Network+ Study Cards Flashcards

Question 1

Q

Define:

Long Term Evolution (LTE)

Answer

A

Long Term Evolution (LTE)

Uses SIM cards and offers speeds up to 300/75 Mbps.
Generally accepted as a true 4G technology.

Question 2

Q

Define:

Type-2 Hypervisor

Answer

A

Type-2 Hypervisor

A hypervisor that runs on top of software.
- Ex. VM Ware Workstation

Question 3

Q

Define:

Port Aggregation Control Protocol(PAgP)

Answer

A

Port Aggregation Control Protocol(PAgP)

The Cisco protocol used for port aggregation.

Question 4

Q

Define:

TCP

Answer

A

TCP-Transmission Control Protocol

Sends a transmission to achieve “connection” before sending data.
Is reliable.

Three-Way Handshake of TCP:

SYN (synchronize…from client to host)
SYN, ACK (syncronize, acknowledge..from host to client)
ACK (acknowledge…from client to host)

Question 5

Q

Define:

Worm

Answer

A

Worm

Functions similarly to a virus, though it replicates exclusively through networks.

Question 6

Q

Define:

Multicast

Answer

A

Multicast

A method where a single computer sends a packet to a group of interested computers.

Question 7

Q

Define:

OSI Layer 4

Answer

A

Transport Layer-OSI Layer 4

Defines how information moves.
Segements the information into smaller portions.

Question 8

Q

Define:

Multiprotocol Label Switching (MPLS)

Answer

A

Multiprotocol Label Switching (MPLS)

A router feature that enables certain data to use a desired connection. it works with any type of packet switching (even ethernet) to force certain types of data to use a certain path.

Question 9

Q

Define:

Loopback Address

Answer

A

Loopback Address

127.0.0.1
Sending data to this address is telling the device to send packets to itself.

Question 10

Q

Define:

TCN

Answer

A

TCN-Topology Change Notification

Allows switches to rework themselves around a failed interface or device.

Question 11

Q

Define:

ICMP

Answer

A

ICMP-Internet Control Message Protocol

The request/response protocol of TCP/IP.
Does not establish a connection, but rather, informs of one.
Works at layer 3 and handles mundane tasks such as “host unreachable” messages.
A good example of this is the “ping” command

Question 12

Q

Define:

Wireless Standards

Answer

A

Wireless Standards

Question 13

Q

Define:

Performance Monitors

Answer

A

Performance Monitors

Tracks the performance of some aspect of a system over time and lets you know when things aren’t normal.

Question 14

Q

Define:

DNS Cache Poisoning

Answer

A

DNS Cache Poisoning

An attacker targets a DNS server to query an evil DNS server instead of the correct one.
The server can in turn tell the target DNS server spoofed DNS information. The DNS server will then cache that spoofed information and spread it to hosts and possibly other servers.

Question 15

Q

Define:

Spoofing

Answer

A

Spoofing

The process of pretending to be someone or something you are not by placing false information into your packets.

Question 16

Q

Define:

DHCP Snooping

Answer

A

DHCP Snooping

Creating a list of MAC addresses for all of a networks known DHCP servers & clients. If an unknown MAC address starts sending DHCP server messages, the DHCP snoop-capable switch will block that device, stopping all unauthorized DHCP traffic and sending an alarm to the appropriate person.
- Dynamic ARP Inspection (DIA)- Cisco’s proprietary version of DHCP Snooping

Question 17

Q

Define:

Anycast

Answer

A

Anycast

Starts by giving a number of computers the same IP address. Then routers use border gateway protocol to determine which computer in the cluster is closest. When that router gets a packet addressed to that IP address, it sends it only to the closeset root DNS server, even though it may know where others are located.
- An anycast address is a unicast address, and, in most cases, the computer sending the packet doesn’t know or care to know the address is anycast. The only device that knows (and cares) is the top-tier router that has the smarts to send the packet only to the closest DNS server.

Question 18

Q

Define:

Link Aggregation

Answer

A

Link Aggregation

The process of using multiple NICs as a single connection, increasing speed as a result.
Also known as bonding.

Question 19

Q

Define:

UPC Connector

Answer

A

UPC Connector-Ultra Physical Contact Connector

Polished significantly more over polished connectors for a superior finish & reduce signal loss significantly.

Question 20

Q

Define:

Convergence

Answer

A

Convergence

Meaning the updating has completed.
Also known as “ready state”
Can refer to routing tables within a router or when Spanning Tree Protocol has mapped the switches within a network.

Question 21

Q

Define:

Tunnel

Answer

A

Tunnel

An encrypted link between two programs on two seperate computers.

Question 22

Q

Define:

Unidirectional Antenna

Answer

A

Unidirectional Antenna

Focuses a radio wave into a beam of sorts.
- Parabolic- Looks like a satellite dish.
- Yagi- Named for one of its inventors, and often called a beam antenna, can enable a focused radio wave to travel a long way, even miles.

Question 23

Q

Define:

Quality of Service(QoS)

Answer

A

Quality of Service(QoS)

Policies to prioritize traffic based on certain rules. These rules control how much bandwidth a protocol, PC, user, VLAN, or IP address may use.

Question 24

Q

Identify Each:

Dynamic Routing Protocols

Answer

A

Dynamic Routing Protocols

Question 25

Q

Challenge:

Binary → IP Conversion

Answer

A

Binary → IP Conversion Challenge

Study partner choose a random string of 8- 1s & 0s then provide them to the studee. Have the studee convert this to an octet of an IP address by hand.
Use a calculator to confirm after the studee completes this work by hand.

Question 26

Q

Define & Identify Ports:

LDAPS

Answer

A

LDAPS-Lightweight Directory Access Protocol over SSL/TLS

Port 636 TCP & UDP
A protocol used to query & change a database used by the network. However, does this in a secure/encrypted mannser using SSL/TLS.
Less common.
Made obsolete by LDAPv2

Question 27

Q

Define:

Asymmetric-Key Algorithm

Answer

A

Asymmetric-Key Algorithm

Any encryption that uses the different keys for encryption and decryption.

Question 28

Q

Define:

Omnidirectional Antenna

Answer

A

Omnidirectional Antenna

Radiates the signal outward from the WAP in all directions.

Question 29

Q

Define:

Distributed Control System (DCS)

Answer

A

Distributed Control System (DCS)

Similar to an ICS but for larger operations with multiple machines.
Consists of smaller controllers directly on a machine, to distribute the computing load. These controllers then talk back to a cectralized controller called the ICS server.
Typically controlled through Human Machine Interfaces (HMIs) that are typically built (physical) or programmed (software) for a specific task.

Question 30

Q

Identify & Define:

Troubleshooting Steps

Answer

A

Troubleshooting Steps

Identify the Problem
- Gather Information
- Duplicate the Problem
- Question Users
- Identify Symptoms
- Determine if anything has changed
- Approach multiple problems individualy
Establish a Theory of Probable Cause
- Question the obvious
- Consider multiple approaches
  - Top-to-bottom/bottom-to-top OSI model
  - Divide and conquer
Test the Theory to Determine the Cause
- Once a theory is confirmed, determine the next steps to resolve the problem.
- If the theory is not confirmed, re-establish a new theory or escalate.
Establish a Plan of Action to Resolve the Problem and Identify Potential Effects
Implement the Solution or Escalate as Necessary
Verify Full System Functionality and, if Possible, Implement Preventable Measures
Document Findings, Actions, and Outcomes

Question 31

Q

Define:

Modulator

Answer

A

Modulator

Takes a digital signal and converts it to analog.
A demodulator reverses this process.

Question 32

Q

Define:

Point-to-Point Tunneling Protocol(PPTP)

Answer

A

Point-to-Point Tunneling Protocol(PPTP)

A protocol that works with PPP to provide a secure data link between computers using encryption.

