filtering untrusted DHCP messages, and building a DHCP snooping binding table ## Footnote This helps prevent rogue DHCP servers.

Answer 357

Configures a QoS filter that manages the traffic flow of control plane packets to protect the control plane of Cisco IOS routers and switches

Answer 358

Defines a list of devices and only allows those on your Wi-Fi network ## Footnote It is a basic form of wireless security.

Answer 359

A web page displayed to newly connected Wi-Fi users before being granted broader access to network resources ## Footnote It is often used for guest networks.

Answer 360

Private VLAN (Port Isolation) ## Footnote This is used to control communication between ports.

Answer 361

VLAN where untagged traffic is put once it is received on a trunk port

Answer 362

Measure of how well a computer network can respond to connectivity and performance demands placed upon it

Answer 363

Availability is measured by uptime, specifically five nines of availability (99.999%)

Answer 364

Being up and operational

Answer 365

Not dropping packets

Answer 366

Average time it takes to repair a network device when it breaks

Answer 367

Average time between failures of a device

Answer 368

Multiple connections between devices

Answer 369

Redundant power supplies and NICs

Answer 370

Multiple NICs are active at the same time, each with its own MAC address

Answer 371

One NIC is active at a time, appearing to have a single MAC address

Answer 372

Using a group of network interface cards for load balancing and failover on a server or other device

Answer 373

Proprietary first-hop redundancy by Cisco allowing for active and standby routers

Answer 374

IETF open-standard variant of HSRP for active and standby routers

Answer 375

Proprietary first-hop redundancy by Cisco focusing on load balancing

Answer 376

Redundancy by having multiple links between devices

Answer 377

Creates more than one physical path between the server and its storage devices for fault tolerance and performance

Answer 378

Available buildings without hardware or software configured, leading to slow recovery

Answer 379

Available buildings that contain some equipment, with restoral time between 24 hours and seven days

Answer 380

Available buildings with equipment and data in place, allowing minimal downtime

Answer 381

Allows creation of a recovery version of an organization’s enterprise network in the cloud

Answer 382

Time within which a business process must be restored after a disaster

Answer 383

Interval of time during a disruption before data loss exceeds the BCP's maximum allowable threshold

Answer 384

Complete backup that is the safest but time consuming and costly

Answer 385

Backup only of data changed since the last backup

Answer 386

Backups data since the last full backup

Answer 387

Read-only copy of data frozen in time

Answer 388

Provides emergency power to a load when the input power source fails

Answer 389

Distributes electric power to racks of computers and networking equipment

Answer 390

Long-term power during a power outage

Answer 391

To optimize network performance for different types of traffic

Answer 392

Time a packet travels from source to destination, measured in milliseconds

Answer 393

Uneven arrival of packets, especially harmful in VoIP

Answer 394

* Delay * Jitter * Drops

Answer 395

To provide a comprehensive security management framework for the organization

Answer 396

Defines the role of security and establishes the desired end state for that security program

Answer 397

Implements a policy in an organization

Answer 398

Creates a reference point in network architecture and design

Answer 399

Recommended action that allows for exceptions in unique situations

Answer 400

Detailed step-by-step instructions to perform a task

Answer 401

Structured way of changing the state of a computer system or network

Answer 402

* Preparation * Identification * Containment * Eradication * Recovery * Lessons learned

Answer 403

Documents how an organization can quickly resume work after an unplanned incident

Answer 404

Outlines how a business will continue operating during an unplanned disruption

Answer 405

Describes the approach to maintaining an asset from creation to disposal

Answer 406

Set of rules to improve computer security by motivating users to create secure passwords

Answer 407

Set of rules that restricts how a network resource may be used

Answer 408

Allows employees to access enterprise networks using personal mobile devices

Answer 409

Acceptable methods of remotely connecting to the internal network

Answer 410

Describes requirements for integrating a new hire into the company

Answer 411

Documented policy for the process of employee departure

Answer 412

Allows employees to access enterprise networks and systems using their personal mobile devices ## Footnote It includes creating a segmented network for BYOD devices.

Answer 413

Defines acceptable methods of remotely connecting to the internal network

Answer 414

Describes all the requirements for integrating a new hire into the company and its cultures

Answer 415

Covers all the steps to successfully part ways with an employee who’s leaving the company

Answer 416

Outlines how to protect the organization’s systems, networks, and data from threats

Answer 417

How organizations can share and protect data while minimizing accidental or malicious data loss

Answer 418

Defines what data is confidential and cannot be shared outside of that relationship

Answer 419

* Fines * Forfeiture of rights * Jail time

Answer 420

A non-binding agreement detailing common actions between two or more organizations

Answer 421

The quality, availability, and responsibilities agreed upon by a service provider and a client

Answer 422

The process of administering and managing computer networks

Answer 423

The actual physical arrangement of the components that make up the network

Answer 424

The flow of data across a network and how devices communicate with each other

Answer 425

Labels which cables are connected to which ports

Answer 426

Planning and designing a wireless network to deliver the required wireless solution

Answer 427

If a site has the right amount of power, space, and cooling to support a new upgrade or installation

Answer 428

* Executive summary * Scope and objectives * Assumptions and limitations * Methods and tools * Environment and system diagram * Security requirements * Findings and recommendations * Audit results

Answer 429

Set of specifications for an information system that has been formally reviewed and agreed on

Answer 430

Monitors performance from the end user’s workstation to the final destination

Answer 431

Time that it takes for data to reach its destination across a network

Answer 432

Maximum rate of data transfer across a given network

Answer 433

Actual measure of how much data is successfully transferred from the source to a destination

Answer 434

When a time delay in the sending of data packets over a network connection occurs

