click below
click below
Normal Size Small Size show me how
NET+
Question | Answer |
---|---|
CSMA/CD | Carrier sense multiple access with collision detection (CSMA/CD) is a media access control method used most notably in local area networking using early Ethernet technology. Listen before send, listen while I send, probabilistic |
CSMA/CA | Detect collision and resend packets, probabilistic |
10BaseT | Standard that uses UTP cable, RJ-45 connectors, transfers up to 10Mbps. Economical / easy to install. Max 330 ft. |
10Base2 | Standard that uses Coaxial / BNC connectors, up to 10Mbps. Max 610.5 ft. |
10Base5 | Original Ethernet using coaxial cable |
100BaseTX | Standard that uses UTP cable, RJ-45 connectors, transfers up to 100Mbps |
100BaseFX | IEEE spec for fiber, up to 100 Mbps |
802.3 / Ethernet | Access method used to connect computers, uses physical cables. Link / physical layer protocol |
1000BaseCX | IEEE spec for gigabit Ethernet for short-haul copper twinax |
1000BaseLX | IEEE spec for gigabit Ethernet HDX/FDX fiber at 850nm wavelength |
1000BaseSX | IEEE spec for gigabit Ethernet HDX/FDX fiber at 1300nm wavelength |
802.x | Generic designation for IEEE subcommittees responsible for developing specifications for LANs and MANs |
IEEE | Institute of Electrical and Electronics Engineers |
802.3ae | Defines a version of Ethernet with a nominal data rate of 10Gbps |
802.3af | Defines a spec for PoE supporting up to 13.5 watts |
802.11x (a/b/d/g/n/ac) | IEEE subcommittees responsible for WLAN technologies |
802.11a | 5.75 Ghz, up to 54Mbps, realistically 20-25Mbps. 150ft. 4, 8, or more channels depending on the country. 40mW, 2.5in band width. 23 channels (12 non-overlapping) |
802.11b | 2.4Ghz, max 11Mbps, usually 4-6Mbps. 250ft. Interferes with Bluetooth, cordless phones, microwaves, TVs... 3 non-overlapping channels 1, 6, 11 in US 1, 7 13 in EUR 100mW |
802.11e | QoS support for LAN applications |
Guided media | Signal is contained within the cable |
Unguided media | Wireless |
UTP | Unshielded twisted pair, inexpensive, easy to install Hard to splice, limited distance, affected by EMI |
STP | Shielded twisted pair |
Baseband | 1 signal over the cable (ethernet) |
Broadband | Uses multiplexing to have multiple signals over 1 line (cell phone - internet, voice, gps) |
Multimode (fiber) | Short to medium distance, 10-1000Mb ethernet over 62.5 micron fiber, uses LEDs |
Single mode fiber | Long haul comms. (EX. SONET for voice / data transport at speeds up to 140Gbps (on each pair), 10Gb Ethernet, 9 micron core, uses lasers. |
Fiber Optics (FO) | High-speed, no EMI, can multiplex many channels over 1 cable. No sparks / danger of electrical shock, signal loss much less than metallic media |
Attenuation | Break up of signal over distance |
Optical power meter | Used to optimize alignment for Maximum Link Robustness, shows signal strength in dBs (decibles) |
Copper | Inexpensive, ubiquitous, High-speed |
Coaxial | High-speed, broadband, inexpensive |
Microwave | Up to 45Mbps, cost effective, easy to install / implement licensed freq |
Satellite Comms | High transmission rates, simultaneous comms to Earth stations, cost is not distant dependent. |
asynch | Asynchronous protocol, data link protocol |
bisynch | binary synchronous protocol, data link protocol |
protocol | rules which govern the way in which computing/network devices communicate |
duplicity / duplex | simplex - one way communications (listen only / send only) |
half-duplex | listen or receive but not both at the same time |
full-duplex | listen and receive at the same time |
SDLC | Synchronous Data Link Control |
HDLC | High Level Data Link Control |
block size | high failure rate = more retransmissions = small blocks (unreliable media) |
MTU | Maximum Transmission Unit (max frame size) |
1500 MTU = | 1500 bytes frame size |
Data Link Protocol main function | Synchronization |
EBCDIC | 2^8 ability to represent more special chars than ASCII |
Parity bit | Used for error checking, odd or even / 0 or 1 depending on if bits sent add up to an even or odd number. 8th bit in the byte |
CRC | Cyclic Redundancy Check - algorithm for error checking, generates checksum for compare by receiving machine. If receiving machine's checksum doesn't match, it sends a NACK |
NAK | Negative ACK |
Maxout | Maximum outstanding frames, max amount of frames in limbo (can be transmitted before ACK is received), unreliable media = set high maxout to get as much across as possible at a time (for synch at endpoint), reliable / fast = low maxout, not overwhelm endp |
Piggybacking ACKs | Send 1 ACK for multiple frames at a time |
Synchronization (data link) | maintain synch of frames between sending and receiving |
framing (data link) | mark beginning and end of each transmission frame |
control (data link) | sending station capable of identifying receiving station |
error detection (data link) | error detection and recovery |
802.3 af / at | PoE spec from IEEE |
LAN | privately owned |
*SAN | Storage Area Network [EMC] for backing up servers / datacenters without introducing a lot of traffic on the regular LAN |
*LLC | Logical Link Control Protocol - error detection, framing of low level metadata, interface to higher layer protocols. |
MAC | Media Access Control, hardware addressing. Assembly of data into a frame with address and error detection fields. Controlled by IEEE |
Token Ring | Token is passed around, everyone guaranteed access to the network |
Bus | Topology, all connect to an ethernet turnk |
Token Bus | 1 cable, multiple NICs, uses Token protocol / access method. Generally used in robotics. |
Access method | CSMA/CD (probablistic) CSMA/CA Token (deterministic), separate from the topology |
Star topology | Advantages: centralized control, network management visibility, easier to troubleshoot |
Ethernet maximum frame size | 1500, set MTU to 1376-1380 to provide room for encryption bits. If not, frames will be larger than 1500 bytes and will fragment, causing higher overhead. |
Ethernet MAC Address Frame Formats v Ethernet DIX v2 format | See slides TYPE v LENGTH |
Broadcast | Frames go to everyone [printer, network discovery, arp, collision announcement] |
Multicast | Sent to specific hosts that are subscribed to receive |
Unicast | Frame goes to a single MAC address |
802.11g/b | 2.4GHz, up to 54Mbps, 3 non-overlapping channels. 100mW, 6 inches (band width), 150ft diameter cell size |
OFDM | Orthogonal Frequency-Division Multiplexing modulation |
CCK | Complementary Code Keying modulation |
PBCC | Packet Binary Convolutional Coding modulation |
802.11i | WLAN security standard, describes encryption transmission of data between a and b WLANs. TKIP, AES, channel selection, roaming, transmit power control |
802.11k | Improve traffic distribution, checks if AP w/ strongest signal is at capacity and connects to another AP if so. |
802.11n | a/g compatible, 2.4 or 5.75 GHz, multiple-input multiple-output, error detection and correction. Spacial multiplexing - 2 Transmit & 1 Receive antenna |
MIMO | Multiple Input Multiple Output, Spatial multiplexing |
802.15 | Standard for WPANs, .1 is based on the Bluetooth spec, .2 working on interference in the 2.4GHz band, .3 wants up to 55Mbps up to 10m, .4 ZIGBEE |
Guided v Unguided media | Wireless v Cables |
EIA/TIA Standards | Ethernet wire color codes T568A and B for CAT .5 |
UTP CAT 3 | 100 Ohm, UL Level III |
UTP CAT 4 | 100 Ohm Low Loss UL Level IV |
UTP CAT 5 / 6 | 100 Ohm Extended Frequency UL Level V |
Solid CAT 5 v Stranded CAT 5 | Solid = rigid = long distance, Stranded = flexible = patch cable |
CAT5e | Up to 1000Mbps, suitable for Gig. Ethernet, less near-end crosstalk |
NEXT | Near End Crosstalk |
CAT 6 | Incorporates a longitudinal separator that isolates each pair from the others. Supports 10Gb Ethernet, up to 250MHz |
Plenum | Cabling rated for use in air ducts that does not emit toxic fumes when melted |
Geosynchronous orbit | turns at same orbit as Earth, 22,500 miles up, requires 3 to 4 degree space between geosync. satellites to prevent interference. Must be realigned every month. |
Transponder | Core of satellite transmission system, usually 24-48 transponder spaces for sending and receiving data, each divided into subchannels. Receives weak signal from Earth, amplifies it, changes freq, and retransmits. Send and receive on different freqs. |
Footprint | Area of the earth where the signal may be received, several hundred to thousand km. Narrower footprints = stronger signal. Ku-band satellites tend to be narrower than C-band |
Modulo | Number of frames that can be outstanding before sender must wait for an ACK from receiving stations |
Wireless - RF / Infrared | Speed, cost effective, easy to install /implement |
Free Space Optics (FSO) + | Beams only a few m in diameter at a km, close spacing of links w/o interference, secure, efficient energy, more than 8km possible |
FSO - | Environmental factors, need clear and calculated LoS |
Multiplexing | In telecommunications and computer networks, multiplexing (sometimes contracted to muxing) is a method by which multiple analog message signals or digital data streams are combined into one signal over a shared medium. |
Analog | Waves, continuous |
Digital | Discrete, 1s and 0s |
TDM | Time Division Multiplexing, each device has a time slot to send, if it has nothing to send it's wasted bandwidth. Aggregate line speed has to be at least equal to aggregate of all connecting line speeds |
STDM | Statistical Time Division Multiplexing, aggregate line speed is less than aggregate speeds of each line that connects to it. |
MUX | Multiplexer |
Polling | Asks every device if they have something to send, one at a time. |
DWDM | Dense Wave Division Multiplexing - separate the signal using prisms, OC-192 can support 40Gb. 1,000 different colors over 1 line at the same time, each color has a 40Gb link |
