Semester 2 Unit 7 computer networking

Pataasin ang iyong marka sa homework at exams ngayon gamit ang Quizwiz!

L2TP (Layer 2 Tunneling Protocol)

A VPN tunneling protocol that encapsulates PPP data for use on VPNs.

subscription model

A service model in which software is provided by subscription

GRE (Generic Routing Encapsulation)

A tunneling protocol developed by Cisco that is used to transmit PPP data frames through a VPN tunnel.

IKE (Internet Key Exchange)

One of two services in the key management phase of creating a secure IPsec connection. IKE negotiates the exchange of keys, including authentication of the keys.

PPPoE (PPP over Ethernet)

PPP running over an Ethernet network.

PPPoE

Which remote access protocol is used over an Ethernet network?

SFTP

Which remote file access protocol is an extension of SSH?

-compromise performance -increased complexity -increased licensing costs -single point of failure

Disadvantages of visualization

key management

The method whereby two nodes using key encryption agree on common parameters for the keys they will use to encrypt data.

platform

The operating system, the runtime libraries or modules the OS provides to applications, and the hardware on which the OS runs

control plane

The process of decision making, such as routing, blocking, and forwarding, that is performed by protocols

port forwarding

The process of redirecting traffic from its normally assigned port to a different port, either on the client or server.

PKI (Public-key Infrastructure)

The use of certificate authorities to associate public keys with certain users.

DirectAccess

What service in Windows Server 2016 authenticates remote users and computers to the Windows domain and its corporate network resources?

Hypervisor

What software allows you to define VMs and manage resource allocation and sharing among them on a host computer?

Virtual switch

What virtual, logically defined device operates at the Data Link layer to pass frames between nodes?

PaaS

Which cloud computing services model gives software developers access to multiple operating systems for testing?

Integrity

Which encryption benchmark ensures data is not modified after it's transmitted and before it's received?

IPsec

Which encryption protocol does GRE use to increase the security of its transmissions?

IKEv2

Which tunneling protocol is a component of the IPsec protocol suite?

NAT mode

With which network connection type does the VM obtain IP addressing information from its host?

-efficient use of resources -cost and energy savings -fault and threat isolation -simple backups, recovery, and replication

Advantages of visualization

DNS spoofing

An attack in which an outsider forges name server records to falsify his host's identity.

virtual firewall

An installation of a firewall's operating system in a VM.

virtual router

An installation of a router's operating system in a VM.

OpenVPN

An open-source VPN software that is available for multiple platforms.

CA (certificate authority)

An organization that issues and maintains digital certificates as part of the PKI (public-key infrastructure).

ISAKMP (Internet Security Association and Key Management Protocol)

One of two services in the key management phase of creating a secure IPsec connection. ISAKMP works within the IKE process to establish policies for managing the keys.

VNC (Virtual Network Computing or Virtual Network Connection)

Software that uses the cross-platform protocol RFB (remote frame buffer) to remotely control a workstation or server.

VNC (Virtual Network Computing)

Software that uses the cross-platform protocol RFB (remote frame buffer) to remotely control a workstation or server.

data plane

The actual contact made between physical devices and data transmissions as messages traverse a network.

IKEv2

The current version of IKE that offers fast throughput and good stability when moving between wireless hotspots.

hypervisor

The element of virtualization software that manages multiple guest machines and their connections to the host (and by association, to a physical network).

Virtualization

The emulation of all or part of a computer or network.

virtualization

The emulation of all or part of a computer or network.

cloud computing

The flexible provision of data storage, applications, or services to clients over the Internet.

PPP (Point-to-Point Protocol)

A Layer 2 communications protocol that enables a workstation to connect to a server using a serial connection such as dial-up or DSL.

PPTP (Point-to-Point Tunneling Protocol)

A Layer 2 protocol developed by Microsoft that encapsulates PPP data frames for transmission over VPN connections.

IPsec (Internet Protocol Security)

A Layer 3 protocol that defines encryption, authentication, and key management for TCP/IP transmissions. IPsec is an enhancement to IPv4 and is native to IPv6.

