Test Review From Testers Flashcards
Pass the first time
What is SNMP
Is an Internet Standard protocol used for managing and monitoring network-connected devices in IP networks.
SNMP is an application-layer protocol that uses UDP port number 161/162 to transmit management data between network devices. It’s widely used for network management, providing a standardized framework for monitoring and managing network devices such as routers, switches, servers, and printers.
Network monitoring, fault detection, configuration management, performance management
What is RADIUS
Remote Authentication Dial-In User Service is a networking protocol that provides centralized Authentication, Authorization, and Accounting (AAA) management for users who connect to and use a network service. A client-server protocol that enables remote users to authenticate and gain access to a network. It’s widely used in various environments, including corporate networks, internet service providers, and educational institutions. Authentication: When a user attempts to connect to the network, the RADIUS client the user’s credentials (username and password) to the RADIUS server. Authorization: If the credentials are valid, the RADIUS server checks the user’s permissions and determines what resources the user can access. Accounting: The RADIUS server keeps track of the user’s network usage, such as connection time and data usage, for billing or monitoring purposes. Ensures only authorized users can access the network, managing remote user access to Wi-Fi networks. RADIUS-TLS secured.
In a traditional three-tier network architecture, what is the function of the access layer
In a traditional three-tier network architecture, the access layer is the first tier and is crucial for network performance and security. It connects devices like PCs, phones, and wireless access points to the network.
Device Connectivity: It provides the interface for end-user devices to connect to network.
Security: Implements security measures like VLANs, port security, and access control lists (ACLs).
Traffic Management: Manages the traffic from end-user devices to ensure efficient network usage.
QoS: Ensures reliable and consistent network performance by prioritizing certain types of traffic.
Address resolution: Handles ARP (Address Resolution Protocol) to map IP addresses to MAC addresses for device communication.
Which routing protocol uses hop count as the primary metric for making routing decisions?
RIP (Routing Information Protocol) is one of the oldest distance-vector routing protocols used in local and wide area networks. Uses hop count as a routing metric to determine the best path between the source and destination network. It operates on the Network layer of the OSI model and uses UDP port 520 for communication.
STP
Spanning Tree Protocol is a network protocol that ensures a loop-free topology for Ethernet networks. STP is defined in the IEEE 802.1D standard and is used to prevent loops in network topologies. Loops can cause broadcast storms and multiple frame copies, leading to network congestion and failure. STP uses BPDU (Bridge Protocol Data Units) to exchange information between network devices about their statuses and to maintain network topology information. The port begins to learn MAC addresses to populate the switch’s MAC address table but does not forward frames. The port forwards frames and populates the MAC address table.
OSPF
Open Shortest Path First is a dynamic routing protocol used in Internet Protocol (IP) networks. It’s designed to find the best path for data packets between devices in a network. OSPF is an interior gateway protocol (IGP) used within an autonomous system (AS) it’s part of the link-state family of protocols and operates using Dijkstra’s Shortest Path First (SPF) algorithm. OSPF is defined in RFC 2328 and is known for its scalability and rapid convergence. OSPF is a robust and versatile protocol, making it a popular choice for large and dynamic networks. The shortest path tree is used to update the routing table with the best paths to each destination. Used in backbone and internal segments of ISP networks. Deployed in large educational and research institutions for efficient routing.
VLAN
Virtual Local Area Network is a logical grouping of devices within a large physical network. It helps segment a network into smaller, isolated sections, improving management, security, and performance. Allows devices on different physical LAN segments to communicate as if they were on the same physical network, even if they’re not directly connected. Devices in different VLANs can’t communicate with each other without a router. Sensitive data can be isolated in specific VLANs, reducing exposure to network threats. Make it easier to manage and configure large networks by logically grouping devices. Broadcast traffic is limited to devices within the same VLAN, reducing unnecessary load on the network. Port-Based, MAC-Based, Protocol-Based VLANs. Isolating departments within an organization to enhance security and manageability. Creating separate VLANs for guest users to provide internet access while keeping the main network secure. With VoIP it isolates voice traffic to ensure quality and performance.
VLAN trunking
A method used to carry traffic from multiple VLANs over a single network link, typically between switches. It uses tagging to identify and separate the VLANs over a single network link, typically between switches. It uses tagging to identify and separate the VLANs, ensuring that data stays within its designated VLAN while traveling across shared infrastructure. Efficient use of bandwidth, simplified management, scalability, enhanced security.
DRP
Disaster Recovery Planning is a structured approach to help organizations recover from catastrophic events such as natural disasters, cyber-attacks, or system failures. A comprehensive document that outlines how an organization will respond to and recover from disruptive incidents. It ensures the availability of data and critical systems, minimizing downtime and financial loses.
Establish a planning group, perform a risk assessment, conduct a business impact analysis, develop recovery strategies, document recovery procedures, assign responsibilities, implement testing and training, and review and update the plan.
Hot site in disaster recovery plan
To maintain continuous operations with minimal downtime during a disaster
MTTR
Mean Time to Repair is a key performance indicator (KPI) used to measure the average time it takes to repair a system, machine, or equipment after a failure. It’s a crucial metric in maintenance management, IT operations, and incident management. MTTR measures the time from when a failure occurs to when the system or equipment is fully functional again. This includes the time taken to detect the failure, diagnose the issue, and complete the repair.
Vulnerability assessments and why we need them
Systematic reviews of security weaknesses in an information system. They evaluate if the system is susceptible to any known vulnerabilities, assign severity levels to those vulnerabilities, and recommend remediation or mitigation if needed. Identification, Evaluation, Prioritization, and remediation.
On-Path attack
Also known as man-in-the-middle (MITM) attacks, occur when attacker positions themselves between two parties in a communication process. By doing so, the attacker can intercept, read, and even alter the data being exchanged. Interception, Eavesdropping, Modification.
ARP Spoofing, DNS Spoofing, SSL Stripping. To prevent use encryption like HTTPS. Authentication to identify both parties. Network security measures such as firewalls, IDS, and IPS. Perform regular updates.
ACL
Access Control List specifies which users or system processes have access to certain objects, like files or network resources, and what operations they are allowed to perform on those objects. Think of it as a list of permissions attached to an object. Each entry in this list specifies a subject and an operation. A file might have an ACL that allows a specific user to read and write to the file, a group to only read the file, and everyone else to have no access. It’s a critical part of system security, ensuring only authorized entities can perform certain actions.
Client-to-site VPN
A secure tunnel between a user’s device (the client) and a remote network (the site), allowing the user to access the network as if they were physically present.
Client: This is usually a device, like a laptop or smartphone, running VPN client software.
Site: This refers to a network, such as a company’s internal network, that the client wants to securely connect to.
Encryption: The data traveling through this tunnel is encrypted, ensuring that it remains private and protected from eavesdropping.
Authentication: Users must authenticate themselves, typically using a username and password, or even multifactor authentication for added security. You can work remotely and still access all the files, applications, and resources you need as if you were at the office, without compromising security.
OTDR
Optical Time-Domain Reflectometer is an optoelectronic instrument used to test the integrity of optical fibers. It sends a series of optical pulses into the fiber and measures the light that is reflected back. Measures attenuation (signal loss), reflection (backscattered light), and distance to faults or breaks.
Protocol analyzer
a tool (hardware or software) used to capture and analyze signals and data traffic over a communication channel. It helps in monitoring network traffic and analyzing its behavior. It captures data packets traveling across the network. It decodes the captured packets to interpret the data and understand how packets are being transmitted. Used for troubleshooting, detecting security issues, monitoring network performance, and more. Wireshark, Snort, and Omnipeek.