Contention methods | Allow sharing of media, CSMA/CD or CA, polling, token passing |
Token passing | Talking stick method, free or taken tokens, devices can fill free tokens with what they want to send and pass it on, deterministic |
NIC | Addressing, translates from network (serial) to CPU (parallel) and back |
Intelligent wire hubs | Port is occupied or busy / transmits data |
ARIN | American Registry for Internet Numbers (ARIN) - allocated IP addresses |
IANA | The Internet Assigned Numbers Authority (IANA) is responsible for the global coordination of the DNS Root, IP addressing, and other Internet protocol resources. |
ICANN | The Internet Corporation for Assigned Names and Numbers (ICANN /ˈaɪkæn/ eye-kan) is a nonprofit organization that is responsible for coordinating the maintenance and methodologies of several databases... |
DIX | Digital Intel Xerox, proprietary Ethernet |
Licensed Freq | Leased from the FCC |
IP Address v4 | Dotted decimal system, 32 bits, 4 octets |
Class A | 1.0.0.0 - 127.0.0.0 |
Class B | 128.0.0.0 - 191.0.0.0 |
Class C | 192.0.0.0 - 223.0.0.0 |
IETF | Internet Engineering Task Force - implement new protocols / modifications |
RFC 1917 / 1918 | Introduced ability to have public / private IP ranges |
Class D | 224.0.0.0 - 239.0.0.0 |
Class E | 240.0.0.0 - 255.255.255.254 |
IP packet | [version][IHL][Type-of-service][Total length] |
Subnet mask | 255 determines network portion of ip address, rest is host portion |
Analog | has inherent noise, when re-amplified, noise is also re-amplified. Digital will always have more throughput. |
Hub | Fastest, nothing to process, just re-broadcast. |
Flooding | How routing device build ARP / bridge tables for routing between network initially |
Bridge | connect layer 2 networks together, forwards, not routes |
Switch | connect layer 2 devices together |
Spanning Tree Protocol | Block loops in bridged / switched networks, useful on intermediate nodes - devices that pass traffic |
Root bridge | determined by lowest MAC address (or configurable), put it in the middle of topology in order for low amount of recalculating paths |
Layer 2 v Layer 3 broadcast storm | Affects everyone v Affects local |
Adjacenty | Router next to you |
Route table | Only network addresses to port numbers, number of route tables = number of interfaces x number of supported protocols (AppleTalk, DECnet, Novel...) |
ARP table | Only IP (host) addresses to MAC Addresses |
RIP Routing Information Protocol | Distance vector, based on vectors (number of hops) between routes. |
(E)IGRP (Enhanced) Interior Gateway Routing Protocol | Two routers within an autonomous system are called interior |
Autonomous system (AS) | All devices under a single administrative control |
IGP Interior Gateway Protocol | used for routing within networks within an AS |
OSPF | Open Shortest Path First |
BGP Peering Point (NAP) | Where all internet peering connects, what ISPs use to talk to other ISPs |
Routing algorithm metrics | bandwidth |
Router Redundancy | Clients with Host Router Discovery Protocol enabled will choose the best gateway / whichever one is up or best based on metric |
Static routes | For routers that do not speak common protocols |
Asymmetrical routing | Can be horrible slow, mismatch between speeds can kill connections |
BGP routing | used for exterior routing |
Default paths | Hosts have default gateways |
Distance vector v hop count v link state | table (updates every 30 sec) v decrementing hops v up / down |
latency | any kind of delay |
jitter | variation in latency |
components of response time (server / client) | processor, utilization, network interface (speed / drivers), RAM, protocol |
(network) autodiscovery | generally not a good idea in huge environments, operates with broadcast, can disable a network |
2.4GHz channels | 1, 6, 11 to avoid co-channel interference |
WPAN - Wireless Personal Area Networks | Ex. Nike shoes sensor communicated with a Fitbit |
Different wireless protocols at the physical layer for signal | FHSS, DSSS, HR DSSS, OFDM, MIMO, OFDM |
WLAN Service Set | Logical grouping of devices |
SSID - Service Set Identifier | Network ID |
IBSS - Independent Basic Service Set | adhoc (No AP), does have SSID, must be configured |
BSS | Requires AP (only one) |
ESS (Extended) | Multiple APs, same SSID - 1 subnet, roaming layer 2 |
Co-Channel Interference | Interference on overlapping channels |
802.11 Beacon | clients send probe request frame on every channel it an see containing info about the client station |
Lower freq = longer dist | 2.4 has longer distance |
WLAN Controller (LWAPP AP) | Dynamic APs, expand and contract cell size based on ambient RF. Controller view channel and power of each AP connected to it and looks at what signals each AP sees from the other APs. Adjusts power and cell size for efficiency |
DHCP Option 43 | Used by WLAN Controllers to configure connected APs (like DHCP) such as power and channel per AP |
Power level | how far you can transmit v. interference introduced |
Antennas | Coverage pattern / coverage distance. Omni - generates circular pattern, has 'doughnut effect' of being too close / in the eye of the signal. |
5.75 GHz | 12 channels, smaller channel size |
Channel Bonding | Combining channels as pairs, combining their sub-frequencies, for faster speeds (more bandwidth), can only combine adjacent frequencies, in patterns, keep adjacent frequencies in non-adjacent cells |
AIT | Automation Identification Technologies (umbrella of RFID), bar codes, matrix codes |
RFID | Use RF to transmit data, improve error recovery, increase velocity, reduce process errors. Push data to data warehouse for central access and management. Logistics, tracking, identification |
Backscatter (passive) | RF pattern that emanates from a chip |
Active RFID | Have a battery, 300ft range, 802.11 has a MAC address, great for triangulation - tracking things not near readers. Could be used to track legitimate (tagged) versus rogue (untagged) devices |
Passive RFID | 900MHz, 3m range, powered by RF from reader |
EPC tag | Can be read by anyone, can read / generate any frequency. Different countries operate RFID at different freq. so EPC reader is essential |
Enterprise WLAN AP | Can double as a RFID reader |
RSSI | Relative Signal Strength Indicator |
TDO | Time Difference of Arrival |
Exciter | Foreces tags in a specific range to chirp (their MAC), location reported. Helps save battery life by activating RFID when needed. |
SNMP pt 1 | an IP standard for managing devices on TCP/IP networks. Devices that typically support SNMP include routers, switches, servers, workstations, printers etc. |
SNMP pt 2 | is used in net. mgmt systems (NMS) to monitor devices for conditions that require admin attention, it consists of a set of standards for network management, including an application layer protocol, a database schema and a set of data objects (MIBs) |
SNMP pt 3 | An SNMP managed network consists of three key components: managed devices, agents, and network-management systems (NMSs). |
Managed device | A managed device is a network node that contains an SNMP agent and resides on a managed network. Managed devices collect and store management information and make this information available to NMSs using SNMP. |
MIB | A Management Information Base (MIB) is a collection of information that is organized hierarchically. MIBs are accessed using a network-management protocol such as SNMP. They are comprised of managed objects and are identified by object identifiers. |
Managed object | A managed object (sometimes called a MIB object, an object, or a MIB) is one of any number of specific characteristics of a managed device. Managed objects are comprised of one or more object instances, which are essentially variables. |
Managed objects pt 2 | Two types of managed objects exist: scalar and tabular. Scalar objects define a single object instance. Tabular objects define multiple related object instances that are grouped together in MIB tables. |
Managed device commands | Managed devices are monitored and controlled using four basic SNMP commands: read, write, trap, and traversal operations. |
spectrum analyzer | Analyzing freqs that others are using, signal strengths. |
Distributed application troubleshooting | tracert, ping, spectrum analysis / wireless survey, protocol sniffers |
Switch | Each port is it's own collision domain, devices still listen for uni, multi, and broadcast traffic. Bridge table full of MAC addresses to port mappings, bridge / switch topology. No ACL for performance on layer 2. |
FastForward | Low latency, no error checking - fast! |
FragmentFree | low latency, checks for colisions |
Store and Forward | High latency, full error checking |
VLAN Identification Using IEEE 802.1Q | Unique ID in the header of each frame for what VLAN the frame belongs to |
LAN Switch & troubleshooting | Hard to t-shoot between VLANS, can only see traffic on own VLAN |
Port mirroring | Configure the switch to monitor all ports, span all ports - good for IDS, good for network visibility, good for attackers |
Blocking v non-blocking LAN switches | Blocking - all interfaces are 1GB but backplane speed is 1.5GB. Not giving wire speed for every port as advertised. |
VLAN | Broadcast domain |
QoS Traffic types | Best effort traffic - text, graphics = bursty, intolerant of errors |
802.1X | Uses X.509 certificates to assign users to VLANs that they are assigned to originally, prevents users from plugging into the wrong VLAN |
VLAN tag | number in MAC frame that distinguishes what VLAN a frame belongs to, headers added to MAC frame that identify what VLAN traffic is coming from / going to |
VLAN trunk | Connects network devices, allows multiple VLANS to connect. |
Use of MIB | Collect information on AP connections, etc. |
