Busy. Please wait.

show password
Forgot Password?

Don't have an account?  Sign up 

Username is available taken
show password


Make sure to remember your password. If you forget it there is no way for StudyStack to send you a reset link. You would need to create a new account.
We do not share your email address with others. It is only used to allow you to reset your password. For details read our Privacy Policy and Terms of Service.

Already a StudyStack user? Log In

Reset Password
Enter the associated with your account, and we'll email you a link to reset your password.

Remove Ads
Don't know
remaining cards
To flip the current card, click it or press the Spacebar key.  To move the current card to one of the three colored boxes, click on the box.  You may also press the UP ARROW key to move the card to the "Know" box, the DOWN ARROW key to move the card to the "Don't know" box, or the RIGHT ARROW key to move the card to the Remaining box.  You may also click on the card displayed in any of the three boxes to bring that card back to the center.

Pass complete!

"Know" box contains:
Time elapsed:
restart all cards

Embed Code - If you would like this activity on your web page, copy the script below and paste it into your web page.

  Normal Size     Small Size show me how


CSMA/CD Carrier sense multiple access with collision detection (CSMA/CD) is a media access control method used most notably in local area networking using early Ethernet technology. Listen before send, listen while I send, probabilistic
CSMA/CA Detect collision and resend packets, probabilistic
10BaseT Standard that uses UTP cable, RJ-45 connectors, transfers up to 10Mbps. Economical / easy to install. Max 330 ft.
10Base2 Standard that uses Coaxial / BNC connectors, up to 10Mbps. Max 610.5 ft.
10Base5 Original Ethernet using coaxial cable
100BaseTX Standard that uses UTP cable, RJ-45 connectors, transfers up to 100Mbps
100BaseFX IEEE spec for fiber, up to 100 Mbps
802.3 / Ethernet Access method used to connect computers, uses physical cables. Link / physical layer protocol
1000BaseCX IEEE spec for gigabit Ethernet for short-haul copper twinax
1000BaseLX IEEE spec for gigabit Ethernet HDX/FDX fiber at 850nm wavelength
1000BaseSX IEEE spec for gigabit Ethernet HDX/FDX fiber at 1300nm wavelength
802.x Generic designation for IEEE subcommittees responsible for developing specifications for LANs and MANs
IEEE Institute of Electrical and Electronics Engineers
802.3ae Defines a version of Ethernet with a nominal data rate of 10Gbps
802.3af Defines a spec for PoE supporting up to 13.5 watts
802.11x (a/b/d/g/n/ac) IEEE subcommittees responsible for WLAN technologies
802.11a 5.75 Ghz, up to 54Mbps, realistically 20-25Mbps. 150ft. 4, 8, or more channels depending on the country. 40mW, 2.5in band width. 23 channels (12 non-overlapping)
802.11b 2.4Ghz, max 11Mbps, usually 4-6Mbps. 250ft. Interferes with Bluetooth, cordless phones, microwaves, TVs... 3 non-overlapping channels 1, 6, 11 in US 1, 7 13 in EUR 100mW
802.11e QoS support for LAN applications
Guided media Signal is contained within the cable
Unguided media Wireless
UTP Unshielded twisted pair, inexpensive, easy to install Hard to splice, limited distance, affected by EMI
STP Shielded twisted pair
Baseband 1 signal over the cable (ethernet)
Broadband Uses multiplexing to have multiple signals over 1 line (cell phone - internet, voice, gps)
Multimode (fiber) Short to medium distance, 10-1000Mb ethernet over 62.5 micron fiber, uses LEDs
Single mode fiber Long haul comms. (EX. SONET for voice / data transport at speeds up to 140Gbps (on each pair), 10Gb Ethernet, 9 micron core, uses lasers.
Fiber Optics (FO) High-speed, no EMI, can multiplex many channels over 1 cable. No sparks / danger of electrical shock, signal loss much less than metallic media
Attenuation Break up of signal over distance
Optical power meter Used to optimize alignment for Maximum Link Robustness, shows signal strength in dBs (decibles)
Copper Inexpensive, ubiquitous, High-speed
Coaxial High-speed, broadband, inexpensive
Microwave Up to 45Mbps, cost effective, easy to install / implement licensed freq
Satellite Comms High transmission rates, simultaneous comms to Earth stations, cost is not distant dependent.
asynch Asynchronous protocol, data link protocol
bisynch binary synchronous protocol, data link protocol
protocol rules which govern the way in which computing/network devices communicate
duplicity / duplex simplex - one way communications (listen only / send only)
half-duplex listen or receive but not both at the same time
full-duplex listen and receive at the same time
SDLC Synchronous Data Link Control
HDLC High Level Data Link Control
block size high failure rate = more retransmissions = small blocks (unreliable media)
MTU Maximum Transmission Unit (max frame size)
1500 MTU = 1500 bytes frame size
Data Link Protocol main function Synchronization
EBCDIC 2^8 ability to represent more special chars than ASCII
Parity bit Used for error checking, odd or even / 0 or 1 depending on if bits sent add up to an even or odd number. 8th bit in the byte
CRC Cyclic Redundancy Check - algorithm for error checking, generates checksum for compare by receiving machine. If receiving machine's checksum doesn't match, it sends a NACK
NAK Negative ACK
Maxout Maximum outstanding frames, max amount of frames in limbo (can be transmitted before ACK is received), unreliable media = set high maxout to get as much across as possible at a time (for synch at endpoint), reliable / fast = low maxout, not overwhelm endp
Piggybacking ACKs Send 1 ACK for multiple frames at a time
Synchronization (data link) maintain synch of frames between sending and receiving
framing (data link) mark beginning and end of each transmission frame
control (data link) sending station capable of identifying receiving station
error detection (data link) error detection and recovery
802.3 af / at PoE spec from IEEE
LAN privately owned
*SAN Storage Area Network [EMC] for backing up servers / datacenters without introducing a lot of traffic on the regular LAN
*LLC Logical Link Control Protocol - error detection, framing of low level metadata, interface to higher layer protocols.
MAC Media Access Control, hardware addressing. Assembly of data into a frame with address and error detection fields. Controlled by IEEE
Token Ring Token is passed around, everyone guaranteed access to the network
Bus Topology, all connect to an ethernet turnk
Token Bus 1 cable, multiple NICs, uses Token protocol / access method. Generally used in robotics.
Access method CSMA/CD (probablistic) CSMA/CA Token (deterministic), separate from the topology
Star topology Advantages: centralized control, network management visibility, easier to troubleshoot
Ethernet maximum frame size 1500, set MTU to 1376-1380 to provide room for encryption bits. If not, frames will be larger than 1500 bytes and will fragment, causing higher overhead.
Ethernet MAC Address Frame Formats v Ethernet DIX v2 format See slides TYPE v LENGTH
Broadcast Frames go to everyone [printer, network discovery, arp, collision announcement]
Multicast Sent to specific hosts that are subscribed to receive
Unicast Frame goes to a single MAC address
802.11g/b 2.4GHz, up to 54Mbps, 3 non-overlapping channels. 100mW, 6 inches (band width), 150ft diameter cell size
OFDM Orthogonal Frequency-Division Multiplexing modulation
CCK Complementary Code Keying modulation
PBCC Packet Binary Convolutional Coding modulation
802.11i WLAN security standard, describes encryption transmission of data between a and b WLANs. TKIP, AES, channel selection, roaming, transmit power control
802.11k Improve traffic distribution, checks if AP w/ strongest signal is at capacity and connects to another AP if so.
802.11n a/g compatible, 2.4 or 5.75 GHz, multiple-input multiple-output, error detection and correction. Spacial multiplexing - 2 Transmit & 1 Receive antenna
MIMO Multiple Input Multiple Output, Spatial multiplexing
802.15 Standard for WPANs, .1 is based on the Bluetooth spec, .2 working on interference in the 2.4GHz band, .3 wants up to 55Mbps up to 10m, .4 ZIGBEE
Guided v Unguided media Wireless v Cables
EIA/TIA Standards Ethernet wire color codes T568A and B for CAT .5
UTP CAT 3 100 Ohm, UL Level III
UTP CAT 4 100 Ohm Low Loss UL Level IV
UTP CAT 5 / 6 100 Ohm Extended Frequency UL Level V
Solid CAT 5 v Stranded CAT 5 Solid = rigid = long distance, Stranded = flexible = patch cable
CAT5e Up to 1000Mbps, suitable for Gig. Ethernet, less near-end crosstalk
NEXT Near End Crosstalk
CAT 6 Incorporates a longitudinal separator that isolates each pair from the others. Supports 10Gb Ethernet, up to 250MHz
Plenum Cabling rated for use in air ducts that does not emit toxic fumes when melted
Geosynchronous orbit turns at same orbit as Earth, 22,500 miles up, requires 3 to 4 degree space between geosync. satellites to prevent interference. Must be realigned every month.