Answer 435

A device’s temperature, CPU usage, and memory

Answer 436

Sets off an alarm when a rise in temperature is detected but hasn’t reached dangerous levels

Answer 437

Sets off an alarm when temperature reaches dangerous conditions

Answer 438

Used to capture the entire packet, including the header and payload for all traffic entering and leaving a network

Answer 439

Relies on a flow collector to record metadata and statistics about network traffic

Answer 440

A particular traffic flow based on different packets that share the same characteristics

Answer 441

Passively monitors a network and logs full packet capture data of potential interest

Answer 442

Creates graphs showing traffic flows through the network interfaces of routers and switches

Answer 443

Communicates whether a given interface has a cable connected and a valid protocol for communication

Answer 444

Drops low priority packets when the CPU is too busy to save capacity for higher priority packets

Answer 445

An Ethernet frame that is less than 64 bytes in size

Answer 446

Any Ethernet frame that exceeds the 802.3 frame size of 1518 bytes

Answer 447

Occurs when the interface fails to buffer incoming packets

Answer 448

Cyclic Redundancy Check

Answer 449

Ensures network devices operate within specified temperature and humidity ranges

Answer 450

Between 50 and 90 ºF

Answer 451

Throughput

Answer 452

Estimated measure of the power level that a radio frequency client device is receiving from a wireless access point or wireless router

Answer 453

Maximum power radiated from an ideal isotropic antenna, given its antenna gain, and the transmitter power of the radio frequency system

Answer 454

Tells signal strength being radiated from a wireless access point

Answer 455

Radio frequency waves extend outward in all directions away from the antenna and the wireless access point at an equal power level

Answer 456

Produces radio frequency waves extending outward in two directions

Answer 457

A unidirectional antenna that sends the radio frequency waves in only one direction

Answer 458

Allows the radio waves to be transmitted in only one direction over a longer distance than a Yagi antenna

Answer 459

Omnidirectional and unidirectional antennas

Answer 460

The orientation of the electric field (or transmission) from the antenna

Answer 461

A statistic or measure of the amount of airtime utilization that occurs for a particular frequency or channel

Answer 462

Listens to see if another device is actively transmitting on the channel before attempting to send frames on that channel

Answer 463

Process of planning and designing a wireless network to provide the required wireless solution

Answer 464

* Scan airwaves * Find access points * Request association * Authenticate * Contact DHCP server

Answer 465

A measure of how much area around a wireless transmitter is there sufficient signal strength for wireless devices to utilize

Answer 466

Occurs when multiple wireless networks communicate on the same channel using the same frequency

Answer 467

Channels 1, 6, and 11

Answer 468

Reduction of signal strength between the transmission and receipt of the signal

Answer 469

Occurs when a client is disconnected from a wireless access point

Answer 470

Occurs when there’s no traffic within 300 seconds

Answer 471

A common wireless attack used by hackers to disassociate wireless clients and make them attempt to reconnect to the access point

Answer 472

Service Set Identifier

Answer 473

A web page displayed to newly-connected Wi-Fi users before being granted broader access to network resources

Answer 474

Verifies the real-world throughput from a client device all the way out to the Internet and back

Answer 475

Displays the path between your device and the destination IP address, showing each route hop along the path

Answer 476

Used to display and modify entries in the Address Resolution Protocol (ARP) cache on a system

Answer 477

Used to view and manipulate the IP routing table in a system

Answer 478

Occurs when two devices on the same network are assigned the same IP address

Answer 479

Practice of segmenting an IT organization’s network, separating users into respective network sections

Answer 480

Defines the normal working conditions of an enterprise network infrastructure

Answer 481

Occurs when a network system is overwhelmed by continuous multicast or broadcast traffic

Answer 482

Route that takes effect when no other route is available for an IP destination address

Answer 483

Enable BPDU on managed switches, enforce a maximum number of MAC addresses per port, break up large broadcast domains using routers and Layer 3 switches

Answer 484

A network interface card on a given network

Answer 485

Vendor code followed by a unique value (e.g., D2:51:F1:3A:34:65)

Answer 486

Duplicate IP Address / IP Address Conflict

Answer 487

A DHCP server on a network not under the administrative control of network administrators

Answer 488

Occurs when no specific host is associated with the multicast MAC address in the CAM table of the switch

Answer 489

Network packets leave via one path and return via a different path

Answer 490

An error in the routing algorithm creates a circular route among network devices

Answer 491

A route from being advertised back in the direction from which it came

Answer 492

Increasing a router’s metric to an infinitely high number after detecting a failed route

Answer 493

Prevents bad routes from being restored and passed to other routers by accident

Answer 494

Dynamic Host Configuration Protocol

Answer 495

Automatically assigns an IP address, subnet mask, default gateway, and DNS server’s IP address to a client

Answer 496

The DHCP server runs out of valid IPs to assign to clients

Answer 497

1440 seconds (1 day), 7 days, or 30 days

Answer 498

Configuration and routing setup between VLANs

Answer 499

A network security device that monitors and filters incoming and outgoing network traffic

Answer 500

Host-Based Firewall runs on an individual device; Network-Based Firewall is deployed in line with network traffic

Answer 501

Blocks unauthorized users and allows authorized users to access specific resources

Answer 502

Matches domain names with corresponding IP addresses

Answer 503

Network Time Protocol

Answer 504

Synchronization of system clocks between different layers of time sources

Answer 505

* High CPU usage * High bandwidth usage * Poor connectivity * Network malfunction

Answer 506

Increased latency, jitter, and packet loss

Answer 507

A calculation that considers all anticipated losses along the length of a fiber optic connection

Answer 508

Policies allowing users to bring personal devices to work, leading to decreased capital expenditures and increased operational expenditures

Answer 509

Low optical link budgets

Answer 510

To facilitate verification of identities between users in a transaction