Networking Basics & Terms Flashcards
What is a Hub?
The hub is a layer-1 device that simply receives a signal from one system and then sends the signal to all other ports on the hub.
Why are Hubs a security risk?
The drawback to the hub is that it uses up bandwidth by sending the data to every port on the hub. The other drawback to a network hub is that it is a security issue if all systems on the network receive the data—although they ignore the data because it is not for them.
What is a Switch?
A network switch is similar to a network hub in that it is used to connect all systems together in a network environment, but the difference is that a switch is a layer-2 device that filters traffic by the layer-2 address.
(Remember from the Network+ exam that the layer-2 address is the MAC address, or hardware address, that is assigned to the network card by the manufacturer.)
The switch is able to filter the traffic because it stores the MAC addresses of each system connected to the switch, and what port that system is connected to, in the MAC address table. The MAC address table is a table stored in memory on the switch and is responsible for tracking what ports each system is connected to
What other benefits do Switches provide?
Filtering: As mentioned, a switch filters traffic, which prevents others from capturing and viewing potentially confidential information.
Port mirroring: Port mirroring, also known as port monitoring, is a feature of some switches that allows the administrator to copy traffic from other ports to a single destination port (known as a monitoring port).
Port security: Port security is a feature of a network switch that lets you configure a port for a specific MAC address.
Disable ports: It is a security best practice that if you have ports on the switch that are not being used, you should disable them so that they cannot be used
Collision Domains: A collision domain is a group of networked systems that share the same network segment and therefore can have their data collide with one another.
VLANs: The purpose of a VLAN is to create multiple networks within the one network switch.
What is a Router?
A router is a layer-3 device of the OSI (open systems interconnection) model that is responsible for routing, or sending, data from one network to another network. The router uses a routing table that resides in its memory to determine the networks that the router knows how to send data to.
What is a Load Balancer?
A load balancer is a device that is designed to split the load between components such as servers or routers. Load balancing is the concept of trying to improve performance.
What is a Firewall?
A firewall is a network device that controls what traffic is allowed to enter or leave the network. The firewall filters traffic based on rules you place on the firewall indicating what traffic is allowed or not allowed to enter or leave the network. You typically start with a deny-all rule that states all traffic is denied, unless you specify otherwise by building a rule for a specific type of traffic.
What is a Proxy?
A proxy server is a type of firewall, but it is typically associated with being able to control outbound communication by limiting what web sites an employee can visit. Proxy servers also perform a high level of logging so that the administrator can see what sites are visited each day.
What is Network Cabling and what are the primary type?
Cabling is the transmission medium for data sent between hosts on the LAN. The three primary types of cable media that can be used to connect systems to a network are coaxial cable, twisted-pair cable, and fiber-optic cable
What is Coaxial Cabling and what are the two types?
One strand (a solid-core copper wire) runs down the middle of the cable. Around that strand is a layer of insulation, and covering that insulation is braided wire and metal foil, which shields against electromagnetic interference. A final layer of insulation covers the braided wire. Because of the layers of insulation, coaxial cable is more resistant to outside interference than other cabling such as unshielded twisted-pair (UTP) cable.
The two types of coax cabling are thinnet and thicknet. The two differ in thickness and maximum cable distance that the signal can travel
What is Thinnet?
This refers to RG-58 cabling, which is a flexible coaxial cable about ¼-inch thick. Thinnet is used for short-distance communication and is flexible enough to facilitate maneuvering between workstations. Thinnet connects directly to a workstation’s network adapter card by using a British naval connector (BNC) and uses the network adapter card’s internal transceiver. The maximum length of thinnet is 185 meters.
What is Thicknet?
Also known as RG-8 coax. Thicknet cable is about ½-inch thick and can support data transfer over longer distances than thinnet. Thicknet has a maximum cable length of 500 meters and usually is used as a backbone to connect several smaller thinnet-based networks. Due to its ½-inch thickness, this cable is harder to work with than thinnet cable. A transceiver often is connected directly to the thicknet cable by using a connector known as a vampire tap. Connection from the transceiver to the network adapter card is made using a drop cable to connect to the adapter unit interface (AUI) port connector.