Transponder Core of satellite transmission system, usually 24-48 transponder spaces for sending and receiving data, each divided into subchannels. Receives weak signal from Earth, amplifies it, changes freq, and retransmits. Send and receive on different freqs.
Footprint Area of the earth where the signal may be received, several hundred to thousand km. Narrower footprints = stronger signal. Ku-band satellites tend to be narrower than C-band
Modulo Number of frames that can be outstanding before sender must wait for an ACK from receiving stations
Wireless - RF / Infrared Speed, cost effective, easy to install /implement
Free Space Optics (FSO) + Beams only a few m in diameter at a km, close spacing of links w/o interference, secure, efficient energy, more than 8km possible
FSO - Environmental factors, need clear and calculated LoS
Multiplexing In telecommunications and computer networks, multiplexing (sometimes contracted to muxing) is a method by which multiple analog message signals or digital data streams are combined into one signal over a shared medium.
Analog Waves, continuous
Digital Discrete, 1s and 0s
TDM Time Division Multiplexing, each device has a time slot to send, if it has nothing to send it's wasted bandwidth. Aggregate line speed has to be at least equal to aggregate of all connecting line speeds
STDM Statistical Time Division Multiplexing, aggregate line speed is less than aggregate speeds of each line that connects to it.
MUX Multiplexer
Polling Asks every device if they have something to send, one at a time.
DWDM Dense Wave Division Multiplexing - separate the signal using prisms, OC-192 can support 40Gb. 1,000 different colors over 1 line at the same time, each color has a 40Gb link
Contention methods Allow sharing of media, CSMA/CD or CA, polling, token passing
Token passing Talking stick method, free or taken tokens, devices can fill free tokens with what they want to send and pass it on, deterministic
NIC Addressing, translates from network (serial) to CPU (parallel) and back
Intelligent wire hubs Port is occupied or busy / transmits data
ARIN American Registry for Internet Numbers (ARIN) - allocated IP addresses
IANA The Internet Assigned Numbers Authority (IANA) is responsible for the global coordination of the DNS Root, IP addressing, and other Internet protocol resources.
ICANN The Internet Corporation for Assigned Names and Numbers (ICANN /ˈaɪkæn/ eye-kan) is a nonprofit organization that is responsible for coordinating the maintenance and methodologies of several databases...
DIX Digital Intel Xerox, proprietary Ethernet
Licensed Freq Leased from the FCC
IP Address v4 Dotted decimal system, 32 bits, 4 octets
Class A -
Class B -
Class C -
IETF Internet Engineering Task Force - implement new protocols / modifications
RFC 1917 / 1918 Introduced ability to have public / private IP ranges
Class D -
Class E -
IP packet [version][IHL][Type-of-service][Total length]
Subnet mask 255 determines network portion of ip address, rest is host portion
Analog has inherent noise, when re-amplified, noise is also re-amplified. Digital will always have more throughput.
Hub Fastest, nothing to process, just re-broadcast.
Flooding How routing device build ARP / bridge tables for routing between network initially
Bridge connect layer 2 networks together, forwards, not routes
Switch connect layer 2 devices together
Spanning Tree Protocol Block loops in bridged / switched networks, useful on intermediate nodes - devices that pass traffic
Root bridge determined by lowest MAC address (or configurable), put it in the middle of topology in order for low amount of recalculating paths
Layer 2 v Layer 3 broadcast storm Affects everyone v Affects local
Adjacenty Router next to you
Route table Only network addresses to port numbers, number of route tables = number of interfaces x number of supported protocols (AppleTalk, DECnet, Novel...)
ARP table Only IP (host) addresses to MAC Addresses
RIP Routing Information Protocol Distance vector, based on vectors (number of hops) between routes.
(E)IGRP (Enhanced) Interior Gateway Routing Protocol Two routers within an autonomous system are called interior
Autonomous system (AS) All devices under a single administrative control
IGP Interior Gateway Protocol used for routing within networks within an AS
OSPF Open Shortest Path First
BGP Peering Point (NAP) Where all internet peering connects, what ISPs use to talk to other ISPs
Routing algorithm metrics bandwidth
Router Redundancy Clients with Host Router Discovery Protocol enabled will choose the best gateway / whichever one is up or best based on metric
Static routes For routers that do not speak common protocols
Asymmetrical routing Can be horrible slow, mismatch between speeds can kill connections
BGP routing used for exterior routing
Default paths Hosts have default gateways
Distance vector v hop count v link state table (updates every 30 sec) v decrementing hops v up / down
latency any kind of delay
jitter variation in latency
components of response time (server / client) processor, utilization, network interface (speed / drivers), RAM, protocol
(network) autodiscovery generally not a good idea in huge environments, operates with broadcast, can disable a network
2.4GHz channels 1, 6, 11 to avoid co-channel interference
WPAN - Wireless Personal Area Networks Ex. Nike shoes sensor communicated with a Fitbit
Different wireless protocols at the physical layer for signal FHSS, DSSS, HR DSSS, OFDM, MIMO, OFDM
WLAN Service Set Logical grouping of devices
SSID - Service Set Identifier Network ID
IBSS - Independent Basic Service Set adhoc (No AP), does have SSID, must be configured
BSS Requires AP (only one)
ESS (Extended) Multiple APs, same SSID - 1 subnet, roaming layer 2
Co-Channel Interference Interference on overlapping channels
802.11 Beacon clients send probe request frame on every channel it an see containing info about the client station
Lower freq = longer dist 2.4 has longer distance
WLAN Controller (LWAPP AP) Dynamic APs, expand and contract cell size based on ambient RF. Controller view channel and power of each AP connected to it and looks at what signals each AP sees from the other APs. Adjusts power and cell size for efficiency
DHCP Option 43 Used by WLAN Controllers to configure connected APs (like DHCP) such as power and channel per AP
Power level how far you can transmit v. interference introduced
Antennas Coverage pattern / coverage distance. Omni - generates circular pattern, has 'doughnut effect' of being too close / in the eye of the signal.
5.75 GHz 12 channels, smaller channel size
Channel Bonding Combining channels as pairs, combining their sub-frequencies, for faster speeds (more bandwidth), can only combine adjacent frequencies, in patterns, keep adjacent frequencies in non-adjacent cells
AIT Automation Identification Technologies (umbrella of RFID), bar codes, matrix codes
RFID Use RF to transmit data, improve error recovery, increase velocity, reduce process errors. Push data to data warehouse for central access and management. Logistics, tracking, identification
Backscatter (passive) RF pattern that emanates from a chip
Active RFID Have a battery, 300ft range, 802.11 has a MAC address, great for triangulation - tracking things not near readers. Could be used to track legitimate (tagged) versus rogue (untagged) devices
Passive RFID 900MHz, 3m range, powered by RF from reader
EPC tag Can be read by anyone, can read / generate any frequency. Different countries operate RFID at different freq. so EPC reader is essential
Enterprise WLAN AP Can double as a RFID reader
RSSI Relative Signal Strength Indicator
TDO Time Difference of Arrival
Exciter Foreces tags in a specific range to chirp (their MAC), location reported. Helps save battery life by activating RFID when needed.
SNMP pt 1 an IP standard for managing devices on TCP/IP networks. Devices that typically support SNMP include routers, switches, servers, workstations, printers etc.
SNMP pt 2 is used in net. mgmt systems (NMS) to monitor devices for conditions that require admin attention, it consists of a set of standards for network management, including an application layer protocol, a database schema and a set of data objects (MIBs)
SNMP pt 3 An SNMP managed network consists of three key components: managed devices, agents, and network-management systems (NMSs).
