Network Services

Question 1

AAA Framework

Answer 1

A framework for intelligently controlling access to networks and systems through authentication, authorization, and accounting.

Question 2

Accounting

Answer 2

Part of the AAA framework that is a record-keeping mechanism, recording user actions on a system or network.

Question 3

Authentication

Answer 3

Part of the AAA framework that involves the unique identifying information for each user of a system or network.

Question 4

Authorization

Answer 4

Part of the AAA framework that involves what a particular user is allowed to do on a system or network.

Question 5

Best Effort

Answer 5

The least strict QoS category using a first in, first out manner in which packets are not reordered in any way.

Question 6

Class of Service (CoS)

Answer 6

A mechanism for managing traffic in a network by grouping similar types of traffic together and treating each class with its own level of priority. For example, voice and video traffic is more sensitive to latency than email traffic, and therefore would be given a higher CoS priority value.

Question 7

Class-Based Weighted Fair Queuing (WFQ)

Answer 7

An extension to the Weighted Fair Queuing (WFQ) functionality that provides support for user-defined traffic classes based on match criteria, such as protocols, access control lists (ACLs), and input interfaces.

Question 8

Classification and Marking

Answer 8

A QoS mechanism used for identifying traffic flows and assigning markings within the packet headers, which are used to group them together. This is recommended to happen as close to the source of the traffic as possible.

Question 9

Committed Burst (Bc)

Answer 9

The amount of traffic in bits (for shaping) or bytes (for policing) that are deposited into the token bucket during a timing interval, used for Committed Information Rate (CIR) calculation.

Question 10

Committed Information Rate (CIR)

Answer 10

The average speed of data in the network over a period of one second. This can be calculated by dividing the Committed Burt rate (Bc) by the Timing Interval (Tc), or CIR = Bc / Tc.

Question 11

Congestion Avoidance

Answer 11

A QoS mechanism used to prevent a queue from filling to capacity, which will happen if the rate of ingress traffic is greater than the rate at which the traffic can be successfully processed on an egress interface.

Question 12

Device Hardening

Answer 12

The process of applying a collection of best practice procedures in order to secure a network device, such as disabling unnecessary services or closing unneeded ports.

Question 13

Differentiated Services Code Point (DSCP)

Answer 13

A 6-bit code found within a Type of Service (ToS) byte that is used for traffic classification.

Question 14

DiffServ

Answer 14

The most commonly used QoS category, used to differentiate between network flows and assign specific policies to those flows.

Question 15

Dynamic Network Address Translation (NAT)

Answer 15

A version of NAT which maps a private IP address to a public IP address from an available group of public IP addresses, known as a NAT pool.

Question 16

Explicit Congestion Notification (ECN)

Answer 16

The final 2 bits in a Type of Service (ToS) byte used to notify networks about congestion, with the goal of reducing packet loss and delay by decreasing the transmission rate until the congestion clears.

Question 17

File Transfer Protocol (FTP)

Answer 17

A client-server protocol used to transfer files between systems using authentication with the TCP protocol.

Question 18

FTP with SSL (FTPS)

Answer 18

A variant of File Transfer Protocol (FTP) that uses Secure Sockets Layer (SSL) technology to provide encryption, in addition to the authentication offered by FTP. This requires a valid SSL certificate in order to function correctly.

Question 19

Generic Routing Encapsulation (GRE)

Answer 19

A very flexible type of VPN tunnel that can encapsulate nearly any type of data, but does not provide any data security.

Question 20

Global Synchronization

Answer 20

Also referred to as TCP Synchronization, this is a situation that occurs when all flows within a network simultaneously experience TCP Slow Start.

Question 21

Honeypot Deployment

Answer 21

The tactic of configuring vulnerable decoy hosts or networks that do not contain sensitive information, in order to redirect malicious attacks away from critical infrastructure.

