Network Implementations - Objective 2 Flashcards
Networking devices, routing, Ethernet switching, wireless
802.3ad
Link Aggregation
Combines multiple physical connections into a single logical one to minimize congestion
802.3af max wattage
15.4 watts
802.3at max wattage
25.5 watts
802.1d
Spanning tree protocol
802.1q
VLAN trunking
How do IPSs & IDSs recognize attacks?
Through signatures & anomalies
Content Engine/Caching Engine
Dedicated appliance that performs the caching functions of a proxy server
Where is a Content Engine/Caching Engine highly beneficial?
A remote branch office with a slow WAN link
What is a content switch also known as?
A load balancer
ICS
Industrial Control System
Describes the different types of control systems & associated instrumentation
SCADA
Supervisory control, and data acquisition
Acquires and transmits data from different systems to central panel for monitoring and control
The 2 routing loop prevention methods
- Split horizon
- Poison reverse
Number of non-overlapping 20 MHz channels in the 5 GHz band
24 channels
Two protocols associated with WPA
TKIP & RC4
Two protocols associated with WPA2
CCMP & AES
Geofencing
Uses GPS or RFID to define real-world boundaries where barriers can be active or passive
How to crack WEP
Capture enough initialization vectors (IV)
[using something like Aircrack-ng]
Type of vector used by WPA
TKIP
CSMA/CA is used in what kind of network?
Wireless network
CSMA/CD is used in what kind of network?
Wired network
Type of encryption used by WPA
RC4 (Rivest Cipher 4)
WPA2 integrity checking protocol
CCMP
(Counter mode cipher block chaining message authentication code protocol)
WPA2 encryption protocol
AES
(Advanced Encryption Security)
HSRP
Hot Standby Router Protocol
Proprietary first-hop redundancy by Cisco allowing for an active and a standby router and using a virtual router as a default gateway
VRRP
Virtual Router Redundancy Protocol
IETP open-standard variant of HSRP, and like HSRP, allows for an active and a standby router and uses a virtual router as a default gateway
GLBP (4 bullet points)
Gateway Load Balancing Protocol
- Proprietary first-hop redundancy by Cisco
- Focuses on load balancing over redundancy
- Allows for an active router and a standby router
- Creates a virtual router as the default gateway
LACP (3 bullet points)
Link Aggregation Control Protocol
- Achieves redundancy by having multiple links
between devices - Load balancing occurs over multiple links
- Multiple links appear as single logical link
Multipathing
Creates more than one physical path between the server and its storage devices for better fault tolerance and performance
Which means of achieving high availability is cheaper in the long run…
- retrofitting an existing network
or
- integrating practices/technology into the initial design?
integrating practices/technology into the initial design
Cold site
An available building that does not have any hardware or software. Might have empty racks.
Warm Site - what is there & restoration time frame
- a lot of the equipment
- no software/data
- between 24 hours and seven days
Hot Site - what is there & restoration time frame
- equipment and data in place, configured, & updated
- minimal
RTO
Recovery Time Objective
Time and service level within which a business process must be restored after a disaster to avoid unacceptable consequences
What kind of recovery site should be used in low RTO situations?
either hot or cloud
RPO
Recovery Point Objective
Interval of time during a disruption before data lost exceeds the BCP’s maximum allowable threshold or tolerance
Incremental backup
Backup only data changed since last backup
Differential
Only backup data since the last full backup
PDU
Power Distribution Unit
Distributes electric power, especially to racks of computers and
networking equipment located within a data center
Pre-Action System
A fire suppression system in which a detector actuation (like a smoke detector and a sprinkler) must be tripped prior to water being released
3 ways of categorizing QoS traffic
- Best Effort
- Integrated Services (IntServ or Hard QoS)
bandwidth reservations - Differentiated Services (DiffServ or Soft QoS)
*packets are “marked” for routers/switches
to make routing decisions
Potential payload & header reduction of VoIP traffic using compression, including cRTP
50% & 90-95%
LFI
What it is & where it’s used
Link Fragmentation & Interleaving
- Fragments large data packets and interleaves smaller data packets between the fragments (so latency-sensitive traffic doesn’t have to wait for large packets)
- slower-speed links to make the most of limited bandwidth
3 things APs must have to enable roaming between them
- The same SSID
- The same channel
- The same IP subnet
DOCSIS
The standard that determines the frequencies used in cable modem networking
Version of OSPF that supports IPv6
OSPFv3
OSPF methods of learning about other routers in the network
Hello packets & link state advertisements
Route redistribution
When a multiprotocol router learns route information using one routing protocol and disseminates that information using another routing protocol
Voice Gateway
A.k.a. VoIP gateway
Converts data, providing a bridge between analogue, cellular, and IP
IPv4 method of preventing endless routing loops
TTL
IPv6 method of preventing endless routing loops
hop limit
IPv4 & IPv6 addresses for the default route
0.0.0.0/0 & ::/0
5 Functions of a load balancer
- Load balancing
- Caching
- Encryption and decryption a.k.a SSL offloading
- QoS
- Content filtering
Locations of VPN concentrators
- Specialized hardware
- Integrated into a firewall
- Integrated into a server
OSI layer at which proxy servers operate
Layer 7
Reverse proxy
Takes requests from the Internet and forwards them to servers in an internal network
Why proxies make good firewalls
They can dissect an entire IP packet looking for invalid data at each layer of the OSI model.
Next generation firewalls are also known as:
Layer 7 or Application layer firewalls
The two types of network layer firewalls
stateful and stateless
Things a firewall can do
- Permit/deny packets
- Encryption/decryption
- Proxying
3 types of load balancer configurations in an active/active setup
- Round robin (each server in turn)
- Weighted round robin (in turn but most goes to one server)
- Dynamic round robin (server with the smallest load is next in line)
CDMA
Code division multiple access
Early cellular telephone technology that uses spread-spectrum to allow several users to share a band of frequencies
VTP
Layer 2 messaging protocol that maintains VLAN configuration consistency by managing the addition, deletion, and renaming of VLANs on a network-wide basis
Whip antenna
A pole-shaped omnidirectional antenna
