Random Flashcards
In STP port states, what is Blocking?
Not forwarding to prevent a loop
I’m STP port states, what is Listening?
Not forwarding and cleaning the MAC Address
I’m STP port states, what is Forwarding?
Data passes through and is fully operational
What designates the interface closest to the singular Root Bridge (Root of the network)
Root Server
Root Guard
Root Interface
Root Port
Root Port
Power provided by an Ethernet Cable. One wire for both network and electricity
Power over Ethernet (PoE)
For IPV6, a broadcast is sent across all devices in order to build an ARP
False, IPV6 uses multicast (no broadcasts) and there is no ARP in IPV6
What is Neighbor MAC Discovery?
Replaces IPv4 ARP.
1.Work station A sends a Neighbor Solicitation (NS) multicast on the network with the destination MAC address.
2. Whichever work station matches that MAC address will then accept.
3. It sends back a Neighbor Advertisement (NA) to inform the first work station of the receipt.
Which 802.11 standards support 5 GHz and what are their max theoretical throughput per stream/total?
•802.11a- 54 Mbits
•802.11n (4 x MIMO)150mbits, 600 Mbits
•802.11ac (8 x DL MU-MIMO)- 867 Mbits, 6.9 Gbits
•802.11ax (8 x DL and UL MU-MIMO)- 1,201mbits, 9.6 Gbits
What OSI layer does Application encryption (SSL/TLS) occur?
Later 6 Presentation
What are the RFC 1918 private IPv4 addresses?
10.0.0.0 - 10.255.255.255
172.16.0.0 - 172.31.255.255
192.168.0.0 - 192.168.255.255
What is the lowest amount a payload can be?
46
1426
60
1526
46
Carrier Sense Multiple Access Collision Detection (CSMA/CD) communicates with full duplex,
False, CSMA/CD uses half duplex. If 2 frames are sent from different devices at the same time a collision occurs and a jam signal is sent to all devices to wait a random amount of time before being able to send frames.
This is configured on a trunk port and Carries traffic for multiple VLAN’s. These frames are not tagged when transmitted over the trunk link.
Native VLAN
VLAN assigned to switch port when it is not assigned to a specific VLAN
Default VLAN
will tag outgoing frames and remove the tag on incoming frames.
Trunk ports
802.3x
Power over Ethernet
Pause frame
Disassociation
STP
Pause frame, used for flow control
What are some MDIX devices?
Switches
Hubs
NICs
1,3
2,6
4,7
5,8
Crossover cable pins
Transmit +
Transmit -
Receive +
Receive -
1
2
3
6
Improves signal quality, Increases signal strength/speed and allows you to transmit and receive multiple data streams simultaneously through antennas
Multiple-input-multiple-output (MIMO)
Allows a wireless access points (WiFi router) to communicate simultaneously with multiple client devices.
MU-MIMO
As opposed to MIMO which can only do 1 device at a time.
Divides wireless communication into sub channels which each user gets their own set of to use, allowing many users on the network at the same time without interfering with one another
Orthogonal Frequency Division Multiple Access (OFDMA)
802.11g can use up to 40mhz
False, A, B, G can only use 20 mhz
N- 20,40,60,80,
AC- 20,40,60,80,80+80,160
AX- 20,40,60,80,80+80,160
This type of network allows devices to connect to each other dynamically to form a temporary network without connecting to a central device
Ad hoc (peer to peer) - devices can communicate to each other directly without a centralized infrastructure like a router or access point (WiFi commonly)
2 devices communicating directly to each other using 802.11 without an access point required
IBSS- Independent Basic Service Set
SSID is the name of the wireless network and BSSID is the hardware address of an access point.
True! SSID is like the name of your WiFi (Lizard King) and BSSID is the physical hardware. The SSID will be the same but you may auto configure to a different BSSID depending on location
What is an Extended Service Set Identifier (ESSID)?
It allows you to roam from one physical AP (BSSID) while remaining on the same network/WiFi (SSID) to another AP (BSSID) automatically. Connected multiple BSSID’s to a singular SSID.
What are Omnidirectional antennas?
Evenly distributed signal on all sides. Very common and used on access points. Rubber duck.
Cannot focus a signal to a direction
Which antenna below is directional:
Omnidirectional
Yagi
Parabolic
Yagi- medium directional signal/gain, tree branch like with dipole in middle, medium range
Parabolic- focus the signal to a single point, very directional, dish shaped with a central feed (dipole), long range
What masks are in 240 CIDR?
/4
/12
/20
/28
What masks are in a 192 CIDR?
/2
/10
/18
/26
What are the CIDR notation numbers?
128
192
224
240
248
252
254
255
Compress this IPV6 address:
2600:DDDD:1111:0001:0000:0000:0000:0001
2600:DDDD:1111:1::1
Remove leading 0’s
Group of 0’s can be abbreviated with double colons
Name an availability percentage and it’s annual downtime.
