CompTIA Practice Net+

What is Cloud Access Security Broker (CASB)?

A Cloud Access Security Broker (CASB) is enterprise management software designedto mediate access to cloud services by users across all types of devices. CASB vendorsinclude Blue Coat™, now owned by Symantec™ (symantec.com/products/cloud-application-security-cloudsoc), and SkyHigh Networks, now owned by MacAfee®(skyhighnetworks.com). Some of the functions of a CASB are:• Enable single-sign on authentication and enforce access controls and authorizationsfrom the enterprise network to the cloud provider.• Scan for malware and rogue or non-compliant device access.• Monitor and audit user and resource activity.• Mitigate data exfiltration by preventing access to unauthorized cloud servicesfrom managed devices.

A network/IT support service contracting company is working with a client on developing a Service Level Agreement (SLA) for a large office network. Determine which of the following are important aspects of outlining an SLA. (Select all that apply) Define working definitions of MTD, MTBF, and MTTR as well as performance metrics that are to be measured. Identify and map locations of important network components. Define a list of worst-case failure scenarios and likely single points of failure and develop mitigation and recovery plans. Define scope and quality of service using specifics, such as who is responsible for reporting faults and what types of problems the service provider is obligated to fix.

AD

Infrastructure as a Service (IaaS) is a means of provisioning IT resources such as servers, load balancers, and storage area network (SAN) components quickly. Examples include (2)

Amazon's Elastic Compute Cloud and Microsoft's Azure Virtual Machines.

Company XYZ must obtain permission from several regulatory agencies prior to importing or exporting scanning and malware research tools. Determine which organization is NOT relevant to obtaining the necessary permissions in this scenario. Bureau of Industry and Security (BIS) National Security Agency (NSA) International Traffic in Arms Regulations (ITAR) Bureau of Political Military Affairs' Directorate of Defense Trade Controls (DDTC)

B

A network administrator implements a storage area network (SAN) in a data center. The selected technology to create the links will use Host Channel Adapters (HCA) and Target Channel Adapters (TCA). Which does the admin implement? Jumbo frame Infiniband FCoE Fibre Channel

B (InfiniBand is a high-speed switching fabric used in storage area networks (SAN) and data center networks. It uses Host Channel Adapters (HCA) and Target Channel Adapters (TCA).)

Company LMNO is using an encrypted remote access protocol, Authentication Header (AH), and Encapsulation Security Payload (ESP). Decide which protocol and mode is utilized in this scenario. IPSec in Tunnel mode IPSec in Transport mode SSH in Tunnel mode SSH in Transport mode

B (Internet Protocol Security (IPSec) is a set of open, non-proprietary standards that you can use to secure data as it travels across the network or the Internet.Secure Shell (SSH) provides encrypted access to the command line of a host. SSH is the principal means of obtaining secure remote access to a UNIX or Linux server.In tunnel mode, Authentication Header (AH) is not used (by default).)

Host A sends a packet to Host B. A corrupted routing table causes a delay and the package begins to loop. The router discards the packet. What type of message will the Internet Control Message Protocol (ICMP) send? A. Destination unreachable B. Redirect C. Time exceeded D. Request timed out

C (A destination unreachable message indicates that a host cannot be contacted. This might be caused by a configuration error or by a host or router not being available. A redirect message is sent if there is a more efficient route. The router still delivers the original message. A request timed out message will display if the host is unavailable or cannot route a reply to a host.)

Configuration managementmeans identifying all components of ICT infrastructure(hardware, software, and procedures) and their properties. Change managementmeans putting policies in place to reduce the risk that changes to these componentscould cause service disruption (network downtime). ITIL® is a popular documentationof good and best practice activities and processes for delivering IT services. Under ITIL,configuration management is implemented using the following elements: -•Baseline—:A fundamental concept in configuration management is the baseline.The baseline represents the way it was. A baseline can be a __ or a __

configuration baseline(the ACL applied to a firewall, for instance); performance baseline (such as thethroughput achieved by a server).