VPN (virtual private network)

A virtual connection between a client and a remote network, two remote networks, or two remote hosts over the Internet or other types of networks, to remotely provide network resources.

SDN (software-defined networking)

A centralized approach to networking that removes most of the decision-making power from network devices and instead handles that responsibility at a software level.

PoP (Points of Presence)

A data center facility at which a provider rents space to allow for dedicated connection services

PoP (Point of Presence)

A data center facility at which a provider rents space to allow for dedicated connection services.

colocation facility

A data center facility that is shared by a variety of providers. Also called a carrier hotel

Out-of-band management

A dedicated connection (either wired or wireless) from the network administrator's computer used to manage each critical network device, such as routers, firewalls, servers, power supplies, applications, and security cameras.

out-of-band management

A dedicated connection (either wired or wireless) from the network administrator's computer used to manage each critical network device, such as routers, firewalls, servers, power supplies, applications, and security cameras.

community cloud

A deployment model in which flexible data storage, applications, or services are shared between multiple organizations, but not available publicly

Hybrid Cloud

A deployment model in which shared and flexible data storage, applications, or services are made available through a combination of other service models into a single deployment, or a collection of services connected within the cloud.

hybrid cloud

A deployment model in which shared and flexible data storage, applications, or services are made available through a combination of other service models into a single deployment, or a collection of services connected within the cloud.

public cloud

A deployment model in which shared and flexible data storage, applications, or services are managed centrally by service providers and delivered over public transmission lines, such as the Internet

private cloud

A deployment model in which shared and flexible data storage, applications, or services are managed on and delivered via an organization's own network, or established virtually for a single organization's private use.

HVDs (hosted virtual desktops

A desktop operating environment hosted virtually on a different physical computer from the one the user interacts with

HVD (hosted virtual desktop)

A desktop operating environment hosted virtually on a different physical computer from the one the user interacts with.

console router

A device that provides centralized management of all linked devices.

console server

A device that provides centralized management of all linked devices.

public key encryption

A form of key encryption in which data is encrypted using two keys: One is a key known only to a user (that is, a private key), and the other is a key associated with the user and that can be obtained from a public source, such as a public key server. Public key encryption is also known as asymmetric encryption.

Type 2 hypervisor

A hypervisor that installs in a host OS as an application and is called a hosted hypervisor.

type 2 hypervisor

A hypervisor that installs in a host OS as an application and is called a hosted hypervisor.

Type 1 hypervisor

A hypervisor that installs on a computer before any OS and is therefore called a bare-metal hypervisor.

type 1 hypervisor

A hypervisor that installs on a computer before any OS and is therefore called a bare-metal hypervisor.

vSwitch (virtual switch)

A logically defined device that operates at the Data Link layer to pass frames between nodes.

vNIC (virtual NIC)

A logically defined network interface associated with a virtual machine.

remote access

A method for connecting and logging on to a server, LAN, or WAN from a workstation that is in a different geographical location.

symmetric encryption

A method of encryption that requires the same key to encode the data as is used to decode the cipher text.

NFV (Network Functions Virtualization)

A network architecture that merges physical and virtual network devices.

DMVPN (Dynamic Multipoint VPN)

A particular type of enterprise VPN using Cisco devices that dynamically creates VPN tunnels between branch locations as needed rather than requiring constant, static tunnels for site-to-site connections.

SDN controller

A product that integrates configuration and management control of all network devices, both physical and virtual, into one cohesive system that is overseen by the network administrator through a single dashboard

handshake protocol

A protocol within SSL that allows the client and server to authenticate (or introduce) each other and establishes terms for how they securely exchange data during an SSL session

key

A series of characters that is combined with a block of data during that data's encryption.

RAS (remote access server)

A server that runs communications services enabling remote users to log on to a network and grant privileges to the network's resources.

SaaS (Software as a Service)\\

A service model in which applications are provided through an online user interface and are compatible with a multitude of devices and operating systems

SaaS (Software as a Service)

A service model in which applications are provided through an online user interface and are compatible with a multitude of devices and operating systems.