What is Twisted Pair Cabling?
Twisted-pair cabling gets its name from having four pairs of wires that are twisted to help reduce crosstalk or interference from outside electrical devices. Crosstalk is interference from adjacent wires.
What is Unshielded Twisted Pair Cabling?
UTP cables are familiar to you if you have worked with telephone cable. The typical twisted-pair cable for network use contains four pairs of wires. Each member of the pair of wires contained in the cable is twisted around the other. The twists in the wires help shield against electromagnetic interference. The maximum distance of UTP is 100 meters.
UTP cable uses small plastic connectors designated as registered jack 45, most often referred to as RJ-45. RJ-45 is similar to the phone connectors, except that instead of four wires, as found in the home system, the network RJ-45 connector contains eight contacts, one for each wire in a UTP cable.
It can be easy to confuse the RJ-45 connector with the RJ-11 connector. The RJ-11 connector is a telephone connector. An RJ-11 connector has four contacts; hence, there are four wires found in the telephone cable. With RJ-45 and RJ-11, you will need a special crimping tool when creating the cables to make contact between the pins in the connector and the wires inside the cable.
UTP cable is easier to install than coaxial because you can pull it around corners more easily due to its flexibility and small size. Twisted-pair cable is more susceptible to interference than coaxial, however, and should not be used in environments containing large electrical devices.
What is Straight Through Cabling?
CAT 5 UTP cabling usually uses only four wires when sending and receiving information on the network. The four wires of the eight that are used are wires 1, 2, 3, and 6. When you configure the wire for the same pin at either end of the cable, this is known as a straight-through cable.
What is a Crossover Cable?
At some point, you may need to connect two computer systems directly together without the use of a switch (or hub) from network card to network card. Or you may find you need to connect one switch to another switch. In any scenario where you are connecting similar devices together, you would be unable to use a straight-through cable because the transmit pin on one end would be connected to the transmit pin on the other end.
What is Shielded Twisted Pair Cabling?
STP cable is very similar to UTP cabling, but it differs from UTP in that it uses a layer of insulation within the protective jacket, which helps maintain the quality of the signal.
What is Fiber Optic Cabling?
Fiber-optic cabling is unlike coax and twisted-pair because both of those types of cabling use a copper wire that carries the electrical signal. Fiber-optic cables use optical fibers that carry digital data signals in the form of modulated pulses of light. An optical fiber consists of an extremely thin cylinder of glass, called the core, surrounded by a concentric layer of glass, known as the cladding. There are two fibers per cable—one to transmit and one to receive. The core also can be an optical-quality clear plastic, and the cladding can be made up of gel that reflects signals back into the fiber to reduce signal loss.
The two types of fiber-optic cables are single-mode fiber (SMF) and multimode fiber (MMF):
image
Single-mode fiber Uses a single ray of light, known as a mode, to carry the transmission over long distances
image
Multimode fiber Uses multiple rays of light (modes) simultaneously, with each ray of light running at a different reflection angle to carry the transmission over short distances
Fiber-optic cable supports up to 1,000 stations and can carry the signal up to and beyond 2 kilometers. Fiber-optic cables are also highly secure from outside interference such as radio transmitters, arc welders, fluorescent lights, and other sources of electrical noise. On the other hand, fiber-optic cable is by far the most expensive of these cabling methods
Fiber-optic cables can use many types of connectors, but the Security+ exam is concerned only with the two major connector types: the straight-tip (ST) connector and the subscriber (SC) connector. The ST connector is based on the BNC-style connector but has a fiber-optic cable instead of a copper cable. The SC connector is square and somewhat similar to an RJ-45 connector.
What is an IP Address?
The IP address is a 32-bit value that uniquely identifies the system on the network (or the Internet). An IP address looks similar in appearance to 192.168.1.15. The four decimal values in an IP address are separated by decimal points. Each value is made up of 8 bits (1’s and 0’s), so with four decimal values, 8 bits × 4 = the 32-bit address.