Question 33

Q

Define:

Radio-Frequency Identification (RFID)

Answer

A

Radio-Frequency Identification (RFID)

Uses the same concepts of tag and reader as NFC, but has several differences.
- Not a single standard, but many.
- Uses diverse frequencies & protocols
- Much broader application than NFC
Similar features between different RFID’s:
- Close proximity-usually less than 1m
- Security- Usually weak with no encryption.
- Most commonly used for labels.

Question 34

Q

Define:

Integrated Services Digital Network (ISDN)

Answer

A

Integrated Services Digital Network (ISDN)

The CCITT standard that defines a digital method for telephone communications. Originally designed to replace the current analog phone systems.
ISDN lines have phone numbers & support up to 128-Kbps transfer rates.
Also allows voice & data to share a common line.

Question 35

Q

Define:

Primary Rate Interface (PRI)

Answer

A

Primary Rate Interface (PRI)

A full T1 line, carrying 23 B channels.

Question 36

Q

Define:

Link State Dynamic Routing Protocol

Answer

A

Link State Dynamic Routing Protocol

Announces and forwards only indivisual route changes as they appear.

Question 37

Q

Define & Identify:

Private IP Addresses

Answer

A

Private IP Addresses

Private IP addresses are unable to talk directly to the internet.
They use NAT to speak to the internet.

Ranges:

10.0.0.0-10.255.255.255

16.0.0-172.31.255.255
168.0.0-192.168.255.255

Question 38

Q

Define:

IANA

Answer

A

IANA-Internet Assined Numbers Authority

Formed to track & disperse IP addresses to those who need them.

Question 39

Q

Define:

FCS

Answer

A

FCS-Frame Check Sequence

Enables ethernet nodes to identify when bad things happen to good data.
Uses the CRC to verify data.

Question 40

Q

Define:

Software as a Service (SaaS)

Answer

A

Software as as Service (SaaS)

Centralized applications that are accessed over a network.

Question 41

Q

Identify Each:

IP Classes

Answer

A

IP Classes

Class A- 1^stdecimal value starts with 1-126
Class B- 1^stdecimal value starts with 128-191
Class C- 1^stdecimal value starts with 192-223
Class D- 1^stdecimal value starts with 224-239
Class E- 1^stdecimal value starts with 240-254

Question 42

Q

Define:

Dynamic Multipoint VPN(DMVPN)

Answer

A

Dynamic Multipoint VPN(DMVPN)

Enables a direct VPN connection between multiple locations directly, without having to take a less efficient path.
- Optional wording: Enables direct VPN connections between multiple sattelite locations.
Typically uses IPsec for security.

Question 43

Q

Define:

TEMPEST

Answer

A

TEMPEST

The NSA’s security standard that is used to combat radio frequency(RF) emanation by using enclosures, shielding, and even paint.

Question 44

Q

Define:

Port Forwarding

Answer

A

Port Forwarding

The ability to designate a specific local address for various network services. Computers outside the network can request a service using the public IP of the router and the port number of the desired device.

Question 45

Q

Define:

Activation

Answer

A

Activation

When a virus does something such as erase the boot sector of a drive.
- Requires human action to replicate.
- Usually attached to something like a host-file, not a standalone program.
- Does not replicate through networks.

Question 46

Q

Define:

Medianet

Answer

A

Medianet

A network of typically far-flung routers & servers that provide – via QoS and other tools – sufficient bandwidth for video tele-conferencing.

Question 47

Q

Define:

Extended Service Set Identifier (ESSID)

Answer

A

Extended Service Set Identifier (ESSID)

In an ESS every WAP connects to a central switch or switches to become part of a single broadcast domain.

Question 48

Q

Define:

Adaptive Network Technology (ANT+)

Answer

A

Adaptive Network Technology (ANT+)

Low-speed, low-power networking technology that, similarly to NFC, consists of a passive ANT device & an ANT reader.
- Typically used for things like heart-rate monitors where low power is paramount.
- Encrypted with AES.

Question 49

Q

Identify Each:

Backups

Answer

A

Backups

Full Backup- Every file selected is backed up in its entirety.
Incremental Backup- Includes only files with the archive bit turned on. In other words, it copies only the files that have changed since the last full or incremental backup.
Differential Backup- Copies all the files that have been changed since the last full backup. It does not turn off archive bits.

Question 50

Q

Define:

Permanent Virtual Circuit (PVC)

Answer

A

Permanent Virtual Circuit (PVC)

A feature of MPLS, sold by ISPs that is essentially a VPN between two customer locations.

Question 51

Q

Define:

IDF

Answer

A

IDF-Intermediate Distribution Frame

The location where all horizontal runs from all work areas on a single floor come together.

Question 52

Q

Define:

Carrier Sense Multiple Acccess w/ Collision Avoidance (CSMA/CA)

Answer

A

Carrier Sense Multiple Access w/ Collision Avoidance (CSMA/CA)

Access method only used in wireless networks.

Before hosts send out data, they first listen for traffic.
If the network is free, they send out a signal that reserves a certain amount of time to make sure the network is free of other signals.
If data is detected in the air, the hosts wait a random amount of time before trying again.
If there are no other wireless signals, the data is sent out.

Question 53

Q

Define:

SSL/TLS

Answer

A

SSL/TLS-Secure Sockets Layer/Tunnel Layer Security

A protocol developed by Netscape for transmitting private documents securely over the internet.
SSL is technically depricated these days and Tunnel Layer Security is the current iteration.
TLS is robust and works with almost any TCP application.

Question 54

Q

Define:

BPDUs

Answer

A

BPDU-Bridge Protocol Data Units

Special STP packets that map the network between switches.
Will elect one switch as the “root bridge” which acts as the center of the STP universe.

Question 55

Q

Define:

Broadcast

Answer

A

Broadcast

A way to send packets in which every computer on the LAN hears the message.

Question 56

Q

Identify:

10GBaseT

Answer

A

10GBaseT Summary

Speed: 10G
Signal: Baseband
Pairs: 4 pair @ full-duplex
Distance: 55 meters or 100 meters
Cable Type: CAT 6 or CAT 6a using RJ-45 Connectors

Question 57

Q

Define:

Dipole Antenna

Answer

A

Dipole Antenna

The standard straight-wire antennas that provide the most omnidirectional function.

Question 58

Q

Define:

Port Aggregation

Answer

A

Port Aggregation

A method used for joining two or more switch ports logically to increase bandwidth.

Question 59

Q

Define:

Session Highjacking

Answer

A

Session Highjacking

Tries to intercept a valid computer session to get authentication information.

Question 60

Q

Define:

Route Redistribution

Answer

A

Route Redistribution

When a router ontains routes using one protocol and then announces the routes over another protocol.

Question 61

Q

Define:

ARP

Answer

A

ARP-Address Resolution Protocol

A special request sent by a computer used to obtain the MAC of other computers on the network.

Question 62

Q

Define:

Vulnerability Scanner

Answer

A

Vulnerability Scanner

A program that will inspect a huge number of potentail vulnerabilities & create a report for you to then act upon.

Question 63

Q

Define:

Rivest Cypher 4 (RC4)

Answer

A

Rivest Cypher 4 (RC4)

Encryption
Was the dominant stream cypher for a while.
A number of weaknesses were found starting in 2001 and continuing to this day, causing the industry to look at it as a legacy cypher and move more to AES and block cyphers.

Question 64

Q

Define & Identify Ports:

SSH

Answer

A

SSH-Secure Shell

Port 22 TCP & UDP
A terminal emulator that looks exactly like Telnet but encrypts the data.

Answer 65

A

POP-Post Office Protocol

Port 110 TCP
One of two protocols that recieve eamils from SMTP.
Old and obsolete, was replaced by IMAP
Currently on version 3

Answer 66

A

Primary(Master) & Secondary(Slave) DNS Servers

When a domain is large enough (ie. google) it may need more than one DNS server. In this setup secondaries act as subordinates to the primary, but they all support the same domain.

