Networking Study Guide
What is the industry standard data center rack width?
19 inches
The IEEE standard for STP is _______.
802.1d
_______ is another component that aids in QoS. It is a field in an IP packet that enables different levels of service to be assigned to network traffic.
DSCP
______ uses a combination of MD5 hashing and a challenge-response mechanism, and authenticates without sending passwords as plaintext over the network. The security of the MD5 hash function is severely compromised.
CHAP
The ______ record type maps multiple canonical names (aliases) to an A record.
CNAME DNS
______ is a parameter used in data and voice protocols to differentiate the types of payloads contained in the packet being transmitted. It aids Quality of Service (QoS) by assigning priorities to the data payload or access levels to the telephone call.
COS
What is a distinct advantage of omni-directional antennas over directional antennas?
Coverage area
_______ is the Fast Ethernet fiber cable specification.
100Base-FX
________ is Fast Ethernet.
100Base-TX
________ is an example of a common gateway address.
192.168.1.1
If you link two 1 Gb/s ports on a switch, what is the resulting speed of the aggregate?
2 Gb/s
A manager comes to you and demands that you only allow file transfers, file copying, and remote connectivity to Linux servers via secure protocols. Which port(s) must you allow through the firewall to accommodate their request?
22
Secure File Transfer Protocol (SFTP), Session Control Protocol (SCP), and Secure Shell (SSH) all use port ____.
22
________ is a multicast broadcast entry that identifies the address for sending multicast transmissions.
224.0.0.0
An IP address is a binary address assigned to a computer so that it can communicate with other computers and devices on a Transmission Control Protocol/Internet Protocol (TCP/IP) network. IPv4 addresses are _____ bits in length, while IPv6 addresses are _____ bits long.
32, 128
________ features good coverage within 70 meters, compatibility with 5 GHz and 2.4 GHz devices, and transmission speeds of 150 Mbps or more.
802.11n
What is the IEEE standard designation for the Spanning Tree Protocol (STP)?
802.1d
A standard for securing networks by implementing EAP as the authentication protocol over either a wired or wireless Ethernet LAN, rather than the more traditional implementation of EAP over PPP.
802.1x
An IEEE standard used to address the need for MAC-sub-layer addressing in bridges.
802.2 standard
An IEEE standard used to standardize Ethernet and expand it to include a wide range of cable media.
802.3 standard
Which standard describes Power over Ethernet (PoE) technology that enables networks to deliver electrical power and standard data over Ethernet cabling, with up to 15.4 W of DC power supplied to each powered device and with 12.95 W being assured due to power dissipation during delivery?
802.3af
The _______ record maps a host name to its IP address using a 128-bit IPv6 address.
AAAA DNS
An attacker with the intent of using ________ will first have to gain access to the target network.
ARP-related security flaws
________ is a listing containing one or more ACE that tells a computer operating system or other network device what rights users have to each item on a computer or network device. For example, an _______ may specify if a user or the users group have access to a file or folder on that computer or network.
Access Control List
An ________ is a very powerful feature, but it comes at a cost. The processing overhead incurred in analyzing every individual packet passing through the filter is extremely resource intensive. In addition, ________ are typically expensive.
Application-layer gateway
________ is an encryption technique that uses a different key to encrypt and decrypt the information. By using a different key, this prevents someone from creating a decryption key from the encryption key and helps the encrypted data stay even more secure.
Asymmetric encryption
_______ is a contention-based medium, which means that bandwidth is impacted by the number of nodes within the group. If a lot of people are using the Internet at the same time, speed is usually affected.
Cable
(CHAP)
Challenge-Handshake Authentication Protocol
A user's computer checks out as functional, but cannot get a good network connection. What do you test next?
Check the network cable for end-to-end connectivity with a cable tester.
________ addresses provide a balance between the number of network addresses and the number of nodes per network. Most organizations lease _______ addresses for use on networks that connect to the Internet. The technical definition of a _______ address is any address where the first octet (on the left) begins with 10.
