Network+ Network Operations

Remote access policies

-Identifies how remote users can access a network and what is accessible via remote connectivity

Packet Analysis Methodology

1. Plan 2. Deploy 3. Capture 4. Analyze 5. Refine

Redundant circuits

2N redundancy means the data center provides double the power required by the data center. This ensures that the system is fully redundant

Compare and contrast business continuity and disaster recovery concepts.

==>

Explain common scanning, monitoring, and patching processes and summarize their expected outputs.

==>

Given a scenario, use appropriate documentation and diagrams to manage the network.

==>

Given a scenario, use remote access methods

==>

Hot Sites (Disaster recovery):

A "proactive" hot site allows a business to keep servers and a live backup site up and running in the event of a disaster. The production environment is replicated in a data center, allowing for immediate access in the event of a disaster at the primary site.

Butt Set

A butt set is essentially a portable telephone that allows you to test analog wet or dry lines and is used to monitor those lines.

Password policy

A collection of settings to control password characteristics such as length and complexity.

Port aggregation

A group of ports combined together

link aggregation

A group of ports combined together is called a link aggregation group, or LAA group of ports combined together is called a link aggregation group, or LAG

Loopback Adaptor (Plug

A loopback test is a diagnostic procedure in which a signal is transmitted and returned to the sending device after passing through all or a portion of a network or circuit

Licensing restrictions

A network license allows a number of users on the same TCP/IP network to share access to product licenses. The Network License Manager (NLM), installed on one or more servers, controls the distribution of licenses to users.

VPN (Virtual Private Network)

A private network that is configured within a public network such as the Internet

FTP (File Transfer Protocol)

A protocol used to move files and folders over a network or the Internet.

Change management documentation

A set of documents that defines procedures for changes to the network.

Out-of-band management

A switch management option that provides on-site infrastructure access when the network is down or complete remote access in cases of connectivity failures on the network, such as via a cellular signal, in order to interface with a switch.

Time Domain Reflectometer (TDR)

A tool that finds and describes faults in metallic cables like twisted wire pairs and coaxial cables

incremental backup (partial backup)

A type of backup that only backs up files that have changed since the last time files were backed up.

differential backup

A type of partial backup that involves copying all changes made since the last full backup. Thus, each new differential backup file contains the cumulative effects of all activity since the last full backup.

AUP

Acceptable Use Policy - Rules or guidelines for the proper use of technology or digital devices within an organization.

Full back up

All data backed up

Power management

Battery backups/UPS Power generators Dual power supplies Redundant circuits

LACP vs PAGP

Both LACP (Link Aggregation Control Protocol)and PAGP(Port Aggregation Protocol)protocols are used for link aggregation. They are aimed at bundling the links and balancing traffic across the member links to provide aggregated throughput

BYOD

Bring Your Own Device. Making it possible for users to be free to use their personal devices to access a corporate or a campus network

Recovery

Cold sites Warm sites Hot sites

metric system

Collecting and comparing metrics over time is a valuable exercise. Once a baseline has been established for these metrics, you can determine when an issue has gotten better or worse over time

Modem

Communications hardware device that facilitates the transmission of data.

HTTPS/management URL

Complete URL management for a Web application involves two aspects: When a user request comes in terms of a URL, the application needs to parse it into understandable parameters. The application needs to provide a way of creating URLs so that the created URLs can be understood by the application.

Log reviewing

Daily log review is the process of regularly reviewing and reporting on log activity. These messages provide insight into any abnormalities in the system network and servers - including failed login attempts or other indicators of possible intrusions.

Metrics

Error rate Utilization Packet drops

Remote file access

FTP/FTPS SFTP TFTP

Availability concepts

Fault tolerance High availability Load balancing NIC teaming Port aggregation Clustering

Backups

Full Differential Incremental

Wi-Fi Analyzer

Hardware and/or software that monitors a Wi-Fi network to detect devices not authorized to use the network, identify attempts to hack transmissions, or detect performance and security vulnerabilities.