Managed device A managed device is a network node that contains an SNMP agent and resides on a managed network. Managed devices collect and store management information and make this information available to NMSs using SNMP.
MIB A Management Information Base (MIB) is a collection of information that is organized hierarchically. MIBs are accessed using a network-management protocol such as SNMP. They are comprised of managed objects and are identified by object identifiers.
Managed object A managed object (sometimes called a MIB object, an object, or a MIB) is one of any number of specific characteristics of a managed device. Managed objects are comprised of one or more object instances, which are essentially variables.
Managed objects pt 2 Two types of managed objects exist: scalar and tabular. Scalar objects define a single object instance. Tabular objects define multiple related object instances that are grouped together in MIB tables.
Managed device commands Managed devices are monitored and controlled using four basic SNMP commands: read, write, trap, and traversal operations.
spectrum analyzer Analyzing freqs that others are using, signal strengths.
Distributed application troubleshooting tracert, ping, spectrum analysis / wireless survey, protocol sniffers
Switch Each port is it's own collision domain, devices still listen for uni, multi, and broadcast traffic. Bridge table full of MAC addresses to port mappings, bridge / switch topology. No ACL for performance on layer 2.
FastForward Low latency, no error checking - fast!
FragmentFree low latency, checks for colisions
Store and Forward High latency, full error checking
VLAN Identification Using IEEE 802.1Q Unique ID in the header of each frame for what VLAN the frame belongs to
LAN Switch & troubleshooting Hard to t-shoot between VLANS, can only see traffic on own VLAN
Port mirroring Configure the switch to monitor all ports, span all ports - good for IDS, good for network visibility, good for attackers
Blocking v non-blocking LAN switches Blocking - all interfaces are 1GB but backplane speed is 1.5GB. Not giving wire speed for every port as advertised.
VLAN Broadcast domain
QoS Traffic types Best effort traffic - text, graphics = bursty, intolerant of errors
802.1X Uses X.509 certificates to assign users to VLANs that they are assigned to originally, prevents users from plugging into the wrong VLAN
VLAN tag number in MAC frame that distinguishes what VLAN a frame belongs to, headers added to MAC frame that identify what VLAN traffic is coming from / going to
VLAN trunk Connects network devices, allows multiple VLANS to connect.
Use of MIB Collect information on AP connections, etc.
QoS Allows for prioritization of traffic to avoid latency situations
AS in routing protocols -under single admin control, everyone chooses the same AS number and can exchange route info within their AS
AAAA Net Security Policy Access, Authentication, Authorization, Audit: control physical access, knowing you are who I think you are, limiting access to specific resources, maintaining logs of unauthorized access attempts.
Session persistance Session doesn't timeout
Why are networks important to security All security devices collect, monitor, analyze, or block network traffic
Encryption != Secure connection What about data sent that is malicious and encrypted
LAN MAC layer protocols == frames, layer 2
Flooding in transparent learning bridge First time building bridge table, flood traffic out every interface to construct table by noting where responses come from and on what ports
IP aggregation - variable lane subnet masking (advanced subnetting) For backbone / links - use small subnet designations for links and large subnets for nodes. Aggregation = combine subnets to make one big one.
Link state metrics can be hops, utilization, bandwidth, etc. up to 7 etrics
Spanning tree eliminates redundant links between layer 2 devices (loops)
CDN (akami) Caches stuff locally at all ISPs for speedy retrieval of content
Local and global load balancer Multiple instances of the same application running (locally at the same datacenter) or replicated at another datacenter somewhere else (for redundancy / content delivery)
Net Mgmt System NMS collects data from the agent by collecting the MIB
MIB database of info on networked devices
Aggressive roaming v non-agressive Limited RF v a lot of RF
Security perimiter All devices that do analysis, collection, etc.
X.509 certificates Digital certificates used for MFA to access a network
What is a network interface card? Network interface card or network card is a device installed on the system that is responsible for sending and receiving data on the network.
The network card is also known as what? Network Adapter
A system that comes with a network card built in is said to have what? Integrated network card
Network cards run on what two layers of the OSI model? Layer 1 and Layer 2
A network bus can be installed by inserting the card into what? The expansion bus of the system.
PCI was what in the past? ISA
When you install a network card you need to ensure that you get the correct type of card for the what? Particular type of expansion slot.
Name some popular expansion bus architectures. ISA, MCA, VESA, EISA, PCI, AGP, and PCMCIA
What is ISA? Industry Standard Architecture (ISA) it is an old bus architecture that runs at 8 MHz and supports 8 or 16 bit cards.
What is MCA? Microchannel Architecture (MCA) was built by IBM and has a 32 bit card that runs at 10 MHz.
What is VESA? Video Electronics Standards Association (VESA)also known as VESA local bus or VLB. Has a 32 bit architecture and runs at 33 MHz.
What is EISA? Extended Industry Standard Architecture is the upgrade to ISA supports 32 bit cards and runs at 8 MHz.
What is PCI? Peripheral Component Interconnect used today for adding cards to the system. Runs at 33 MHz and has a 32-bit or 64-bit bus architecture. Most network cards today are PCI.
What is AGP? Advanced Graphics Port it is a new graphics standard that runs at 66 MHz and is used by video cards.
What is PCMCIA? Personal Computer Memory Card Industry Association is the bus architecture used in laptop computers. Has a 16-bit architecture that runs at 33 MHz.
What is a transceiver? The portion of the network interface that actually transmits and receives electrical signals across the transmission media.
What are the 2 types of transceivers? Onboard & External
Onboard transceivers are ______ onto the network interface card. Built
External transceivers require a small device that attaches to the NIC vian an __________ cable. Extension
An attachment unit interface (AUI) connector is also called what? Digital-Intel-Xerox (DIX) connector.
The AUI connector is a female _____-pin D- connector and connects a workstation to thicknet cabling. 15
Fiber-optic connectors generally have 2 connectors, what are they for? One each for incoming and outgoing fiber cables.
A network card has how many transmission methods? Three they are Simplex, Half duplex, Full duplex.
Explain Simplex transmission. Allows communication in one direction only.
Explain half duplex transmission. Allows communication in both directions but not at the same time.
Explain full duplex transmission. Allows communication in both directions at the same time. All four pair of the wires are being used.
A MAC address is a _____-bit address displayed in a hexadecimal format. 48
What is the first half of the MAC address? Manufacturer's address (ID)
What is the last half of the MAC address? Unique address (ID)
How would you view your MAC address on Linux? ifconfig
If you go to www.coffer.com/mac_find/ what will you find? Determine the manufacturer of your network card based on the first half on the MAC address.
The MAC address is also known as what? MAC-48 address, Extended Unique Identifier EUI-48 address, physical address, and hardware address
The activity light should be ________ when there is network activity. blinking
The link light proves what? That there is a physical connection.
A driver is a piece of _________ that allows the operating system to communicate with the device. Software
A hub is also known as what? Concentrator
Which port on the hub is used for cascading and is already crossed over? 5th Port also known as the Uplink port
When connecting three 24-port hubs, the uplink port 24 on the first hub goes to what port on the second hub? Anyport on the second hub, but a good practice is the first port of the second hub.
A hub sends a signal to which ports? All Ports
What is the function of a passive hub? Receive data from one port and send it out to the other ports.
Does a passive hub regenerate the signal? NO
What is the total cable length when using a passive hub? The length between 2 PCs and NOT PC-to-hub length as with active hubs.
Does a passive hub have a power source or electrical components? NO, it simply attaches the ports interanlly and enables communication to flow through
An active hub provides the same functionality as a passive hub except that it does what? Rebuild (regenerate) the data before sending it to all the destination ports.
An active hub has a power source and ______-in repeaters to boost the signal. Built
With an active hub you can run UTP cable 100 meters on which side of the hub? On each side of the hub.
A hybrid hub can use many different types of what? Cables
Hub are used in Ethernet environments and _____ are used in Token Ring environments. Multistation Access Unit (MAUs)
Hubs run at what layer of the OSI model? Layer 1
How is a MAU different from a hub? 1)It regenerates the signal to travel a larger distance. 2)Does NOT have collision indicators. 3)Does NOT have an uplink port instead it has a ring-in port and a ring-out port.