99.9999 - 00:00:32
99.999 - 00:05:15 (5 9’s)
99.99 - 00:52:34
99.9 - 08:45:36
99.0 - 87:36:00
What is the Mean Time Between Failure (MTBF) and how is it different than the Mean Time To Failure (MTTF)
MTTBF= devices multiplied by total time, divided by failures
MTTF= device multiplied by total time, divided by devices
IPv4 has a TTL and IPv6 uses hop limit to avoid packets looping forever.
True
0.0.0.0/0
Default gateway
Default local address
Default route
Default dns suffix
Default Route
Describe Distance Vector routing protocols and give examples.
Makes forwarding decisions based on how many hops
•RIP (Routing Info Protocol)
-v1 has 15 hops
-v2 has 16 hops
•EIGP (Enhanced Interior Gateway Routing Protocol)
Which routing protocol is the most scalable and used in large networks?
Link state
DV
Rip
BGP
Link State. Makes forwarding decisions based on speed.
•OSPF (Open Shortest Path First)
What is BGP (Border Gateway Protocol)
Determines route based on paths, network policies or configured set of rule sets
Centralized management of access points: reporting, configuring/changing, security/monitoring, and adding new AP’s
Wireless LAN Controller
Connects different physical networks and topologies with 2-4 ports distributing traffic based on MAC addresses
Bridge
WPA (Wifi Protected Access)
RC4 with TKIP
-Initialization Vector (IV) is a larger and encrypted hash
-every packet gets a unique 128 but encryption key
Security protocol that uses per packet mixing to dynamically modify the encryption key used for each packet
TKIP (Temporal Key Integrity Protocol) used in WPA and combined with RC4
Replaced by AES algorithm for WPA2 and 3
Standard for securing wireless networks that utilizes AES for data confidentiality, integrity and authentication within CCMP block cipher mode
WPA2 (WiFi Protected Access 2)
Provides authentication and encryption
Widely used Symmetric(same key is used to encrypt/decrypt) for protecting data confidentiality and integrity in various applications.
AES (Advanced Encryption Standard)
-resistance to cryptographic attacks like brute force
-Block Cipher
-encryption algorithm used within WPA2 and WPA3
Latest generation of WiFi security protocol that utilizes data confidentiality with AES, MIC, and GCMP
WPA3,
Stronger than WPA2
Encryption and authentication protocol that combines GMAC (Galois Message Authentication Protocol) for MIC and AES for confidentiality
GCMP (Galois/Counter Mode Protocol)
WPA3
SAE (Simultaneous Authentication of Equals) using a Diffie Hellman key exchange combined with everyone using a different session key
Dragon Fly Handshake
Used in WPA3
changes the PSK authentication process with mutual authentication which creates a shared session key without it going across the network.
WPA3
AES
WPA2
TKIP
WPA3
What are some home wireless security modes and some used for businesses?
Home:
WPA2/3 Personal /WPA2/3-PSK (everyone uses same pre shared key)
Business:
WPA2/3 Enterprise /WPA2/3-802.1x (authenticates users individually through an authentication server like radius)
If I didn’t need any security for my wireless AP what mode would I have it in?
WPA
WPA2
WEP
Open System
Open System- no authentication password is required.
Allows callers to communicate at the same time with each call using a different code that filters each call on the receiving side
CDMA (Code División Múltiple Access)
First performance metric we typically look at and determines how much work a device is doing
CPU
What are 3 Bandwidth monitor tools that will have network statistics and show the amount of network being used over time?
SNMP, Netflow, sFlow, IPFIX
What tool would I use to determine if latency is coming from an application or if it is from the network?
Packet Capture- can analyze each response times with an analyzer tool inside of it.
Ex. Wireshark, tcpdump
Metric used in SNMP
MIB II or MIB (Management Information Base)
When using SNMP to monitor the interface, what are 3 things being monitored?
•Link Status- up or down
•Error Rate- signal problems
•Utilization- network usage, run bandwidth tests
•Packet Drops (Discards)
•Interface Resets- Queued packets
•Speed and Duplex
Lemon Eels Under Pirates Red Sails
T568A
White Green
Green
White Orange
Blue
White Blue
Orange
White Brown
Brown
CAT5 is 1000BASE-T
False, Cat 5 ID 100BASE-TX (fast Ethernet)
Cat 5e is 1000BASE-T
Both have 100MHz frequency
100BASE-SX uses 100megabjt Ethernet over fiber, cheap uses LED and has a max distance of 300 meters
True
Multi mode fiber, laser components, 400 meters (half duplex) 2kilometers (full duplex)
100BASE-FX
1000BASE-LX is multi mode, users lasers and is 400 meters half duplex and 2kilometers full duplex
False, that is 100BASE-FX
1000BASE-LX is Gigabit instead of megabit
Multi mode 550m
Single mode 5 kilometers
1000BASE-SX
Gigabit, short wavelength laser, multi mode and 220 to 550m
10GBASE-SR Vs 10GBASE-LR
SR is multi mode 26-400meters
LR is single mode 10 kilometers
Shows how many packets were sent and received as well as the round trip time
Ping, tests reach ability (hosts), uses ICMP and is a primary trouble shooting tool
What would IPconfig/ifconfig show me?