Class B
________ addresses are set aside to support multicast transmissions. Any network can use them, regardless of the base network ID. A multicast server assigns a single _______ address to all members of a multicast session. There is no subnet mask. _______ addresses are routable only with special support from routers. The technical definition of a _______ address is any address where the first octet (on the left) begins with 1110.
Class D
________ addresses are set aside for research and experimentation. The technical definition of a ______ address is any address where the first octet (on the left) begins with 1111.
Class E
_________ are used to connect like devices, such as device to device, switch to switch, or router to router.
Crossover cables
______________ is an operating mode in which the switch forwards a data packet as soon as it receives it, without performing any error checking or packet processing.
Cut-through switching
A _______ is performed using legitimate traffic against a system or systems with malicious intent.
DDoS attack
_______ uses ports 67 and 68, which are likely denied in your firewall. Check the firewall, allow the ports, and then attempt to acquire an IP address again.
DHCP
_______ uses information from the DHCP server to track the physical location of hosts, ensure that hosts only use the IP addresses assigned to them, and ensure that only authorized DHCP servers are accessible.
DHCP snooping
______ uses port 53 on both UDP and TCP. You have to be sure that both are allowed in the firewall.
DNS
__________ involve a new mechanism that increased the amplification effect, using a much larger list of DNS servers than seen earlier. SNMP and NTP can also be exploited as reflector in an amplification attack.
DNS amplification attacks
(DES)
Data Encryption Standard
_______ offers a slower method of Internet access over a public switched telephone network (PSTN).
Dial-up
A ________ attack is a type of DoS attack that uses multiple computers on disparate networks to launch the coordinated attack from many simultaneous sources. These can sometimes be difficult to differentiate from traffic spikes when they first begin. The attacker introduces unauthorized software called a zombie or drone that directs the computers to launch the attack.
Distributed Denial of Service
_________ collect data from multiple access routers and redistribute them to an enterprise location. Their capabilities are greater than those of regular access routers.
Distribution routers
A ______ has an obvious symptom but usually no quick solution. Most _______ are network-based, where the network is being flooded with traffic. The only fix for a network-based _______ is to wait for it to stop.
DoS attack
_______ is a UNIX/Linux command-line tool that can be used to display name server information. Some experts consider it to be generally easier to use than nslookup, and that it supports more flexible queries and is easier to include in command scripts. It is included with the BIND version of DNS, and can be downloaded from many UNIX and Linux resource sites on the Internet.
Domain Internet Groper
(DNS)
Domain Name System
________ is the process of adding delivery information to the actual data transmitted on each layer. _______ takes place on the transmission end as data is passed down the layers.
Encapsulation
_____is a set of networking technologies and media access methods specified for LANs.
Ethernet
In troubleshooting fiber cable connections, other than physical damage, what physical problems can a fiber cable have that hinders signal transmission?
Excessive bends
_________ is a protocol that enables systems to use hardware-based identifiers, such as fingerprint scanners or smart card readers, for authentication. _____ categorizes the devices into different _____ types depending on each device's authentication scheme. The ______ method associated with each type enables the device to interact with a system's account database.
Extensible Authentication Protocol
A ________ is a tubular structure made of ceramic or metal that supports the fiber.
Ferrule Connector
_____ is a technology for transmitting data between computer devices at data rates of up to 16 Gbps. Optical fiber is not required for ________. It works by using coaxial cable and ordinary telephone twisted pair.
Fibre Channel
________ includes searching logs to determine when events occurred on a network. Analysis tools allow you to search logs simultaneously based on patterns or time ranges to speed the discovery of breaches or anomalies.
Forensic analysis
________ is a WAN protocol that functions at the Physical and Data Link layers (Layers 1 and 2) of the OSI model. It is a packet-switched technology that allows transmission of data over a shared network medium and bandwidth using virtual circuits.
Frame Relay
_______ delivers increased performance with reduced network complexity and offers a pay-as-you-go structure. However, the bursty nature of traffic in a Frame Relay cloud, along with the use of variable-length frames, makes it difficult to provide QoS.