Answer 67

A

1000BaseT Summary

Speed: 1000 Mbps
Signal: Baseband
Distance: 100 meters
Node Limit: 1024 Nodes per hub/switch
Topology: Star-bus
Cable Type: CAT 5e or better UTP/STP w/ RJ-45

Answer 68

A

Ad hoc Mode

Sometimes called peer-to-peer, each wireless node is in direct contact with each other node in a decentralized free-for-all.
Mesh topology.

Answer 69

A

Remote Terminal Units (RTUs)

Provide the same function as a controller with 2 major differences.
- Designed to have some amount of autonomyin case it loses connection with central control.
- Designed to take advantage of some form of long-distance communication such as telephony, fiber -optic, or cellular WANs.

Answer 70

A

Man-in-the-Middle

An attacker taps into communications between two systems, covertly intercepting traffic thought to be only between those two systems, reading or in some cases even changing the data and then sending that data on.

Answer 71

A

Last-Mile Solutions

Dial-Up
DSL
Broadband Cable
Satellite
Fiber

Answer 72

A

Spyware

A function of any program that sends information about your system or your actions over the Internet.

Answer 73

A

Autonomous System

One or more networks that are goverened by a single dynamic routing protocol. They do not deliver data using IP addresses but rather an ASN

Answer 74

A

BGP-Border Gateway Protocol

The one protocol the internet has settled on to use as the communication protocol or EGP for ALL Autonomous Systems.
Most likely in use to allow you to communicate to/from your ISP.
Currently version BGP-4

Answer 75

A

Message-Digest v5 (MD5)

The first commonly used hash algorithm.
Created a 128-bit message-digest
Considered unsecure these days.

Answer 76

A

Digital Signature

Nonrepudiation
A hash of the public key encrypted by the private key. The person with the matching public key decrypts the digital signature using the public key, generates their own hash, and compares it to the decrypted has to verify that it came from the intended sender.

Answer 77

A

MAC Address-Media Access Control Address

48-bit or 6-byte identifier used for identifying a NIC.

Answer 78

A

MDF-Main Distribution Frame

The combination of demarc, phone cross-connects, and LAN cross-connects where all IDF locations centralize to.

Answer 79

A

Data Encryption Standard (DES)

The oldest symmetric-key algorithm of TCP/IP.
Block cypher
Uses a 128-bit block size and a 56-bit key.
The 56-bit key length has made it obsolete.

Answer 80

A

Denial of Service (DOS)

An attack on a server (or servers) that provides some sort of service to the Internet, with the goal of making that site unable to process any incoming server requests.
- Physical
- Amplified
- Dynamic
- Reflective

Answer 81

A

SMB-Server Message Block

Port 445 TCP
Protocol used by Microsoft clients & servers to share files & print resources.

Answer 82

A

Wi-Fi Protected Access (WPA)

A wireless security protocol that addresses the weaknesses and acts as a upgrade to WEP.
WPA offers security enhancements such as dynamic encryption key generation (ie. keys are issued on a per-user and per-session basis), an encryption key integrity checking feature, user authentication through the industry standard EAP, and other advanced features that WEP lacks.
Temporal Key Integrity Protocol (TKIP)- This is the extra layer of security that WPA adds on top of WEP.

Answer 83

A

Virtual Router Redundancy Protocol (VRRP) & Hot Standby Router Protocol (HSRP)

Both take multiple routers and gang them together into a single virtual router to provide redundancy.
Cannot provide load balancing
HSRP is Cisco proprietary.

Answer 84

A

Important IPv6 mUlticast Addresses

ff02::1- All Nodes Address
ff02::2- All Routers Address
ff02::1:ffxx:xxxx- Solicited-Node Address

Answer 85

A

Deauthentication Attack (Deauth)

A form of DOS that targets 802.11 wireless networks, specifically by sending out a frame that kicks a wireless client off of its WAP connection. Then, a rogue WAP nearby presents a great and often automatic alternative option for connection. The rogue WAP then proceeds to collect data from the client after connecting the client to the internet.

Answer 86

A

Stateful DHCPv6

Works similar to IPv4 DHCP servers, handing out complete IPv6 information: addresses and default gateways, as well as items such as DNS server addresses.

Answer 87

A

Authentication Examples

Usernames/passwords
Biometrics
Smart Cards
MFA/2FA
- Something you know
- Something you have
- Something you are
- Something you do
- Somewhere you are

Answer 88

A

Block Cypher

More common
Encrypt data in single chunks of a certain length at a time.

Answer 89

A

IGP-Internal Gateway Protocol

The protocols used to communicate on the network/s within an automated system.

Answer 90

A

Jitter

The loss of packets due to an overworked AP.

Answer 91

A

NIU-Network Interface Unit

Serves as the demarc between your netwrok and your ISP.
ie. modem

Answer 92

A

Z-Wave/Zigbee

Both use mesh
Competing technologies
Z-wave is proprietary with and open API for programmers.
Zigbee is completely open source
Both are used in home automation.

Answer 93

A

Active Directory Domain

A form of directory service used in networks with Windows servers. Creates an organization of related computers that share one or more Windows domains.
- Used to control things such as permissions, GPOs, and computer settings from one central location.

Answer 94

A

Public Key Infrastructure (PKI)

Nonrepudiation
The system for creating and distributing digital certificates using sites like Comodo, Symantec, or GoDaddy

Answer 95

A

Replication

To make copies of itself, often as code stored in boot sectors or as extra code added to the end of executable programs.

Answer 96

A

TFTP-Trivial File Transfer Protocol

Port 69 UDP
A simple FTP that allows a client to get a file from or put a file on a remote host.

Answer 97

A

Near-Field Communication (NFC)

A low-speed, short-range technology designed primarily for small-value monetary transactions.
Typically consists of an unpowered, passive tag that holds personal data & an NFC reader that when brought close to the tag, creates an electromagnetic induction in the tag and allows the two devices to communicate using only the power from the reader.

Answer 98

A

Service Level Agreement (SLA)

A document between a customer & a service provider that defines the scope, quality, and terms of service to be provided.
- Definition of service provided
- Equipment
- Technical support

Answer 99

A

IGMP-Internet Group Management Protocol

Enables routers to communicate with hosts to determine a “group” memebership.
An example of this is Multicasting-You can provide one IP that multiple clients view instead of sending them multiple streams.

Answer 100

A

Ethernet Frame_{consists of what?}

Reaches the NIC and then changes.

Preamble
Destination MAC
Source MAC
Destination IP (Type _{ie. IPv4 or IPv6})
Source IP
Destination Port
Source Port
Data _{minimum of 64 bytes}
FCS

Answer 101

A

SIP Trunk

Connects PBX systems from multiple locations seamlessly over the internet via a virtual connection.

Answer 102

A

Routing Table

The table a router uses to inspect IP packets and send data where it needs to go.

Answer 103

A

Enhanced Data Rates for GSM Evolution (EDGE)

The last iteration of GSM
Offers speeds up to 384 Kbps

Answer 104

A

EAP Types

EAP-PSK(Pre-Shared Key)- A shared secret code between the WAP & the wireless client.
- Uses AES for encryption
EAP-TLS- Defines the use of a RADIUS server as well as mutual authentication, requiring certificates on both the server & every client.
EAP-TTLS- Similar to EAP-TLS but only uses a single server-side ticket.
EAP-MS-CHAPv2- More commonly known as Protected EAP (PEAP), it uses a password function based on MS-CHAPv2 with the addition of an encrypted TLS tunnel.
- The most common implementation of EAP.
EAP-MD5- A very simple version of EAP that only uses MD5 hashes for transfer of authentication credentials. It is weak, and the least common.
Lightweight EAP (LEAP)- A proprietary EAP used almost exclusively by Cisco wireless products.
EAP Flexible Authentication via Secure Tunneling (EAP-FAST)- Cisco’s replacement for LEAP.