A SAN based on a Fibre Channel (FC) Switched Fabric (FC-SW)involves three main types of components: -FC switch—:This provides the interconnections between initiators and targets (afabric). The switch topology and interconnections would be designed to providemultiple paths between initiators and targets, allowing for fault tolerance and loadbalancing. High performance FC switches are often referred to as

directors

Connectors with APC finishing are what color?

green

A SAN based on a Fibre Channel (FC) Switched Fabric (FC-SW)involves three main types of components: Initiator—:This is a __ installed in the file or database server.•

host bus adapter (HBA)

Fibre Channel (FC) is a high-speed network communications protocol, implementing storage area networks (SANs), and uses a __ for connectivity.

host bus adapter (HBA)

A port location diagram shows

how ports connect to the distribution frame and patch panel and will not be useful for properly terminating cables.

LUN stands for

logical unit number (LUN)

What type of firewall establishes Demilitarized Zone (DMZ) configurations? Packet filtering Internal Border Stateless

C. (Demilitarized Zone (DMZ) configurations are established by border firewalls. Border firewalls filter traffic between the trusted local network and untrusted external networks, such as the Internet. A packet filtering firewall is stateless. This means that it does not preserve information about the connection between two hosts. Internal firewalls can be placed anywhere within the network, either inline or as host firewalls, to filter traffic flows between different security zones. Packet filtering is a stateless technique because the firewall examines each packet in isolation and has no record of previous packets.)

Configuration managementmeans identifying all components of ICT infrastructure(hardware, software, and procedures) and their properties. Change managementmeans putting policies in place to reduce the risk that changes to these componentscould cause service disruption (network downtime). ITIL® is a popular documentationof good and best practice activities and processes for delivering IT services. Under ITIL,configuration management is implemented using the following elements: -A Configuration Item (CI): is an asset that requires specific managementprocedures for it to be used to deliver the service. Each CI must be identified bysome sort of label. CIs are defined by their attributes, which are stored in a

Configuration Management Database (CMDB).

Within an 802.1X enterprise authentication environment, how do Extensible Authentication Protocol Transport Layer Security (EAP-TLS) and Protected Extensible Authentication Protocol (PEAP) differ?

EAP-TLS uses public key certificates on the client and server. With PEAP, the client does not require a certificate.

What kind of connector can a console port use?

Either a RJ-45 or DB9/25

EDR stands for

EnhancedData Rate (EDR)

InfiniBand is a high-speed switching fabric representing another way to create a SANand a direct competitor to FC and Ethernet-based technologies. The latest __ adapters support up to 100 Gbps unidirectional throughput.

EnhancedData Rate (EDR)

A network technician is using Network Mapper (Nmap) to gather port information. Select the term that describes the process of identifying the operating system (OS) through probing when Nmap discovers a host.

Fingerprinting identifies the OS through probing for responses while Nmap performs numerous port scans to determine which OS is running.

HCA stands for

Host Channel Adapter (HCA)

InfiniBand is a high-speed switching fabric representing another way to create a SANand a direct competitor to FC and Ethernet-based technologies. The latest EnhancedData Rate (EDR) adapters support up to 100 Gbps unidirectional throughput. As it wasdesigned from the outset as a switched fabric (where Ethernet has evolved from ashared access medium), InfiniBand has delivered faster port speeds, is lower latency,and provides better support for QoS mechanisms. Hosts connect to the fabric via a

Host Channel Adapter (HCA), while storage devices areattached using Target Channel Adapters (TCA).

InfiniBand is a high-speed switching fabric used in storage area networks (SAN) and data center networks. It uses __s and __s

Host Channel Adapters (HCA); Target Channel Adapters (TCA).

HWMP stands for

Hybrid Wireless Mesh Protocol (HWMP)

The 802.11s standard defines a Wireless Mesh Network (WMN). Unlike an ad hocnetwork, nodes in a WMN (called mesh stations) are capable of discovering oneanother and peering, forming a Mesh Basic Service Set (MBSS). The mesh stationscan perform path discovery and forwarding between peers using a routing protocol,such as the

Hybrid Wireless Mesh Protocol (HWMP)

In an ad hoc topology, the wireless adapter allows connections to and from other devices. This makes it possible for two laptops to connect directly with each other wirelessly. This is also referred to as a(n)

Independent Basic Service Set (IBSS).

Fixed cable is terminated using a punch down tool. This tool is used to fix cable conductors into a patch panel __

Insulation Displacement Connector (IDC).

IDC stands for

Insulation Displacement Connector (IDC).

MBSS stands for

Mesh Basic Service Set (MBSS).

Unlike an ad hoc network, nodes in a wireless mesh network (WMN), called mesh stations, are capable of discovering one another and peering, forming a

Mesh Basic Service Set (MBSS).

