Network+ Network Operations
Remote access policies
-Identifies how remote users can access a network and what is accessible via remote connectivity
Packet Analysis Methodology
1. Plan 2. Deploy 3. Capture 4. Analyze 5. Refine
Redundant circuits
2N redundancy means the data center provides double the power required by the data center. This ensures that the system is fully redundant
Compare and contrast business continuity and disaster recovery concepts.
==>
Explain common scanning, monitoring, and patching processes and summarize their expected outputs.
==>
Given a scenario, use appropriate documentation and diagrams to manage the network.
==>
Given a scenario, use remote access methods
==>
Hot Sites (Disaster recovery):
A "proactive" hot site allows a business to keep servers and a live backup site up and running in the event of a disaster. The production environment is replicated in a data center, allowing for immediate access in the event of a disaster at the primary site.
Butt Set
A butt set is essentially a portable telephone that allows you to test analog wet or dry lines and is used to monitor those lines.
Password policy
A collection of settings to control password characteristics such as length and complexity.
Port aggregation
A group of ports combined together
link aggregation
A group of ports combined together is called a link aggregation group, or LAA group of ports combined together is called a link aggregation group, or LAG
Loopback Adaptor (Plug
A loopback test is a diagnostic procedure in which a signal is transmitted and returned to the sending device after passing through all or a portion of a network or circuit
Licensing restrictions
A network license allows a number of users on the same TCP/IP network to share access to product licenses. The Network License Manager (NLM), installed on one or more servers, controls the distribution of licenses to users.
VPN (Virtual Private Network)
A private network that is configured within a public network such as the Internet
FTP (File Transfer Protocol)
A protocol used to move files and folders over a network or the Internet.
Change management documentation
A set of documents that defines procedures for changes to the network.
Out-of-band management
A switch management option that provides on-site infrastructure access when the network is down or complete remote access in cases of connectivity failures on the network, such as via a cellular signal, in order to interface with a switch.
Time Domain Reflectometer (TDR)
A tool that finds and describes faults in metallic cables like twisted wire pairs and coaxial cables
incremental backup (partial backup)
A type of backup that only backs up files that have changed since the last time files were backed up.
differential backup
A type of partial backup that involves copying all changes made since the last full backup. Thus, each new differential backup file contains the cumulative effects of all activity since the last full backup.
AUP
Acceptable Use Policy - Rules or guidelines for the proper use of technology or digital devices within an organization.
Full back up
All data backed up
Power management
Battery backups/UPS Power generators Dual power supplies Redundant circuits
LACP vs PAGP
Both LACP (Link Aggregation Control Protocol)and PAGP(Port Aggregation Protocol)protocols are used for link aggregation. They are aimed at bundling the links and balancing traffic across the member links to provide aggregated throughput
BYOD
Bring Your Own Device. Making it possible for users to be free to use their personal devices to access a corporate or a campus network
Recovery
Cold sites Warm sites Hot sites
metric system
Collecting and comparing metrics over time is a valuable exercise. Once a baseline has been established for these metrics, you can determine when an issue has gotten better or worse over time
Modem
Communications hardware device that facilitates the transmission of data.
HTTPS/management URL
Complete URL management for a Web application involves two aspects: When a user request comes in terms of a URL, the application needs to parse it into understandable parameters. The application needs to provide a way of creating URLs so that the created URLs can be understood by the application.
Log reviewing
Daily log review is the process of regularly reviewing and reporting on log activity. These messages provide insight into any abnormalities in the system network and servers - including failed login attempts or other indicators of possible intrusions.
Metrics
Error rate Utilization Packet drops
Remote file access
FTP/FTPS SFTP TFTP
Availability concepts
Fault tolerance High availability Load balancing NIC teaming Port aggregation Clustering
Backups
Full Differential Incremental
Wi-Fi Analyzer
Hardware and/or software that monitors a Wi-Fi network to detect devices not authorized to use the network, identify attempts to hack transmissions, or detect performance and security vulnerabilities.