Reviewing baselines

High-quality documentation should include a baseline for network performance because you and your client need to know what "normal" looks like in order to detect problems before they develop into disasters. Don't forget to verify that the network conforms to all internal and external regulations and that you've developed and itemized solid management procedures and security policies for future network administrators to refer to and follow.

VPN

IPSec SSL/TLS/DTLS Site-to-site Client-to-site

Incident response policies

Incident response is an organized approach to addressing and managing the aftermath of a security breach or cyberattack, also known as an IT incident, computer incident or security incident. The goal is to handle the situation in a way that limits damage and reduces recovery time and costs.

SLA requirements

It defines the level of service expected by a customer from a supplier, laying out the metrics by which that service is measured, and the remedies or penalties, if any, should the agreed-on service levels not be achieved

Bandwidth Speed Tester

It is a device that tests the speed of data transfer in the network

Slog

It is used in reading system messages from a switch's or router's internal buffer is the most popular and efficient method of seeing what's going on with your network at a particular time

Rollback operation

It is used to prevent accidental misconfiguration of management networking and loss of connectivity to the host by rolling back to a previous valid configuration.

Packet drops

It occurs when one or more packets of data travelling across a computer network fail to reach their destination. Packet loss is either caused by errors in data transmission, typically across wireless networks, or network congestion.

Processes

Log reviewing Port scanning Vulnerability scanning Patch management Rollback

MIB

Management Information Base

Dual power supplies

Many servers come with two supplies and you can also buy additional power supplies as well. Always ensure that the power supply you buy can supply all the needs of the server

MTBF

Mean Time Between Failure: a measure of availability often quoted by hardware manufacturers. For example 2.56 years between failures means that, on average, the hardware can be expected to last 2.56 years before it goes wrong.

MTTR

Mean Time to Recover or Mean Time to Repair It is the average time that a device will take to recover from any failure

Power generators

Needs to be ready to be used at any moment

Network configuration and performance baselines

Network baselining is the act of measuring and rating the performance of a network in real-time situations. Providing a network baseline requires testing and reporting of the physical connectivity, normal network utilization, protocol usage, peak network utilization, and average throughput of the network usage.

Network Inventory Management

Network inventory management is the process of keeping records of all the IT or network assets that make up the network

Event management

Notifications Alerts Slog SIEM

Cold sites

Offsite office space awaiting occupancy, equipment, personnel, and utility service, allowing recovery within days.

On-boarding/off-boarding procedures

Onboarding begins once a job candidate agrees to accept a job. It involves all the steps needed to get a new employee successfully deployed and productive. Offboarding is the reverse of onboarding, and it involves separating an employee from a firm. This can include a process for sharing knowledge with other employees.

PPTP is VPN

PPTP is a VPN protocol that runs over port 1723 and allows encryption to be done at the Application (data) level

Warm sites

Partially equipped office spaces that contain some or all of the system hardware, software, telecommunications, and power sources.

Labeling

Physical and logical components labeling like cables ets

Privileged user agreement

Privileged access enables an individual to take actions that may affect computing systems, network communication, or the accounts, files, data, or processes of other users.

Redundancy

Redundancy occurs when an organization has a secondary component, system, or device that takes over when the primary unit fails.

RDP

Remote Desktop Protocol Port 3389

SFTP

Secure File Transfer Protocol. An extension of Secure Shell (SSH) using SSH to transmit the files in an encrypted format. SFTP transmits data using TCP port 22.

SSH

Secure Shell. SSH encrypts a wide variety of traffic such as Secure File Transfer Protocol (SFTP), Telnet, and Secure Copy (SCP). SSH uses port 22.

SIEM

Security Information and Event Management. Software products and services combining security information management (SIM) and security event management (SEM)

IDF/MDF documentation

Short for main distribution frame, a cable rack that interconnects and manages the telecommunications wiring between itself and any number of IDFs. Unlike an IDF, which connects internal lines to the MDF, the MDF connects private or public lines coming into a building with the internal network.

Error rate

Since network errors typically lead to retransmissions, they typically result in reduced throughput because each retransmission represents a lost opportunity to use that time slot to send new data.