Question 22

IEEE 802.1p Marking

Answer 22

The additional 4 bytes added to a frame in order to indicate a Layer 2 priority using a Class of Service (CoS) value.

Question 23

Inside Global Address

Answer 23

A public IP address that represents one or more inside local IP addresses to the outside world.

Question 24

Inside Local Address

Answer 24

A private IP address that is assigned to a host in the inside, local network.

Question 25

IntServ

Answer 25

The most strict QoS category, which creates strict bandwidth reservations for specific applications.

Question 26

IP Security (IPsec)

Answer 26

Used as the primary protocol of the Internet, IPsec provides a tunnel with added features of confidentiality, integrity, authentication, and anti-replay.

Question 27

Low Latency Queuing (LLQ)

Answer 27

An extension of Class-Based Weighted Fair Queuing (CBWFQ) that adds a priority queue to the scheduler in order to provide guaranteed bandwidth and low delay.

Question 28

Management Information Base (MIB)

Answer 28

A database found on an SNMP agent containing multiple object identifiers (OIDs) used for monitoring.

Question 29

Multi-factor Authentication (MFA)

Answer 29

A technique for providing security that requires multiple methods of authentication from a user.

Question 30

Network Address Translation (NAT)

Answer 30

The translation of a private, internal IP address into a public, external IP address that is reachable over the Internet.

Question 31

Network Segmentation

Answer 31

Logically subdividing a network into different segments through the use of VLANs and DMZs, in an attempt to prevent specific users from accessing specific network resources.

Question 32

Network Time Protocol (NTP)

Answer 32

A protocol used to synchronize clocks to a central time reference source. This protocol communicates using UDP port 123.

Question 33

Object Identifier (OID)

Answer 33

A component of a device’s Management Information Base (MIB) that identifies the current status of a particular device characteristic, such as temperature.

Question 34

Outside Global Address

Answer 34

The translated address of an outside host as seen from the outside network.

Question 35

Outside Local Address

Answer 35

The translated address of an outside host as seen from the inside network.

Question 36

Penetration Testing

Answer 36

Methods of launching an authorized attack on your own network in order to evaluate its level of security.

Question 37

Per-Hop Behaviors (PHBs)

Answer 37

A collection of 21 DSCP values selected by the IEFT, each of which have a unique name, relative priority value, and a drop profile used by Weighted Random Early Detection (WRED).

Question 38

Policing

Answer 38

A QoS mechanism that drops traffic when it violates a particular QoS policy.

Question 39

Port Address Translation (PAT)

Answer 39

An extension of Network Address Translation (NAT) that permits multiple private IP addresses to be translated into a single public IP address, with a different port assigned to each translation. Also referred to as NAT Overload.

Question 40

Port Mapping

Answer 40

An extension of static NAT that allows external access to protected, inside network hosts by remapping the destination IP address and port number of the communication.

Question 41

Quality of Service (QoS)

Answer 41

Guidelines used to ensure dependable network performance by addressing concerns such as bandwidth, latency, and error rates.

Question 42

Queuing

Answer 42

A QoS mechanism used to store traffic until it can be processed. This often involves creating multiple queues for different traffic types and assigning traffic to these specific queues.

Question 43

RADIUS

Answer 43

An open-standard protocol used to provide AAA services for controlling network access. RADIUS combines AAA services into a single function and used UDP communication, encrypting only the password.

Question 44

Remote Access VPN

Answer 44

A method of allowing individual users to remotely access a private network through use of a VPN tunnel, typically requiring client software to be installed that is used to initiate tunnel formation. One VPN tunnel is required for each user connecting back to the network.

Question 45

Role Separation

Answer 45

The principle of assigning different sets of permissions to different categories of users, in an attempt to prevent conflicts of interest.

Question 46

Secure FTP (SFTP)

Answer 46

A variant of File Transfer Protocol (FTP) that uses Secure Shell (SSH) to send FTP information securely.