DNS suffix
IPv4/6 address
Subnet mask
Default gateway
Tcp/ip network adapter information
What Is contained inside MIB’s
Object identifiers (OIDs) uniquely identify managed objects and help monitor and control network devices that are referenced by name or number
Ex. .iso(1).org(3).dod(6)
This contains bulk transfers, data enhancements while having message integrity, authentication, and encryption
snmp v3
SIEM
is a central logging receiver integrated into Syslog
Gathers traffic (packets) statistics from shared communication between devices using a probe and collector
NetFlow
Botnet attack
Distributed Denial of Service Attack (DDOS)
Common Plan Procedures
Disaster Recovery Plan
COOP
System Life Cycle
SOP
SLA
MOU
NDA
Determines existing wireless landscape by showing access points and existing frequencies
Site Surveys
Heat Maps
Identify wireless signal strengths in an area/building
Many different clients are using the same cloud infrastructure
Multitenancy
Encrypted access to a virtual private cloud, what would you use?
VPN
What service is basic application usage: apps run on a remote server, VDI, local device is a keyboard, mouse and screen, minimal operating system on the client (no huge CPU), network connecivity is most important: big network requirement, everything over the wire
Desktop as a Service
No special networking hardware needed, usually integrated with an existing Fibre Channel infrastructure, not for cable
Infiniband
Fibre channel over Ethernet
Iscsi
Fibre channel
Fibre Channel over Ethernet
RFC standard that makes a remote disk look and operate like a local disk with drivers available for many OS without any hardware needed
Iscsi
Requires a lot of bandwidth, can use an isolated network and high speed network technologies
SAN- looks and feels like a local storage device
High speed storage technology that servers (initiators) connect to and need an FC interface
FC
FC over Ethernet
PoE
PoE +
Fibre Channel (FC)
Redundancy is maintaining uptime in the case of a failure
False, Fault Tolerance
Server farms with load balancing and network paths are examples of single device fault tolerance
False. Those are multiple device fault tolerance.
Single device would be RAID, redundant power supplies, redundant NIC’s
Redundancy
Having multiple components so if one component fails, your system can use another component
Extra disk in case one fails
RAID (Redundant Array of independent Disks)
This will Aggregate bandwidth; has redundant paths with multiple network adapters
NIC Teaming (also called Load Balancing/Failover LBFO)
NIC’s talk to each other through multicast
Combining multiple data streams over network connections into a single higher capacity link.
Increases bandwidth and efficiency by pooling resources and distributing traffic across those links for performance, redundancy and load balancing.
Multiplexing
Mímo
Mu mimo
Aggregate
Aggregate
A Generator is a short term power backup
False, it is a long term
What is Active-passive network redundancy?
2 devices are installed and configured, only one operates at a time, if one fails the other takes over
Computer configured with a single default gateway
FHRP (First Hop Redundancy Protocol)
Also called Hot Router
What protocol allows devices to use a virtual IP for the default gateway, if a router disappears another one takes it’s place
VRRP ( Virtual Router Redundancy Protocol)
What 3 things comprise Confidentiality?
•Encryption
•Access Controls- restrict access to resource
•Steganography- info concealed within another info
Information being accessible to authorized users, Redundancy, Fault Tolerance and Patching are which if the Triad?
Availability- systems and network must be up and running
Non-repudiation
Proof someone sent something
What is in the Core infrastructure?
Web servers, database, applications
cloud based architecture, splits functions into separate logical units, extends functionality and management of a device
SDN (Software Defined Networking)
What does the infrastructure layer/data plane do?
Real work if networking. Processes network frames, packets, forwarding, trunking, encryption etc.
Routing protocols, routing tables, switching tables are in which of the SDN planes?
Control Plane
In SDN what are all the planes?
Data Plane
Control Plane
Application Plane
mesh topology of switches and routers that optimized east -west traffic flow within a data center
Spine Layer
Commonly used network design in data centers to connect servers and network devices
Top of Rack (ToR) switch is placed at the top of each rack or cabinet providing connectivity to the devices within it.
Pointer Records are human readable text information
False, that is Text records
Pointer records are the reverse of an A or AAAA/reverse dns lookup
A name that handles multiple services, one physical server
CNAME (Canonical Name)
Describes DNS zone details
SOA (Start of Authority)
Top level of the DNS hierarchy that provides resolution of domain names to IP addresses
DNS Host file
Dns root server
SOA
DNS Root Port
DNS root server
Where does Authoritative dns query comes from?
Source file
Host file
Root server
Root port
Source file,
non authoritative comes from the cache
Name 3 Top Level Domains
.com
.net
.edu
.org
adds integrity and encryption
AH, only integrity
ESP does both
Name 2 Database port #’s
Tcp 1433 ms sql
Tcp 1521 oracle sql net
Tcp 3306 my sql
What port is LDAP?