Frame relay
A _________ is a situation where a website ends up denied because of a sudden enormous spike in popularity. This can happen when an extremely popular website posts a prominent link to a second, less well-prepared site, for example, as part of a news story.
Friendly DOS attack
________ is also called bi-directional transmission. If someone speaks about duplex transmissions, they are likely referring to ___________.
Full duplex mode
A host name combined with the host's domain name forms the node's _______.
Fully Qualified Domain Name
_______ connect incompatible systems by stripping encapsulation of the incoming protocol and re-encapsulating it in the outgoing protocol.
Gateways
_________ is a tunneling protocol that encapsulates network layer protocols.
Generic Routing Encapsulation
When a WAN includes sites and networks around the world, it is considered a ________.
Global Area Network
_______ is the application-level throughput, i.e. the number of useful informational bits delivered by the network to a certain destination per unit of time.
Goodput
The best solution is to use a ______ to monitor and audit user traffic. Automate the monitoring as much as possible to prevent activity from being overlooked.
HIDS
___________ refers to a family of technologies based on the 3GPP Release 5 specification, which offers high data rate services in mobile networks.
High Speed Packet Access
_________ is a set of MAC and physical layer specifications for implementing a WLAN.
IEEE 802.11
_____ are protocols that are responsible for exchanging routing information between gateways within an AS. Examples of ______ include RIP, OSPF, EIGRP, IS-IS, and IGRP.
IGPs
_______ is analogous to POP in that they are both used to transfer email from an email server.
IMAP
An _____ is simply an identifier for a device on a Transmission Control Protocol Internet Protocol (TCP IP) network.
IP address
An _______ consists of two portions: the network address portion that is common to all hosts and devices on a physical network, and the host address portion, which is unique to the individual host. For instance, suppose that you have an IP address of 192.168.10.1, with a subnet mask 255.255.0.0. This means that 192.168 is the network ID, and 10.1 is the host ID.
IP address
An _______ is a unique binary address assigned to a computer so that it can communicate with other computers and devices on a Transmission Control Protocol/Internet Protocol (TCP/IP) network.
IP address
_______ operates mainly at Layer 2 of the TCP/IP protocol stack and is generally performed by a screening router, although other network devices can also perform ________.
IP filtering
A method of bypassing security measures on a network or a method of gaining access to a network by imitating a different IP address.
IP spoofing
An _________ is a type of software attack where an attacker creates IP packets with a forged source IP address and uses those packets to gain access to a remote system. One sign of an IP spoofing attack is a network packet from an external source that appears to have an internal source address.
IP spoofing attack
_______ is an arrangement whereby instead of purchasing equipment and running your own data center, you rent those resources as an outsourced service.
IaaS
_________ is an authentication infrastructure that you can rent from a service provider. Essentially, it provides single sign-on capabilities for the cloud. It is an approach to digital identity management in which an organization or individual performs an electronic transaction which requires identity data managed by a service provider. Functionality includes authentication, registration, identity verification, federation, risk and activity monitoring, roles and entitlement management, provisioning and reporting others.
Identity as a Service
A user reports that she is able to contact her network printers and a file server located on her floor, but she is unable to browse the Internet or to connect to a remote system on another floor. What is likely her problem?
Incorrect or missing default gateway
If a network segment experiences frequent broadcast storms, what can you do to prevent them?
Install a managed switch and enable Spanning Tree Protocol
____________ uses digital channels for data transmission over conventional telephone lines.
Integrated Services for Digital Network
_______ is an authentication service that is based on a time-sensitive ticket-granting system.
Kerberos
______is backwards compatible with GSM and HSPA.
LTE
The time delay for a packet to go from a source to a destination and back to the source.
Latency
______ is the Physical layer and cabling and wiring of all types are part of this layer.
Layer 1
_______ is the Network layer and cabling and wiring of all types are part of this layer.
Layer 3
________ is the Session layer and Transmission Control Protocol (TCP) and User Datagram Protocol (UDP) ports are both a part of this layer. This layer is also referred to as the ________.