Question 47

Shaping

Answer 47

A QoS mechanism that delays excess traffic using a buffer, or queuing mechanism, in order to hold packets and shape the flow when the date rate is higher than expected.

Question 48

Simple Network Management Protocol (SNMP)

Answer 48

An application layer protocol used to manage and monitor network devices across multiple manufacturers or vendors.

Question 49

Site-to-Site VPN

Answer 49

A method of connecting geographically separated networks over broadband through use of an IPsec tunnel. This connection would be transparent to client devices, and would pass multiple clients traffic over a single tunnel.

Question 50

SNMP Agent

Answer 50

A local network device being monitored by a central SNMP manager, sending information to the manager through trap notifications.

Question 51

SNMP Community String

Answer 51

A component found in SNMP that functions similar to a user ID or a password. If the community string is the same on both sides of an SNMP communication, the requested information is successfully passed along.

Question 52

SNMP EngineID

Answer 52

A hexadecimal value assigned an SNMP entity, used only in SNMP version 3. The EngineID must be a unique value on the network, and is used to generate a key for authenticated messages.

Question 53

SNMP Manager

Answer 53

A centralized SNMP device that monitors and retrieves information from SNMP agents, arriving as trap notifications.

Question 54

SNMP Trap

Answer 54

A notification event sent by an SNMP agent back to the SNMP manager, triggered by a specific condition on the device. Common SNMP Trap notifications include power loss, hardware failure, and other major events.

Question 55

SNMP version 1

Answer 55

The oldest version of SNMP using plaintext authentication, lacking in the area of security.

Question 56

SNMP version 2c

Answer 56

A sub-version of SNMP version 2 which added an Inform command, where an SNMP manager would send out an Inform reply to an SNMP agent upon the receipt of an SNMP Trap. This version still uses plaintext authentication.

Question 57

SNMP version 3

Answer 57

An update to SNMP featuring enhanced security through encryption, integrity checking, and authentication services. SNMP version 3 uses an EngineID to identify each SNMP entity.

Question 58

Static Network Address Translation (NAT)

Answer 58

A version of NAT that creates a one-to-one mapping of a private IP address to a public IP address.

Question 59

Stratum

Answer 59

A stratum number is used to measure the trustworthiness of a time source in NTP. Stratum 0 devices are the most accurate, including atomic and GPS clocks.

Question 60

Syslog

Answer 60

A standard messaging protocol allowing for the monitoring of multiple device status regardless of manufacturer or vendor. Syslog severity ranges from Level 0 to 7, Level 0 being the most severe emergency condition and Level 7 representing troubleshooting or debugging information.

Question 61

TACACS+

Answer 61

A Cisco-proprietary protocol used to provide AAA services for controlling network access. TACACS+ separates all AAA functions and uses TCP communication, encrypting the entire packet.

Question 62

TCP Slow Start

Answer 62

A situation that occurs when a single TCP communication flow reduces its window size.

Question 63

Timing Interval (Tc)

Answer 63

The interval at which tokens are deposited in the token bucket, used for Committed Information Rate (CIR) calculation.

Question 64

Trivial File Transfer Protocol (TFTP)

Answer 64

A client-server protocol used to transfer files between systems with no authentication using the UDP protocol. A common use is in VoIP deployments, where a Cisco IP phone boots up and downloads a configuration file from a TFTP server.

Question 65

Type of Service (ToS) Byte

Answer 65

The additional 8 bits (1 byte) added to a frame in order to indicate a Type of Service (ToS) priority value. These markings are indicated at Layer 3, which are able to cross a router boundary where Class of Service (CoS) markings cannot.

Question 66

Weighted Fair Queuing (WFQ)

Answer 66

A legacy queuing mechanism recommended for the default traffic class. WFQ does not allow any one application to dominate the use of network bandwidth.

Question 67

Weighted Random Early Detection (WRED)

Answer 67

A QoS congestion avoidance mechanism that can start dropping random packets when a queue depth exceeds a specific threshold