Answer 105

A

PC Connector-Physical Contact Connector

A fiber connector in which the two pieces of the fiber make physical contact.

Answer 106

A

10GBase ER/EW (Extra Long Range/Extra Long Wavelength) Summary

Single Mode Fiber
1550nm Wavelength
Commonly LC & SC Connectors
40 km distance

Answer 107

A

Configure Router Serial Connection

Speed(Baud): 9600
Data Bits: 8
Stop Bits: 1
Parity: none

Answer 108

A

FTP-File Transfer Protocol

Port 20 & 21 TCP
Standard communication protocol used to transfer files from server to client.

Answer 109

A

Telnet Protocol

Port 23 TCP
A program that enables users to log onto remote systems from their own host systems.
Not really used anymore, has been replaced by SSH.

Answer 110

A

10GBase SR/SW (Short Range/Short Wavelength) Summary

Multi-Mode Fiber
850nm Wavelength
Connectors not defined
26-300 meter distance

Answer 111

A

Virtula Local Area Network (VLAN)

Enables you to segment a physical network into multiple discreet networks without having to add additional hardware.
The most common method for configuring a VLAN capable switch is to log in via SSH and configure using command line.

Answer 112

A

Industrial Control System (ICS)

The overall system that monitors and controls machines.

Has 3 basic components:

Input/Output functions on the machine
A controller
Interface for the operator

Answer 113

A

Persistent Agent

A small scanning program that, once installed on the computer, stays installed and runs everytime the computer boots. These agents are composed of modules that perform a thourough inventory of each security-oriented element in the computer.

Answer 114

A

Reverse Lookup Zone

Enables a system to determine an FQDN by knowing the IP address.

Answer 115

A

Macro

Any type of virus that exploits application macros to replicate & activate.

Answer 116

A

Infrastructure as as Service (IaaS)

Uses virtualization to minimize idle hardware, protect against data loss and downtime, and respond to spikes in demand.

Answer 117

A

Presentaion Layer-OSI Layer 6

Translates lower layers into a format useable by the Application Layer and vice versa.
Not really used anymore in modern computing.

Answer 118

A

LDAP-Lightweight Directory Access Protocol

Port 389 TCP & UDP
A protocol used to query & change a database used by the network.
ie. Databases used to track who is logged into a network, how many DHCP clients are currently active, or the location of all the printers on a network.
Talks between active directories, to update information.

Answer 119

A

HTTPS-Hyper Text Transfer Protocol over SSL/TLS

Port 443 TCP
Same as HTTP but instead does this in a secure/encrypted manner using TLS.

Answer 120

A

APC Connector-Angled Physical Contact Connector

A fiber connection in which an 8-degree angle is added to the curved end, lowering signal loss further.
The connection does not degrade with multiple insertions.

Answer 121

A

Session Layer-OSI Layer 5

Manages the communication method and opens/closes the communication lanes between computers.

Answer 122

A

Cable Issues

Open Circuit- When one or more of the wires in a cable do not connect end to end.
Lacks Continuity- One of the wires touches another, creating a short.
Wire Map Problem- The proper pinout is not used on one or more ends.
Crosstalk- When electrical signal leaks from one wire to another.

Answer 123

A

CRC-Cyclic Redundancy Check

The sending machine runs data throught this mathematical formula to create the FCS. Then the receiving machine opens the frame, runs the CRC again, then compares the answer with the one included in the frame.

Answer 124

A

APIPA-Automatic Private IP Addressing

The address automatically assigned to a DHCP device when it does not receive a response to a DHCP discover message.
This IP is in the range 169.254.0.0 /16

Answer 125

A

Data Link Layer-OSI Layer 2

Communicates using MAC Addresses
NIC’s, Switches

Answer 126

A

Asymmetrical Digital Subscriber Line (ADSL)

Uses different upload & download speeds.
Download speeds are much faster than upload speeds.

Answer 127

A

Autonomous System Number

A special globally unique number used to transfer data between Autonomous Systems.
Assigned by IANA
Originally represented by a 16-bit number, however, current ASNs are 32-bit.

Answer 128

A

Trunking/Trunk Port

Trunking is the process of transferring all VLAN traffic between two or more switches.
- Trunk Port:
  - A port on a switch configured to carry all traffic regardless of VLAN number, between all switches in a LAN.

Answer 129

A

Advanced Encryption Standard (AES)

A symmetric-key block cypher that uses a 128-bit block size.
Uses 128-, 192-, 256-bit key.

Answer 130

A

Cached Lookups

All the IP addresses that a DNS server has already resolved, so that it does not have to re-resolve an FQDN it has already resolved.

Answer 131

A

Rootkit

Takes advantage of very low-level operating system functions to hide itself from all but the most aggressive anti-malware tools.

Answer 132

A

Extensible Authentication Protocol (EAP)

Authentication wrapper that EAP-compliant applications can use to accept one of many types of authentication.
While EAP is a general-purpose authentication wrapper, its only substantial use is in wirelss networks.
- Uses Point-to-Point Protocol (PPP)

Answer 133

A

Global System for Mobile Communications (GSM)

The first group of networking technologies widely adopted for mobile devices.
Relied on a type of time-division multiplexing called time-division multiple access (TDMA)

Answer 134

A

Bluesnarfing

Used weaknesses in the Bluetooth standard to steal information from another Bluetooth device.

Answer 135

A

100BaseT Summary

Speed: 100 Mbps
Signal: Baseband
Distance: 100 meters
Node Limit: 1024 Nodes per hub/switch
Topology: Star-bus
Cable Type: CAT 5 or better UTP/STP w/ RJ-45
Only requires 2 pair

Answer 136

A

GBIC-Gigabit Interface Connector

A standard modular port on a switches and other hardware.

Answer 137

A

100BaseFX Summary

Speed: 100 Mbps
Signal: Baseband
Distance: 2000 meters or 2 km
Node Limit: 1024 Nodes per hub/switch
Topology: Star-bus
Cable Type: Multi-Mode Fiber using ST or SC connectors

Answer 138

A

nslookup

Helps diagnose DNS problems.

Answer 139

A

When does business continutity come into play?

If a disaster requires actions offsite from the primary infrastructure.

Answer 140

A

Logic Bomb

Code written to execute when certain conditions are met.

Answer 141

A

STP-Spanning Tree Protocol

Using special STP frames called BPDUs, this protocol allows switches to communicate with other switches to prevent loops from happening.
RSTP-The “Rapid” version of this protocol used nowadays, allows convergence at a much faster pace.

Answer 142

A

Forward Lookup Zone

Enables a system to determine an IP address by knowing the FQDN.

Answer 143

A

Intrusion Detection System(IDS)

An application that inspects a copy of packets, looking for active intrusions, and can then respond to detected intrusions with actions.

Answer 144

A

SMF-Single Mode Fiber

A fiber optic cable that uses lasers.
Does not experience modal distortion, and as a result is able to achieve very high transfer rates over a very long distance.

Answer 145

A

DHCP-Dynamic Host Configuration Protocol

Ports 67 & 68 UDP
Automatically assigns IP Addresses to client machines.
Remember “DORA” as the four-way handshake of DHCP

Discover-Initial request from client.
Offer-Offer back fromt the host.
Request-Acceptance of offer by client.
Acknowledgement-Host saves/stores acceptance.