A repeater is considered a what layer device? Layer 1
Layer 2 devices are a little smarter than layer 1 devices because why? Layer 2 devices can make decisons
What layer device is a bridge? Layer 2
What does a bridge do? It breaks the network down into multiple segments then filters traffic by forwarding traffic to the destination network segment.
How does a bridge filter traffic? Comparing the Destination MAC address of a packet with the MAC addresses in its bridging table.
A bridge forwards traffic how? Only to the needed network segments.
An administrator can control which workstations can connect to each switch port via what feature? Port Security
VLANs are a special feature of what device? Managed Switches
What is the purpose of a VLAN? They allow an administrator to group ports on a switch and it cuts down on broadcast traffic.
How do VLANs cut down on broadcast traffic? Using broadcast domains
Layer-1 switch implements what? Port switching, increase security, isolation, associates the port with the VLAN.
Layer-2 switches apply a header to data and when it is processed by another layer-2 device it is called what? Frames instead of packet
A layer-2 switch doesn't associate the port with the VLAN, but with the _____ addresses of the systems associated with the VLAN. MAC
A layer-3 switch bases membership in a VLAN on the _______ ID of the layer-3 address of a packet. Subnet
With layer-3 switches the ________ belong to the VLAN not the actual workstations. Packets
What is a multilayer switch? Can run at layer 2 and 3 with the functionality of both a switch and a router. This is a Layer-3 switch.
What layer does Spanning Tree Protocol (STP) run at? Layer 2
What is Spanning Tree Protocol used for? To prevent loops that occur when multiple switches are connected together.
What does a loop on the network cause? Causes the network to go down and creates instability in the switches.
STP is a protocol that looks at all of the ______ used to create a loop and then places one of thos ports in a blocking state. Ports
The port that is in a blocking state can't do what? Data traffic can NOT pass through the port.
Once the loop is in a blocking state, the loop is _______ and the network becomes more stable. Broken
Since the port is in a blocking state instead of disabled, what happens if one of the other links goes down? The port is transitioned into a forwarding state automatically.
What is a feature on Cisco switches that allows you to connect the switches together? Trunking
In trunking, you must assign one of the _____ as a ______ port. Ports, Trunk
What is the trunk port used for? Carries VLAN traffic to the other switch.
Vlans are allowed to contain ports that are from multiple switches as ________. Members
What is added to data packets when the data is sent out of the trunk port? VLAN identification number
When a switch assigns the VLAN identification information to a packet it is known as what? Tagging
What are the 2 popular protocols for tagging? InterSwitch Link (ISL) and IEEE 802.1Q
ISL is the __________ proprietary protol for tagging and associating them with a particular VLAN on older switches. Cisco
Newer Cisco and Juniper Network switches us what protocol as the tagging method? IEEE 802.1Q
Port Mirroring is also known as what? Port monitoring
What port does Network Time Protocol (NTP) use? 123
Domain Name System uses what port? 53
Hypertext Transfer Protocol-Secure uses what port? 443
Internet Message Access Protocol, version 4 (IMAP4) uses what port? 143
What is a Time Domain Reflector (TDR) meter? It uses the speed of electricity through copper to locate a reflection by injecting a signal and timing how long it takes for the signal to be reflected back.
A voltage meter measures what? Voltages and NOT the condition of the cable.
What is an event recorder? Measures voltage fluctuations over a period of time.
POP3 uses what port by default? 110
What feature allows the switch to send a copy of data that reaches certain ports to the mirrored, or monitored, port? Port Mirroring
Port monitoring allows an administrator to plug a workstation into the port that the copy of the dat is being sent to and ________ the network traffic. Monitor
By default what device filters traffic by only sending the data to the port that the destination system resides on? Switch
What feature of a switch allows the administrator to associate the MAC address of the system with the port to which it will connect? Port Security/Authentication
What kind of switch is special and designed for optimizing data delivery to clients by improving performance like data caching or load balancing? Content Switch
A router is responsible for what? Sending data from one network to another.
What layer does the router run on? Layer-3
A router can have how many network interfaces? Multiple
Routers are typically used to connect the ____ to a _____. LAN, WAN
Routers use a _______ table stored in memory to determine how to reach a system on a destination network. Routing
When data has a layer-3 header which has the source and destination IP address the data is known as what? Packet
Routers can also filter packets because they act as what? Broadcast domain
Each port on a switch creates a separate what? Collision Domain
A router is the device you would use to create multiple what? Broadcast Domains
A gateway is responsible for what? Translating information from one format to another and can run at any layer of the OSI model.
How do gateways reformat a packet? By stripping the packet down to just the data and then rebuilding the packet so that it is understood at the destination.
Firewalls protect the network from what? Outside Intruders
How do firewalls protect? They block specific types of traffic while allowing certain information to pass through.
Home routers have what built in? Firewall Features
An Intrusion Detection System (IDS) does what? Monitors system or network activity and then notifies the administrator of any suspicious iactivity against the firewall and inside the network.
IDS compliment other security devices such as what? Firewalls
What are the 2 types of IDS's Host based and Network based
What is a host based IDS? It is a piece of software that monitors the local system for suspicious activity.
What is a Network based IDS? Monitors network traffic for suspicious behavior it can compare the traffic to known malicious traffic patterns when a match is found an alert can be triggered.
What 2 ways can a Network based IDS come in? Software or Hardware
IDS's can be either active or what? Passive
An active IDS does what? Monitor and log activity plus take some type of corrective action.
A passive IDS does what? Does NOT take corrective action. It identifies activity and then logs it.
What are the 2 popular ISDN connections? Basic Rate Interface (BRI) and Primary rate interface (PRI)
What is ISDN? Integrated Services Digital Network (ISDN) is a communication standard for sending voice and data over normal telephone lines or digital telephone lines.
What are the characteristics of BRI? It is a 128 kbps connection made up of two 64 kbps channels known as B channels and one 16 Kbps control channel known as a D channel
What are the characteristics of PRI? It is a 1.55 Mbps connection made up of twenty-three 64 Kbps channels(B-channels) and one 63 Kbps D-channel for signaling and control information.
What is a Proxy server? A network device that is used to request Internet resources (such as webpages) on behalf of the internal users. It caches the sites for quicker access in the future, log internet activity, and control what protocols can be used to access Internet.
TCP and UDP are what layer protocols? Layer-4 Transport Layer
UDP uses what ports? 67 DHCP service & 68 Client request
What port is used for TFTP? 69
What is TFTP used for? Used to upload or download files without requiring authentication.
What ports does NetBIOS use? UDP ports 137 & 138
What does SNMP stand for? Simple Network Management Protocol.
What port does SNMP use? 161
What protocols run at the internet layer of the TCP/IP model? IP, ICMP, ARP
What does IP do? Packet delivery for protocols higher in the model. It is connectionless. IP simply sends data.
IP is part of what layer of the OSI model? Layer-3 and is responsible for logical addressing and routing.
Windows operating systems have a default TTL value of what? 128
What does ICMP stand for? Internet Control Message Protocol
What is ICMP used for? It enables systems on a TCP/IP network to share status and error information.
What are two programs that use ICMP messages? Ping & Tracert
ICMP messaged are ______________ within IP datagrams so that they can be routed throughout a network. encapsulated
You can use Ping to send ICMP ______ requests to an IP address and wait for ICMP_____ responses. echo
Ping reports what? Time interval between sending the request and receiving the response.
Tracert does what? Traces the path taken to a particular host it is useful in troubleshooting internetworks.
Tracert sends _____ _____ request to an IP address while it increments the TTL field in the IP header by a count of 1. ICMP echo
What does IGMP stand for? Internet Group Management Protocol
What is IGMP used for? Internet layer protocol and is used for multicast applications.
What is ARP? Address Resolution Protocol and it provides IP address-to-physical address resolution on a TCP/IP network.
The physical/IP address combo is then stored in the _____ ______ of the originating system for future use. ARP cache
What does NTP stand for? Network Time Protocol
What does NTP do? Use to synchronize the clocks of PCs on a network or the internet.
What does NNTP stand for? Network News Transfer Protocol (NNTP)
What is NNTP used for? It allows news clients to send and retrieve news articles to a newsgroup.