Layer 5, port layer
_______ is the Application layer and email protocols all operate at this layer.
Layer 7
What type of entity or object is a virtual LAN (VLAN)?
Logical
____________ depict how data moves through a network and don't attempt to show any physical relationships between nodes.
Logical network diagrams
(LTE)
Long Term Evolution
A ________ is a virtual network interface that network applications can communicate with when executing on the local machine. The ________ has no hardware associated with it, and it is not physically connected to a network.
Loopback interface
The advantage of ________ is increased communications performance.
MIMO
_______ is considered to exist somewhere between Layers 2 and 3 of the OSI model. It can travel over PPP, Frame Relay, or ATM at Layer 2, and its labels are read and rewritten by Layer 3 routers.
MPLS
In most VPNs, data encryption is accomplished by either _____or _____.
MPPE, IPSec
_______ is a Microsoft extension of CHAP that is specifically designed for authenticating remote Windows workstations.
MS-CHAP
________, also known as Fiber Jack, is a compact snap-to-lock connector used with multimode fiber. It is similar in size to an RJ-45 connector.
MT-RJ
______ describes the size of the largest protocol data unit that the layer can pass onwards, and is expressed in bytes. The standard ______ of an Ethernet frame is 1,500 bytes, but this can be surpassed in jumbo frames.
MTU
The ______ was developed by Cisco as an alternative to H.323.
Media Gateway Control Protocol
_________ is a process by which all nodes are logically separated from each other until there is a need to connect them.
Microsegmentation
________ is a form of multiplexing, which is a controlled media access method where a central device combines signals from multiple nodes and transmits the combined signal across a medium.
Modulation
________ is any authentication scheme that requires validation of at least two of the possible authentication factors. It can be any combination of who you are, what you have, and what you know.
Multifactor authentication
_______ provides a method for spreading traffic across multiple distinct PPP connections.
Multilink PPP
__________ is a high-performance, multi-service switching technology that is used in packet data networks. It is defined by a set of IETF specifications that enable Layer 3 devices such as routers to establish and manage network traffic. It ensures faster switching of data as it follows label switching that helps save processing time of packets by the label-switching routers.
Multiprotocol Label Switching
______ implementations are generally implemented to vet mobile devices for network access. And the new bring-your-own-device policies make this process even more critical to businesses, since personal devices might have been jailbroken or otherwise compromised by malware or other hacks.
NAC
_______ conceals internal addressing schemes from external networks.
NAT
_____ have produced the highest volume and highest bandwidth attacks ever witnessed by many security firms.
NTP amplification attacks
_______ provides network-based services through the cloud, including monitoring and Quality of Service (QoS) management.
NaaS
You are checking a particular area of your network and note significant signal loss. What could be the problem?
Near-end cross-talk
In a Transmission Control Protocol/Internet Protocol (TCP/IP) network, _______ clients, such as Windows systems, use ________ over TCP/IP to connect to servers, and then issue SMB commands to complete tasks such as accessing shared files and printers.
NetBIOS
To deny _______, deny ports 137, 138, and 139 in your firewall rules.
NetBIOS
Common tools that are used for war driving and war chalking include NetStumbler, Kismet, Aircrack, and Airsnort.
NetStumbler, Kismet, Aircrack, Airsnort
A ________ is a hardware component that helps connect a computer to a network.
Network Controller
___________ provides network-based services through the cloud, including monitoring and Quality of Service (QoS) management.
Network as a Service
A honeypot's purpose is to attract attention and any attacks. _______ prevents the attacker from traversing the network into production systems.
Network segmentation
(OCx)
Optical Carrier x
A variation of TDR that transmits light-based signals of different wavelengths over fiber optic cabling to determine cabling issues.
Optical Time-Domain Reflectometer
Both _____and ______are tunneling protocols that increase traffic security through data encryption.