QoS | Allows for prioritization of traffic to avoid latency situations |
AS in routing protocols | -under single admin control, everyone chooses the same AS number and can exchange route info within their AS |
AAAA Net Security Policy | Access, Authentication, Authorization, Audit: control physical access, knowing you are who I think you are, limiting access to specific resources, maintaining logs of unauthorized access attempts. |
Session persistance | Session doesn't timeout |
Why are networks important to security | All security devices collect, monitor, analyze, or block network traffic |
Encryption != Secure connection | What about data sent that is malicious and encrypted |
LAN MAC layer protocols | == frames, layer 2 |
Flooding in transparent learning bridge | First time building bridge table, flood traffic out every interface to construct table by noting where responses come from and on what ports |
IP aggregation - variable lane subnet masking (advanced subnetting) | For backbone / links - use small subnet designations for links and large subnets for nodes. Aggregation = combine subnets to make one big one. |
Link state | metrics can be hops, utilization, bandwidth, etc. up to 7 etrics |
Spanning tree | eliminates redundant links between layer 2 devices (loops) |
CDN (akami) | Caches stuff locally at all ISPs for speedy retrieval of content |
Local and global load balancer | Multiple instances of the same application running (locally at the same datacenter) or replicated at another datacenter somewhere else (for redundancy / content delivery) |
Net Mgmt System | NMS collects data from the agent by collecting the MIB |
MIB | database of info on networked devices |
Aggressive roaming v non-agressive | Limited RF v a lot of RF |
Security perimiter | All devices that do analysis, collection, etc. |
X.509 certificates | Digital certificates used for MFA to access a network |
What is a network interface card? | Network interface card or network card is a device installed on the system that is responsible for sending and receiving data on the network. |
The network card is also known as what? | Network Adapter |
A system that comes with a network card built in is said to have what? | Integrated network card |
Network cards run on what two layers of the OSI model? | Layer 1 and Layer 2 |
A network bus can be installed by inserting the card into what? | The expansion bus of the system. |
PCI was what in the past? | ISA |
When you install a network card you need to ensure that you get the correct type of card for the what? | Particular type of expansion slot. |
Name some popular expansion bus architectures. | ISA, MCA, VESA, EISA, PCI, AGP, and PCMCIA |
What is ISA? | Industry Standard Architecture (ISA) it is an old bus architecture that runs at 8 MHz and supports 8 or 16 bit cards. |
What is MCA? | Microchannel Architecture (MCA) was built by IBM and has a 32 bit card that runs at 10 MHz. |
What is VESA? | Video Electronics Standards Association (VESA)also known as VESA local bus or VLB. Has a 32 bit architecture and runs at 33 MHz. |
What is EISA? | Extended Industry Standard Architecture is the upgrade to ISA supports 32 bit cards and runs at 8 MHz. |
What is PCI? | Peripheral Component Interconnect used today for adding cards to the system. Runs at 33 MHz and has a 32-bit or 64-bit bus architecture. Most network cards today are PCI. |
What is AGP? | Advanced Graphics Port it is a new graphics standard that runs at 66 MHz and is used by video cards. |
What is PCMCIA? | Personal Computer Memory Card Industry Association is the bus architecture used in laptop computers. Has a 16-bit architecture that runs at 33 MHz. |
What is a transceiver? | The portion of the network interface that actually transmits and receives electrical signals across the transmission media. |
What are the 2 types of transceivers? | Onboard & External |
Onboard transceivers are ______ onto the network interface card. | Built |
External transceivers require a small device that attaches to the NIC vian an __________ cable. | Extension |
An attachment unit interface (AUI) connector is also called what? | Digital-Intel-Xerox (DIX) connector. |
The AUI connector is a female _____-pin D- connector and connects a workstation to thicknet cabling. | 15 |
Fiber-optic connectors generally have 2 connectors, what are they for? | One each for incoming and outgoing fiber cables. |
A network card has how many transmission methods? | Three they are Simplex, Half duplex, Full duplex. |
Explain Simplex transmission. | Allows communication in one direction only. |
Explain half duplex transmission. | Allows communication in both directions but not at the same time. |
Explain full duplex transmission. | Allows communication in both directions at the same time. All four pair of the wires are being used. |
A MAC address is a _____-bit address displayed in a hexadecimal format. | 48 |
What is the first half of the MAC address? | Manufacturer's address (ID) |
What is the last half of the MAC address? | Unique address (ID) |
How would you view your MAC address on Linux? | ifconfig |
If you go to www.coffer.com/mac_find/ what will you find? | Determine the manufacturer of your network card based on the first half on the MAC address. |
The MAC address is also known as what? | MAC-48 address, Extended Unique Identifier EUI-48 address, physical address, and hardware address |
The activity light should be ________ when there is network activity. | blinking |
The link light proves what? | That there is a physical connection. |
A driver is a piece of _________ that allows the operating system to communicate with the device. | Software |
A hub is also known as what? | Concentrator |
Which port on the hub is used for cascading and is already crossed over? | 5th Port also known as the Uplink port |
When connecting three 24-port hubs, the uplink port 24 on the first hub goes to what port on the second hub? | Anyport on the second hub, but a good practice is the first port of the second hub. |
A hub sends a signal to which ports? | All Ports |
What is the function of a passive hub? | Receive data from one port and send it out to the other ports. |
Does a passive hub regenerate the signal? | NO |
What is the total cable length when using a passive hub? | The length between 2 PCs and NOT PC-to-hub length as with active hubs. |
Does a passive hub have a power source or electrical components? | NO, it simply attaches the ports interanlly and enables communication to flow through |
An active hub provides the same functionality as a passive hub except that it does what? | Rebuild (regenerate) the data before sending it to all the destination ports. |
An active hub has a power source and ______-in repeaters to boost the signal. | Built |
With an active hub you can run UTP cable 100 meters on which side of the hub? | On each side of the hub. |
A hybrid hub can use many different types of what? | Cables |
Hub are used in Ethernet environments and _____ are used in Token Ring environments. | Multistation Access Unit (MAUs) |
Hubs run at what layer of the OSI model? | Layer 1 |
How is a MAU different from a hub? | 1)It regenerates the signal to travel a larger distance. 2)Does NOT have collision indicators. 3)Does NOT have an uplink port instead it has a ring-in port and a ring-out port. |
A repeater is considered a what layer device? | Layer 1 |
Layer 2 devices are a little smarter than layer 1 devices because why? | Layer 2 devices can make decisons |
What layer device is a bridge? | Layer 2 |
What does a bridge do? | It breaks the network down into multiple segments then filters traffic by forwarding traffic to the destination network segment. |
How does a bridge filter traffic? | Comparing the Destination MAC address of a packet with the MAC addresses in its bridging table. |
A bridge forwards traffic how? | Only to the needed network segments. |
An administrator can control which workstations can connect to each switch port via what feature? | Port Security |
VLANs are a special feature of what device? | Managed Switches |
What is the purpose of a VLAN? | They allow an administrator to group ports on a switch and it cuts down on broadcast traffic. |
How do VLANs cut down on broadcast traffic? | Using broadcast domains |
Layer-1 switch implements what? | Port switching, increase security, isolation, associates the port with the VLAN. |
Layer-2 switches apply a header to data and when it is processed by another layer-2 device it is called what? | Frames instead of packet |
A layer-2 switch doesn't associate the port with the VLAN, but with the _____ addresses of the systems associated with the VLAN. | MAC |
A layer-3 switch bases membership in a VLAN on the _______ ID of the layer-3 address of a packet. | Subnet |
With layer-3 switches the ________ belong to the VLAN not the actual workstations. | Packets |
What is a multilayer switch? | Can run at layer 2 and 3 with the functionality of both a switch and a router. This is a Layer-3 switch. |
What layer does Spanning Tree Protocol (STP) run at? | Layer 2 |
What is Spanning Tree Protocol used for? | To prevent loops that occur when multiple switches are connected together. |
What does a loop on the network cause? | Causes the network to go down and creates instability in the switches. |
STP is a protocol that looks at all of the ______ used to create a loop and then places one of thos ports in a blocking state. | Ports |
The port that is in a blocking state can't do what? | Data traffic can NOT pass through the port. |
Once the loop is in a blocking state, the loop is _______ and the network becomes more stable. | Broken |
Since the port is in a blocking state instead of disabled, what happens if one of the other links goes down? | The port is transitioned into a forwarding state automatically. |