Answer 146

A

IPv6

IPv6 is a 128-bit IP address space, allowing up to 2¹²⁸addresses.
It is made up of three parts: The Global Prefix and the Subnet ID; which collectively make up the Network Prefix, and then the Interface ID.
2001:0db8:43c4:0026:0000:0000:4567:f2ab

|_____________||___||_________________|

Global Prefix Subnet ID Interface ID

|____________________|

|

Network Prefix

Network Prefix- Used for routing & makes up the first 64-bits
Interface ID- This is the user address and makes up the second 64-bits.
Link-Local Address- The equivalent of the APIPA address for IPv6.
Global Unicast Address- Often called a global address or global prefix; this is the address used to access the internet. This is provided by the default gateway.
48-bit prefix from upstream router + 16-bit Subnet ID from default gateway + 64-bit Interface ID = 128-bit IPv6

| |

Answer 147

A

Intra-Site Automatic Tunnel Addressing Protocol (ISATAP)

Designed to work within an IPv4 network by adding the IPv4 address to an IPv6 prefix to create a rather interesting but non-standard address for the endpoints.

Answer 148

A

Real-Time Transport Protocol (RTP)

The heavily adopted bedrock of VOIP standards.
Defines the types of packets used on the internet to move voice or data from a server to clients.

Answer 149

A

Symmetrical Digital Subscriber Line (SDSL)

Provides equal upload & download speeds and in theory, speeds up to 15Mbps.

Answer 150

A

Local Exchanges

A defined grouping of individual phone circuits served by a single multiplexer.

Answer 151

A

Public Switched Telephone Network (PSTN)

Also known as POTS, this is the oldest and slowest phone connection. It is just a regular phone line, the same line used for someone’s home phone.

Answer 152

A

Password Policy

Password policies revolve around the strength of the password and rotation frequency.

Answer 153

A

1000BaseSX (Shorter Range) Summary

Speed: 1000 Mbps
Signal: Baseband
Distance: 220-500 meters
Cable Type: Multi-Mode Fiber using LEDs & LC or SC connectors

Answer 154

A

Evolved High-Speed Packet Access (HSPA+)

The final 3G standard for data, providing theoretical speeds up to 168 Mbps.

Answer 155

A

Metro Ethernet

Usually a dedicated fiber line from the ISP to an office.

Answer 156

A

Overlay Tunnel

Enables two IPv6 networks to connect over an existing IPv4 infrastructure, such as the internet.

Answer 157

A

SMTP-Simple Mail Transfer Protocol

Port 25 TCP
Used for routing mail between e-mail services.

Answer 158

A

Adware

A program that monitors the types of Web sites you frequent and uses that information to generate targeted ads, usually pop-ups.

Answer 159

A

Change Request

Type of change
Configuration Procedures
Rollback Process
Potential Impact
Notification

Answer 160

A

Integrity

The process that guarantees that the data recieved is the same as originally sent.

Answer 161

A

Bare-Metal/Type-1 Hypervisor

A hypervisor that runs directly on top of hardware.
- Ex. ESXi

Answer 162

A

802.1X

A port-based authentication network access control mechanism for networks.
Only broadly adopted by wireless networks.

Answer 163

A

CSMA/CD-Carrier Sense Multiple Acccess/Collision Detection

Determines which computer should used a shared cable at a given moment.
Was popular when HUBs were still used, not as common anymore.

Answer 164

A

EIGRP-Enhanced Interior Gateway Routing Protocol

A proprietary Cisco routing protocol that has aspects of both distance vector & link-state protocols.

Answer 165

A

When does incident response come into play?

When incidents that take place can be stopped, contained, and remediated without outside resources.

Answer 166

A

NetBIOS

Operates at the session layer of the OSI model
This protocol creates and manages connections based on the names of the computers involved.

Answer 167

A

10GBase LR/LW (Long Range/Long Wavelength) Summary

Single Mode Fiber
1310nm Wavelength
Commonly LC Connectors
10 km distance

Answer 168

A

SSL VPN

A type of VPN that uses SSL encryption.
Clients connect to the VPN using a standard web browser, with the traffic being secured using SSL.
- The two most common types are:
  - SSL Portal VPNs
  - SSL Tunnel VPNs

Answer 169

A

Remote Authentication Dial-In User Service (RADIUS)

The better known of the two AAA standards and, as its name implies, was created to support ISPs with hundreds if not thousands of modems in hundreds of computers to connect to a single database.
Every RADIUS setup is made of 3 devices:
- RADIUS Server- Has access to a database of usernames & passwords.
- A number of Network Access Servers that control modems.
- A group of systems that in some way connect to the network.
UDP Ports 1812 & 1813
UDP Ports 1645 & 1646

Answer 170

A

Programmable Logic Controller (PLC)

A computer that controls a machine according to a set order of steps.

Answer 171

A

Discrestionary Access Contorl (DAC)

Based on the idea that a resource has an ownser who may at his/her discretion assign access to that resource.

Answer 172

A

Bluejacking

The process of sending unsolicited messages to another Bluetooth device.

Answer 173

A

Virus

A program that has two jobs; to replicate & to activate.

Answer 174

A

Authoritative Name Server

A DNS server for the entire domain. Usually has a single zone that lists all the hostnames on the domain and their corresponding IP addresses.
It can support one or more domains, depending on how powerful the server is and the size of the domain.

Answer 175

A

Top Level Domain (TLD)

Displayed at the far right of a FQDN, examples include .com, .org, .net, .edu, .gov, .mil, .int & country codes such as .us, .eu etc.
Managed by top level DNS servers.

Answer 176

A

IMAP-Internet Message Access Protocol

Port 143 TCP
A newer alternative to POP3, it recieves email fromt he server in the same way. However, it defers in that it supports folder creation on the server and allows devices to syncronize the same email across multiple devices.
It is currently on version 4

Answer 177

A

Statement/Scope of Work

A legal contract between a vendor & customer that defines services & products the vendor agrees to supply & the time frames in which to supply them.

Answer 178

A

T-Carriers

Answer 179

A

DNAT-Dynamic Network Address Translation

Allows many copmuters to share a pool of routable IP addresses that the number fewer than the computers.

Answer 180

A

Application Layer-OSI Layer 7

Refers to the code built into an OS that allows a program to communicate with it rather than the programs themselves. ie. API

Answer 181

A

Stateless DHCPv6

Relies on router advertisements to give some information to hosts, making small changes to what the router advertisements would normally show, such as the address of the DNS server.

Answer 182

A

V Standards

Define the speeds at which modems can modulate. As well as how modems compress data and perform error checking when they communicate.

Answer 183

A

HTTP-Hyper Text Transfer Protocol

Port 80 TCP & UDP
Extremely fast protocol used for network file transfers on the world wide web.

Answer 184

A

Change Management

The process of creating change in your infrastructure in an organized, controlled, safe way.

Answer 185

A

Tunnel Setup Protocol (TSP) & Tunnel Info & Control (TIC)

These protocols setup the tunnel and handle configuration as well as login.

Answer 186

A

Demarcation Point

Physical location of the connection that serves as the dividing line of responsibility for the functioning of a network.

Answer 187

A

Common Internet File System (CIFS)

The protocol that NetBIOS used to share folders and printers. Still very common, even in UNIX/Linux systems.

Answer 188

A

10BaseT Summary

Speed: 10 Mbps
Signal: Baseband
Distance: 100 meters
Node Limit: 1024 Nodes per hub/switch
Topology: Star-bus
Cable Type: CAT 3 or better UTP w/ RJ-45
Only requires 2 pair

Answer 189

A

Frame Relay

An extremely efficient packet-switching standard, designed for and used primarily with T-Carrier lines.

Answer 190

A

Edge Devices

A piece of hardware that has been optimized to perform a task.

Answer 191

A

Port Numbers

0-1023 Are well-known port numbers
1024-49151 Are registered port numbers
49152-65535 are Dynamic or Private port numbers

Answer 192

A

Hash or Cryptographic Hash Function

Typically used for providing integrity in data.
A mathematical function that you run on a string of binary digits of any length that results in a value of some fixed length.
- Checksum
- Message Digest
No matter how long or short the input, the output is always the same length.