PPTP, L2TP
_______ enables you to rent a fully configured system that is set up for a specific purpose.
PaaS
(PAP)
Password Authentication Protocol
Identify a quick test for Domain Name System (DNS) connectivity.
Perform an nslookup using a system's or a site's name.
A ________ is an attack that damages a system so badly that it requires replacement or reinstallation of hardware. A _______ attack exploits security flaws which allow remote administration on the management interfaces of the victim's hardware, such as routers, printers, or other networking hardware. The attacker uses these vulnerabilities to replace a device's firmware with a modified, corrupt, or defective firmware image.
Permanent DoS
(PPP)
Point-to-Point Protocol
(PPPoE)
Point-to-Point Protocol over Ethernet
(PTR)
Pointer
_______ jacketed cabling is inexpensive and flexible. The ______ cable is also referred to as the non-plenum cable. However, when _____ burns, it gives off noxious or poisonous gases. Additionally, _____ jacketing is not formed tightly to the conductors it contains. Tests show that fire can travel within a PVC cable, passing through firebreaks.
Polyvinyl chloride
_______ is a subset of dynamic NAT functionality that maps either one or more unregistered addresses to a single registered address using multiple ports.
Port Address Translation
_____ enables a permanent translation entry that maps a protocol port on a gateway to an IP address and protocol port on a private LAN. Network clients cannot see that _____ is being done. This allows communications from external source to a destination within a private LAN. For example, a remote computer could to connect to a specific computer or service within a private LAN using _____.
Port Forwarding
_______ enables a permanent translation entry that maps a protocol port on a gateway to an IP address and protocol port on a private LAN.
Port forwarding
You have a directive to use Dynamic Host Configuration Protocol (DHCP) on your network to alleviate the need to manage hundreds of static IP addresses. You've tried implementing it, yet none of your systems can acquire an IP address. What is likely the problem?
Ports 67 and 68 are denied in the firewall.
If you conduct a network security assessment by collecting data on security agents such as antivirus and personal firewalls and Windows Registry settings, what is this type of assessment known as?
Posture Assessment
________ are exposed, at least in part, to the Internet. This exposure makes them more vulnerable to attacks. Sometimes, these ________ are referred to as DMZs to designate their lack of protection outside the corporate firewall.
Public networks
(QoS)
Quality of Service
________ is a protocol that enables a server to provide standardized, centralized authentication for remote users.
RADIUS
An _____ cable is a very common type of coaxial cable that is typically used in routing cable television signals.
RG6
An _____ cable is a coax cable with a solid core that is used for Ethernet networking.
RG8
What is one significant advantage that 2.4 GHz networks have over 5.0 GHz networks?
Range
______ describes the content of a multimedia communication session.
SDP
(RAS)
Remote Access Service
_______ is used specifically for Microsoft's Remote Desktop system.
Remote Desktop Protocol
________ uses port number 3389, so you have to allow that port through your firewall.
Remote Desktop Protocol
_________ provide access to the internal network for remote clients.
Remote access services
_________ are used to connect a device to a router's console port. In this type of cable, one end of the cable is wired exactly the opposite of the other end of the cable.
Rollover cables
In _______, the firewall is considered to be a router hop in the network. It can perform NAT between connected networks, and can use OSPF or RIP (in single context mode). _______ supports many interfaces where each is on a different subnet.
Routed mode
______ is the process of selecting the best route for transferring a packet from a source to its destination on a network.
Routing
Identify the major difference between the Session Initiation Protocol (SIP) and the Real-Time Transport Protocol (RTP).
SIP doesn't transport data.
_______ is includes different network monitoring tools.
SIEM
To find related errors, filter the capture for ______ and read through the errors until you find the malformed packet entry.
SMB2
_____ is a security protocol that protects sensitive communication from being eavesdropped and tampered with.
TLS
_______ is the unsecure protocol because its authentication is passed in cleartext.
SNMP
An ________ consists of three key components: network-connected devices, SNMP agents, and a management station.