389
339
587
589
Tcp 389- store info in network directory
UDP 514
Syslog consolidates all device logs inside a SIEM with a lot of storage space
FTP Control tells the system which file to send
Port 21
Tcp 20
FTP active mode, transferring file has authentication functionality with username and password
IMAP over tls
Port 993
Tcp 995
Pop3 over tls
Tcp 587
SMTP using TLS
Dual Stack Routing
Allows routers and devices to communicate using IPv6 and IPv4 simultaneously with dynamic routing protocols with separate routing tables within it
Teredo tunnels IPv4 through NAT’d IPV6 network
False, IPv6 through IPv4
Miredo does the same but on more operating systems
Rights are gained implicitly and windows uses groups to provide this
RBAC (Role Based access control)
Examples of Zero trust
Multifactor authentication, encryption, system permissions, additional firewalls, monitoring and analytics are examples of what?
What consists of a screened subnet?
It is a DMZ, additional layer of security between the internet and you
Ex. Public access to public resources
What is 802.1x?
NAC (Network Access Control)
Not getting access until you authenticate and makes extensive use of EAP and Radius?
NAC (port based network access control)
Authentication credentials that are stored on a wireless router or local device
Local authentication, home WiFi
Centralize authentication for users on
-routers, switches, firewalls
-server authentication
-remote VPN access, 802.1x network access
RADIUS (Remote Authentication Dial In User Service) available on all OS and common AAA protocol
Remote authentication protocol for the network and devices commonly
-TACACS
-Radius
-RDP
-LDAP
TACACS+ (Terminal Access Controller Access Control System)
X.500 specification used with Windows authentication
LDAP (lightweight directory access protocol) reading and writing directories over IP network
Kerberos uses SSO by use of a PSK
False, through cryptographic tickets
TACACS+ is commonly used to authenticate with Windows
False, Cisco
Kerberos or LDAP commonly are with Windows (Microsoft)
What do RADIUS servers commonly authenticate with?
VPN Concentrator
EAP is exclusive to Radius Servers
False, EAP can use radius, TACACS, and LDAP, 802.1x (NAC)
Multiple ways to authenticate
How a posture assessment determines if a device is safe to be used on the network
Performs a health check
-is it a trusted device
-is running up to to date antivirus
-are corporate applications installed
-is it a mobile device? Is it encrypted?
Where do devices go that fail a posture assessment?
To a Quarantine network to be fixed by administrators and then try again
Name 3 components of SIEM
-Security Alerts
-log aggregation (all devices sending logs to here) and long term storage
-data correlation
-forensic analysis
What is forensic analysis?
Gathering details after an event
sends infrastructure device data, operating systems and netflow sensor data
Syslog
Snmp
Siem
Sflow
SIEM
How do you stop a bot?
Patches, antivirus, on demand scans, network monitoring,
How do you prevent C&C? (Command and control?
Block at fire wall and identify at workstation with host based firewall or host based IPS
Multiple attacks from different services at once is a
DDOS (Distributed Denial of Service)
Turns small attack into a big attack, becoming increasingly common and takes advantage of common not secure protocols (DNS, ICMP)
DDOS amplification
Who is in charge of Botnets?
Command and Control (C&C)
How is an on path attack different from a man in the middle attack?
They aren’t different because they are the same thing
Name 3 on the path attacks (man in the middle)
DNS poisoning
ARP poisoning
Session hijacking
HTTP spoofing
WiFi eaves dropping
Best way to prevent an on path attack?
Encryption
An attacker pretending to be a router by having the actual routers IP address and communicating to a device on a subnet
ARP poisoning
Modify a DNS server with the client host file and sending a fake response to a DNS request
DNS poisoning
VLAN’s cannot access another VLAN
True
A VLAN attack can come about from a switch using auto configuration and someone pretending to be a switch to send a trunk connection
True, Switch Spoofing (Type of VLAN hopping)
Switches should be automatically configured because there is less chance of error
False, they should be manually configured to prevent switch spoofing
Takes advantage of native VLAN configuration by including 2 VLAN tags where the first is removed but the second is forwarded to the target
Double tagging/VLAN hopping
Remote sites connecting with one another directly instead of to a main site and the connection disappearing when done.
MGRE (multiple generic routing encapsulation) used DMVPN
What cable is used with Twin Axial?
10G Ethernet and SFP+(transceiver) cables, full duplex
This Coaxial cable is used as patch cables for short distances
RG-59
When using fiber, it is important to make sure you are on the right channel so you don’t have radio frequency interference
False, fiber is immune to RF
APC (Angled Physical Contact) is at an 8 degree angle with a low return loss
True,
UPC (Ultra Polished Connection) has a high return loss and are at 0 degree angles
Which connector has 2 different fibers inside of it (send and receive) ?
Mtrj
LC
F
Sc
LC (Local Connector)
What type of connector is used with a cable modem( docis) and coaxial cable
F Connector
SFP Transceiver supports up to 16 Gbit
False, 1Gbit and used with RJ45
SFP+ is up to 16Gbit but commonly 10gbit
QSFP and QSFP+ are both Bi-Directional
True,
QSFP is 4 1Gbit= 4gbit
QSFP+ is 4 10gbit= 40gbit
Installation commonly used between floors or buildings
Fiber distribution panel
Bidirectional communication over a single strand of fiber
WDM (Wavelength Division Multiplexing)
Spoofing
Pretending to be something you aren’t
Ex. Fake web server, fake dns, caller ID, email address spoofing
How would you disable a Rogue DHCP server?
