Network Concepts Flashcards
Net+ N10-009
Layer 1
Physical - Receives the frames and data and sends them via copper wires, fiber-optic cables, etc. to the switches, routers, etc., along the network path.
Layer 2
Data Link - Receives the packets and adds physical addressing by adding sender and receiver MAC addresses to each data packet.
Layer 3
Network - The routing layer IP addresses, routers, packets
Layer 4
Transport - Provide for the reliable transmission of data segments, as well as the disassembly and assembly of the data before and after transmission.
Layer 5
Session - Establishes, manages, and terminates sessions between two communicating hosts.
Layer 6
Presentation - Ensures that info sent at application layer of one system is readable by the application layer of another system.
Layer 7
Application - Closest to the user. Provides network services to the applications of the user, such as email, file transfer, and terminal emulation.
Router
A device that forwards data packets between computer networks/routes traffic between IP subnets. Also known as a layer 3 switch if a router is included in a switch.
Modem
Converts data from a digital format into a format suitable for analog transmission such as telephone or radio.
Repeater
Electronic device that receives a signal and retransmits it.
Bridge
Connects and filters traffic between two or more network segments
Switch
Device that connects network segments and forwards data traffic based on data link addresses.
Server
A system that provides resources, data, services, or programs to computers, known as clients, over a network.
Proxy
A system or router that provides a gateway between users and the internet. Useful for caching information, access control, URL filtering, and content scanning
Hub
A device that links multiple computers and devices together
Wireless LAN Controller
Centralized management of AP’s, deploy new AP’s, performance and security monitoring.
DMZ (Demilitarized Zone)
Buffer zone between an internal network and the public Internet, adding an extra layer of security.
Time To Live (TTL)
A value that limits the lifespan of data in a network or computer
Network Attached Storage (NAS)
A server that is placed on a network with the purpose of providing storage to users, computers, and devices attached to the network.
Storage Area Network (SAN)
A high-speed network with the sole purpose of providing storage to other attached servers.
How many broadcast domains are created when using this single 24-port switch?
1
What does the TCP/IP model consist of?
Network Access, Internet, Transport, Application
Network Access Layer
Transmission of data between two devices on a network.
Internet Layer
Routes packets across networks
Transport Layer
Ensures reliable data transfer between devices
Application Layer
Provides network services directly to end-users and applications.
What is the difference between unicast, multicast, and anycast in IPv6?
Unicast is one-to-one, multicast is one-to-many, and anycast is one-to-nearest.
What is APIPA (Automatic Private IP Addressing)?
Fallback for network configs when DHCP fails, but are considered private IPs. IP Range: 169.254.0.0 - 169.254.255.255
Local Host Address
127.0.0.1
What is CIDR notation?
It is used to represent IP addresses and their associated routing prefix.
Hybrid Cloud
Combination of private and public clouds, allowing data and applications to be shared between them.
Public Cloud
Offered over the internet by third-party providers, accessible to anyone.
Private Cloud
Dedicated to a single organization, providing greater control and security.
Community Cloud
Shared by multiple organizations with common goals or requirements, often within a specific industry.
IaaS (Infrastructure as a Service)
Cloud computing service that offers compute, storage, and networking resources on-demand.
PaaS (Platform as a Service)
A complete cloud-based environment for developing and deploying applications, from simple apps to complex enterprise solutions.
SaaS (Software as a Service)
Uses the web to deliver applications that are managed by a third-party vendor and whose interface is accessed on the client’s side.
DaaS (Data as a Service)
Cloud computing offering where a service provider delivers virtual desktops to end-users over the Internet, licensed with a per-user subscription.
What port is RDP (Remote Desktop Protocol on)?
3389 TCP - Establish a connection with a remote computer.
What port is SMTP (Simple Mail Transfer Protocol) on?
25 TCP - Email’s are sent over the network securely
What port is POP3 (Post Office Protocol Version 3) on?
110 TCP - Allows users to download emails from a server to a client.
What port is DHCP (Domain Host Configuration Protocol) on?
67 & 68 UDP - Assign IP Addresses to clients on a network automatically.
What port is DNS (Domain Name Service on)?
53 TCP & UDP - Translates IP Addresses into Domain Names
What port is FTP (File Transfer Protocol) on?
20 & 21 TCP - Transfer files over the internet.
What port is SSH (Secure Shell) on?
22 TCP - Carries out the task of remotely connecting to a remote server or host.
What port is TELNET on?
23 TCP - Establish a connection between a server and a remote computer.
What port is IMAP (Internet Message Access Protocol) on?
143 TCP - Retrieve emails from a remote server without having the need to download the email.
What port is SMTPS (Simple Male Transfer Protocol Security)
587 TCP - Method for securing the SMTP using transport layer security.
What is LDAP (Lightweight Directory Access Protocol)
389 TCP & UDP - Used to access and manage directory services, like user and device information, over a network.
What is LDAPS (Lightweight Directory Access Protocol Secure)
636 TCP - Secure version of LDAP that encrypts data transmission using SSL/TLS to protect sensitive information exchanged between clients and directory servers.
What is the purpose of the VXLAN Network Identifier (VNI)?
It is used to differentiate between different VXLAN overlay networks.
Classless
Allocate IP addresses without adhering to traditional class-based address boundaries.
Teredo Tunneling
A method for encapsulating IPv6 packets within IPv4 packets to facilitate IPv6 connectivity through NAT (Network Address Translation) devices.
Network Address Translation (NAT)
Used to modify IP address information in packet headers while in transit across a routing device, allowing multiple devices on a local network to share a single public IP address.
What distinguishes Security Service Edge (SSE) from traditional network security architectures?
SSE leverages cloud-based security services to protect distributed users and devices.
What is a NAT Gateway?
Allows resources within a Virtual Private Cloud (VPC) to access the internet without being directly exposed to the internet.
CISCO 3 Tier Hierarchical Model
- Core
- Distribution
- Access
Core Layer
Responsible for transporting large amounts of traffic quickly.
Distribution
Communication point between the access layer and the core.
Access
Controls user and workgroup access to the resources on the network.
Port mirroring
Copies traffic from one port to another for monitoring or analysis.
TACACS+
Provides AAA services for access to routers, network access points, and other networking devices.
Wireless Controller
A central management console for all of the APs on a network.
Quality of service (QoS)
Policies that control how much bandwidth a protocol, PC, user, VLAN, or IP address may use. Firewalls, routers, switches, and QoS devices manage QoS.
Internet Key Exchange (IKE)
Creates a secure tunnel by encrypting the connection between authenticated peers.
Public Key Infrastructure (PKI)
Tools used to create and manage public keys for encryption.
Default Gateway
Network node, usually a router, that devices use to access other networks when no other routes are specified.
Logical link control (LLC)
Provides connection services and allows acknowledgement of receipt of receipt of messages.
Redudancy
Provides multiple paths for traffic so that data can keep flowing even in the event of a failure
Static Routing