SNMP-managed network
A _______ is a small network that can comprise up to 10 nodes. _________s can either be wired or wireless. The upper limit of 10 nodes is the generally accepted limit, but you might encounter __________s that include more than 10 nodes.
SOHO network
The _________, like any LAN or WAN, benefits greatly from an infrastructure topology because of its stability and permanence.
SOHO network
_____ is the standard for synchronous data transport over a fiber optic cable. It is the U.S. version of the standard published by ANSI.
SONET
_______ is a standard for data transport over a fiber optic cable.
SONET
_______is the standard for synchronous data transport over a fiber optic cable. It is the U.S. version of the standard published by ANSI.
SONET
The ________ gives you a secure command line shell login to a remote system.
SSH protocol
_________ are continuous announcements by a wireless access point that transmits the name of the access point in order to be discoverable by wireless devices searching for a network connection. By disabling ________, clients that wish to connect to the access point must manually specify the name of the access point. This can help prevent unauthorized devices from getting on the network.
SSID broadcasts
An _______ is a VPN format that works within a web browser. This means that a separate dedicated VPN client is not needed.
SSL VPN
Both an _____ and ______ use tunneling to encapsulate and encrypt data.
SSL VPN, VPN
__________ are just a form of VPNs that operate through a web browser, and do not require the installation of a separate client.
SSL VPNs
_______ is a Layer 2 protocol used to prevent switching loops.
STP
______ enables a service provider to make applications available over the Internet. This gives you an alternative to installing software on user computers, and it can be helpful for mobile or transient workforces. A common example of ______ is Google AppsTM.
SaaS
_______ provides for long-range, global wide area network (WAN) transmissions.
Satellite Internet access
For years, your users have used File Transfer Protocol (FTP) to update files on websites, but you have decided to use more secure protocols for all your services. Which protocol will you substitute for FTP?
Secure File Transfer Protocol
______ is the protocol Windows systems use to browse other systems and shared resources.
Server Message Block
STP is short for __________.
Shielded Twisted Pair
_________ include foil wrapper shielding around the conductors to improve the cable's resistance to interference and noise.
Shielded twisted pair cables
________ is an Application-layer (Layer 7) protocol used to collect information from network devices for diagnostic and maintenance purposes. _______ includes two components: management systems and agent software, which are installed on network devices such as servers, routers, and printers. The agents send information to an ________manager. The _______manager can then notify an administrator of problems, run a corrective program or script, store the information for later review, or query the agent about a specific network device.
Simple Network Management Protocol
______ is a convenience mechanism used in enterprise networks where multiple, unrelated authentication systems exist. _______ is designed to make security easier for users, but this ease of use comes at a potential cost. ______ passwords must be ultra-secure.
Single sign-on
________ can be considered one form of reflected attack, as the flooding hosts send Echo Requests to the broadcast addresses of mis-configured networks, thereby enticing hosts to send Echo Reply packets to the victim.
Smurf Attacks
A ______ is a collection of Internet-connected programs communicating with other similar programs in order to perform tasks which can be used to send spam email or participate in DDoS attacks.
botnet
(STP)
Spanning Tree Protocol
The _______ is a Layer 2 protocol used to prevent switching loops. Whenever there are redundant paths between switches, where either two switches are connected using two different links or a ring of switches connected to each other, a switching loop will occur.
Spanning Tree Protocol
________ is a Layer 2 protocol used to prevent switching loops.
Spanning Tree Protocol
_______ has the greatest potential to collect personal data, watch keystrokes, or grab user names and passwords from a user's computer or live session.
Spyware
No one on your network segment can connect to the Internet, nor can you connect to or ping other machines on the same segment. What do you suspect has happened?
Switch is offline
______ make forwarding decisions based on Layer 2 (MAC) addresses. They do this through a process called microsegmentation, in which all nodes are logically separated from each other until there is a need to connect them.
Switches
________ is not a native Windows application, even in Windows Server 2012. You'll have to download and install the syslog agent for Windows operating systems.
Syslog
System and network monitoring software that runs on UNIX systems and offers both a command-line and web interface to monitor network and system devices.