Reviewing baselines
High-quality documentation should include a baseline for network performance because you and your client need to know what "normal" looks like in order to detect problems before they develop into disasters. Don't forget to verify that the network conforms to all internal and external regulations and that you've developed and itemized solid management procedures and security policies for future network administrators to refer to and follow.
VPN
IPSec SSL/TLS/DTLS Site-to-site Client-to-site
Incident response policies
Incident response is an organized approach to addressing and managing the aftermath of a security breach or cyberattack, also known as an IT incident, computer incident or security incident. The goal is to handle the situation in a way that limits damage and reduces recovery time and costs.
SLA requirements
It defines the level of service expected by a customer from a supplier, laying out the metrics by which that service is measured, and the remedies or penalties, if any, should the agreed-on service levels not be achieved
Bandwidth Speed Tester
It is a device that tests the speed of data transfer in the network
Slog
It is used in reading system messages from a switch's or router's internal buffer is the most popular and efficient method of seeing what's going on with your network at a particular time
Rollback operation
It is used to prevent accidental misconfiguration of management networking and loss of connectivity to the host by rolling back to a previous valid configuration.
Packet drops
It occurs when one or more packets of data travelling across a computer network fail to reach their destination. Packet loss is either caused by errors in data transmission, typically across wireless networks, or network congestion.
Processes
Log reviewing Port scanning Vulnerability scanning Patch management Rollback
MIB
Management Information Base
Dual power supplies
Many servers come with two supplies and you can also buy additional power supplies as well. Always ensure that the power supply you buy can supply all the needs of the server
MTBF
Mean Time Between Failure: a measure of availability often quoted by hardware manufacturers. For example 2.56 years between failures means that, on average, the hardware can be expected to last 2.56 years before it goes wrong.
MTTR
Mean Time to Recover or Mean Time to Repair It is the average time that a device will take to recover from any failure
Power generators
Needs to be ready to be used at any moment
Network configuration and performance baselines
Network baselining is the act of measuring and rating the performance of a network in real-time situations. Providing a network baseline requires testing and reporting of the physical connectivity, normal network utilization, protocol usage, peak network utilization, and average throughput of the network usage.
Network Inventory Management
Network inventory management is the process of keeping records of all the IT or network assets that make up the network
Event management
Notifications Alerts Slog SIEM
Cold sites
Offsite office space awaiting occupancy, equipment, personnel, and utility service, allowing recovery within days.
On-boarding/off-boarding procedures
Onboarding begins once a job candidate agrees to accept a job. It involves all the steps needed to get a new employee successfully deployed and productive. Offboarding is the reverse of onboarding, and it involves separating an employee from a firm. This can include a process for sharing knowledge with other employees.
PPTP is VPN
PPTP is a VPN protocol that runs over port 1723 and allows encryption to be done at the Application (data) level
Warm sites
Partially equipped office spaces that contain some or all of the system hardware, software, telecommunications, and power sources.
Labeling
Physical and logical components labeling like cables ets
Privileged user agreement
Privileged access enables an individual to take actions that may affect computing systems, network communication, or the accounts, files, data, or processes of other users.
Redundancy
Redundancy occurs when an organization has a secondary component, system, or device that takes over when the primary unit fails.
RDP
Remote Desktop Protocol Port 3389
SFTP
Secure File Transfer Protocol. An extension of Secure Shell (SSH) using SSH to transmit the files in an encrypted format. SFTP transmits data using TCP port 22.
SSH
Secure Shell. SSH encrypts a wide variety of traffic such as Secure File Transfer Protocol (SFTP), Telnet, and Secure Copy (SCP). SSH uses port 22.
SIEM
Security Information and Event Management. Software products and services combining security information management (SIM) and security event management (SEM)
IDF/MDF documentation
Short for main distribution frame, a cable rack that interconnects and manages the telecommunications wiring between itself and any number of IDFs. Unlike an IDF, which connects internal lines to the MDF, the MDF connects private or public lines coming into a building with the internal network.
Error rate
Since network errors typically lead to retransmissions, they typically result in reduced throughput because each retransmission represents a lost opportunity to use that time slot to send new data.