Platform as a Service (PaaS) provides resources between SaaS and IaaS. It may include servers and storage network infrastructure but with a multi-tier web application/database platform on top. An example is

Microsoft Azure SQL Database.

PoE switches are referred to as endspan (or endpoint) power sourcing equipment(PSE). If an existing switch does not support PoE, a device called a power injector (ormidspan) can be used. Power can either be supplied over pairs 1/2 and 3/6 (referred toas __ or __, as these are the ones also used for data in 10/100BASE)or over 4/5 and 7/8 (Mode B). Gigabit Ethernet only uses the Mode A method.

Mode A or phantom power

A cold site takes how long to set up?

More than a week

A network attached storage (NAS) appliance is a hard drive (or RAID array) with a cut-down server board that provides network access via various file sharing protocols.File-based access works via protocols such as (5)

Network File System (NFS), Server Message Block/Common Internet File System (SMB/CIFS), Apple Filing Protocol (AFP), File Transfer Protocol (FTP), and HyperText Transport Protocol (HTTP).

List three examples of SIEM software

OSSIM, EventSentry, pfSense

In an 802.1X enterprise authentication environment, what is the difference between Protected Extensible Authentication Protocol (PEAP) and Flexible Authentication via Secure Tunneling (EAP-FAST)?

PEAP uses a certificate to set up a tunnel, while EAP-FAST uses a Protected Access Credential (PAC).

Fibre Channel is defined in the __ standard.

T11 ANSI

H.323 port

TCP 1720

LDAPS port

TCP 636

TCA stands for

Target Channel Adapter (TCA).

InfiniBand is a high-speed switching fabric representing another way to create a SANand a direct competitor to FC and Ethernet-based technologies. The latest EnhancedData Rate (EDR) adapters support up to 100 Gbps unidirectional throughput. As it wasdesigned from the outset as a switched fabric (where Ethernet has evolved from ashared access medium), InfiniBand has delivered faster port speeds, is lower latency,and provides better support for QoS mechanisms. Hosts connect to the fabric via a Host Channel Adapter (HCA), while storage devices areattached using

Target Channel Adapters (TCA).

What is Internet Network Information Center (InterNIC)?

The first method for resolving host names to IP addresses involved the InterNIC centralauthority—now operated by ICANN (icann.org)—maintaining a text file of host name toIP address mappings. This file was called HOSTS. Whenever a site wanted to add a newhost to the Internet, the site administrator sent an email to InterNIC giving the newhost name to IP address mapping. This information was manually entered into the file.

The end-to-end or host-to-host layer is another name for which layer?

Transport

LDAP port

UDP 389

WWNN stands for

WWNN(WorldWide Node Name)

A SAN based on a Fibre Channel (FC) Switched Fabric (FC-SW)involves three main types of components: -Target—:The network port for a storage device. Typical devices include single drives,RAID drive arrays, tape drives, and tape libraries. Space on the storage devices isdivided into logical volumes, each identified by a 64-bit logical unit number (LUN).The initiator will use SCSI, Serial Attached SCSI (SAS), or SATA commands to operate the storage devices in the network, depending on which interface they support.Most devices have multiple ports for load balancing and fault tolerance.The initiators and targets are identified by 64-bit WorldWide Names (WWN), similarto network adapter MAC addresses. Collectively, initiators and targets are referredto as nodes. Nodes can be allocated their own WWN, referred to as a

WWNN(WorldWide Node Name). Also, each port on a node can have its own WorldWidePort Name (WWPN).•

Provisioning separate Fibre Channel adapters and cabling is expensive. As its namesuggests, Fibre Channel over Ethernet (FCoE) is a means of delivering Fibre Channelpackets over 10G Ethernet cabling, NIC/HBAs [referred to as converged networkadapters (CNAs)], and switches. FCoE uses a special frame type, identified by theEtherType value 0x8096. The protocol maps

WWNs onto MAC addresses.

What are Application-Specific Integrated Circuits (ASICs) ?