System and Network Integrated Polling Software
The ________ is a digital and packet-switched system designed to carry multiplexed telephone connections. It makes communications more scalable than analog, circuit-switched systems.
T-carrier system
________ and ________ are authentication protocols that provide centralized authentication and authorization services for remote users.
TACACS, TACACS+
______ uses port 23 and ______ uses port 22
Telnet, SSH
If users report Terminal Access Controller Access Control System (TACACS) login failures, where should you look to find the root cause?
The BIG-IP log files
___________ is a network protocol for configuring IPv6 hosts with IP addresses, IP prefixes and other configuration data required to operate in an IPv6 network.
The Dynamic Host Configuration Protocol version 6
In _______, a communication channel is divided into discrete time slots. Each node on a network is assigned a time slot, and each sender is given exclusive access to the medium for a specific period of time.
Time-division multiplexing
Some members of your staff suggest using one of the network booting protocols so that they can relieve some of the company's desktop support costs. You agree, but have to allow the protocol through the firewall for it to function. Which protocol and port do you allow?
Trivial File Transfer Protocol
________ uses port 69.
Trivial File Transfer Protocol
A _______ is a PC connection that allows you to connect peripherals to a single port with high performance and minimal device configuration.
USB cable
A ________ is the client-side device that allows the user to use unified communications services. These are items such as headsets, webcams, VoIP phones, and so on.
Unified Communications device
A ________ connects your private UC network with a public network. It allows users to connect with the outside world, and also allows mobile users to connect from the outside into the private network.
Unified Communications gateway
Network studies and surveys assert that a majority of malicious attacks actually originate inside corporate walls, not from the outside. Assuming that is true, what can you do to detect and prevent system and service compromises caused by employees?
Use Host-based Intrusion Detection Systems for monitoring.
Identify a method of working around Address Resolution Protocol's (ARP's) inherent security problems.
Use software that checks the accuracy of the ARP table
_______ is a feature that allows administrators to grant or deny Internet access based on user names or group membership.
User security
Active Directory groups can be very confusing to implement correctly. What is the possible harm of group mishandling and sprawl?
Users may accidentally gain unnecessary privileges
___________ hopping is a method where an attacking host on a ______ gains access to traffic on other _______ that would normally not be accessible. There are two primary methods of ______ hopping: switch spoofing and double tagging:
VLAN
________ is a mechanism whereby wireless access points can choose among several different available VLANs to assign to incoming client connections. This strategy distributes and load balances wireless client traffic among multiple VLANs so that no single network segment is overwhelmed by too many wireless client connections.
VLAN pooling
________ is a mechanism whereby wireless access points can choose from among several different available VLANs to assign incoming client connections. This strategy distributes and load balances wireless client traffic among multiple VLANs so that no single network segment is overwhelmed by too many wireless client connections.
VLAN pooling
________, also known as frame tagging, is a method developed by Cisco to help identify packets traveling through trunk links.
VLAN tagging
________ is a device that incorporates advanced encryption and authentication methods to handle a large number of VPN tunnels. _______ are usually specifically geared towards secure remote access or site-to-site VPNs. They offer high performance, high availability, and very good scalability.
VPN concentrator
The act of using symbols to mark off a sidewalk or wall to indicate that there is an open wireless network which may be offering Internet access.
War chalking
_______ enables web proxies to cache web data for clients locally for improved response time.
Website caching
A _________ is a network that spans a large area, often across multiple geographical locations. _____ typically connect multiple LANs and other networks using long-range transmission media. Such a network scheme facilitates communication among users and computers in different locations. _____ can be private, such as those built and maintained by large, multinational corporations, or they can be public, such as the Internet.