What is a feature on Cisco switches that allows you to connect the switches together? | Trunking |
In trunking, you must assign one of the _____ as a ______ port. | Ports, Trunk |
What is the trunk port used for? | Carries VLAN traffic to the other switch. |
Vlans are allowed to contain ports that are from multiple switches as ________. | Members |
What is added to data packets when the data is sent out of the trunk port? | VLAN identification number |
When a switch assigns the VLAN identification information to a packet it is known as what? | Tagging |
What are the 2 popular protocols for tagging? | InterSwitch Link (ISL) and IEEE 802.1Q |
ISL is the __________ proprietary protol for tagging and associating them with a particular VLAN on older switches. | Cisco |
Newer Cisco and Juniper Network switches us what protocol as the tagging method? | IEEE 802.1Q |
Port Mirroring is also known as what? | Port monitoring |
What port does Network Time Protocol (NTP) use? | 123 |
Domain Name System uses what port? | 53 |
Hypertext Transfer Protocol-Secure uses what port? | 443 |
Internet Message Access Protocol, version 4 (IMAP4) uses what port? | 143 |
What is a Time Domain Reflector (TDR) meter? | It uses the speed of electricity through copper to locate a reflection by injecting a signal and timing how long it takes for the signal to be reflected back. |
A voltage meter measures what? | Voltages and NOT the condition of the cable. |
What is an event recorder? | Measures voltage fluctuations over a period of time. |
POP3 uses what port by default? | 110 |
What feature allows the switch to send a copy of data that reaches certain ports to the mirrored, or monitored, port? | Port Mirroring |
Port monitoring allows an administrator to plug a workstation into the port that the copy of the dat is being sent to and ________ the network traffic. | Monitor |
By default what device filters traffic by only sending the data to the port that the destination system resides on? | Switch |
What feature of a switch allows the administrator to associate the MAC address of the system with the port to which it will connect? | Port Security/Authentication |
What kind of switch is special and designed for optimizing data delivery to clients by improving performance like data caching or load balancing? | Content Switch |
A router is responsible for what? | Sending data from one network to another. |
What layer does the router run on? | Layer-3 |
A router can have how many network interfaces? | Multiple |
Routers are typically used to connect the ____ to a _____. | LAN, WAN |
Routers use a _______ table stored in memory to determine how to reach a system on a destination network. | Routing |
When data has a layer-3 header which has the source and destination IP address the data is known as what? | Packet |
Routers can also filter packets because they act as what? | Broadcast domain |
Each port on a switch creates a separate what? | Collision Domain |
A router is the device you would use to create multiple what? | Broadcast Domains |
A gateway is responsible for what? | Translating information from one format to another and can run at any layer of the OSI model. |
How do gateways reformat a packet? | By stripping the packet down to just the data and then rebuilding the packet so that it is understood at the destination. |
Firewalls protect the network from what? | Outside Intruders |
How do firewalls protect? | They block specific types of traffic while allowing certain information to pass through. |
Home routers have what built in? | Firewall Features |
An Intrusion Detection System (IDS) does what? | Monitors system or network activity and then notifies the administrator of any suspicious iactivity against the firewall and inside the network. |
IDS compliment other security devices such as what? | Firewalls |
What are the 2 types of IDS's | Host based and Network based |
What is a host based IDS? | It is a piece of software that monitors the local system for suspicious activity. |
What is a Network based IDS? | Monitors network traffic for suspicious behavior it can compare the traffic to known malicious traffic patterns when a match is found an alert can be triggered. |
What 2 ways can a Network based IDS come in? | Software or Hardware |
IDS's can be either active or what? | Passive |
An active IDS does what? | Monitor and log activity plus take some type of corrective action. |
A passive IDS does what? | Does NOT take corrective action. It identifies activity and then logs it. |
What are the 2 popular ISDN connections? | Basic Rate Interface (BRI) and Primary rate interface (PRI) |
What is ISDN? | Integrated Services Digital Network (ISDN) is a communication standard for sending voice and data over normal telephone lines or digital telephone lines. |
What are the characteristics of BRI? | It is a 128 kbps connection made up of two 64 kbps channels known as B channels and one 16 Kbps control channel known as a D channel |
What are the characteristics of PRI? | It is a 1.55 Mbps connection made up of twenty-three 64 Kbps channels(B-channels) and one 63 Kbps D-channel for signaling and control information. |
What is a Proxy server? | A network device that is used to request Internet resources (such as webpages) on behalf of the internal users. It caches the sites for quicker access in the future, log internet activity, and control what protocols can be used to access Internet. |
TCP and UDP are what layer protocols? | Layer-4 Transport Layer |
UDP uses what ports? | 67 DHCP service & 68 Client request |
What port is used for TFTP? | 69 |
What is TFTP used for? | Used to upload or download files without requiring authentication. |
What ports does NetBIOS use? | UDP ports 137 & 138 |
What does SNMP stand for? | Simple Network Management Protocol. |
What port does SNMP use? | 161 |
What protocols run at the internet layer of the TCP/IP model? | IP, ICMP, ARP |
What does IP do? | Packet delivery for protocols higher in the model. It is connectionless. IP simply sends data. |
IP is part of what layer of the OSI model? | Layer-3 and is responsible for logical addressing and routing. |
Windows operating systems have a default TTL value of what? | 128 |
What does ICMP stand for? | Internet Control Message Protocol |
What is ICMP used for? | It enables systems on a TCP/IP network to share status and error information. |
What are two programs that use ICMP messages? | Ping & Tracert |
ICMP messaged are ______________ within IP datagrams so that they can be routed throughout a network. | encapsulated |
You can use Ping to send ICMP ______ requests to an IP address and wait for ICMP_____ responses. | echo |
Ping reports what? | Time interval between sending the request and receiving the response. |
Tracert does what? | Traces the path taken to a particular host it is useful in troubleshooting internetworks. |
Tracert sends _____ _____ request to an IP address while it increments the TTL field in the IP header by a count of 1. | ICMP echo |
What does IGMP stand for? | Internet Group Management Protocol |
What is IGMP used for? | Internet layer protocol and is used for multicast applications. |
What is ARP? | Address Resolution Protocol and it provides IP address-to-physical address resolution on a TCP/IP network. |
The physical/IP address combo is then stored in the _____ ______ of the originating system for future use. | ARP cache |
What does NTP stand for? | Network Time Protocol |
What does NTP do? | Use to synchronize the clocks of PCs on a network or the internet. |
What does NNTP stand for? | Network News Transfer Protocol (NNTP) |
What is NNTP used for? | It allows news clients to send and retrieve news articles to a newsgroup. |
NNTP uses ____ to send and receive news articles. | TCP |
NNTP allows submission and retrieval of only the news articles than have ___ previously been sent or retrieved. | NOT |
What is SMTP? | Simple Mail Transfer Protocol is used to send or route mail over TCP/IP neworks. |
What is POP3? | Post Office Protocol version 3 is an internet protocol used to retrieve e-mail from a mail server to the POP3 client. |
What is IMAP4? | Internet Message Access Protocol version 4 is like POP3 and allows additional features other than the 4 basic folders by connecting to public folders stored on an Exchange server. |
What is SNMP? | Simple Network Management Protocols provides a simple method for remotely managing or gathering statistics from virtually any network device. |
SNMP has a two-tiered approach what are they? | 1)A central management system. 2)Management Information Base. |
What can you see with SNMP? | Performane, network device operation statistics, diagnose network health. |
SNMP management software is reffered to what? | Management system |
A management system must be able to collect and analyze what? | Nework protocol id & statistics, Dynamic ID (discovery), Hardware & software configurations, Performance, Event & error messages, and Application usage statistics. |
FTP belongs to what protocol suite? | TCP/IP |
Like telnet and ping, FTP can establish a __________ to a remote computer using either the hostname or IP address. | Connection |
TFTP is typically used to ____ diskless workstations. | boot |
What is SFTP? | Secure File Transfer Protocol is an interactive file transfer protocol similar to FTP but it encrypts all traffic between the SFTP client and the SFTP server. |
Telnet is a terminal _________ protocol that allows a client to run or emulate the program runnin on the server. | emulation |
SSH stands for what? | Secure Shell |
What TCP port does SSH use? | 22 |
SSH is a secure replacement for protocols such as what? | Telnet |
What is SCP? | Secure Copy Protocol copies files from a remote server to a local system over a secure connection. |