-enable DHCP snooping on your switch
-authorized DHCP servers in Active Directory
-renew IP lease
Why would 802.1x prevent a rogue access point?
Because it is an unauthorized wireless access point and 802.1x (network access control) you must authenticate regardless of connection type
Configuring an access point to look like a network, using the same or a similar SSID (WiFi name)
Wireless evil twin, prevent by encryption
APIPA
169.254.0.1-169.254.254.255
Link Local
Can only communicate to other local devices. Can’t communicate across the network
Classful Subnetting Ranges
A. 1-127
B. 128-191
C. 192-223
D. 224-239
E. 240-254
IPV6 addressing Shortcut
0/2
1/3
4/6
5/7
8/A
9/B
C/E
D/F
What does high gain mean?
Increased signal strength
Assembly line network
SCADA/ICS
What subnet mask is commonly for point to point links?
/30 or /31
malware gathers information by keystrokes
True
A worm Takes advantage of a vulnerability and installs malware with a remote back door, bot may be installed later
True
What prevents a worm?
Keeping your system up to date
Using common words to gain access to a system
Dictionary attack
Impossible to steal a password if you store your password as this
A hash
You are working as usual and then you lose service, and then you connect again to the wireless network and this happens repeatedly what may be happening?
Disassociation/ de authentication DoS attack.
Encrypts frames to prevent 3rd party de authentication/disassociation attacks
802.11w
802.11ac
802.11d
802.11e
802.11w
Scanning can be useful to avoid tailgating
True
You can configure a maximum number of source MAC addresses on an interface , if it is exceeded the interface disables
True
IP tracking on a switch which works as a DHCP firewall to create a table of untrusted devices by watching for DHCP conversations
DHCP Snooping
Most ideal fire wall to control access
Network
NGFW
Host
Flow based
NGFW
What allows or disallows traffic based on tuples
ACL’s
This will Validate all router advertisement by policies set up from an Admin
Router Advertisement Guard
Creating a map of all devices and IP addresses by DHCP Snooping and then decides whether an ARP request legitimate
Dynamic ARP inspection
Restricting any communication to other devices on a switch or access point
Port isolation
Put management on a separate VLAN from the default VLAN
True
Wireless devices on an access point can’t communicate with each other in Wireless isolation
True
Commonly at hotels or public areas, guest network
LAN analysis is an easy way to find working IP addresses
False, MAC addresses not IP addresses
A captive portal only allows authentication to devices in its access table that is within its access point.
False, if you’re device is not on the access table it will redirect your web access to a captive portal page
How is a guest network different from a Screened subnet (DMZ)?
A guest network only has access to the internet and not internal resources
Encrypted (private) data traversing a public network is what?
A VPN
A VPN Concentrator is an access device
True, often integrated into a firewall
Site to site VPN has all communication encrypted always
True, concentrators are both typically firewalls
An administrator deciding what traffic goes to the VPN and what traffic goes outside the VPN scope is an ACL
False, Split Tunnel
Linux version of RDP
VNC
Managing systems and devices when network isn’t available by using a serial connection (modem) to dial into the device interface or a console router
Out of band management
Networking Trouble Shooting Methodology
-Identify problem (gather info)
-establish theory of probable cause
-test the theory
-establish a plan of action
-implement the solution
-verify full system functionality
-document findings
What is throughput?
Amount of data transferred in a given time frame
Was built for modem communication, printers and mic and now used as a configuration port
Interface
MTRJ
Patch Panel
Serial Console
Serial Console/ cables
RJ-45 to serial communication and used in conjunction with serial port connectors
Rollover cable (yost)
Rollover cable (yost)
802.3bt
PoE +
PoE
PoE +++
PoE ++
PoE ++
Rollover device wiring
1-8
2-7
3-6
4-5
-S
Braiding shielding
3 Most common serial console cables.
DB-25
DB-9
Send RS-232 signals
-No signal/connectivity or poor performance is likely a loss of what?
Decibel loss/attentuation
Power cords, fluorescent lights, electrical systems, bend radius/twisting and fire prevention can cause what to a copper cable?
EMI
How is a short circuit different from an open?
A short is 2 connections touching, an open is a break in the connection
What May late collisions indicate you have a configuration issue with?
Duplex mismatch
Fiber optic cables can have communication issues due to dirty cables/connectors.
True, clean thoroughly before using
Final step of cable installation that pinches connector onto the wire that pushes metal prongs through insulation. Connects RJ-45 Connector
Coaxial, twisted pair and fiber
Cable crimper, connects modular connector to the Ethernet cable
Trims the wires and breaks insulation, forces wire into a wiring block.
Punch down tool
66 bloc
110 block
Puts an analog sound on the wire, inductive probe doesn’t need to touch the copper. Easy wire tracing.
Tone generator
Fox and hound (toner and probe)
Tests physical ports and is not a cross over cable. Serial, Ethernet, T1, fiber
-rollover
-NIC
-modem
-Loopback plug
Loopback plug
Estimate fiber lengths, measures signal loss, determine light reflection, and create wire maps.