When VLANs are deployed to segment large networks, a lot of bandwidth can bewasted pushing traffic from the switches to a router and back again. Layer 3 switchesaddress this problem by using hardware optimized for this specific routing job. Theywork on the principle of "route once, switch many," which means that once a route isdiscovered, it is cached with the destination MAC address and subsequentcommunications are switched without invoking the routing lookup. While a router usesa generic processor and firmware to process incoming packets, a layer 3 switch usesApplication-Specific Integrated Circuits (ASICs). This can have an impact on therelative performance of the two types of devices. Layer 3 switches can be far faster, butthey are not always as flexible. Layer 3 switches cannot usually perform WAN routingand work with interior routing protocols only. Often layer 3 switches support Ethernetonly.

WWN stands for

WorldWide Names (WWN)

A SAN based on a Fibre Channel (FC) Switched Fabric (FC-SW)involves three main types of components: -Target—:The network port for a storage device. Typical devices include single drives,RAID drive arrays, tape drives, and tape libraries. Space on the storage devices isdivided into logical volumes, each identified by a 64-bit logical unit number (LUN).The initiator will use SCSI, Serial Attached SCSI (SAS), or SATA commands to operate the storage devices in the network, depending on which interface they support.Most devices have multiple ports for load balancing and fault tolerance.The initiators and targets are identified by 64-bit

WorldWide Names (WWN), similarto network adapter MAC addresses. Collectively, initiators and targets are referredto as nodes. Nodes can be allocated their own WWN, referred to as a WWNN(WorldWide Node Name). Also, each port on a node can have its own WorldWidePort Name (WWPN).•

A SAN based on a Fibre Channel (FC) Switched Fabric (FC-SW)involves three main types of components: -Target—:The network port for a storage device. Typical devices include single drives,RAID drive arrays, tape drives, and tape libraries. Space on the storage devices isdivided into logical volumes, each identified by a 64-bit logical unit number (LUN).The initiator will use SCSI, Serial Attached SCSI (SAS), or SATA commands to operate the storage devices in the network, depending on which interface they support.Most devices have multiple ports for load balancing and fault tolerance.The initiators and targets are identified by 64-bit WorldWide Names (WWN), similarto network adapter MAC addresses. Collectively, initiators and targets are referredto as nodes. Nodes can be allocated their own WWN, referred to as a WWNN(WorldWide Node Name). Also, each port on a node can have its own

WorldWidePort Name (WWPN).•

WWPN stands for

WorldWidePort Name (WWPN).•

Ordinarily, an Ethernet frame can carry a data payload or maximum transmission unit(MTU) of up to 1,500 bytes. When you are transferring data around a SAN with a 10Gbps switching fabric, a 1500-byte limit means using a lot of frames. A jumbo frame isone that supports a data payload of up to around 9,000 bytes. This reduces thenumber of frames that need to be transmitted, which can reduce the amount ofprocessing that switches and routers need to do. It also reduces the bandwidthrequirement somewhat, as fewer frame headers are being transmitted. The benefits ofjumbo frames are somewhat disputed, however.When implementing jumbo frames, it is critical that

all hosts and appliances (switchesand routers) along the communications path be able and configured to support them.It is also vital to ensure that each device supports the same MTU. Also, it can becomplex to calculate the MTU if any additional headers are used (for IPSec, forinstance).

A typical port naming convention is for

alphanumeric identifiers for the building, telecommunications space, and port. In the example, AB01 means administrative building 1, 03A means floor 3, room A. The port is Data port 1, which has not changed. AB01-03A-D01

Unlike an ad hoc network, nodes in a wireless mesh network (WMN), called mesh stations,

are capable of discovering one another and peering, forming a Mesh Basic Service Set (MBSS).

The primary problems with logging are that (2)

auditing successful access attempts can quickly consume a lot of disk space and analyzing the logs can be very time-consuming.

InfiniBand is a high-speed switching fabric representing another way to create a SANand a direct competitor to FC and Ethernet-based technologies. The latest EnhancedData Rate (EDR) adapters support up to __(speed) unidirectional throughput.

100 Gbps

Fibre Channel is defined in the T11 ANSI standard. The spelling "fibre" is deliberatelyused to distinguish the standard from fiber optic cabling, which it often uses but onwhich it does not rely. The standard transfer rates are (5)

1GFC (1 Gbps), 2GFC, 4GFC,8GFC, and 16GFC. Two other rates (10GFC and 20GFC) use different encoding and areincompatible with devices supporting only the standard rates.

The comparative strength of the data signal to the background noise is called the Signal-to-Noise Ratio (SNR). This figure should be at least ___(#) dB or higher.

