The Final Stretch Flashcards
RIP
Routing Information Protocol. Distance-vector. Uses hop count and limits hops to prevent looping.
EIGRP
Enhanced Interior Gateway Routing Protocol. Distance-vector. Routers on EIGRP send hello packets intermittently to verify functionality and work together to determine the best path.
OSPF
Open Shortest Path First. Link-state. Routers communicate with each other about other routers to determine the shortest path.
BGP
Border Gateway Protocol. Hybrid. Enables the internet to exchange routing information between Autonomous Systems.
Distributed Switching
A virtual switch that acts as a single switch for all hosts in a virtual environment
VLSM
Variable Length Subnet Mask. Works closely with CIDR to break up subnets for more flexibly in IPv4 networking.
IPAM
IP Address Management. The administration of DHCP and DNS. It is a means of planning, tracking, and managing the IP address space used in a network.
APC
Angled Physical Contact fiber connection
UPC
Ultra Physical Contact fiber connection
MTRJ
Small Form Factor Duplex Connector. Holds two fibers at the same time in a small body.
Media Converter
Converts media (I.e, Fiber optics to Ethernet connections)
RADIUS
Remote Authentication Dial-in User Service. Provides AAA to users
NAS vs SAN
NAS is a single device storing data for multiple hosts. SAN is a network of devices providing various storage services.
Fibre Channel
A high-speed data transfer protocol for SAN
iSCSI
IP-based standard for transferring data that supports host access by carrying SCSI commands over the network.
Infiniband
Computer networking communications standard with very high throughput and low latency.
ISDN
Integrated Services Digital Network. A set of communication standards that used digital transmissions to make phone calls, video calls, transmit data, and other network services of PSTN.
T1/T3
T1 has 24 channels. 1.544 Mbps; T3 has 28 T1 lines (672 channels) and 44.7 Mbps
E1/E3
E1 has 32 channels. 2.048 Mbps; E3 has 34.4 Mbps
OC3 – OC192
OC192 – 51.84 mbps x OC# (OC192 = 9.953 Gbps)
PRI
Primary Rate Interface. A telecommunications standard used on an ISDN network for carrying multiple DSO voice and data transmissions between the network and the user.
MPLS
Multiprotocol Label Switching. Data flow technology that increases the speed and controls the flow of by using labels instead of a routing table lookup at every stop.
ATM
Asynchronous Transfer Mode. Telecommunications standard for digital transmissions of multiple data types including voice, data, and video signals over one network without the use of several overlay networks.
Frame Relay
A standardized WAN technology that specifies the physical and data link layers of digital telecommunication channels using a packet-switching methodology.
PPP
Point-to-Point Protocol. A layer 2 protocol used to establish a direct connection between two nodes on a network. Used as a simple link between two peers. Full-duplex and packets are delivered in order.
DMVPN
Dynamic Multipoint VPN. A solution which enables data to transfer from one site to another, without having the verification process of traffic.
SIP trunk
The virtual version of an analog phone line. Allows you to connect multiple channels to your PBX to make local, long distance, or even international calls.
CSU/DSU
Channel-service unit/Data-service unit a hardware device like a model for T1/T3 connections.
Smart Jack
A smart and intelligent device place between the telephone company’s demarc and the customer. It is a NID, but smarter and checks connectivity.
Port aggregation
Used for automated, logical aggregation of switch ports in Cisco.
Clustering
The interconnection of servers in a way that makes them appear to the OS as a single device.
Port scanning
Method for determining which ports are open. Like knocking on doors to see if anyone is home.
SEIM
Security Information and Event Management. Collects logs and event data produced from applications, devices, networks, infrastructure, and systems to draw analysis and provide a holistic view of an organizations IT. Basically, the eyes of your entire network.
MIB
Management Information Base. A database used for managing the entities in a communication network. Most often associated with SNMP.
VNC
Virtual Network Computing. A cross-platform screen sharing system that was created to remotely control another computer.
AUP
Acceptable Use Policy.
TACACS+
Provides more control over the authorization of commands, while RADIUS does not support that feature. TACACS+ encrypts ALL AAA Packets, while RADIUS only encrypts passwords.
Kerberos
Has 3 parts. The client, the server, and a trusted third party (KDC). The client sends a request to the KDC, which creates a ticket and encrypts the client’s password in a key and sends the key back to the client to present to the servers.
NAC
Network Access Control. An approach to computer security that attempts to unify endpoint security technology, user or system authentication, and network security enforcement by finding and identifying different devices on the network. Administrators can open, close, or quarantine access to the network.
TKIP-RC4
Temportal Key Integrity Protocol; Rivest Cipher 4. Used in WPA. Like WEP, uses RC4 stream encryption algorithm as its basis. Much weaker than WPA2-AES.
CCMP-AES
Counter Mode Cipher Block Chaining Message Authentication Code Protocol; Advanced Encryption Standard. CCMP employs 128-bit keys and 48-bit initialization vector that minimizes vulnerability to replay attacks. CCMP requires more processing power than TKIP. AES is a military technology used in networks for WPA2 encryption.
Logic Bomb
A set of instruction secretly incorporated into a program so that if a particular condition is satisfied they will be carried out, usually to cause harm to the device.
DNS Poisoning
When a hacker substitutes the address for a vaild website with an impostor. The impostor site may look identical to the valid one, but will steal information and personal information from victims.
ARP Poisoning
A type of cyber attack carried out over a LAN that involves sending malicious ARP packets to a default gateway on a LAN in order to change the pairings in its IP to MAC address table.
Deauthentication
A type of DoS attack that targets communications between a user and a WAP.
VLAN hopping
VLAN hopping - A computer security exploit; a method of attacking networked resources on a VLAN. This may allow the attacker access to traffic on other VLANs that would normally not be accessible.
Spoofing
When an attacker impersonates an authorized device or user to steal data, spread malware, or bypass access control systems.
Flood guard
Flood guards are tools that can prevent DoS. Usually built into routers and IDS systems.
BPDU guard
Prevents loops by moving a nontrunking port into an errdisable state when a BPDU is received on that port (Helps prevent man-in-the-middle)
Root guard
An STP feature that is enabled on a port-by-port basis. It prevents a configured port from becoming a root port. Prevents a downstream switch from becoming a root in a network.
DHCP snooping
A security feature that acts like a firewall between untrusted hosts and trusted DHCP servers. Validates DHCP messages coming from untrusted hosts and filters out invalid messages.
Attenuation
The reduction of the force, effect, or value of something. The reduction of signal over long distances.
PAP
Password Authentication Protocol. Used by PPP to authenticate users. Almost all network OS remote servers support PAP. Considered a weak authentication scheme.
CHAP
Challenge Handshake Authentication Protocol. Authenticates a user or network host to an authentication entity. Requires both the client and server know the plaintext of the secret.
MS-CHAP
Microsoft CHAP. CHAP designed for Windows.