TDR (cable)
OTDR (fiber)
Multimeter
Measures AC/DC voltages, continuity, and wire mapping
Cable connectivity, fuse status, wire mapping
Tests for continuity, identifies missing pins and crossed wires, not used for advanced testing
Cable tester
Toner probe
Cable certifier
TDR
Cable tester
Taps (active or passive) and ports mirrors (from a switch) do what?
Test the network
Add encryption
Port forwarding
intercept network traffic
intercept network traffic
Send a light from one side and measure light power on the other
Light meter
Views the frequency spectrum and identify frequency conflicts
Spectrum analyzer
Join 2 fiber ends together, add connectors and repair fiber using heat. Extend fiber length or remove a section of damaged fiber.
Fusion splicer
What do you connect a tone generator to?
Modular jack
Coax
Punch down connector
Locate copper or fiber breaks and certify cable installations
TDR/OTDR
sends an electrical pulse down a cable and calculates time and distance for impedance discontinuities
TDR
Toner probe
Otdr
Multimeter
TDR is electrical. OTDR uses light
Views wireless information, signal to noise ratio, channel information etc.
Wireless packet analyzer
Wireless packet inspection
Packet capture
Protocol analyzer
Wireless packet inspection
Protocol analyzer captures and displays network traffic, use a physical tap or redirect on the switch
True
View traffic patterns, what frames are on the network and has large scale storage
San
Protocol analyzer
Nas
Vulnerability scanner
Protocol analyzer
This is Bandwidth testing (measure throughput), pre and post change analysis( test the install firewall/packet shaper), not all sites are the same.
Speed test sites
Performance monitoring and speed testing. Run tests across different OS. Your own speed testing
Iperf
IP and port scanners
-Scan for open ports and IP addresses. -Visually map the network and rogue system detection.
-Pick a range of IP addresses. Gather information on each device
Netflow
Gather traffic statistics and standard collection method. Probes and collectors to create reports. Shows trends of traffic on network.
Trivial file transfer protocol that transfers files and upgrades firmware. Your device is the TFTP.
TFTP server
Terminal emulator
SSH, encrypted communication that supports across many OSes
Ping <IP></IP>
Test reachability to a TCP/IP address
Ping until stopped
Ping -t <ip></ip>
ping -a <ip></ip>
Shows all active connections
Resolve address to hostname
Answers a Ping request
Ack
Resolve address to a hostname
ping -f <ip></ip>
Send with Don’t Fragment flag set
ipconfig
Windows TCP/IP config
•ipconfig /all-
Display all IP configuration details
Flush the DNS resolver cache
Ipconfig /flushdns-
The latest Linux utility
ip address
- Lookup information from DNS servers
•nslookup <ip>
dig <ip></ip></ip>
This command determines the route a packet takes to a destination, takes advantage ICMP TTL exceeded error message
Traceroute <ip></ip>
Netstat -a
Show all active connections
Show binaries
Netstat -b
Do not resolve names
Ipconfig-n
Netstat-n
Nbstat-n
Ping-n
Netstat -n
What comprises hostname?
FQDN and ip address of device on windows, Linux etc
This command finds out which way packets will go, View device’s routing table
Show route
Show config
Route
Ipconfig
route
tcpdump is a Windows packet capture tool
False, it is Linux written pcap
Windows is Windump
Name 2 things nmap does besides these
-Find network devices/network mapper
-port scan/find device ports
-operating system scan
-service scan
-additional scripts
Command to View interface on a device, detailed interface information
Show interface
View device config command
Show config
View routing table command
Show route
Route print in windows or Linux is netstat-r does what?
Creates a routing table
Find a devices routing table
Maps an ip address to a mac address
Registers up address in a routing table
find a device’s routing table
Determine round trip time using ICMP
Ping
Canonical names, IP addresses, cache timers can all be found using a what command?
dig
ARP -a
Determines a MAC address based on an IP address with this command
What is a great way to use Telnet?
Useful for checking a port application
Telnet <ip> <port></port></ip>
Parabolic is an antenna that focuses the signal to a single point
True, Yagi is very directional and high gain
Orientation of an antenna that is relative to the surface of the Earth
Polarization
Strength of a received radio signal shown as a negative number
RSSI (Received Signal Strength Indication)
Radiated signal strength that shows transmit strength + antenna gain - cable loss
EIRP (Effective isotropic radiated power)
Association
Devices connecting to an access point
Sight surveys
Determine existing wireless landscape
A WiFi password is an example of a Pre shared key (PSK)
True
Client and the access point need the same encryption
True
Problems are often found here with errors and mismatches that are viewed on a console
Interface
Every router interface is configured as an access port or a trunk port and each access port is assigned a VLAN
False, every switch not router
If you are having Intermittent or all day issues you should check an individual device performance for this
Utilization
These separate broadcast domains and are a single VLAN
Routers
How could you identify the source of a broadcast?
Packet capture
Duplicate MAC attacks can be common
False, they are not common and check for man in the middle attack
Duplicate IP address is blocked by what?
OS
Broadcast is sent to every switch port
False, multicast is
A switch directs multicast transmissions using this by watching messages
IGMP Snooping (internet Group Management Protocol)
What command would help you find an asymmetric route?