NNTP uses ____ to send and receive news articles. TCP
NNTP allows submission and retrieval of only the news articles than have ___ previously been sent or retrieved. NOT
What is SMTP? Simple Mail Transfer Protocol is used to send or route mail over TCP/IP neworks.
What is POP3? Post Office Protocol version 3 is an internet protocol used to retrieve e-mail from a mail server to the POP3 client.
What is IMAP4? Internet Message Access Protocol version 4 is like POP3 and allows additional features other than the 4 basic folders by connecting to public folders stored on an Exchange server.
What is SNMP? Simple Network Management Protocols provides a simple method for remotely managing or gathering statistics from virtually any network device.
SNMP has a two-tiered approach what are they? 1)A central management system. 2)Management Information Base.
What can you see with SNMP? Performane, network device operation statistics, diagnose network health.
SNMP management software is reffered to what? Management system
A management system must be able to collect and analyze what? Nework protocol id & statistics, Dynamic ID (discovery), Hardware & software configurations, Performance, Event & error messages, and Application usage statistics.
FTP belongs to what protocol suite? TCP/IP
Like telnet and ping, FTP can establish a __________ to a remote computer using either the hostname or IP address. Connection
TFTP is typically used to ____ diskless workstations. boot
What is SFTP? Secure File Transfer Protocol is an interactive file transfer protocol similar to FTP but it encrypts all traffic between the SFTP client and the SFTP server.
Telnet is a terminal _________ protocol that allows a client to run or emulate the program runnin on the server. emulation
SSH stands for what? Secure Shell
What TCP port does SSH use? 22
SSH is a secure replacement for protocols such as what? Telnet
What is SCP? Secure Copy Protocol copies files from a remote server to a local system over a secure connection.
What is LDAP? Lightweight Directory Access Protocol is the industry standard protocol for directory services used by Active Directory & eDirectory.
LDAP allows clients to ______ the directory services for information about objects. query
Name the binary numbers of each bit? 128, 64, 32, 16, 8, 4, 2, 1
Name the range of a Class A network. 1-127
How many host are in a Class A network? 16,777,214
How many networks are in a Class A? 126
Name the range of a Class B network? 128-191
How many networks are in a Class B? 16,384
How many host are in a Class B? 65,534
What is the range of a Class C? 192-223
How many networks are in a Class C? 2,097,152
How many host are in a Class C? 254
What is the range of a Class D? 224-239
What is Class D used for? Multicasting to more than 1 host
What is the range for Class E 240-255
What is a Class E used for? Experimental, Reserved for future use.
What is the default subnet mask of a Class A address?
What is the default subnet mask of a Class B address?
What is the default subnet mask of a Class C address?
What loopback address would you type to ensure that TCP/IP stack is functioning properly on your system?
Define a private IP address? It can be used on a system but can NOT be used on any kind of internet connectivity.
The private IP address are what? Nonroutable
What are the 3 private IP ranges? -, -, -
IPv6 uses what scheme? 128-bit address scheme
How many bits are there in IPv6? 8 hexadecimal values (16 bits each) and are separated by colons.
In IPv6 you use double colons for what? to express leading consecutive zeros
What are the type of addresses in IPv6? Unicast, Multicast, Anycast
In IPv6 what are the different types of Unicast addresses? Global Unicast, Site-local unicast (private), Link-local unicast (like APIPA).
In IPv6 a site-local unicast address always starts with what? FEC0
In IPv6 a link-local unicast address always starts with what? FE80
What is MLD? Multicast Listener Discorvery a function of the ICMPv6 serves as the multicasting protocol and replaces IGMP.
What is Neighboring Discovery? Is a component of ICMPv6 and replaces ARP.
Server applications typically use low port numbers that fall under what? 1024
Client application port start at what? over 1024
Ports used by client applications are known as what? Dynamic Ports.
What port does NNTP use? 119
What port does NTP use? 123
In DHCP a set of usable IPs is called what? Scope
The Boot Protocol is known as what? BOOTP
What is BOOTP? Used by diskless workstations.
Routers need to be _____ compatible to allow the DHCP requests to pass through the router to another segment. BOOTP
DNS converts _______ to ___ addresses. Fully Qualified Domain Names (FQDN) to IP
NBTSTAT is used for what? Used to troubleshoot NetBIOS over TCP/IP connections.
Tracert is used for what? Traces and reports on the route to a remote computer.
Netstat is used for what? Displays statistics for current TCP/IP connections.
ARP is defined in depth in RFC what? 826
What is the name of the table that stores MAC address in memory? ARP cache
What ARP command allows you to view the ARP cache? arp -a & arp -g
What ARP command allows you to add static entries? ARP -s
What ARP command allows you to delete an entry? ARP -d
Telnet is defined in depth in RFC what? 854
Telnet uses a concept defined as what? Network Virtual Terminal
To run telnet type in what at the command prompt? telnet.exe
What is the default terminal emulation used for telnet? VT100
What command is used to query the NetBIOS name table of a remote IP address? NBTSTAT -A
Tracert and traceroute us what protocol as their underlying protocol? ICMP
What is Tracert -d? It indicates to the utility that you do not want to display hostnames.
Tracert will continue how many hops by default? 30
Give some examples of routable protocols. TCP/IP, IPX/SPX, AppleTalk, and DECnet
Name a protocol that is nonroutable. NetBEUI and DLC
Explain a nonroutable protocol. Does not have the capability to send packets across a router from one network to another network.
Explain a routable protocol. The packets can leave the network by being passed through a router then delivered to a remote network.
What is a major advantage of TCP/IP? It can connect heterogenous (dissimilar) enviroments together.
TCP/IP is the protocol on which the _______ is built. Internet
TCP/IP is robust and commoly is associated with _________ and ________ systems. UNIX and LINUX
What does TCP/IP stand for? Transmission Control Protocol/Internet Protocol
TCP/IP was orignally designed in what year? 1970s
TCP/IP was orginally to do what? Connect dissimilar systems across the country and used by Defense Advanced Research Projects Agency (DARPA) and Department of Defense (DOD).
What type of protocol is AppleTalk? Routable
AppleTalk was implemented in how many phases? Phase 1 - for small workgroups & supports nonextended neworks. Phase 2 for larger networks with more than 200 hosts and supports extended networks which a network segment is allowed multiple network numbers and zones (the most popular today).
Explain a nonextended network. Each network segment can be assigned only a single network number and only one zone is allowed.
Explain a zone. A logical grouping of nodes.
IPX is connection-oriented and reliable in transport? False. IPX is connectionless and unreliable in transport.
What does connectionless mean? No session is established between sender and receiver before transmitting data.
What does unreliable mean? Packets are sent to a destination without requiring the destination to acknowledge receving those packets.
The SPX protocol is responsible for what? Reliable delivery and is connection-oriented.
TCP/IP requires ________ to resolve a MAC address? IP address.
What are the four major frame types? 802.2, 802.3, ETHERNET_SNAP, AND ETHERNET_II.
IPX is responsible for what? Routing packets
TCP/IP has 2 major drawbacks, what are they? 1)Configuration-has a learning curve such as knowing IP addresses, subnetmask,and default gateways. 2)Security-has an open design an is unsecure when used without additional technologies such as SSL.
In the 1980s, what organization defined the OSI model? International Organization for Standardization (ISO)
What does OSI stand for? Open Systems Interconnect
Name the 7 layers of the OSI model. From High to Low: Application, Presentation, Session, Transport, Network, Data link, and Physical.
Network communication starts at what layer of the OSI model on the sending system? Application Layer
What is the application layer responsible for? On the sending system the application layer sends a request. On the receiving system the application layer is responsible for passing the request to the appropriate application or service on that system.
What is the presentation layer responsible for? The application passes the request down to the presentation layer and the presentation layer formats the data so that the receiving system can interpret it.
What are some of the formating functions of the presentation layer? Compression, encryption, ensuring the character code set can be interpreted on the other side.
What is the session layer responsible for? It manages the dialogue between computer by establishing,managing, and terminating communications between 2 computers.
How many phases are in the session layer? 3
What is the first phase of the session layer? It is the establishment phase. The requestor defines the service and rules; such as who transmits & when and how much data can be sent at a time. Both systems must agree on the rules.