What is LDAP? | Lightweight Directory Access Protocol is the industry standard protocol for directory services used by Active Directory & eDirectory. |
LDAP allows clients to ______ the directory services for information about objects. | query |
Name the binary numbers of each bit? | 128, 64, 32, 16, 8, 4, 2, 1 |
Name the range of a Class A network. | 1-127 |
How many host are in a Class A network? | 16,777,214 |
How many networks are in a Class A? | 126 |
Name the range of a Class B network? | 128-191 |
How many networks are in a Class B? | 16,384 |
How many host are in a Class B? | 65,534 |
What is the range of a Class C? | 192-223 |
How many networks are in a Class C? | 2,097,152 |
How many host are in a Class C? | 254 |
What is the range of a Class D? | 224-239 |
What is Class D used for? | Multicasting to more than 1 host |
What is the range for Class E | 240-255 |
What is a Class E used for? | Experimental, Reserved for future use. |
What is the default subnet mask of a Class A address? | 255.0.0.0 |
What is the default subnet mask of a Class B address? | 255.255.0.0 |
What is the default subnet mask of a Class C address? | 255.255.255.0 |
What loopback address would you type to ensure that TCP/IP stack is functioning properly on your system? | 127.0.0.1 |
Define a private IP address? | It can be used on a system but can NOT be used on any kind of internet connectivity. |
The private IP address are what? | Nonroutable |
What are the 3 private IP ranges? | 10.0.0.0 - 10.255.255.255, 172.16.0.0 - 172.31.255.255, 192.168.0.0 - 192.168.255.255 |
IPv6 uses what scheme? | 128-bit address scheme |
How many bits are there in IPv6? | 8 hexadecimal values (16 bits each) and are separated by colons. |
In IPv6 you use double colons for what? | to express leading consecutive zeros |
What are the type of addresses in IPv6? | Unicast, Multicast, Anycast |
In IPv6 what are the different types of Unicast addresses? | Global Unicast, Site-local unicast (private), Link-local unicast (like APIPA). |
In IPv6 a site-local unicast address always starts with what? | FEC0 |
In IPv6 a link-local unicast address always starts with what? | FE80 |
What is MLD? | Multicast Listener Discorvery a function of the ICMPv6 serves as the multicasting protocol and replaces IGMP. |
What is Neighboring Discovery? | Is a component of ICMPv6 and replaces ARP. |
Server applications typically use low port numbers that fall under what? | 1024 |
Client application port start at what? | over 1024 |
Ports used by client applications are known as what? | Dynamic Ports. |
What port does NNTP use? | 119 |
What port does NTP use? | 123 |
In DHCP a set of usable IPs is called what? | Scope |
The Boot Protocol is known as what? | BOOTP |
What is BOOTP? | Used by diskless workstations. |
Routers need to be _____ compatible to allow the DHCP requests to pass through the router to another segment. | BOOTP |
DNS converts _______ to ___ addresses. | Fully Qualified Domain Names (FQDN) to IP |
NBTSTAT is used for what? | Used to troubleshoot NetBIOS over TCP/IP connections. |
Tracert is used for what? | Traces and reports on the route to a remote computer. |
Netstat is used for what? | Displays statistics for current TCP/IP connections. |
ARP is defined in depth in RFC what? | 826 |
What is the name of the table that stores MAC address in memory? | ARP cache |
What ARP command allows you to view the ARP cache? | arp -a & arp -g |
What ARP command allows you to add static entries? | ARP -s |
What ARP command allows you to delete an entry? | ARP -d |
Telnet is defined in depth in RFC what? | 854 |
Telnet uses a concept defined as what? | Network Virtual Terminal |
To run telnet type in what at the command prompt? | telnet.exe |
What is the default terminal emulation used for telnet? | VT100 |
What command is used to query the NetBIOS name table of a remote IP address? | NBTSTAT -A |
Tracert and traceroute us what protocol as their underlying protocol? | ICMP |
What is Tracert -d? | It indicates to the utility that you do not want to display hostnames. |
Tracert will continue how many hops by default? | 30 |
Give some examples of routable protocols. | TCP/IP, IPX/SPX, AppleTalk, and DECnet |
Name a protocol that is nonroutable. | NetBEUI and DLC |
Explain a nonroutable protocol. | Does not have the capability to send packets across a router from one network to another network. |
Explain a routable protocol. | The packets can leave the network by being passed through a router then delivered to a remote network. |
What is a major advantage of TCP/IP? | It can connect heterogenous (dissimilar) enviroments together. |
TCP/IP is the protocol on which the _______ is built. | Internet |
TCP/IP is robust and commoly is associated with _________ and ________ systems. | UNIX and LINUX |
What does TCP/IP stand for? | Transmission Control Protocol/Internet Protocol |
TCP/IP was orignally designed in what year? | 1970s |
TCP/IP was orginally to do what? | Connect dissimilar systems across the country and used by Defense Advanced Research Projects Agency (DARPA) and Department of Defense (DOD). |
What type of protocol is AppleTalk? | Routable |
AppleTalk was implemented in how many phases? | Phase 1 - for small workgroups & supports nonextended neworks. Phase 2 for larger networks with more than 200 hosts and supports extended networks which a network segment is allowed multiple network numbers and zones (the most popular today). |
Explain a nonextended network. | Each network segment can be assigned only a single network number and only one zone is allowed. |
Explain a zone. | A logical grouping of nodes. |
IPX is connection-oriented and reliable in transport? | False. IPX is connectionless and unreliable in transport. |
What does connectionless mean? | No session is established between sender and receiver before transmitting data. |
What does unreliable mean? | Packets are sent to a destination without requiring the destination to acknowledge receving those packets. |
The SPX protocol is responsible for what? | Reliable delivery and is connection-oriented. |
TCP/IP requires ________ to resolve a MAC address? | IP address. |
What are the four major frame types? | 802.2, 802.3, ETHERNET_SNAP, AND ETHERNET_II. |
IPX is responsible for what? | Routing packets |
TCP/IP has 2 major drawbacks, what are they? | 1)Configuration-has a learning curve such as knowing IP addresses, subnetmask,and default gateways. 2)Security-has an open design an is unsecure when used without additional technologies such as SSL. |
In the 1980s, what organization defined the OSI model? | International Organization for Standardization (ISO) |
What does OSI stand for? | Open Systems Interconnect |
Name the 7 layers of the OSI model. | From High to Low: Application, Presentation, Session, Transport, Network, Data link, and Physical. |
Network communication starts at what layer of the OSI model on the sending system? | Application Layer |
What is the application layer responsible for? | On the sending system the application layer sends a request. On the receiving system the application layer is responsible for passing the request to the appropriate application or service on that system. |
What is the presentation layer responsible for? | The application passes the request down to the presentation layer and the presentation layer formats the data so that the receiving system can interpret it. |
What are some of the formating functions of the presentation layer? | Compression, encryption, ensuring the character code set can be interpreted on the other side. |
What is the session layer responsible for? | It manages the dialogue between computer by establishing,managing, and terminating communications between 2 computers. |
How many phases are in the session layer? | 3 |
What is the first phase of the session layer? | It is the establishment phase. The requestor defines the service and rules; such as who transmits & when and how much data can be sent at a time. Both systems must agree on the rules. |
What happens in the second phase of the session layer? | The transfer process begins. |
What is the third phase of the session layer? | Termination in an orderly fashion. |
What is the transport layer responsible for? | It handles functions such as reliable and unreliable delivery of data through the use of the protocol requested. |
The transport layer breaks down data into smaller parts known as what? | Segments |
If a retransmission is required at the transport layer what segments will be resent? | Only the missing segments |
How are missing segments detected in the transport layer? | The receiving system will receive an acknowledgement (ACKs) from the remote system upon receiving the packets. |
The transport layer is also responsible for segment ___________. | Sequencing |
Explain segment sequencing. | It is connection-oriented service that takes segments that are received out of order and puts them in the right order. |
TCP works at what layer of the OSI model? | Transport Layer with reliable delivery. |
What does UDP stand for? | User Datagram Protocol |
UDP works at what layer of the OSI model? | Transport Layer with unreliable delivery. |
A service address is also known as what? | Port address or well-known addresses |
What layer enables the option of specifying a port address? | Transport Layer |
In TCP/IP service addresses are also called what? | Sockets or Ports |
What must take place in connection-oriented communication? | Handshaking because it defines rules for communication such as transmission speed, what ports to use, and proper terminating of session. |
What is the network layer reponsible for? | Managing logical addressing information in the packets and the delivery (routing) of those packets by using the routing table stored in the packets. |
What is a routing table? | A list of available destinations that are stored in memory on the routers. |