Using traceroute
Sending information to a router but the router has no idea where the traffic is supposed to go. ICMP host unreachable message
Missing route
IP addresses assigned by a non authorized server
Rogue DHCP, no inherent security in DHCP
Monitors and reports on IP address shortages
IPAM (IP address management protocol)
If a client receives an APIPA what does that mean?
Exhausted DHCP scope
What type of issue do you have if you can if you can communicate to local IP addresses but not outside of your subnet?
Dns configuration
Interface configuration
Ip configuration
Duplex configuration
Ip configuration
Name 2 common ways to trouble shoot IP configuration
-Check IP address, subnet mask, gateway, DNS
-monitor traffic, examine local broadcast
-check devices,
-traceroute and ping local IP
If your network has copper don’t block the light
False, fiber, low optical link budget
Name 2 certificate issues
-Expired
-wrong domain name
-untrusted certificate
-correct time and date
How is a network based firewall config confirmed?
Ping
Ipconfig
Acl
Policy list
Check the policy list and logs, packet capture
For host based firewall settings, you would check the accessibility and central console
True
Common troubleshooting for VLAN is to confirm physical interface with VLAN number and confirm voice data is on a separate VLAN from internet
True
If web browsing isn’t working it means you have a DHCP issue
False, DNS
Kerberos uses a time stamp
True
If you have a lot of users coming in and out of an office you would want to increase the lease time
False, you would want to lower the ip lease time so you don’t exhaust the DHCP scope
To make a straight through cable you would punch down a 568B on one end and a 568A on the other.
False. You would punch down 568B and 568B on both ends
IPv6 uses 64bits
False, 128 bits
When configuring a wireless access point you want to select the channel with the frequency range least used in that area
True
What device would you use to test the operation of a NIC?
Loopback
The connection is established and ready for normal data flow is ACK
True
Transport handles the routing of data across segments
False, networking
There are 12 broadcast domains in a 24 port switch configured with 12 VLAN’s
True, each vlan is a broadcast domain
A laptop would plug into a hub to see all the communication on the network segment as a network sniffer.
True
supports equal cost load balancing and has all the routers contain the same topology view
DV
BGP
EIGRP
OSPF
OSPF
What allows multiple network interfaces to work together as a single virtual network interface?
NIC teaming
An admin needs to be aware of this when installing wireless network in a building with multiple floors.
Channel overlap
SSL VPN has the least connection overhead
True
designed for testing connectivity to a remote server on a specific port.
Telnet
/1 /9 /17 /25
128 CIDR
2 Networks
128 addresses
/2 /10 /18 /26
192CIDR
4 Networks
64 addresses
/3 /11 /19 /27
224 CIDR
8 Networks
32 addresses
/4 /12 /20 /28
240 CIDR
16 Networks
16 addresses
/5 /13 /21 /29
248 CIDR
32 Networks
8 addresses
/6 /14 /22 /30
252 CIDR
64 Networks
4 addresses
/7 /15 /23 /31
254 CIDR
128 Networks
2 addresses
/8 /16 /24 /32
255 CIDR
256 Networks
1 address
Loopback for IPv6?
0000/0
127.0.1
::1
192.172.3.2
::1
802.1d
STP and avoids loops
When setting up a VPN, a firewall should be the first device configured
True
WAP’s are good up to how many feet to connect to?
125
150
75
30
150
Someone who is logged into a company VPN will have an unexpected source ip address because of a proxy server
True
A packet analyzer (protocol analyzer) can capture a TCP handshake and analyze it
True
2/4 post racks are used for telecommunications equipment
True
RAS is associated with what?
RDP or VNC
used to terminate DS3/T3 lines
CSU/DSU
Modem
Ftype
BBC
BBC
25 pair cable is used for
Telephony
RJ11
Voice
PSTN
voice on vertical connect
This is a text file that maps hostname a to ip addresses
Nslookup
Dns server
Local host file
Root server
local host file
A network based firewall is software based and on workstations and servers. Allows admin to manage incoming and outgoing traffic at the device level
False, Host based firewall
Network based firewall is at edge of network and manages traffic between internal network and outside world. More broad
10GBase-EW (WAN) distance is 10,000 meters
True
purpose is to view data grams
Packet Sniffer’s
How many pairs are crossed in a crossover cable?
2 pairs
CAT 7 has solid Kevlar and can’t bend 90 degrees
False, CAT 6
What tool tests for continuity
TDR
Tone generator
Multimeter
Punch down
multimeter
connect vertical cross connects when using data connections
Patch panels
IDF
Mdf
Demarc extensión
patch panels
66 block connects telephone or voice connections
A load balancer can cache web content and serve it to users locally
False, proxy server
Load balancer evenly distributes network traffic across multiple servers or resources
allows remote users to securely access corporate resources through a web browser on their devices
Radius
TACACS
Kerberos
SSL
SSL or SSL VPN
44.7 Mbps
T3
Used to connect a router or switch to a terminal for console management
Rollover
Cable establishes a direct connection between a device and terminal for console management
Console cable
Loop back
Cable that allows to test functionality of network interface
Request timed out is a common find when using this command
Tracert
1.544 mbps
T1
What cable is used to connect telephony distribution
66 pair
100 pair
Rollover
Console
100 pair cable
How many broadcast domains are in a 24 port unmanaged switch?