What happens in the second phase of the session layer? The transfer process begins.
What is the third phase of the session layer? Termination in an orderly fashion.
What is the transport layer responsible for? It handles functions such as reliable and unreliable delivery of data through the use of the protocol requested.
The transport layer breaks down data into smaller parts known as what? Segments
If a retransmission is required at the transport layer what segments will be resent? Only the missing segments
How are missing segments detected in the transport layer? The receiving system will receive an acknowledgement (ACKs) from the remote system upon receiving the packets.
The transport layer is also responsible for segment ___________. Sequencing
Explain segment sequencing. It is connection-oriented service that takes segments that are received out of order and puts them in the right order.
TCP works at what layer of the OSI model? Transport Layer with reliable delivery.
What does UDP stand for? User Datagram Protocol
UDP works at what layer of the OSI model? Transport Layer with unreliable delivery.
A service address is also known as what? Port address or well-known addresses
What layer enables the option of specifying a port address? Transport Layer
In TCP/IP service addresses are also called what? Sockets or Ports
What must take place in connection-oriented communication? Handshaking because it defines rules for communication such as transmission speed, what ports to use, and proper terminating of session.
What is the network layer reponsible for? Managing logical addressing information in the packets and the delivery (routing) of those packets by using the routing table stored in the packets.
What is a routing table? A list of available destinations that are stored in memory on the routers.
What is the purpose of a logical address? Uniquely identifies a system on the network and the network that the system resides on.
The logical address is used by what layer protocols? network-layer protocols
When the network layer uses TCP/IP what does it add to the packet? Source address and the Destination address
What layer of the OSI model handles logical addressing and routing? Layer 3 (Network)
An IP address is also known as what? A layer-3 address
What is the data link layer responsible for? For converting the data from a packet to a pattern of electrical bit signals that will send the data across the communication medium.
The data link layer is divided into 2 sublayers, what are they? 1)Logical Link control (LLC) used for error correction and control functions. 2)Media Access Control (MAC) determines the physical addressing of the hosts and determines the access method.
MAC address is known as what layer address? Layer-2 address
The sender in network layer appends the IP address information and the data link layer will append what address? MAC address for the sending and receiving systems.
Ethernet and Token Ring are defined by what layer of the OSI model? Layer 2`Data link layer
What is the physical layer responsible for? Moving bits of data on and off the network medium by encoding and timing the bit transmission and reception.
At the data link layer data is converted into electrical signals then passed to the physical layer to do what? Release data on the communication medium.
What is data encapsulation? As data passes down the 7 layers of the OSI model, header information is added to the packets for each layer.
IPX runs at what layer of the OSI model? Layer 3 & 4 but the network exam places it at LAYER 3
SPX runs at what layer of the OSI model? Layer 4 the Transport layer
IP runs at which layer of the OSI model? Layer 3 the Network layer
TCP runs at which layer of the OSI model? Layer 4 Transport layer
UDP is part of what protocol suite? TCP/IP
UDP runs at which layer of the OSI model? Layer 4 Transport layer
NFS is a protocol for what? File sharing that enables a user to use network disks as though they were connected to local machine. Also allows the sharing of printers.
NFS was created by who? Sun Microsystems for use on Solaris (Sun's version of UNIX)
NFS is part of what suite? TCP/IP
What layer of the OSI model does NFS belong to? Application layer
What protocols are implemented in redirectors? Microsoft's Server Message Block(SMB) and Novell's NetWare Core Protocol (NCP)
What is a redirector? It is a software that intercepts requests, formats them according to the protocol in use, and passes the message to a lower-level protocol for delivery or vice versa.
SMB and NCP are primarily used for what? File and printer sharing in Microsoft and Novell.
SMB and NCP belong to what layer of the OSI model. Application layer
What is SMTP? Simple Mail Transport Protocol and it is used for sending internet e-mail messages.
What is FTP? File Transport Protocol that is connection-oriented and used to transfer files between two machines. Required user name and password.
What is TFTP? Trivial File Transfer Protocol and is used like FTP except it is NOT connection-oriented however faster than FTP. No authentication mechanism.
FTP runs on what layer of the OSI model? Layer 7 Application layer
SMTP runs on what layer of the OSI model? Layer 7 Application layer
Telnet runs on what layer of the OSI model? Layer 7 Application layer
JPEG runs on what layer of the OSI model? Layer 6 Presentation layer
GIF runs on what layer of the OSI model? Layer 6 Presentation layer
MPEG runs on what layer of the OSI model? Layer 6 Presentation layer
NFS runs on what layer of the OSI model? Layer 5 Session layer
RPC runs on what layer of the OSI model? Layer 5 Session layer
What does IEEE stand for? Institute for Electrical and Electronics Engineers
Ethernet (CSMA/CD) is defined by what standard? IEEE 802.3
The MAC sublayer uses what access method? CSMA/CD
CSMA/CD doesn't stop collisions from happening instead it does what? Helps manage the situations when they do occur.
500 meters is approximately how many feet? 1640
185 meters is approximately how many feet? 607
100 meters is approximately how many feet? 328
802.3u standard defines what? Fast Ethernet (100 Mbps)
802.3z standard defines what? Gigabit Ethernet over fiber-optic cabling or coaxial cabling
802.3ab standard defines what? Gigabit Ethernet over twisted-pair cabling
802.3ae standard defines what? 10-Gigabit Ethernet
802.11 standard defines what? Wireless networking
Speeds of 54 Mbps at frequencies from 5.725 GHz to 5.850 GHz is what standard? 802.11a and is NOT compatible with 802.11b
Speeds of 11 Mbps at frequencies from 2.400 GHz to 2.4835 GHz is what standard? 802.11b components ARE compatible with 802.11g
Speeds of 54 Mbps at frequencies from 2.400 GHz to 2.4835 GHz is what standard? 802.11g allows devices from 802.11a and 802.11b to coexist.
Speeds of over 100 Mbps at frequencies of either 5 GHz or 2.4 GHZ and backwards compatible with 802.11a/b/g is what standard? 802.11n the goal is to increase bandwidth and range.
What does 802.1 define? Internetworking
What does 802.2 define? Logical Link Control
What does 802.4 define? Token Bus
What does 802.6 define? Metropolitan Area Network
What does 802.7 define? Broadband technology
What does 802.8 define? Fiber-optic technology
What does 802.9 define? Voice and Data integration
What does 802.10 define? Network security
What does 802.12 define? Demand priority networking
How does Coaxial cable work? Coaxial cable, or coax, brings the signal down from a rooftop antenna to a TV set or radio receiver—or, in this case, to link together networked devices.
What is Crosstalk? Crosstalk is an unwanted interaction, or interference, between two electrical signals.
What is Four-pair UTP Cable? Telephone-type cable known as unshielded twisted pair, or UTP. UTP network cables, as shown in the figure below, have four pairs of twisted wires. The twists in the cable pairs reduce crosstalk and also act as a partial shield.
Explain the two types of UTP Cable? Patch Cable and Premises Cable
What is plenum cable? Plenum is a fancy name for the gap between the real ceiling and the suspended tiles.
How does straight-through cable work? The typical straight-through cable for CAT 5 uses only four wires—wires 1, 2, 3, and 6. With a straight-through cable, pin 1 of the RJ-45 connector on one end follows the wire to pin 1 on the other end, and as a result, pin 1 on both ends of the wire are
How does crossover cable work? When you use a crossover cable to connect two computers directly, the crossover cable will connect the transmit pins on one computer to the receive pins on the second computer using wires 1 and 2 in the cable.
How does roll over cable work? Rollover cable: Also known as the console cable, it connects the administrator's system to the console port of a Cisco router or switch. The administrator connects the console cable to his or her serial port and then to the console port of the switch or
What's the purpose of the loopback cable? Loopback cable: We use this special cable for self-diagnostics and typically have the wires connecting the transmit pins to the receive pins on the same system, keeping the communication local. This cable type is only a testing tool; we don't use it for
How are cables connected from the wall jack to the patch panel? We typically connect cables from the wall jack to the patch panel by a punch-down tool.
Name two types of wiring patch panels? A couple of standards deal with wiring patch panels: for wiring the telephone system, use 66 block, and to wire the patch panel for CAT 5 or better UTP cable, use 100/110 block.