What is the purpose of a logical address? | Uniquely identifies a system on the network and the network that the system resides on. |
The logical address is used by what layer protocols? | network-layer protocols |
When the network layer uses TCP/IP what does it add to the packet? | Source address and the Destination address |
What layer of the OSI model handles logical addressing and routing? | Layer 3 (Network) |
An IP address is also known as what? | A layer-3 address |
What is the data link layer responsible for? | For converting the data from a packet to a pattern of electrical bit signals that will send the data across the communication medium. |
The data link layer is divided into 2 sublayers, what are they? | 1)Logical Link control (LLC) used for error correction and control functions. 2)Media Access Control (MAC) determines the physical addressing of the hosts and determines the access method. |
MAC address is known as what layer address? | Layer-2 address |
The sender in network layer appends the IP address information and the data link layer will append what address? | MAC address for the sending and receiving systems. |
Ethernet and Token Ring are defined by what layer of the OSI model? | Layer 2`Data link layer |
What is the physical layer responsible for? | Moving bits of data on and off the network medium by encoding and timing the bit transmission and reception. |
At the data link layer data is converted into electrical signals then passed to the physical layer to do what? | Release data on the communication medium. |
What is data encapsulation? | As data passes down the 7 layers of the OSI model, header information is added to the packets for each layer. |
IPX runs at what layer of the OSI model? | Layer 3 & 4 but the network exam places it at LAYER 3 |
SPX runs at what layer of the OSI model? | Layer 4 the Transport layer |
IP runs at which layer of the OSI model? | Layer 3 the Network layer |
TCP runs at which layer of the OSI model? | Layer 4 Transport layer |
UDP is part of what protocol suite? | TCP/IP |
UDP runs at which layer of the OSI model? | Layer 4 Transport layer |
NFS is a protocol for what? | File sharing that enables a user to use network disks as though they were connected to local machine. Also allows the sharing of printers. |
NFS was created by who? | Sun Microsystems for use on Solaris (Sun's version of UNIX) |
NFS is part of what suite? | TCP/IP |
What layer of the OSI model does NFS belong to? | Application layer |
What protocols are implemented in redirectors? | Microsoft's Server Message Block(SMB) and Novell's NetWare Core Protocol (NCP) |
What is a redirector? | It is a software that intercepts requests, formats them according to the protocol in use, and passes the message to a lower-level protocol for delivery or vice versa. |
SMB and NCP are primarily used for what? | File and printer sharing in Microsoft and Novell. |
SMB and NCP belong to what layer of the OSI model. | Application layer |
What is SMTP? | Simple Mail Transport Protocol and it is used for sending internet e-mail messages. |
What is FTP? | File Transport Protocol that is connection-oriented and used to transfer files between two machines. Required user name and password. |
What is TFTP? | Trivial File Transfer Protocol and is used like FTP except it is NOT connection-oriented however faster than FTP. No authentication mechanism. |
FTP runs on what layer of the OSI model? | Layer 7 Application layer |
SMTP runs on what layer of the OSI model? | Layer 7 Application layer |
Telnet runs on what layer of the OSI model? | Layer 7 Application layer |
JPEG runs on what layer of the OSI model? | Layer 6 Presentation layer |
GIF runs on what layer of the OSI model? | Layer 6 Presentation layer |
MPEG runs on what layer of the OSI model? | Layer 6 Presentation layer |
NFS runs on what layer of the OSI model? | Layer 5 Session layer |
RPC runs on what layer of the OSI model? | Layer 5 Session layer |
What does IEEE stand for? | Institute for Electrical and Electronics Engineers |
Ethernet (CSMA/CD) is defined by what standard? | IEEE 802.3 |
The MAC sublayer uses what access method? | CSMA/CD |
CSMA/CD doesn't stop collisions from happening instead it does what? | Helps manage the situations when they do occur. |
500 meters is approximately how many feet? | 1640 |
185 meters is approximately how many feet? | 607 |
100 meters is approximately how many feet? | 328 |
802.3u standard defines what? | Fast Ethernet (100 Mbps) |
802.3z standard defines what? | Gigabit Ethernet over fiber-optic cabling or coaxial cabling |
802.3ab standard defines what? | Gigabit Ethernet over twisted-pair cabling |
802.3ae standard defines what? | 10-Gigabit Ethernet |
802.11 standard defines what? | Wireless networking |
Speeds of 54 Mbps at frequencies from 5.725 GHz to 5.850 GHz is what standard? | 802.11a and is NOT compatible with 802.11b |
Speeds of 11 Mbps at frequencies from 2.400 GHz to 2.4835 GHz is what standard? | 802.11b components ARE compatible with 802.11g |
Speeds of 54 Mbps at frequencies from 2.400 GHz to 2.4835 GHz is what standard? | 802.11g allows devices from 802.11a and 802.11b to coexist. |
Speeds of over 100 Mbps at frequencies of either 5 GHz or 2.4 GHZ and backwards compatible with 802.11a/b/g is what standard? | 802.11n the goal is to increase bandwidth and range. |
What does 802.1 define? | Internetworking |
What does 802.2 define? | Logical Link Control |
What does 802.4 define? | Token Bus |
What does 802.6 define? | Metropolitan Area Network |
What does 802.7 define? | Broadband technology |
What does 802.8 define? | Fiber-optic technology |
What does 802.9 define? | Voice and Data integration |
What does 802.10 define? | Network security |
What does 802.12 define? | Demand priority networking |
How does Coaxial cable work? | Coaxial cable, or coax, brings the signal down from a rooftop antenna to a TV set or radio receiver—or, in this case, to link together networked devices. |
What is Crosstalk? | Crosstalk is an unwanted interaction, or interference, between two electrical signals. |
What is Four-pair UTP Cable? | Telephone-type cable known as unshielded twisted pair, or UTP. UTP network cables, as shown in the figure below, have four pairs of twisted wires. The twists in the cable pairs reduce crosstalk and also act as a partial shield. |
Explain the two types of UTP Cable? | Patch Cable and Premises Cable |
What is plenum cable? | Plenum is a fancy name for the gap between the real ceiling and the suspended tiles. |
How does straight-through cable work? | The typical straight-through cable for CAT 5 uses only four wires—wires 1, 2, 3, and 6. With a straight-through cable, pin 1 of the RJ-45 connector on one end follows the wire to pin 1 on the other end, and as a result, pin 1 on both ends of the wire are |
How does crossover cable work? | When you use a crossover cable to connect two computers directly, the crossover cable will connect the transmit pins on one computer to the receive pins on the second computer using wires 1 and 2 in the cable. |
How does roll over cable work? | Rollover cable: Also known as the console cable, it connects the administrator's system to the console port of a Cisco router or switch. The administrator connects the console cable to his or her serial port and then to the console port of the switch or |
What's the purpose of the loopback cable? | Loopback cable: We use this special cable for self-diagnostics and typically have the wires connecting the transmit pins to the receive pins on the same system, keeping the communication local. This cable type is only a testing tool; we don't use it for |
How are cables connected from the wall jack to the patch panel? | We typically connect cables from the wall jack to the patch panel by a punch-down tool. |
Name two types of wiring patch panels? | A couple of standards deal with wiring patch panels: for wiring the telephone system, use 66 block, and to wire the patch panel for CAT 5 or better UTP cable, use 100/110 block. |
Explain the two types of Crosstalk: | There are two types of crosstalk – near-end crosstalk, or NEXT, and far-end crosstalk or FEXT. NEXT occurs when a signal causes interference with a signal on an adjacent wire heading in the same direction, while FEXT occurs when a signal causes interferen |
How does an AD HOC Network work? | In an ad hoc network, the wireless nodes communicate directly with each other; you would not need to have a WAP for two hosts to communicate. Although this might be handy for transferring files between two laptops in the train station, ad hoc 802.11 netwo |
What security methods can be used to prevent hackers from stealing wireless data? | To address these issues, wireless networks use three methods of security, although only the second and third methods help: * Disabling broadcast of the Service Set Identification * MAC address filtering * Data encryption |
How can a hacker get around security when SSID broadcasting is disabled? | Kismet is a piece of software that enables you to see cloaked wireless networks and the clients connected to those networks. Even the default Wi-Fi detection in Windows Vista and Windows 7 will report a non-broadcasting network. |
What layer of the OSI Model does the NIC work at? | NICs operate at the Data Link or layer 2. |
How does MAC Address Filtering work? | Most wireless access points support MAC address filtering or MAC address reservations, a feature that enables you to limit access to your wireless network based on the physical, hard-wired addresses of the wireless network adapters you support. |
What is a media converter? | A media converter is a small adapter that converts from one connector style to another connector style, allowing you to switch from one cable type to another. For example, you can have a media converter that converts from UTP cabling to fiber-optic cablin |