Since each of the decimal values is made up of 8 bits (for example, the 192), we refer to each of the decimal values as an octet. Four octets are in an IP address. It is very important to understand that the four octets in an IP address are divided into two parts—a network ID and a host ID. The subnet mask determines the number of bits that make up the network ID and the number of bits that make up the host ID. Let’s see how this works.
IP is a layer-3 protocol of the OSI model and is responsible for logical addressing and routing.
What is a Subnet Mask?
When looking at a subnet mask, if there is a 255 in an octet, then the corresponding octet in the IP address is part of the network ID. For example, if I had an IP address of 192.168.1.15 and a subnet mask of 255.255.255.0, the first three octets would make up the network ID, and the last octet would be the host ID. The network ID assigns a unique address to the network itself, while the host ID uniquely identifies the system on the network.
What is a Default Gateway?
The default gateway is the IP address of the router that can send data from your network.
What are Address Classes?
Every IP address belongs to a distinct address class. The Internet community defined these classes to accommodate networks of various sizes. The class to which the IP address belongs initially determines the network ID and host ID portions of the address, along with the number of hosts that are supported on that network. The different class addresses are named class A, class B, class C, class D, and class E.
What is a Class A Address?
A class A address has a default subnet mask of 255.0.0.0, which means that the first octet is the network ID and the last three octets belong to the host ID portion of the address. Each octet can contain 256 possible values (0–255), so a class A address supports 16,777,216 hosts on the network (256 × 256 × 256). Actually, there are only 16,777,214 valid addresses to use on systems because two addresses are reserved on each IP network: the addresses with all host bits set to 0’s (the network ID) and with all host bits set to 1’s (the broadcast address). So with a class A address, you will not be able to assign n.0.0.0 or n.255.255.255 (where n is your network ID) to any hosts on the network.
You can always identify a class A address because the value of the first octet falls between 1 and 126. An address that starts with 127 is a class A address as well, but you are not allowed to use any address that starts with 127 because it is reserved for the loopback address.
Summary: Class A addresses have an IP address in which the first octet is between 1 and 126. Class A addresses also have a default subnet mask of 255.0.0.0. Also note that this subnet mask can be displayed as a /8 at the end of the address—for example, 12.0.0.10/8 means that the first eight bits make up the subnet mask.
What is a Class B Address?
Class B addresses have a default subnet mask of 255.255.0.0, which means that the first two octets are the network ID and the last two octets are the host ID portion of the address. This means that we can have 65,536 hosts (256 × 256) on the network. Oh, but wait! Don’t forget to take off the two reserved addresses, so that gives us 65,534 addresses that can be assigned to hosts on the network.
Due to the number of hosts that are supported on a class B address, you usually find that a medium-sized company has a class B address. You can identify a class B address because the first octet starts with a number that falls between 128 and 191.
Summary: Class B addresses have an IP address in which the value of the first octet is between 128 and 191. Class B addresses have a default subnet mask of 255.255.0.0 or can be displayed as /16 at the end of the address.
What is a Class C Address?
Class C addresses have a subnet mask of 255.255.255.0, which means that the first three octets are the network ID and the last octet is the host ID. Having only one octet as the host ID means that a class C address can support only 254 hosts (256 – 2) on the network.
You can identify a class C address because it has a value for the first octet that ranges between 192 and 223. For example, an IP address of 202.45.8.6 is a class C address because 202 falls between 192 and 223. We also know that this system has a subnet mask of 255.255.255.0 because it is a class C address.
Summary: Class C addresses have an IP address in which the value of the first octet is between 192 and 223. In addition, class C addresses have a default subnet mask of 255.255.255.0, which can be displayed as /24 at the end of the address.
What is a Class D Address?
Class D addresses are used for special types of applications on the network known as multicasting applications. Multicasting applications send data to a number of systems at the same time by sending data to the multicast address, and anyone who has registered with that address will receive the data. A multicast address is what class D addresses are used for, so you will not be assigning them specifically to hosts on the network for normal network communication.