Explain the two types of Crosstalk: There are two types of crosstalk – near-end crosstalk, or NEXT, and far-end crosstalk or FEXT. NEXT occurs when a signal causes interference with a signal on an adjacent wire heading in the same direction, while FEXT occurs when a signal causes interferen
How does an AD HOC Network work? In an ad hoc network, the wireless nodes communicate directly with each other; you would not need to have a WAP for two hosts to communicate. Although this might be handy for transferring files between two laptops in the train station, ad hoc 802.11 netwo
What security methods can be used to prevent hackers from stealing wireless data? To address these issues, wireless networks use three methods of security, although only the second and third methods help: * Disabling broadcast of the Service Set Identification * MAC address filtering * Data encryption
How can a hacker get around security when SSID broadcasting is disabled? Kismet is a piece of software that enables you to see cloaked wireless networks and the clients connected to those networks. Even the default Wi-Fi detection in Windows Vista and Windows 7 will report a non-broadcasting network.
What layer of the OSI Model does the NIC work at? NICs operate at the Data Link or layer 2.
How does MAC Address Filtering work? Most wireless access points support MAC address filtering or MAC address reservations, a feature that enables you to limit access to your wireless network based on the physical, hard-wired addresses of the wireless network adapters you support.
What is a media converter? A media converter is a small adapter that converts from one connector style to another connector style, allowing you to switch from one cable type to another. For example, you can have a media converter that converts from UTP cabling to fiber-optic cablin
What is the purpose of a repeater? A repeater simply takes the incoming electrical signals, corrects any voltage drops, and then retransmits the cleaned signals.
What layer of the OSI model does a Hub and Repeater operate at? Hubs also operate at the Physical layer, like a repeater, and you can deduce from this that both repeaters and hubs don't do much except pass electrical signals from one port to another.
What is the definition of jabbering? If a faulty Ethernet NIC starts to send out an endless stream of unintelligible data, it is "jabbering." Jabbering is similar to deliberately generating reflections and will stop every other device from using the network.
What layer of the OSI model does a bridge function? Bridges operate at the Data Link layer, layer 2 of the OSI model.
How does a Switch work? A switch has more intelligence than your average kind of hub: For example, a switch can filter traffic by sending the data only to the port on the switch where the destination MAC address resides. This is different from a hub in the sense that a hub alway
What are the three core functions of a Switch? •Address learning : When a system that is connected to the switch sends data to another system, the switch records the port to which each system is connected according to the MAC address of the system. The switch learns the MAC address because the header
Switches can process the data packets in two ways: •Store-and-forward switches store an entire data packet in memory while they analyze it, check its addressing, and check it for errors. Once a switch is happy with the data packet, it forwards the data packet to the appropriate port. If, however, the data
What Layer of the OSI model does a Switch operate? Switches operate at layer 2 of the OSI model. You can remember this because switches work with MAC addresses, which are layer 2 components, to filter traffic.
What are the benefits of a Routed Network? The benefits of a routed network include fault tolerance and a high degree of control over how data gets around a WAN—favor faster or slower routes, or other routing decisions based on number of hops or cost of using a particular route.
What is a physical segment? Everything out one port of a Router or between two Routers.
How does NetBEUI work? When you install NetBEUI on a Windows operating system, you are actually installing both protocols. The NetBIOS protocol is responsible for Session layer functionality, while the NetBEUI protocol is responsible for Transport layer functionality.
How is IPX/SPX configured? Because IPX/SPX is routable, however, every client needs a network address, entered as part of a server's configuration. The important point to remember here is that every server on the same network must be configured with the same network address.
How does a connection-oriented protocol work? A connection-oriented protocol verifies the delivery and receipt of each and every packet sent. Connection-oriented protocols also check whether the destination device is actually present before sending it any data—they establish a connection between the
How does a connectionless protocol work? Connectionless or unreliable protocols assume that everything's working fine and expect something elsewhere to notice any problems. Because of the smaller data transmission management overhead, connectionless protocols tend to be faster than connection-or
What are some examples of connectionless and connection-oriented protocols? SPX is a connection-oriented protocol in the IPX/SPX protocol suite, while IPX is connectionless protocol. NetBEUI can provide both connection-oriented and connectionless packet delivery services.
What is NFS? Network File System or NFS is a file-sharing protocol that allows users access to network disks as though they were connected to the local system. NFS is a popular protocol used in UNIX and Linux to allow sharing of the file system and printers.
What is the purpose of SAMBA? Before SAMBA, you could share files between UNIX systems and other platforms using various file transfer programs and disk tools, but SAMBA makes things much simpler. SAMBA also provides client tools for UNIX and Linux workstations to access Windows serve
What is NTP? The Network Time Protocol or NTP is an industry protocol that is used to synchronize the time on a system with a central server on a LAN or on the Internet. In most network environments, you will configure the clients to set their time from a server on t
What is the purpose of the ARP or Address Resolution Protocol? It converts the IP address, a layer 3 address, of the destination computer to the MAC address, a layer 2 address. It does this through broadcast.
How does ICMP work? If you have ever used the PING utility to verify that a remote system is up and running, you have seen replies come back to you. ICMP is the protocol used by PING to report the replies to you.
What is IGMP? IGMPor Internet Group Management Protocol is the TCP/IP protocol that is responsible for multicasting, or sending data to groups of systems at one time. IGMP is popular with streaming video or gaming applications, for which the same data needs to deliver
What is the role of APIPA? Most current operating systems, such as Windows, support a feature known as Automatic Private IP Addressing or APIPA, which allows a system to assign itself an address if a Dynamic Host Configuration Protocol, or DHCP, server is not available on the netwo
What is the purpose of the Loopback address? Referred to as the loopback address, messages sent to never leave the sending machine; instead, they are redirected back through the internal software layers to communicate with network software running on the localhost, a fancy name for "this m
How does IP Address ANDing work? When communicating from one system to another, the IP protocol on the sending computer determines whether the destination system exists on the same network through a process called ANDing. ANDing is done at the bit level. The first thing to do when ANDing
How does CIDR or classless routing work? For example, you know that the IP address uses the first two octets as the network ID when you see the subnet mask of You may also indicate this by using the CIDR, or Classless Inter Domain Routing, notation, whic
How does distance vector routing protocol work? A distance vector routing protocol keeps track of different networks and how many hops away, or routers away, each network is. A distance vector routing protocol considers the best pathway being the shortest path with the least number of hops.
List distance vector routing protocols: RIP, RIPV2, IGRP and BGP
How does link state routing protocol work? Link state routing protocols decide the best route to use based on bandwidth, not based on the number of hops, as a distance vector routing protocol does. Most routers assign a cost value to each type of link, and we typically select the route with the l
List link state routing protocols? OSPF, ISIS
How does hybrid routing protocol work? A hybrid routing protocol uses features of distance vector and link state. A hybrid protocol will keep a hop count list but at the same time have a cost associated with a route based on the bandwidth of the link.
Name the hybrid routing protocol? EIGRP
How does NetBIOS manages connections? NetBIOS manages connections between machines using NetBIOS names—essentially the "computer name." The Sockets standard manages connections based on an IP address and a port number.
What is a Socket? A socket is a combination of a port number, a protocol, and an IP address. A socket defines the endpoints of communication, uniquely identifying a TCP/IP application that runs on a system.
What files reside on the hard drive to perform name resolution? Text files reside on the hard drives of client computers that can be used for name resolution. The HOSTS file resolves FQDNs to IP addresses, whereas the LMHOSTS file resolves NetBIOS names to IP addresses.
Dive Duplexing If you really want to keep your data safe, you can use two separate controllers for each drive. With two drives, each on a separate controller, the system will continue to operate even if the primary drive's controller stops working. We call this drive-mi
Drive Mirroring You could, for example, install a fancy hard drive controller that reads and writes data to two hard drives—the primary drive and the mirror drive—simultaneously. The data on each drive would always be identical, so if one drive were to fail, you would st
Disk Striping with Parity Disk striping with parity protects data by adding a parity drive. The parity drive stores information that you can use to rebuild data should one of the data drives fail. To use disk striping with parity, you must have at least three drives to stripe, and
RAID •RAID 0 – Disk striping. No data protection! •RAID 1 – Disk mirroring and disk duplexing. •RAID 2 – Disk striping with multiple parity drives. Unused; ignore it. •RAID 3 and 4 – Disk striping with parity. The differences between them are trivial
SCSI Harddrive Small Computer System Interface, or SCSI, also supports a wide variety of devices, including hard disks, and it performs much better than EIDE under heavy load conditions.