Answer 193

A

Remote Access Policy

Enforces rules on how and when and from what device users can access company resources from remote locations.

Answer 194

A

Internet-TCP/IP Layer 2

Anything dealing with pure IP packets
Routers

Answer 195

A

IPv4>>IPv6 Tunneling Standards

4 to 6
6 in 4- Can traverse IPv4 NAT
Teredo- Can travers IPv4 NAT
Miredo- An open source implementation of Teredo for Linux and some other UNIX based systems.

Answer 196

A

Storage Area Network (SAN)

A server that can take a pool of hard disks and present them over a network as any number of logical disks.
- Three Main Types:
  - Fibre Channel (FC)
  - Internet Small Computer System Interface (iSCSI)
  - InfiniBand (IB)

Answer 197

A

Trojan Horse

A piece of malware that looks or pretends to do one thing while, while at the same time, doing something evil.
- Does not replicate.

Answer 198

A

Pathping

Combines features of both ping and traceroute

Answer 199

A

Symmetric-Key Algorithm

Any encryption that uses the same key for both encryption and decryption

Answer 200

A

Link or Network Access-TCP/IP Layer 1

MAC Addresses
Physical connections
NIC’s
Switches
Combines Layers 1&2 of the OSI Model

Answer 201

A

Terminal Access Controller Access Control System Plus (TACACS+)

A protocol developed by Cisco to support AAA in a network with many routers and switches.
TCP 49

Answer 202

A

API-Application Programming Interface

Provides a standard way for programmers to enhance or extend an apps abilities.

Answer 203

A

Certifiers

Tests a cable to make sure it can handle its rated amount of capacity.

Answer 204

A

802.3z Standard

Defines the standard for Ethernet over Fiber @ 1Gbps

Answer 205

A

NTP-Network Time Protocol

Port 123 UDP
A protocol that gives the current time.

Answer 206

A

Intrusion Protection System(IPS)

Similar to IDS but differs in that it sits directly in the path of low for network traffic, and can stop this traffic immediately.

Answer 207

A

Basic Service Set Identifier (BSSID)

Defines the most basic infrastructure mode network– a BSS of one WAP and one or more wireless clients.
- Same as the WAPs MAC

Answer 208

A

Looking-Glass Site

Remote servers accessible with a browser that contain common collections of diagnostic tools such as ping and traceroute, plus some border gateway protocol query tools.

Answer 209

A

Load Balancing

The process of making a bunch of servers look like a single server, creating a server cluster.

Answer 210

A

Acceptible Use Policy (AUP)

Defines what is and what is not acceptible to do on an organiztaion’s computers.
- Ownership- Equipment & any proprietary information stored on the organization’s computers are the property of the organization.
- Network Access- Users will only access information they are authorized to access.
- Privacy/Consent to Monitoring- Anything user do on the organozations’s computer is not private. The organization will monitor what is being done on computers at any time.
- Illegal Use- No one may use an organization’s computers for anything that breaks the law.

Answer 211

A

SNAT-Static Network Address Translation

Maps a single routable (not private) IP address to a single machine, enabling you to access that machine from outside the network.

Answer 212

A

Nonrepudiation

Means that a person cannot deny having taken a specific action.
Verifies the sender.

Answer 213

A

Unicast

A way to send packets from one computer, directly to another computer.

Answer 214

A

Risk Management

The process of how organizations deal with the bad things that take place on their networks.

Answer 215

A

Role-Based Access Control (RBAC)

The most popular used in file sharing.
Defines a user’s access to a resource based on the roles a user plays in the netowrk environment.

Answer 216

A

Wired Equivalent Privacy (WEP)

A wireless security protocol that uses a 64- or 128-bit encryption algorithm to scramble data frames.
No longer secure.

Answer 217

A

OSPF-Open Shortest Path First

The most commonly used IGP in the world.
Most large enterprises use OSPF.
Based on the link-state algorithm.
Only got support for IPv6 in it’s most recent update.

Answer 218

A

Asyncronous Transfer Mode (ATM)

A network technology that runs at speeds between 25 & 622 Mbps using fiber-optic cabling or CAT5 or better UTP.
- Packet-Switching technology

Answer 219

A

Designing a Basic Network

List of requirements
Device types/requirements
Environment limitations
Equipment limitations
Compatibility Requirements
Wired/wireless considerations
Security considerations

Answer 220

A

Non-Persistent Agent

A small agent that scans only for the queried conditions, is downloaded and run. If the query is satisfied that the station needing access is acceptible, connection is granted and the node can access the production network.
When the node diconnects from the network and leaves the portal site, the agent is released from memory.

Answer 221

A

Datagram TLS(DTLS) VPNs

Used to optimize connections for delay-sensitive applications, such as voice or video over a VPN.

Answer 222

A

Preamble

A 7-byte series of alternating 1s & 0s followed by a 1-byte “start frame” delimeter.
This lets a NIC know that there is incoming data.

Answer 223

A

Neighbor Discovery Protocol (NDP)

An IPv6 protocol that enables hosts to configure automatically their own IPv6 addresses and get configuration information like routers and DNS servers.
1. Neighbor Solicitation-request
2. Neighbor Advertisement-answer
3. Router Solicitation-request
4. Router Advertisement-answer

Answer 224

A

ARP Cache Poisoning

Attacks that target the ARP cache on hosts & switches.

Answer 225

A

Fully Qualified Domain Name (FQDN)

The complete DNS name of a system, from it’s hostname to the top-level domain name.
Textual nomenclature to a domain-organized resource. It is written left to right, with the host name on the left, followed by any hierarchial subdomains within the top-level domain on the right. Each level is seperated from any preceding or following layer by a (.).

Answer 226

A

NAT-Network Address Translation

Hides the IP addresses of computer on the LAN but still enables those computers to communicate with the broader internet.

Answer 227

A

UDP-User Datagram Protocol

Does not achieve “connection” before sending data, but instead uses a send it and forget it methodoligy of sending data.
Can be unreliable.

Answer 228

A

Physical Layer-OSI Layer 1

Physical portions of a network that dat travels through.
Cabling

Answer 229

A

Logic Bomb

Code written to execute when certain conditions are met.

Answer 230

A

Kerberos

An authentication protocol for TCP/IP networks with many clients all connected to a single authenticating server.
- Microsoft adopted it as the authentication protocol for all Windows networks using a domain controller.
- TCP & UDP 88
- Key Distributing Center (KDC)
  - Authentication Server (AS)- Contacted by the client and issues a Ticket-Granting-Ticket (TGT) back to the client. –Authentication
    - Short lifespan (10 hours by default)
  - Ticket-Granting Service- Client then sends the TGT here and is issued a timestamped token back. –Authorization
    - Token holds Security Identifier (SID)-Which the client uses to access resources on the domain.

Answer 231

A

Code-Division Multiple Access (CDMA)

Came out shortly after GSM but is not compatible with GSM’s TDMA, as it uses a spread spectrum form of transmission.
Changes the frequency used by each user.
Originally considered 2G and does not use SIM cards.

Answer 232

A

NAT64

A transition mechanism that embeds IPv4 packets for network traversal.

Answer 233

A

Interface Monitors

Track the bandwidth and utilization of one or more interfaces on one or more devices.

Items Tracked:

Bandwidth/Throughput
Utilization
Packet Drops
Error Rate
Discards
Interface Resets

Answer 234

A

Mandatory Access Control (MAC)

Every resource is assigned a label that defines its security level. If the user lacks that security level, he/she does not get access.
- Oldest and least common

Answer 235

A

Malformed Packets

When an attacker uses a malicious program to inject unwanted information into packets in an attempt to break another system.