Class D addresses have a value in the first octet that ranges from 224 to 239. With that many ranges, class D has the potential for 268,435,456 unique multicast groups that users can subscribe to from a multicast application.
What is a Class E Address?
The funny thing about class E addresses is that they were designed only for experimental purposes, so you will never see a class E address on a network. Class E addresses have a first octet with a value that falls in the range of 240 to 247.
What is a Loopback Address?
The loopback address is used to refer to the local system, also known as the localhost. If you want to verify that the TCP/IP software has initialized on the local system even though you may not have an IP address, you may ping the loopback address, which is typically referred to as 127.0.0.1.
What is a Private Address?
A private address is an address that can be assigned to a system but cannot be used for any kind of Internet connectivity. The private addresses are nonroutable addresses, so any system using them will be unable to function off the network. The following are the three address ranges that are the private address ranges:
–> 10.0.0.0 to 10.255.255.255
–> 172.16.0.0 to 172.31.255.255
–> 192.168.0.0 to 192.168.255.255
Being unable to route data across the Internet when using these addresses will not pose a problem, because realistically, you will have these private addresses sitting behind a network address translation (NAT) server that will translate the private address to a public address that can be routed on the Internet.
What is Automatic Private IP Addressing?
Windows clients support a feature known as automatic private IP addressing (APIPA), which is a feature that provides that when a client cannot contact a DHCP server, Windows clients configure themselves automatically with a 169.254.x.y address. If something is wrong with the DHCP server and all the systems on the network cannot obtain an address from the DHCP server, the clients will all assign themselves an address within the 169.254 address range and then be able to communicate with one another.
APIPA does not assign a default gateway, so you will be unable to access resources on a remote network and the Internet—but you can still communicate with systems on your network. When troubleshooting to find out why a machine cannot communicate on the network, watch for systems that have the 169.254.x.y address range because it means they could not find a DHCP server.
What are Illegal Addresses?
An illegal address is an address that is not allowed to be assigned to a host on the network such as a system or router. From a certification exam point of view, you need to be able to identify these illegal addresses. The following are considered illegal addresses:
- -> Any address starting with 127 An IP address that starts with 127 is reserved for the loopback address and cannot be assigned to a system. An example of this type of illegal address is 127.50.10.23.
- ->All host bits set to 0 You are not allowed to assign a system an IP address that has all of the bits in the host ID portion set to 0 because this is the network ID. An example of this type of illegal address is 131.107.0.0.
- -> All host bits set to 1 You are not allowed to assign a system an IP address that has all the host bits set to 1 because this corresponds to the broadcast address of the network. An example of this type of illegal address is 131.107.255.255.
- -> A duplicate address You are not allowed to assign a system an address that another system is using because this results in a duplicate IP address error.
What is the Transmission Control Protocol?
The Transmission Control Protocol (TCP) is responsible for providing connection-oriented communication and for ensuring delivery of the data (known as reliable delivery).
Connection-oriented communication involves first establishing a connection between two systems and then ensuring data sent across the connection reaches the destination. TCP will make sure that the data reaches its destination by retransmitting any data that is lost or corrupt. TCP is used by applications that require a reliable transport, but this transport has more overhead than a connectionless protocol because of the construction of the session and the monitoring and retransmission of any data across that session.
Another factor to remember about TCP is that the protocol requires that the recipient acknowledge the successful receipt of data. Of course, all the acknowledgments, known as ACKs, generate additional traffic on the network, which reduces the amount of data that can be passed within a given time frame. The extra overhead involved in the creation, monitoring, and ending of the TCP session is worth the certainty that TCP will ensure that the data will reach its destination.
TCP ensures that data is delivered by using what known as sequence numbers and acknowledgment numbers. A sequence number is a number assigned to each piece of data that is sent. After a system receives a piece of data, it acknowledges that it has received the data by sending an acknowledgment message back to the sender, with the original sequence number being the acknowledgment number of the reply message.