25

Frequency of Cat 5e, Cat 6, and Cat 6a

5e: 100 MHz, 6: 250 MHz, 7: 500 MHz

The __ standard defines a Wireless Mesh Network (WMN).

802.11s

(official) The Internet Key Exchange (IKE) protocol is the part of the IPSec protocol suite thathandles authentication and key exchange, referred to as Security Associations (SA).IKE is also referred to as Internet Security Association and Key ManagementProtocol (ISAKMP). IKE negotiations use UDP port 500. The negotiations take placeover two phases:

--Phase I establishes the identity of the two hosts and performs key agreement usingan algorithm called Diffie-Hellman to create a secure channel. Phase 1 is usuallyinitiated in Main Mode, which involves six messages. The alternative is AggressiveMode, which packs the information in these six messages into three messages. Thisis quicker but means that identifiers are exchanged in the clear. This may allow asnooper to perform a dictionary or brute-force password-guessing attack on theauthentication information.Diffie-Hellman key agreement establishes the shared secret used to sign thepackets for message integrity. Diffie-Hellman does not authenticate the endpoints,however. Two methods of authenticating hosts are commonly used: • PKI—The hosts use certificates issued by a mutually trusted CA to identify oneanother. This is the most secure mechanism but requires PKI architecture. • Pre-shared key—The same passphrase is configured on both hosts. A pre-sharedkey (PSK) is also referred to as group authentication, as a single password orpassphrase is shared between all hosts. Obviously, this is not very secure, as it isdifficult to keep the pre-shared key a secret known only to valid hosts. It can alsobe difficult to change the key. --• Phase II uses the secure channel created in Phase 1 to establish which ciphers andkey sizes will be used with AH and/or ESP in the IPSec session.

A SAN based on a Fibre Channel (FC) Switched Fabric (FC-SW)involves three main types of components:(describe)

-Initiator—:This is a host bus adapter (HBA) installed in the file or database server.• -Target—:The network port for a storage device. Typical devices include single drives,RAID drive arrays, tape drives, and tape libraries. Space on the storage devices isdivided into logical volumes, each identified by a 64-bit logical unit number (LUN).The initiator will use SCSI, Serial Attached SCSI (SAS), or SATA commands to operate the storage devices in the network, depending on which interface they support.Most devices have multiple ports for load balancing and fault tolerance.The initiators and targets are identified by 64-bit WorldWide Names (WWN), similarto network adapter MAC addresses. Collectively, initiators and targets are referredto as nodes. Nodes can be allocated their own WWN, referred to as a WWNN(WorldWide Node Name). Also, each port on a node can have its own WorldWidePort Name (WWPN).• -FC switch—:This provides the interconnections between initiators and targets (afabric). The switch topology and interconnections would be designed to providemultiple paths between initiators and targets, allowing for fault tolerance and loadbalancing. High performance FC switches are often referred to as directors.

Configuration managementmeans identifying all components of ICT infrastructure(hardware, software, and procedures) and their properties. Change managementmeans putting policies in place to reduce the risk that changes to these componentscould cause service disruption (network downtime). ITIL® is a popular documentationof good and best practice activities and processes for delivering IT services. Under ITIL,configuration management is implemented using the following elements: (4) (Describe)

-Service assets: are things, processes, or people that contribute to the delivery of anIT service.• -A Configuration Item (CI): is an asset that requires specific managementprocedures for it to be used to deliver the service. Each CI must be identified bysome sort of label. CIs are defined by their attributes, which are stored in aConfiguration Management Database (CMDB). -•Baseline—:A fundamental concept in configuration management is the baseline.The baseline represents the way it was. A baseline can be a configuration baseline(the ACL applied to a firewall, for instance) or a performance baseline (such as thethroughput achieved by a server). -• A Configuration Management System (CMS): is the tools and databases thatcollect, store, manage, update, and present information about CIs. A small networkmight capture this information in spreadsheets and diagrams; there are dedicatedapplications for enterprise CMS.