1, BD is split by routers and VLAN
24 collision domains
shares information to all switches in a network
Port forwarding
Multicast
Broadcast
VTP
VLAN Trunking (VTP)
One time temp posture assessment in a NAC
Non persistent agent
Captive portal relies on what to authentication?
802.1x which uses RADIUS authentication
High utilization threshold exceeded on gi/1/0/24 would be what kind of update?
Interface link status
Host based anti malware can keep a system secure by testing all communication from a distributed target
False, Network based
Only allows certain traffic through that is specified by certain ports
Implicit deny
Terminates a T1 line at a customer’s site
CSU/DSU
Relies on virtual circuits and point to multi point connections
Ip helper
Frame relay
MGRE
VLAN’s
Frame relay
CAT3-CAT6 would use this connector
RJ-45
Channel bonding improves this
Bandwidth
Teaming
Aggregate
Speed
Connection speed
Dynamic routing protocol that supports IPv4 and VLSM
OSPF
Connects a terminal device to a T1
CSU/DSU
RS-232, DB-9 and DB-25 are this type of cable that connects to a console port
Rollover
Without this a VLAN has no additional security
ACL
Locate possibly outages and track traffic and malicious usage in a network
Network analyzer
Network sniffer
Protocol sniffer
Packet capture
network analyzer
A cable tester can be used in locating positions in a cross connect when changing a location of a phone b/w 66 blocks
False, Toner probe
actual encryption over VPN
PPTP
A Toner Probe sends a signal down a cable and measures how long it takes to come back
False, TDR
This network device creates a DMZ
Network based firewall
What are the tools needed to create a CAT5e crossover cable
A cable crimper and snips
Fiber connector that is pushed in with no twisting
SC
Large amount of CRC errors on a router interface would mean you have this issue
Faulty cable
nmap
Network statistic
Open ports
Active hosts
Nbstat data
Identify Open ports on a remote server
A routing table has 2 different routes to the same IP subnet, the router will choose the route listed first in the routing table when forwarding a packet
False, route with lowest administrative distance
An Ethernet having slow connection would be due to this
Duplex mismatch, this will cause late collisions
uses certificates to negotiate access to the network
SSL
EAP-TLS
Kerberos
RDP
EAP-TLS
Device that connects 2 or more network segments or subnets
Router
Connects multiple devices on the same network segment
Switch
What are the Ethernet cables with RJ-45 connectors that are used to connect ports to the switch?
Patch cables
Portion of IP address that identifies the network the device is assigned to
Subnet address
SDWAN is a tunnel interface
False, mGRE
SDWAN is a WAN that uses software to control connectivity
What is the Intranet accessed by authorized outside users securely over the internet
Extranet
Provides network resources
Server
What are the key sizes in AES?
-supports 3 key sizes: 128, 192, 256 bits
divides plaintext into 128 bit blocks and transforms them into ciphertext, used in WPA2
CCMP (Counter Mode with Cipher Block Chaining Message Authentication Code Protocol)
What is the difference between a subnet and a network I’d?
Same thing
Devices that send and receive electrical signals
Switch
Modem
Loop back
NIC
Network interface
DMVPN topology configuration
Hub and spoke configuration for full mesh
Hosts assigned specific roles like file sharing. Other hosts Access but don’t host devices of their own
Client-server
Network where each device is provided access to shared files
Peer-peer
Provides flow control and transmission for analog and or digital streams over a shared link
CSU/DSU
Switch
Modem
LLC
LLC
Conversion of digital data to electric pulses is what layer?
Physical
Physical network device identification and data transmission between hosts are in which layer?
Data Link
End to end flow control is at which layer?
Transport
Method to retrieve or send a piece of data over the internet
HTTP GET
What layer is encapsulation at?
Presentation
Top to bottom is de encapsulated
False, encapsulate
Bottom to top Is de encapsulate
ARP is used to determine the MAC address of the host using the destination IP address
True
ACK starts a connection between 2 systems
False, SYN
ACK acknowledges a packet has been received
You use this when trying to use TCP to connect to a port
3 way handshake
3 way handshake
CP1 sends SYN
CP2 receives and sends back a SYN/ACK
CP1 sends an ACK and the connection is complete
Open ports respond with SYN/ACK and closed ports respond with an RST flag
True
Sends SYN packet to a port but the 3 way handshake does not occur because the original system doesn’t reply with an ACK. No connection is made or security log
Stealth scan (half open)
All flags are turned on
Xmas Tree scan
Finds a target machine but finds another system to take blame (zombie machine)
Idle scan
RST
TCP flag that resets a connection
Directs the sending system to send buffered data
RST
DNF
PSH
BUFF
PSH
When does a router use ARP?
If a router’s routing table doesn’t have a MAC address of devices on the local LAN and they need to forward a frame to it
SSL is a more advanced security protocol than TLS
False, TLS is more advanced