IaaS (Infrastructure as a Service

A service model in which hardware services are provided virtually, including network infrastructure devices such as virtual servers

IaaS (Infrastructure as a Service)

A service model in which hardware services are provided virtually, including network infrastructure devices such as virtual servers.

PaaS (Platform as a Service)

A service model in which various platforms are provided virtually, enabling developers to build and test applications within virtual, online environments tailored to the specific needs of a project

digital certificate

A small file containing verified identification information about the user and the user's public key.

VPN concentrator

A specialized device that authenticates VPN clients, establishes tunnels for VPN connections, and manages encryption for VPN transmissions.

in-band management

A switch management option, such as Telnet, that uses the existing network and its protocols to interface with a switch.

CIA (confidentiality, integrity, and availability) triad

A three-tenet, standard security model describing the primary ways that encryption protects data. Confidentiality ensures that data can only be viewed by its intended recipient or at its intended destination. Integrity ensures that data was not modified after the sender transmitted it and before the receiver picked it up. Availability ensures that data is available to and accessible by the intended recipient when needed.

site-to-site VPN

A type of VPN in which VPN gateways at multiple sites encrypt and encapsulate data to exchange over tunnels with other VPN gateways. Meanwhile, clients, servers, and other hosts on a siteto- site VPN communicate with the VPN gateway.

client-to-site VPN

A type of VPN in which clients, servers, and other hosts establish tunnels with a private network using a VPN gateway at the edge of the private network.

XaaS (Anything as a Service or Everything as a Service)

A type of cloud computing in which the cloud can provide any combination of functions depending on a client's exact needs, or assumes functions beyond networking including, for example, monitoring, storage, applications, and virtual desktops

asymmetric encryption

A type of encryption (such as public key encryption) that uses a different key for encoding data than is used for decoding the cipher text.

private key encryption

A type of key encryption in which the sender and receiver use a key to which only they have access. Also known as symmetric encryption.

host-only mode

A type of network connection in which VMs on a host can exchange data with each other and with their host, but they cannot communicate with any nodes beyond the host. In host-only mode, VMs use the DHCP service in the host's virtualization software to obtain IP address assignments.

bridged mode

A type of network connection in which a vNIC accesses a physical network using the host machine's NIC. The bridged vNIC obtains its own IP address, default gateway, and subnet mask information from the physical LAN's DHCP server.

NAT mode

A type of network connection in which a vNIC relies on the host machine to act as a NAT device. The virtualization software acts as a DHCP server.

DTLS (Datagram Transport Layer Security)

A variant of TLS designed specifically for streaming communications.

FTPS (FTP Security or FTP Secure)

A version of FTP that incorporates the TLS and SSL protocols for added security.

management URL

A web-based user interface where the user can make changes directly to a device.

ESP (Encapsulating Security Payload)

In the context of IPsec, a type of encryption that provides authentication of the IP packet's data payload through public key techniques and encrypts the entire IP packet for added security.

AH (authentication header)

In the context of IPsec, a type of encryption that provides authentication of the IP packet's data payload through public key techniques.

client_hello

In the context of SSL encryption, a message issued from the client to the server that contains information about what level of security the client's browser is capable of accepting and what type of encryption the client's browser can decipher.

server_hello

In the context of SSL encryption, a message issued from the server to the client that confirms the information the server received in the client_hello message. It also agrees to certain terms of encryption based on the options the client supplied.

guest

In the context of virtualization, a virtual machine operated and managed by a virtualization program.


Kaugnay na mga set ng pag-aaral

Chapter 9 quiz Capital budgeting and cash flow

View Set

Link+ A1 thema 7.1 Wanneer is het spreekuur?

View Set

17) Direct, Online, Social Media, and Mobile Marketing MC

View Set

CONCEPTS OF TEACHING AND LEARNING

View Set

Prep U: Culture, Spirituality, Etc.

View Set

Chapter 43 Loss, Grief, and Dying

View Set

Deleon Chemistry- Chapter 4 test answers excluding math problems

View Set

Ch 11: The Psychiatric-Mental Health Nursing Process

View Set

Issues in Education Mid-Term Study Guide

View Set

Persia and Greece Ch 6 AP World Studies

View Set