The main difficulty in implementing a workable configuration management system is indetermining the level of detail that must be preserved. This is not only evident incapturing the asset database and configuration baseline in the first place, but also inmanaging moves, adds, and changes (MACs) within the network infrastructure. Interms of network tasks, a CMS will require that configuration changes be made onlywhen there is a valid job ticket authorizing the change. This means that the activity ofall network personnel, whether it be installing new devices or troubleshooting, is recorded in job logs. In a fully documented environment, each task will be governed bysome sort of procedure. Formal configuration management models often distinguishbetween two types of procedural documentation: (2) (Describe)

-Standard Operating Procedure (SOP)—:Sets out the principal goals andconsiderations (such as budget, security, or customer contact standards) forperforming a task and identifies lines of responsibility and authorization forperforming it. -•Work instruction—:Step-by-step instructions for performing an installation orconfiguration task using a specific product or technology and credentials.

Provisioning separate Fibre Channel adapters and cabling is expensive. As its namesuggests, Fibre Channel over Ethernet (FCoE) is a means of delivering Fibre Channelpackets over 10G Ethernet cabling, NIC/HBAs [referred to as converged networkadapters (CNAs)], and switches. FCoE uses a special frame type, identified by theEtherType value __

0x8096

A network engineer at a major company is measuring the error rate of the network during a monthly network review. They calculate the error rate to be almost 9%. List the maximum tolerable error rate in most situations.

1%

PoE switches are referred to as endspan (or endpoint) power sourcing equipment(PSE). If an existing switch does not support PoE, a device called a power injector (ormidspan) can be used. Power can either be supplied over pairs

1/2 and 3/6 (referred toas Mode A or phantom power, as these are the ones also used for data in 10/100BASE)or over 4/5 and 7/8 (Mode B). Gigabit Ethernet only uses the Mode A method.

Using fiber optic cabling,an FC fabric can be up to __ in length using single mode cable or __ using multimode cable.

10 km (6 miles); 500 m(1640 ft)

What is World Wide Name (WWN)?

A SAN based on a Fibre Channel (FC) Switched Fabric (FC-SW)involves three maintypes of components: • Initiator—This is a host bus adapter (HBA) installed in the file or database server. • Target—The network port for a storage device. Typical devices include single drives,RAID drive arrays, tape drives, and tape libraries. Space on the storage devices isdivided into logical volumes, each identified by a 64-bit logical unit number (LUN).The initiator will use SCSI, Serial Attached SCSI (SAS), or SATA commands to operate the storage devices in the network, depending on which interface they support.Most devices have multiple ports for load balancing and fault tolerance.The initiators and targets are identified by 64-bit WorldWide Names (WWN), similarto network adapter MAC addresses. Collectively, initiators and targets are referredto as nodes. Nodes can be allocated their own WWN, referred to as a WWNN(WorldWide Node Name). Also, each port on a node can have its own WorldWidePort Name (WWPN). •FC switch—This provides the interconnections between initiators and targets (afabric). The switch topology and interconnections would be designed to providemultiple paths between initiators and targets, allowing for fault tolerance and loadbalancing. High performance FC switches are often referred to as directors.

What is a Web application firewall? (WAF)

A firewalldesigned specifically to protect softwarerunning on web servers and their backenddatabases from code injection and DoSattacks.

A system sends a message that the system has matched a pattern that should be recorded. Evaluate event management in logging system and determine what the system is providing. A. Notification B. Alert C. Heartbeat D. Threshold

A. (A notification is the message that a system sends to report the occurrence of an alert. A high priority alert may be displayed in the system dash board. An alert means that the system has matched a pattern or filter that should be recorded and highlighted. Alerts can be generated by set thresholds. Most network monitors support heartbeat tests so that administrators can receive an alert if a device or server stops responding to probes. Alerts can be generated by setting thresholds for performance counters. Examples include packet loss, link bandwidth drops, and delay or jitter in real-time applications.)

A SAN based on a Fibre Channel (FC) Switched Fabric (FC-SW)involves three main types of components: -Target—:The network port for a storage device. Typical devices include single drives,RAID drive arrays, tape drives, and tape libraries. Space on the storage devices isdivided into logical volumes, each identified by a 64-bit

logical unit number (LUN).The initiator will use SCSI, Serial Attached SCSI (SAS), or SATA commands to operate the storage devices in the network, depending on which interface they support.Most devices have multiple ports for load balancing and fault tolerance.The initiators and targets are identified by 64-bit WorldWide Names (WWN), similarto network adapter MAC addresses. Collectively, initiators and targets are referredto as nodes. Nodes can be allocated their own WWN, referred to as a WWNN(WorldWide Node Name). Also, each port on a node can have its own WorldWidePort Name (WWPN).•