What is the purpose of a repeater? | A repeater simply takes the incoming electrical signals, corrects any voltage drops, and then retransmits the cleaned signals. |
What layer of the OSI model does a Hub and Repeater operate at? | Hubs also operate at the Physical layer, like a repeater, and you can deduce from this that both repeaters and hubs don't do much except pass electrical signals from one port to another. |
What is the definition of jabbering? | If a faulty Ethernet NIC starts to send out an endless stream of unintelligible data, it is "jabbering." Jabbering is similar to deliberately generating reflections and will stop every other device from using the network. |
What layer of the OSI model does a bridge function? | Bridges operate at the Data Link layer, layer 2 of the OSI model. |
How does a Switch work? | A switch has more intelligence than your average kind of hub: For example, a switch can filter traffic by sending the data only to the port on the switch where the destination MAC address resides. This is different from a hub in the sense that a hub alway |
What are the three core functions of a Switch? | •Address learning : When a system that is connected to the switch sends data to another system, the switch records the port to which each system is connected according to the MAC address of the system. The switch learns the MAC address because the header |
Switches can process the data packets in two ways: | •Store-and-forward switches store an entire data packet in memory while they analyze it, check its addressing, and check it for errors. Once a switch is happy with the data packet, it forwards the data packet to the appropriate port. If, however, the data |
What Layer of the OSI model does a Switch operate? | Switches operate at layer 2 of the OSI model. You can remember this because switches work with MAC addresses, which are layer 2 components, to filter traffic. |
What are the benefits of a Routed Network? | The benefits of a routed network include fault tolerance and a high degree of control over how data gets around a WAN—favor faster or slower routes, or other routing decisions based on number of hops or cost of using a particular route. |
What is a physical segment? | Everything out one port of a Router or between two Routers. |
How does NetBEUI work? | When you install NetBEUI on a Windows operating system, you are actually installing both protocols. The NetBIOS protocol is responsible for Session layer functionality, while the NetBEUI protocol is responsible for Transport layer functionality. |
How is IPX/SPX configured? | Because IPX/SPX is routable, however, every client needs a network address, entered as part of a server's configuration. The important point to remember here is that every server on the same network must be configured with the same network address. |
How does a connection-oriented protocol work? | A connection-oriented protocol verifies the delivery and receipt of each and every packet sent. Connection-oriented protocols also check whether the destination device is actually present before sending it any data—they establish a connection between the |
How does a connectionless protocol work? | Connectionless or unreliable protocols assume that everything's working fine and expect something elsewhere to notice any problems. Because of the smaller data transmission management overhead, connectionless protocols tend to be faster than connection-or |
What are some examples of connectionless and connection-oriented protocols? | SPX is a connection-oriented protocol in the IPX/SPX protocol suite, while IPX is connectionless protocol. NetBEUI can provide both connection-oriented and connectionless packet delivery services. |
What is NFS? | Network File System or NFS is a file-sharing protocol that allows users access to network disks as though they were connected to the local system. NFS is a popular protocol used in UNIX and Linux to allow sharing of the file system and printers. |
What is the purpose of SAMBA? | Before SAMBA, you could share files between UNIX systems and other platforms using various file transfer programs and disk tools, but SAMBA makes things much simpler. SAMBA also provides client tools for UNIX and Linux workstations to access Windows serve |
What is NTP? | The Network Time Protocol or NTP is an industry protocol that is used to synchronize the time on a system with a central server on a LAN or on the Internet. In most network environments, you will configure the clients to set their time from a server on t |
What is the purpose of the ARP or Address Resolution Protocol? | It converts the IP address, a layer 3 address, of the destination computer to the MAC address, a layer 2 address. It does this through broadcast. |
How does ICMP work? | If you have ever used the PING utility to verify that a remote system is up and running, you have seen replies come back to you. ICMP is the protocol used by PING to report the replies to you. |
What is IGMP? | IGMPor Internet Group Management Protocol is the TCP/IP protocol that is responsible for multicasting, or sending data to groups of systems at one time. IGMP is popular with streaming video or gaming applications, for which the same data needs to deliver |
What is the role of APIPA? | Most current operating systems, such as Windows, support a feature known as Automatic Private IP Addressing or APIPA, which allows a system to assign itself an address if a Dynamic Host Configuration Protocol, or DHCP, server is not available on the netwo |
What is the purpose of the Loopback address? | Referred to as the loopback address, messages sent to 127.0.0.1 never leave the sending machine; instead, they are redirected back through the internal software layers to communicate with network software running on the localhost, a fancy name for "this m |
How does IP Address ANDing work? | When communicating from one system to another, the IP protocol on the sending computer determines whether the destination system exists on the same network through a process called ANDing. ANDing is done at the bit level. The first thing to do when ANDing |
How does CIDR or classless routing work? | For example, you know that the IP address 131.107.5.10 uses the first two octets as the network ID when you see the subnet mask of 255.255.0.0. You may also indicate this by using the CIDR, or Classless Inter Domain Routing, notation 131.107.5.10/16, whic |
How does distance vector routing protocol work? | A distance vector routing protocol keeps track of different networks and how many hops away, or routers away, each network is. A distance vector routing protocol considers the best pathway being the shortest path with the least number of hops. |
List distance vector routing protocols: | RIP, RIPV2, IGRP and BGP |
How does link state routing protocol work? | Link state routing protocols decide the best route to use based on bandwidth, not based on the number of hops, as a distance vector routing protocol does. Most routers assign a cost value to each type of link, and we typically select the route with the l |
List link state routing protocols? | OSPF, ISIS |
How does hybrid routing protocol work? | A hybrid routing protocol uses features of distance vector and link state. A hybrid protocol will keep a hop count list but at the same time have a cost associated with a route based on the bandwidth of the link. |
Name the hybrid routing protocol? | EIGRP |
How does NetBIOS manages connections? | NetBIOS manages connections between machines using NetBIOS names—essentially the "computer name." The Sockets standard manages connections based on an IP address and a port number. |
What is a Socket? | A socket is a combination of a port number, a protocol, and an IP address. A socket defines the endpoints of communication, uniquely identifying a TCP/IP application that runs on a system. |
What files reside on the hard drive to perform name resolution? | Text files reside on the hard drives of client computers that can be used for name resolution. The HOSTS file resolves FQDNs to IP addresses, whereas the LMHOSTS file resolves NetBIOS names to IP addresses. |
Dive Duplexing | If you really want to keep your data safe, you can use two separate controllers for each drive. With two drives, each on a separate controller, the system will continue to operate even if the primary drive's controller stops working. We call this drive-mi |
Drive Mirroring | You could, for example, install a fancy hard drive controller that reads and writes data to two hard drives—the primary drive and the mirror drive—simultaneously. The data on each drive would always be identical, so if one drive were to fail, you would st |
Disk Striping with Parity | Disk striping with parity protects data by adding a parity drive. The parity drive stores information that you can use to rebuild data should one of the data drives fail. To use disk striping with parity, you must have at least three drives to stripe, and |
RAID | •RAID 0 – Disk striping. No data protection! •RAID 1 – Disk mirroring and disk duplexing. •RAID 2 – Disk striping with multiple parity drives. Unused; ignore it. •RAID 3 and 4 – Disk striping with parity. The differences between them are trivial |
SCSI Harddrive | Small Computer System Interface, or SCSI, also supports a wide variety of devices, including hard disks, and it performs much better than EIDE under heavy load conditions. |
EIDE Harddrive | Enhanced Integrated Drive Electronics, or EIDE, disks are most commonly found in desktop PCs. The EIDE interface supports a maximum of four devices, which can be CD-ROM drives, tape backup systems, and removable drives, as well as hard disks. EIDE has alw |