Data loss prevention
Systems designed to lock down—to identify, monitor, and protect—data within an organization.
International export controls
The United States export laws and regulations operate to restrict the use of and access to controlled information, goods, and technology for reasons of national security or protection of trade. The export control regulations are not new.
Vulnerability scanning
The act of scanning for weaknesses and susceptibilities in the network and on individual systems.
Bandwidth/throughputterm-50
The amount of data that can be transferred in a given time period.
Standard operating procedures/work instructions
The are the steps and ways if there is any problem rising, it should be handled.
Fault tolerance Vs High availability
The difference between fault tolerance and high availability is that a fault tolerant environment has no service interruption but a significantly higher cost because it copy everything to different devices. While a highly available environment has a minimal service interruption because it uses multiples devices.
Patch management
The practice of monitoring for, evaluating, testing, and installing software patches and updates.
Event Notifications
This allows for continuous monitoring of the network environment
SSL/TLS/DTLS
This security protocol was developed by Netscape to work with its browser. It's based on Rivest, Shamir, and Adleman (RSA) public-key encryption and used to enable secure Session layer connections over the Internet between a web browser and a web server.
TFTP
Trivial File Transfer Protocol
Packet sniffers
Unlike port scanners, packet sniffers actually look inside every packet on a network segment.
Identify policies and best practices
Use a firewall Document your cybersecurity policies. Plan for mobile devices. Educate all employees. Regularly back up all data. Install anti-malware software. Use multifactor identification.
IPSec
Used to encrypt traffic on the wire and can operate in both tunnel mode and transport mode. It uses tunnel mode for VPN traffic. IPsec is built into IPv6, but can also work with IPv4 and it includes both AH and ESP. AH provides authentication and integrity, and ESP provides confidentiality, integrity, and authentication. IPsec uses port 500 for IKE with VPN connections.
Port scanning
Using a program to remotely determine which ports on a system are open (e.g., whether systems allow connections through those ports).
VNC
Virtual Network Computing (VNC) operates much like RDP but uses the Remote Frame Buffer (RFB) protocol. Unlike RDP, VNC is platform independent.
Data Breach
When sensitive or confidential information is copied, transmitted, or viewed by an individual who is not authorized to handle the data.
Utilization
Wired and wireless analyzers can show you the bandwidth used on your network segments or wireless area. There are tools to help you find the stats on storage, network device CPU, and device memory for your servers and hosts
Battery backups/UPS
With regard to the data backups, they must be created on a schedule and tested regularly to ensure that a data restoration is successful.
Looking Glass Sites
You can access a Looking Glass (LG) server remotely to view routing information. They are servers on the Internet that run Looking Glass software that is available to the public. The servers are essentially read-only portals to the router belonging to the organizations running them. They are basically just providing a ping or traceroute from a remote location for you.
SNMP monitors
is an Application layer protocol that provides a message format for agents on a variety of devices to communicate with network management stations (NMSs)—for example, Cisco Prime or HP Openview.
NDA
non-disclosure agreement. used to protect the confidential information within an organization from being disclosed by a former employee.
High availability Load balancing
refers to a technique used to spread work out to multiple computers, network links, or other devices. high availability is provided through the implementation of duplicate equipment (multiple servers, multiple NICs, etc.
Asset Disposal
report describing the final disposition of the asset
Telnet
tcp/23 Telecommunication Network Insecure console access
Snapshots
technique that involves taking "pictures" of the processing path that a transaction follows, from the input to the output stage
Fault tolerance
the ability for a system to respond to unexpected failures or system crashes as the backup system immediately and automatically takes over with no loss of service. Familiar form of fault tolerance is configuring an additional hard drive to be a mirror image of another so that if either one fails, there's still a copy of the data available to yo
System life cycle
the factoring of the lifetime of an information system into two stages, (1) systems development and (2) systems operation and maintenance.
NIC teaming
the process of grouping together two or more physical NICs into one single logical NIC, which can be used for network fault tolerance and high availability increased bandwidth through load balancing.