EIDE Harddrive Enhanced Integrated Drive Electronics, or EIDE, disks are most commonly found in desktop PCs. The EIDE interface supports a maximum of four devices, which can be CD-ROM drives, tape backup systems, and removable drives, as well as hard disks. EIDE has alw
SATA Drives In recent years, IDE drives have been replaced by Serial ATA, or SATA, drives. Serial ATA drives offer the performance benefit of a transfer rate 30 times faster than that of IDE! SATA drives are also hot-swappable, which makes them great solutions for lo
Archive Bit The key to understanding how to manage and perform backups is to know about the existence and use of a file attribute called the archive attribute. All files have a series of attributes, or archive bits, that act as on/off or set/unset indicators for the
CHAP The Challenge Handshake Authentication Protocol or CHAP is more secure than PAP. After the establishment of a remote connection, the server sends a challenge message to the requestor for confirmation of the user's password. The requestor generates a resp
EAP A newer authentication protocol called the Extensible Authentication Protocol, or EAP, is popular in wireless security but can also be used for remote access solutions. EAP is a framework that incorporates many facets of security such as authentication an
PKI Private Key Infrastructure, or PKI, is an entire cryptography system that can be used for authentication and encryption services. The PKI structure starts by having a certificate authority installed that is responsible for issuing digital certificates use
TACACS+ TACACS+: Terminal Access Controller Access-Control System Plus is an AAA protocol that provides AAA services for access to routers, network access points, and other networking equipment. TACACS+ is popular in the Cisco environment.
Host-based Firewall Host-based firewall is typically a piece of software installed that simply protects the system on which it is installed.
Network-based Firewall The Network-based firewall is designed to protect packets from entering the network
Stateless Firewall A stateless firewall is simply a packet-filtering firewall that looks at the IP address and port address information in the packet and decides whether the packet can pass through the firewall based on the source/destination IP or the source/destination p
Statefull Firewall Stateful firewalls can filter the traffic based on the IP address and port information, but they can also filter the traffic based on the context of the conversation or the information in the application data portion of the packet.
Why use a port scanner? When administering firewalls, you must make sure that you perform a port scan on the firewall on a regular basis. Performing a port scan on the firewall will indicate to you which ports are open on the firewall and what traffic is able to pass through th
Copying files securely: When copying files from one system to another, if you need to protect the contents of the information being copied, look to the Secure Copy, or SCP, feature instead of the traditional Remote Copy, or RCP feature in UNIX. The SCP protocol uses SSH to perfo
NAT Network Address Translation intended to provide a temporary solution to the problems caused by the shortage of spare IP addresses. Commonly implemented in IP routers, NAT allows multiple computers on a network to connect to the Internet through a single
Host-based IDS: Installed on a system and detects attacks against that one system.
Network-based IDS: A device or software installed on a system that analyzes network traffic and tries to identify suspicious activity. Snort is an example of a network-based IDS.
File-based IDS: Monitors files on the system and notifies you of changes to the files. Tripwire is an example of a file-based IDS.
PC Security: CMOS settings on the systems and servers could include changing the boot order in CMOS so that systems don't boot off CD-ROMs, setting a password to control who can enter and make changes to the CMOS, and disabling ports such as USB ports so that employee
Mitigation Techniques - Software/Hardware Patches Best Practices Security: One of the most effective ways to help keep your systems secure is to apply all software and hardware patches and security updates in a timely fashion. Buffer overflow attacks compromise most systems, and once the attack is known, the software vendor prov
Denial of Service: Denial of Service: The attacker floods a system with too much information, causing it to crash or to be so busy servicing the information that it cannot service valid requests from real clients.
Distributed Denial of Server or DDoS: Distributed Denial of Server or DDoS : A DoS attack in which the attacker uses many systems to perform the attack. The most popular DDoS attack is a smurf attack, in which the attacker sends a ping message to thousands of other systems, but spoofs the sou
Spoof: Spoof: The attacker alters the source address of the information, generally to trick the user into thinking that the information came from somewhere other than the attacker or to bypass security filters that are in place. These attacks can be – altering t
Port scan: Port scan: The attacker uses a port scanner to find out what ports are open on the systems on your network. Once the attacker knows what ports are open on different systems, he can plan which services to attack.
Eavesdrop Eavesdrop: Also known as sniffing, this attack involves the attacker getting access to the network and running a packet sniffer. Once the packet sniffer is run, the attacker can potentially receive a copy of all information that travels on the network.
IPSec: Used to encrypt all IP traffic on the network or VPN. Uses the Encapsulation Security Payload, or ESP, protocol to do the encryption, and uses the Internet Key Exchange, or IKE, protocol to set up the session key that performs the encryption. You can conf
Define Remote Connectivity Remote connectivity means being able to access resources on an organization's network from a remote site. To establish remote access using a dial-up—PSTN or ISDN—connection, you need client software on the remote machine and also a remote access server pr
Describe the process to connect to a corporate network through a VPN: 1.The employee gets Internet access at home, in a hotel, or at another location. 2.Once the employee has Internet access, he can connect to the VPN server by typing the IP address into the New Connection dialog box.
How does NetWare 5.x and 6.x login work? NetWare servers enable users to log in once and access all their resources by logging into the NDS tree, now known as the eDirectory.
How does Windows login work? Windows servers enable users to log in once and access all their resources by logging into Active Directory.
Active Directory: Microsoft Active Directory, or Directory Services, is a model for centralized server management and was introduced with Windows 2000 Server and continued on with Windows 2003 and Windows 2008. Like NetWare Directory Services, it's based on the X.500 stand
NDS: NetWare 4.x built on the success of NetWare 3.x by adding two key features: Novell Directory Services or NDS, and TCP/IP encapsulation. NDS organizes all user and resource information in a database, referred to as the NDS tree. The NDS tree acts as a cent
Windows User Profiles and Group Policies: Windows clients support the use of user profiles, which enhance both the usability and security of a network. User profiles are a collection of settings that correspond to specific user accounts, and they allow each user to customize his or her working en
Content switch: Content switch : A switch that can implement performance features on different types of traffic. Examples of the performance features may be data caching or load-balancing services.
Multilayer switch: Multilayer switch : A switch that runs at different layers of the OSI model.
IDS/IPS: IDS/IPS : An IDS/IPS can identify suspicious traffic on the network or system and send out an alert regarding the activity.
Load balancer: Load balancer : Hardware or software that provides load-balancing services and is designed to divide the network activity between multiple hosts. Load balancers offer a number of other features such as data caching.
Multifunction network device: Multifunction network device : A device that has features of many different devices built in. A great example would be the typical home router that you purchased for your network—this device is a firewall, NAT server, DHCP server, switch, and wireless acc
DNS server: DNS server : A server on the network that converts the FQDN to an IP address.
Bandwidth shaper: Bandwidth shaper : Performs bandwidth shaping, also known as traffic shaping, where traffic is purposely held back, or delayed, based on its type. Traffic shaping conserves bandwidth at different times for specific applications.
Proxy server: Proxy server : A device that request resources, such as web pages, for the client system and then returns the page to the client system instead of the client system retrieving the content itself.
CSU/DSU: CSU/DSU : The channel service unit/data service unit is the device that connects to your router, which connects your network to the digital link such as a T1 or T3 link.
VPN concentrator: VPN concentrator : A specific device designed to offer a highly secure VPN solution to an organization using the highest level of security technologies such as encryption and authentication services.
What is bandwidth? The data signal traveling through the network media, which is usually some form of copper wire, is an electrical signal that's changing voltage rapidly to represent a string of binary data. Bandwidth is any signal that changes in this cyclic way and has a
Coaxial Cable: Coaxial cable has a central conducting core surrounded by a protective, insulating layer, an outer metal screen made of a woven copper mesh, a metal-covered plastic or foil, and an overall insulating jacket as shown in the figure. The cable is referred to