A SAN based on a Fibre Channel (FC) Switched Fabric (FC-SW)involves three main types of components: -Target—:The network port for a storage device. Typical devices include single drives,RAID drive arrays, tape drives, and tape libraries. Space on the storage devices isdivided into logical volumes, each identified by a 64-bit logical unit number (LUN).The initiator will use SCSI, Serial Attached SCSI (SAS), or SATA commands to operate the storage devices in the network, depending on which interface they support.Most devices have multiple ports for load balancing and fault tolerance.The initiators and targets are identified by 64-bit WorldWide Names (WWN), similarto network adapter MAC addresses. Collectively, initiators and targets are referredto as

nodes. Nodes can be allocated their own WWN, referred to as a WWNN(WorldWide Node Name). Also, each port on a node can have its own WorldWidePort Name (WWPN).•

A network diagram that is intended to organize the Physical layer (Layer 1 odf the OSI model) will typically show the __(3) of cable links.

physical locations, lengths and types

PoE switches are referred to as endspan (or endpoint) power sourcing equipment(PSE). If an existing switch does not support PoE, a device called a __ can be used.

power injector

PSE stands for

power sourcing equipment(PSE).

PoE switches are referred to as endspan (or endpoint) __

power sourcing equipment(PSE).

Netflow is one example of a packet flow monitor that could be used to record network performance metrics. Other options include (2)

sFlow and jFlow by Juniper.

Configuration managementmeans identifying all components of ICT infrastructure(hardware, software, and procedures) and their properties. Change managementmeans putting policies in place to reduce the risk that changes to these componentscould cause service disruption (network downtime). ITIL® is a popular documentationof good and best practice activities and processes for delivering IT services. Under ITIL,configuration management is implemented using the following elements: -A Configuration Item (CI): is an asset that requires specific managementprocedures for it to be used to deliver the service. Each CI must be identified bysome sort of label. CIs are defined by

their attributes, which are stored in aConfiguration Management Database (CMDB).

When you are determining the placement of a WAP or WRE, it is important to considerthe location, distance from router, number of devices transmitting on the samefrequency, and structural barriers (walls, floors, and ceilings). It is also important tounderstand the material used in the interior or exterior surfaces, and the cablingrunning through your walls. Best practice is to place the WAP or WRE in a centralized,open area away from other appliances or electronic devices such as TVs. If placingdevices on different floors, ensure that they are in similar locations on each floor.You can also configure multiple access points to cover a larger area. This is referred toas a wireless distribution system (WDS). As with configuring extenders, you must setthe APs to use the same channel, SSID, and security parameters. You need to put theAPs into WDS/repeater mode. One AP is configured as a base station, while the othersare configured as remote stations. The base station can be connected to a cabledsegment. The remote stations must not be connected to cabled segments. The remotestations can accept connections from wireless stations and forward all traffic to thebase station.Another use for WDS is

to bridge two separate cabled segments. When WDS isconfigured in bridge mode, the APs will not support wireless clients; they simplyforward traffic between the cabled segments. You cannot use WREs for this bridgingfunction.

When you are configuring the SSID for the WRE, initiate the setup wizard (if available),and when prompted for the SSID, enter the name identically to the original SSID of theAP or wireless router that is being extended. When you complete the configuration, theextender will then replicate that SSID when broadcasting the signal. The SSID for theextender is typically denoted as the original SSID appended by an additional character(or unique identifier) after the original SSID.When you are determining the placement of a WAP or WRE, it is important to considerthe location, distance from router, number of devices transmitting on the samefrequency, and structural barriers (walls, floors, and ceilings). It is also important tounderstand the material used in the interior or exterior surfaces, and the cablingrunning through your walls. Best practice is to place the WAP or WRE in a centralized,open area away from other appliances or electronic devices such as TVs. If placingdevices on different floors, ensure that they are in similar locations on each floor.You can also configure multiple access points to cover a larger area. This is referred toas a

wireless distribution system (WDS). As with configuring extenders, you must setthe APs to use the same channel, SSID, and security parameters. You need to put theAPs into WDS/repeater mode. One AP is configured as a base station, while the othersare configured as remote stations. The base station can be connected to a cabledsegment. The remote stations must not be connected to cabled segments. The remotestations can accept connections from wireless stations and forward all traffic to thebase station.