SATA Drives | In recent years, IDE drives have been replaced by Serial ATA, or SATA, drives. Serial ATA drives offer the performance benefit of a transfer rate 30 times faster than that of IDE! SATA drives are also hot-swappable, which makes them great solutions for lo |
Archive Bit | The key to understanding how to manage and perform backups is to know about the existence and use of a file attribute called the archive attribute. All files have a series of attributes, or archive bits, that act as on/off or set/unset indicators for the |
CHAP | The Challenge Handshake Authentication Protocol or CHAP is more secure than PAP. After the establishment of a remote connection, the server sends a challenge message to the requestor for confirmation of the user's password. The requestor generates a resp |
EAP | A newer authentication protocol called the Extensible Authentication Protocol, or EAP, is popular in wireless security but can also be used for remote access solutions. EAP is a framework that incorporates many facets of security such as authentication an |
PKI | Private Key Infrastructure, or PKI, is an entire cryptography system that can be used for authentication and encryption services. The PKI structure starts by having a certificate authority installed that is responsible for issuing digital certificates use |
TACACS+ | TACACS+: Terminal Access Controller Access-Control System Plus is an AAA protocol that provides AAA services for access to routers, network access points, and other networking equipment. TACACS+ is popular in the Cisco environment. |
Host-based Firewall | Host-based firewall is typically a piece of software installed that simply protects the system on which it is installed. |
Network-based Firewall | The Network-based firewall is designed to protect packets from entering the network |
Stateless Firewall | A stateless firewall is simply a packet-filtering firewall that looks at the IP address and port address information in the packet and decides whether the packet can pass through the firewall based on the source/destination IP or the source/destination p |
Statefull Firewall | Stateful firewalls can filter the traffic based on the IP address and port information, but they can also filter the traffic based on the context of the conversation or the information in the application data portion of the packet. |
Why use a port scanner? | When administering firewalls, you must make sure that you perform a port scan on the firewall on a regular basis. Performing a port scan on the firewall will indicate to you which ports are open on the firewall and what traffic is able to pass through th |
Copying files securely: | When copying files from one system to another, if you need to protect the contents of the information being copied, look to the Secure Copy, or SCP, feature instead of the traditional Remote Copy, or RCP feature in UNIX. The SCP protocol uses SSH to perfo |
NAT | Network Address Translation intended to provide a temporary solution to the problems caused by the shortage of spare IP addresses. Commonly implemented in IP routers, NAT allows multiple computers on a network to connect to the Internet through a single |
Host-based IDS: | Installed on a system and detects attacks against that one system. |
Network-based IDS: | A device or software installed on a system that analyzes network traffic and tries to identify suspicious activity. Snort is an example of a network-based IDS. |
File-based IDS: | Monitors files on the system and notifies you of changes to the files. Tripwire is an example of a file-based IDS. |
PC Security: | CMOS settings on the systems and servers could include changing the boot order in CMOS so that systems don't boot off CD-ROMs, setting a password to control who can enter and make changes to the CMOS, and disabling ports such as USB ports so that employee |
Mitigation Techniques - Software/Hardware Patches Best Practices Security: | One of the most effective ways to help keep your systems secure is to apply all software and hardware patches and security updates in a timely fashion. Buffer overflow attacks compromise most systems, and once the attack is known, the software vendor prov |
Denial of Service: | Denial of Service: The attacker floods a system with too much information, causing it to crash or to be so busy servicing the information that it cannot service valid requests from real clients. |
Distributed Denial of Server or DDoS: | Distributed Denial of Server or DDoS : A DoS attack in which the attacker uses many systems to perform the attack. The most popular DDoS attack is a smurf attack, in which the attacker sends a ping message to thousands of other systems, but spoofs the sou |
Spoof: | Spoof: The attacker alters the source address of the information, generally to trick the user into thinking that the information came from somewhere other than the attacker or to bypass security filters that are in place. These attacks can be – altering t |
Port scan: | Port scan: The attacker uses a port scanner to find out what ports are open on the systems on your network. Once the attacker knows what ports are open on different systems, he can plan which services to attack. |
Eavesdrop | Eavesdrop: Also known as sniffing, this attack involves the attacker getting access to the network and running a packet sniffer. Once the packet sniffer is run, the attacker can potentially receive a copy of all information that travels on the network. |
IPSec: | Used to encrypt all IP traffic on the network or VPN. Uses the Encapsulation Security Payload, or ESP, protocol to do the encryption, and uses the Internet Key Exchange, or IKE, protocol to set up the session key that performs the encryption. You can conf |
Define Remote Connectivity | Remote connectivity means being able to access resources on an organization's network from a remote site. To establish remote access using a dial-up—PSTN or ISDN—connection, you need client software on the remote machine and also a remote access server pr |
Describe the process to connect to a corporate network through a VPN: | 1.The employee gets Internet access at home, in a hotel, or at another location. 2.Once the employee has Internet access, he can connect to the VPN server by typing the IP address into the New Connection dialog box. |
How does NetWare 5.x and 6.x login work? | NetWare servers enable users to log in once and access all their resources by logging into the NDS tree, now known as the eDirectory. |
How does Windows login work? | Windows servers enable users to log in once and access all their resources by logging into Active Directory. |
Active Directory: | Microsoft Active Directory, or Directory Services, is a model for centralized server management and was introduced with Windows 2000 Server and continued on with Windows 2003 and Windows 2008. Like NetWare Directory Services, it's based on the X.500 stand |
NDS: | NetWare 4.x built on the success of NetWare 3.x by adding two key features: Novell Directory Services or NDS, and TCP/IP encapsulation. NDS organizes all user and resource information in a database, referred to as the NDS tree. The NDS tree acts as a cent |
Windows User Profiles and Group Policies: | Windows clients support the use of user profiles, which enhance both the usability and security of a network. User profiles are a collection of settings that correspond to specific user accounts, and they allow each user to customize his or her working en |
Content switch: | Content switch : A switch that can implement performance features on different types of traffic. Examples of the performance features may be data caching or load-balancing services. |
Multilayer switch: | Multilayer switch : A switch that runs at different layers of the OSI model. |
IDS/IPS: | IDS/IPS : An IDS/IPS can identify suspicious traffic on the network or system and send out an alert regarding the activity. |
Load balancer: | Load balancer : Hardware or software that provides load-balancing services and is designed to divide the network activity between multiple hosts. Load balancers offer a number of other features such as data caching. |
Multifunction network device: | Multifunction network device : A device that has features of many different devices built in. A great example would be the typical home router that you purchased for your network—this device is a firewall, NAT server, DHCP server, switch, and wireless acc |
DNS server: | DNS server : A server on the network that converts the FQDN to an IP address. |
Bandwidth shaper: | Bandwidth shaper : Performs bandwidth shaping, also known as traffic shaping, where traffic is purposely held back, or delayed, based on its type. Traffic shaping conserves bandwidth at different times for specific applications. |
Proxy server: | Proxy server : A device that request resources, such as web pages, for the client system and then returns the page to the client system instead of the client system retrieving the content itself. |
CSU/DSU: | CSU/DSU : The channel service unit/data service unit is the device that connects to your router, which connects your network to the digital link such as a T1 or T3 link. |
VPN concentrator: | VPN concentrator : A specific device designed to offer a highly secure VPN solution to an organization using the highest level of security technologies such as encryption and authentication services. |
What is bandwidth? | The data signal traveling through the network media, which is usually some form of copper wire, is an electrical signal that's changing voltage rapidly to represent a string of binary data. Bandwidth is any signal that changes in this cyclic way and has a |
Coaxial Cable: | Coaxial cable has a central conducting core surrounded by a protective, insulating layer, an outer metal screen made of a woven copper mesh, a metal-covered plastic or foil, and an overall insulating jacket as shown in the figure. The cable is referred to |