Data loss prevention

Systems designed to lock down—to identify, monitor, and protect—data within an organization.

International export controls

The United States export laws and regulations operate to restrict the use of and access to controlled information, goods, and technology for reasons of national security or protection of trade. The export control regulations are not new.

Vulnerability scanning

The act of scanning for weaknesses and susceptibilities in the network and on individual systems.

Bandwidth/throughputterm-50

The amount of data that can be transferred in a given time period.

Standard operating procedures/work instructions

The are the steps and ways if there is any problem rising, it should be handled.

Fault tolerance Vs High availability

The difference between fault tolerance and high availability is that a fault tolerant environment has no service interruption but a significantly higher cost because it copy everything to different devices. While a highly available environment has a minimal service interruption because it uses multiples devices.

Patch management

The practice of monitoring for, evaluating, testing, and installing software patches and updates.

Event Notifications

This allows for continuous monitoring of the network environment

SSL/TLS/DTLS

This security protocol was developed by Netscape to work with its browser. It's based on Rivest, Shamir, and Adleman (RSA) public-key encryption and used to enable secure Session layer connections over the Internet between a web browser and a web server.

TFTP

Trivial File Transfer Protocol

Packet sniffers

Unlike port scanners, packet sniffers actually look inside every packet on a network segment.

Identify policies and best practices

Use a firewall Document your cybersecurity policies. Plan for mobile devices. Educate all employees. Regularly back up all data. Install anti-malware software. Use multifactor identification.

IPSec

Used to encrypt traffic on the wire and can operate in both tunnel mode and transport mode. It uses tunnel mode for VPN traffic. IPsec is built into IPv6, but can also work with IPv4 and it includes both AH and ESP. AH provides authentication and integrity, and ESP provides confidentiality, integrity, and authentication. IPsec uses port 500 for IKE with VPN connections.

Port scanning

Using a program to remotely determine which ports on a system are open (e.g., whether systems allow connections through those ports).

VNC

Virtual Network Computing (VNC) operates much like RDP but uses the Remote Frame Buffer (RFB) protocol. Unlike RDP, VNC is platform independent.

Data Breach

When sensitive or confidential information is copied, transmitted, or viewed by an individual who is not authorized to handle the data.

Utilization

Wired and wireless analyzers can show you the bandwidth used on your network segments or wireless area. There are tools to help you find the stats on storage, network device CPU, and device memory for your servers and hosts

Battery backups/UPS

With regard to the data backups, they must be created on a schedule and tested regularly to ensure that a data restoration is successful.

Looking Glass Sites

You can access a Looking Glass (LG) server remotely to view routing information. They are servers on the Internet that run Looking Glass software that is available to the public. The servers are essentially read-only portals to the router belonging to the organizations running them. They are basically just providing a ping or traceroute from a remote location for you.

SNMP monitors

is an Application layer protocol that provides a message format for agents on a variety of devices to communicate with network management stations (NMSs)—for example, Cisco Prime or HP Openview.

NDA

non-disclosure agreement. used to protect the confidential information within an organization from being disclosed by a former employee.

High availability Load balancing

refers to a technique used to spread work out to multiple computers, network links, or other devices. high availability is provided through the implementation of duplicate equipment (multiple servers, multiple NICs, etc.

Asset Disposal

report describing the final disposition of the asset

Telnet

tcp/23 Telecommunication Network Insecure console access

Snapshots

technique that involves taking "pictures" of the processing path that a transaction follows, from the input to the output stage

Fault tolerance

the ability for a system to respond to unexpected failures or system crashes as the backup system immediately and automatically takes over with no loss of service. Familiar form of fault tolerance is configuring an additional hard drive to be a mirror image of another so that if either one fails, there's still a copy of the data available to yo

System life cycle

the factoring of the lifetime of an information system into two stages, (1) systems development and (2) systems operation and maintenance.

NIC teaming

the process of grouping together two or more physical NICs into one single logical NIC, which can be used for network fault tolerance and high availability increased bandwidth through load balancing.