Answer 236

A

Computer Forensics

Secure the area
Document the scene
Collect Evidence
Interface with authorities

Answer 237

A

DNS Record Types

“A” Record- Assigned to each individual host, they are the workhorse of any forward lookup zone. Web servers will typically get a “www” A Record.
- These are also the most common DNS record.
Start of Authority(SOA)- Defines the primary name server in charge of the forward lookup zone.
Name Server Record(NS)- Shows the primary name server.
Canonical Name(CNAME)- Acts like an alias.
AAAA Record- The equivalent of an A Record but for IPv6.
MX Records- Used exclusively by SMTP servers to determine where to send mail.
- Stands for Mail eXchanger
SRV Records- A generic DNS Record that supports any type of server.
TXT Record- Allow any text to be added to a forward lookup zone.
- Can support protocols designed to prevent e-mail spoofing through solutions such as DomainKeys Identified Mail(DKIM) or Sender Policy Framework(SPF). Which enable domains to verify that an e-mail being recieved by a 3rd-party e-mail server is sent by a legitimate server within the domain.

Answer 238

A

netstat

Displays information on the current state of all the running IP processes on a system.

Answer 239

A

Internet Protocol Security (IPsec)

An authentication & encryption protocol suite that works at the internet/network layer & should become the dominant authentication & encryption protocol as IPv6 continues to roll out and replace IPv4.
- Works in 2 modes
  - Transport- Only the payload of the IP packet is encrypted. The source and destination IPs are still visible.
  - Tunnel- The entire IP packet is encrypted and then placed inside an IPsec endpoint, where it is then fully encapsulated inside another IP packet before being sent.

Answer 240

A

Packet Sniffer

A software tool that queries a network interface and collects packets.

Answer 241

A

Patch Antenna

Flat, plate-shaped antennas that generate a half-sphere shaped beam.

Answer 242

A

Time Domain Reflectometer (TDR)

A TDR can tell you where in a cable a break is.
- Optical TDR (OTDR)- Does the same thing for fiber optic cables.

Answer 243

A

Proxy Server

Sits in between clients and external servers, essentially pocketing the requests from the clients for server resources and making those requests itself.
Will cache information to increase response time and check for viruses.

Answer 244

A

IP Address Management (IPAM)

A software that includes at a minimum a DHCP server and a DNS server that are specially desinged to work with one another to administer IP addresses to a network and prevent syncing issues.

Answer 245

A

Protocol Analyzer

A program that processes capture files from packet sniffers and analyzes them based on your monitoring needs.

Answer 246

A

Network Attached Storage (NAS)

Essentially a dedicated file server that has its own file system & typically uses hardware and software designed for serving and storing files.

Answer 247

A

Differentiated Services

The underlying architecture that makes all of the QoS stuff work. The cornerstone of DiffServ is two pieces of data that go into every IP header on every piece of data.
- Differentiated Services Code Point (DSCP)
- Explicit Congestion Notification (ECN)
  - The first 6 bits are DSCP
  - ECN is a 2-bit field and can hold the following 4 values:
    1. 00= Not QoS aware (default)
    2. 01= QoS aware, no congestion
    3. 10= Qos aware, no congestion
    4. 11= Qos aware, congestion encountered

Answer 248

A

IIS-Internet Information Services

Microsoft’s web server program for managing web servers.

Answer 249

A

Multiplexer

Takes a circuit and combines it with a few hundred other circuits into a single complex cicuit on one wire.
- Demultiplexer- On the other end, this undoes the multiplexing.
- Modulation technique

Answer 250

A

Multi-Source Agreement

A document that details the interoperability of hardware components between various manufacturers.

Answer 251

A

Secure Copy Protocol (SCP)

One of the first protocols used to securely transfer data between two hosts.
Mostly replaced by SFTP

Answer 252

A

Encryption

Means to scramble, mix up, or change data in a way that someone with malicious intent can’t read it, but also be able to unsramble on the other end in a fairly easy manner.

Answer 253

A

IPv4

IPv4 is a 32-bit IP address spcae, creating about 4 billion IP addresses.

Answer 254

A

Application-TCP/IP Layer 4

Combines features of the Session, Presentation, & Application Layers of the OSI model.

Answer 255

A

SAT-Source Address Table

A table created internally by a switch in order to more effectively send data.
Stores MAC addresses.

Answer 256

A

SFP-Small Form-Factor Pluggable

A smaller modular tranceiver similar to GBIC, that supports all the same networking standards.

Answer 257

A

DNS-Domain Name System

Port 53 TCP & UDP
A system that translates domain names into IP addresses.
Needed to direct traffic to it’s destination.

Answer 258

A

1000BaseLX (Longer Range) Summary

Speed: 1000 Mbps
Signal: Baseband
Distance: 5 km or up to 70 km using repeaters
Cable Type: Single Mode Fiber using lasers & LC or SC connectors

Answer 259

A

Supervisory Control & Data Aquisition (SCADA)

A subset of ICS, and generally has the same basic components of a DCS, but differs in two very important ways:
- SCADA is designed for large-scale, distributed processes such as power grids, pipelines, and railroads.
- Due to the distance involved, a SCADA system must function with the idea that remote devices may or may not have ongoing communication with the central control.

Answer 260

A

Mantrap

An entryway with two successive locked doors and a small space between them providing one-way entry or exit.

Answer 261

A

Subscriber Identity Module (SIM)

Identifies the phone, enabling access to the cellular networks, and stores some other info.

Answer 262

A

H.323

Port 1720 TCP
A VOIP Standard that handles the initiation, setup adn delivery of VOIP sessions.
Competes with SIP

Answer 263

A

IP → Binary Conversion Challenge

Study partner choose an IP address and have the studee convert this to binary by hand.
Use a calculator to confirm after the studee completes this work by hand.

Answer 264

A

Coaxial Cable Types

Answer 265

A

Multiple Input/Multiple Output

Allows devices to make multiple simultaneous connections called streams.

Answer 266

A

SNMP-Simple Network Management Protocol

Port 161 & 162 UDP
Standard protocol for collecting & organizing infromation about managed devices on IP networks & for modifying that information to change device behavior.
Uses agents to collect network information from a Management Information Base(MIB), SNMPs version of a server.

Answer 267

A

Windows Domain

A group of computers controlled by a computer running Windows Server which is configured as a domain controller.

Answer 268

A

IP Packet_{consists of what?}

Only makes it to layer 3 OSI or Layer 2 TCP/IP

Destination IP (Type _{ie. IPv4 or IPv6})
Source IP
Destination Port
Source Port
Data _{minimum of 64 bytes}

Answer 269

A

Stream Cypher

Less Common
Typically faster
Takes a single bit at a time and encrypts on-the-fly.
More popular whenever data came in long streams (ie. older wireless networks or cell phones)

Answer 270

A

Wi-Fi Protected Access 2 (WPA2)

An update to the WPA protocol that uses the Advanced Encryption Standard (AES) algorithm, making it much harder to crack.

Answer 271

A

Authentication

To verify that whoever is trying to access the data is who you want accessing that data.

Answer 272

A

Internet Authentication Service (IAS)

The RADIUS server built in with most versions of Microsoft Windows Server operating systems.

Answer 273

A

When does disaster recovery come into play?

If an incident can no longer be contained, causing significant damage or danger to the immediate infrastructure.

Answer 274

A

Transport-TCP/IP Layer 3

Handles the communication between devices & the breaking down & packaging of information.
Chooses TCP/UDP
Portions of the Session & Transport Layers of OSI

Answer 275

A

Metric

A relative value that routers use when they have more than one route to get to another network.

Answer 276

A

Infrastructure Mode

Uses one or more WAPs to connect all nodes centrally.

Answer 277

A

MMF-Multi-Mode Fiber

A fiber optic cable that uses LEDs.
Experiences modal distortion, that is, signals sent at the same time don’t arrive at the same time because the paths differ slightly in length.
Cannot travel as far as Single Mode Fiber.

