VLAN/ Specialized Network Devices

Question 1

VLANs

Answer 1

▪ Switch ports are in a single broadcast domain
▪ Allow you to break out certain ports to be in different broadcast domains
▪ Before VLANs, you had to use routers to separate departments,
functions, or subnets
▪ Allow different logical networks to share the same physical hardware
▪ Provides added security and efficiency

Question 2

Before VLANs

Answer 2

▪ Different switches were required for each LAN for separation

Question 3

Using VLANs

Answer 3

▪ Same switches but switch ports can be in different VLANs

Question 4

VLAN Trunking (802.1q)

Answer 4

▪ Multiple VLANs transmitted over the same physical cable
▪ VLANs are each tagged with 4-byte identifier
● Tag Protocol Identifier (TPI)
● Tag Control Identifier (TCI)
▪ One VLAN is left untagged
● Called the Native VLAN

Question 5

Virtual Private Network (VPN)

Answer 5

▪ Creates a secure VPN or virtual tunnel over an untrusted network like the
Internet

Question 6

VPN Concentrator

Answer 6

Virtual private network (VPN) creates a secure, virtual tunnel network
over an untrusted network, like the Internet
▪ One of the devices that can terminate VPN tunnels is a VPN concentrator,
although firewalls can also perform this function

Question 7

VPN Headend

Answer 7

▪ A specific type of VPN concentrator used to terminate IPSec VPN tunnels
within a router or other device

Question 8

Firewalls

Answer 8

▪ Network security appliance at your boundary
▪ Firewalls can be software or hardware
▪ Stateful firewalls
● Allows traffic that originates from inside the network and go out
to the Internet
● Blocks traffic originated from the Internet from getting into the
network

Question 9

Next-Generation Firewall (NGFW)

Answer 9

▪ Conducts deep packet inspection at Layer 7
▪ Detects and prevents attacks
▪ Much more powerful than basic stateless or stateful firewalls
▪ Continually connects to cloud resources for latest information on threats

Question 10

Intrusion Detection or Prevention System (IDS/IPS)

Answer 10

▪ IDS recognizes attacks through signatures and anomalies
▪ IPS recognizes and responds
▪ Host or network-based devices

Question 11

Proxy Server

Answer 11

▪ A specialized device that makes requests to an external network on behalf of a client

Question 12

Content Engine/Caching Engine

Answer 12

Dedicated appliance that performs the caching functions of a proxy server

Question 13

Content Switch/Load Balancer

Answer 13

Distributes incoming requests across various servers in a server farm

Question 14

VoIP Phone

Answer 14

▪ A hardware device that connects to your IP network to make a
connection to a call manager within your network

Question 15

Unified Communications (or Call) Manager

Answer 15

Used to perform the call processing for hardware and software-based IP
phones

Question 16

Industrial Control System (ICS)

Answer 16

Describes the different types of control systems and associated
instrumentation

Question 17

Supervisory Control and Data Acquisition (SCADA)

Answer 17

▪ Acquires and transmits data from different systems to a central panel for
monitoring and control