Answer 278

A

STP Types-Shielded Twisted Pair Types/Codes

F/= Foil surrounding all pairs
S/= Braid screen surrounding all pairs
SF/= Foil & Braid surrounding all pairs
U/= Nothing surrounding all pairs
/UTP= Nothing surrounding each pair
/FTP= Foil surrounding each pair

Answer 279

A

Latency

When data stops moving for a moment due to an AP being unable to do the work.

Answer 280

A

PAT-Port Address Translation

The most common type of NAT
Uses port numbers to map traffic from specific machines in the network.

Answer 281

A

Public-Key Cryptography

Used for encryption
Has two keys. A public and a private that are different.
The private key is kept on the computer that creates the keys and used to decrypt the data once recieved.
The public key is sent to a user that will use it to encrypt data before it is sent.

Answer 282

A

Secure Hash Algorithm (SHA)

Used commonly in integrity
Has different versions
- SHA-1 (considered unsecure now)
- SHA-2 (most commonly used and has different versions within it)
  - SHA-224 –> SHA-2 with a 224-bit checksum
  - SHA-256 –> SHA-2 with a 256-bit checksum
  - SHA-384 –> SHA-2 with a 384-bit checksum
  - SHA-512 –> SHA-2 with a 512-bit checksum
- SHA-3 (built for the future but not yet widely used, also has different versions)
  - SHA3-224
  - SHA3-256
  - SHA3-384
  - SHA3-512

Answer 283

A

HTML-Hypertext Markup Language

An ASCII-based script-like language for creating hypertext documents like those on the World Wide Web.
The current version is HTML5

Answer 284

A

Packet Flow Monitoring

Used for monitoring traffic between 2 devices.

Answer 285

A

Real-Time Streaming Protocol (RTSP)

A protocol that takes advantage of RTP by running on top of it.
It has many features beneficial to streaming video, such as the following:
- Run
- Pause
- Stop
TCP 554

Answer 286

A

Software Defined Networking (SDN)

Cuts the control plane of the individual devices out of the picture and lets an all-knowing program called the network controller dictate how both the physical and virtual network components move traffic through the network.

Answer 287

A

Infrared (IR)

Consists of a device that emits coded infrared light, and a second device that reads the code & acts upon it.

Answer 288

A

Syncronus Optical Network (SONET)

An american fiber carrier standard for connecting fiber-optic transmission systems.
SONET was proposed in the mid-1980s and is now an ANSI standard.
SONET defines the standards at the physical layer of the OSI 7-Layer Model.

Answer 289

A

Tunnel Broker

A vendor that creates the actual tunnel and usually offers a custom-made endpoint client for you to use.

Answer 290

A

Distance Vector

When a router calculates the total cost to get to a network ID and compare that cost to the total cost of all other routes to get to that same network ID. The router then chooses the route with the lowest cost.

Answer 291

A

Management Infomration Base (MIB)

Used to categorize the data that can be queried using SNMP.

Answer 292

A

Service Set Identifier (SSID)

A standard name applied to the BSS or IBSS to help a connection happen.

Answer 293

A

Optical Carrier (OC)

Standards that denote the optical data-carrying capacity (in bps) of fiber-optic cables in networks conforming to the SONET standard.

Answer 294

A

Banner Grabbing

Having found an open port, a malicious user may probe a host’s open ports to learn details about running services. Potentially gaining additional information & access in the process.

Answer 295

A

SIP-Session Initiation Protocol

Port 5060 TCP & UDP
Port 5061 TCP over TLS
A signaling protocol for controlling voice & video calls over IP.
Competes with H.323 for dominance.
Runs on top of RTP

Answer 296

A

Network Layer-OSI Layer 3

Communicates using IP packets
Routers
Sometimes switches

Answer 297

A

Network Access Policy

Defines who may access the network, how they may access the network, and what they can access.

Answer 298

A

Cloud Delivery Models

Public Cloud- Used to describe software, platforms, and infrastructure delivered through networks that the general public can use.
Private Cloud- When a business wants some of the flexibility of the cloud, needs complete ownership of its data, and can afford both, it can build an internal cloud the business owns.
Community Cloud- Like a private cloud paid for and used by more than one organization.
Hybrid Cloud- Created by connecting some combination of public, private, and community clouds, allowing communication between them.

Answer 299

A

Authorization

Defines what an authenticated person can do with data.

Answer 300

A

EGP-External Gateway Protocol

A generic name for how autonomous systems communicate with one another.

Answer 301

A

Physical Wireless Issues

Absorbtion- Non-metallic building materials such as brick or sheetrock absorb radio signals, greatly reducing or in some cases eliminating Wi-Fi signal completely.
Reflection- Metallic materials like pipes, radiators, metal doors and window frames will reflect radio waves, sending them in unexpected directions.
Refraction- Glass or anything that bends radio waves as the waves pass through them.

Answer 302

A

Authentication, Authorization, & Accounting (AAA)

Designed for the idea of port authentication—The concept of allowing remote users authentication to a particular point of entry (a port) to another network.

Answer 303

A

Privileged User Agreement Policy

A privileged user has access to resources just short of those available to administrators.

Answer 304

A

Access Control List (ACL)

A clearly defined list of permissions that specifies what an authorized user may perform on a shared resource.

Answer 305

A

Protocol Abuse

Anytime you do things with a protocol that it wasn’t meant to do and it ends up creating a threat.

Answer 306

A

Platform as as Service (PaaS)

Gives programmers all the tools they need to deploy, administer, nd maintain a web application.

Answer 307

A

Security Policy

A written document that defines how an organization will protect its IT infrastructure.

Answer 308

A

CAT Cabling

Answer 309

A

Layer 2 Tunneling Protocol(L2TP)

Took all the good features of PPTP and a Cisco protocol called Layer 2 Forwarding (L2F) and then added support to run on almost any type of connection.
Also changed the endpoint for the site you are connecting to from a server program to a VPN capable router.
- Called a VPN Concentrator
Has no authentication or encryption, but instead uses IPsec for all security needs.

Answer 310

A

SFTP-SSH File Transfer Protocol

Port 22 TCP & UDP
Provides file access, transfer & management over any reliable data stream. It uses SSH to do this in a secure way.

Answer 311

A

Point-to-Point Protocol (PPP)

Enables two point-to-point devices to connect, authenticate with a username/password, and negotiate the network protocol the two devices will use.
Comes with two methods of user authentication:
- Original- Password Authentication Protocol (PAP)- Simply transfers the UN/PW over the connection in plaintext.
- Safer- Challenge Handshake Authentication Protocol (CHAP)- Relies on hashes based on a shared secret, usually a pssword that both ends of the connection know.
  - When the initiator of the connection makes the initial request, the authenticator creates some sort of challenge message.
  - The initiator then makes a hash using the password and sends that to the authenticator.
  - The authenticator, in turn, compares that value to its own hash calculation based on the password.
  - If they match, the intitiator is authenticated.
MS-CHAP- Microsoft’s version of this protocol, is the most secure.

Answer 312

A

Basic Service Set (BSS)

In wireless networking, a single access point servicing a given area.

Answer 313

A

Botnet

A group of computers under the control of one operator, used for malicious purposes.
- Compromised systems within a botnet are called zombies.

Answer 314

A

Memorandum of Understanding (MOU)

A document that defines an agreement between two parties in situations where a legal contract wouldn’t be appropriate.

Answer 315

A

DNS Security Extensions (DNSSEC)

An authorization integrity protocol designed to prevent bad guys from impersonating DNS servers.

Answer 316

A

Routing and Remote Access Service(RRAS)

A specila remote access server program on a remote Windows server that acts as the server endpoint in a PPTP connection.

Answer 317

A

Regional Internet Registries (RIR)

Passes out IPv6 addresses

Brainscape's Knowledge GenomeTM

Network+ Study Cards Flashcards

Brainscape's Knowledge Genome^TM