Wide Area Network
A _______ is any exploit in an operating system, software program, or hardware device that is taken advantage of on the same day it is discovered. These flaws become known to the public when a malware program exploits the flaw and compromises the product, the computer, or the network connected to the computer. Because the company is not prepared with a fix, these exploits can cause serious issues and keep a system vulnerable until the company releases a solution to the issue. It can be difficult for companies to guard against a ________, but the best options for helping to protect against these occurrences include using an intrusion detection system, setting up network access control to prevent unauthorized computers from accessing a network and using Wi-Fi Protected Access (WPA or WPA2) security on wireless networks.
Zero-day exploit
________ is a single item contained within an ACL that contains information about the user or group and the associated permissions. In many cases, a single ACL can contain multiple ACEs.
access control entry
The _________ is the safest in case of a failure because it will fail to the passive NIC. You will have the same single NIC bandwidth, but with the safety factor of a "hot spare" NIC.
active-passive mode
IT administrators will often set up ________ so if the normal channels get hacked or compromised, they'll still have access to the system(s) through this backdoor route.
administrative backdoors
HTTP GET requests for large image files is a common _________. As you expect, the requests for large image files are made and the responses are very large in comparison to the requests.
amplification attack
The five characteristics of an analog signal are __________.
amplitude, cycle, frequency, phase, and wavelength
Term used to describe a person or computer that cannot be identified.
anonymous
Patching isn't always a perfect process and all systems are not created or maintained equally. Drivers and libraries in one system may differ from the others, so there are no guarantees that a patch will work on every system. A _______ usually means uninstalling an errant patch.
backout plan
A _________ is a technique in which digital signals are sent via DC pulses over a single, unmultiplexed signal channel.
baseband transmission
A ________ is a screw-on type connector with a tapered sleeve that is fixed against guided rings.
biconic connector
The __________ is put into place to assess and prevent unnecessary risks from being introduced into an environment due to hasty decisions and undocumented changes.
change management process
A __________ is a network in which servers provide resources to clients. Typically, there is at least one server providing central authentication services. Servers also provide access to shared files, printers, hardware storage, and applications. In client/server networks, processing power, management services, and administrative functions can be concentrated where needed, while clients can still perform many basic end-user tasks on their own.
client/server network
Both STP and UTP cables use ________ to identify the pairs of wires.
color coding
If you check your router's ________, you can see if the router's authentication is failing or if there's some other problem with the connection that shows up in the logs. Calling your provider will only work if there's not a general communications outage with your provider.
connection logs
The _______ is a single server and therefore a single point of failure for the corporate website.
corporate web server
A ________ is used to connect like devices, such as computer to computer, switch to switch, or router to router.
crossover cable
The purpose of _________ is to encrypt passwords or other messages so that they can be transmitted securely over potentially non-secure channels.
cryptographic hash functions
When a cable is ____, it is shorted. Often the short involves bare wire coming in contact with other conductive surfaces.
cut
In _______, the switch forwards a data packet as soon as it receives it. No error checking or processing of the packet is performed.
cut-through switching
Use the ________ to show you what's happening in real time while it happens so that you can track incoming and outgoing traffic.
debug interface
A ________, unlike an analog signal that can have many possible values, can have combinations of only two values: one and zero.
digital signal
Routers that are running a _________ such as Routing Information Protocol version 2 (RIPv2) or IGRP express the distance to the destination by the number of hops to the destination (known as a hop count). The number of hops refers to the number of intermediate devices that the data must travel to in order to reach its destination. It does not refer to the actual geographic distance between the source and destination.
distance-vector protocol
A _________ is where an attacking host connected on a 802.1q interface prepends two VLAN tags to packets that it transmits. The packet is forwarded without the first tag, because it is the native VLAN. The second (false) tag is then visible to the second switch that the packet encounters. This false VLAN tag indicates that the packet is destined for a target host on a second switch. The packet is then sent to the target host as though it originated on the target VLAN bypassing the network mechanisms that logically isolate VLANs from one another.
double tagging attack
A _______ is simply one that operates on two different frequencies (such as 2.4 GHz and 5.0 GHz). These are often used in Small Office/Home Office (SOHO) environments.
dual-band router
An ________ is a network located on the periphery of a centralized network. It is the one where an organization's network actually connects to the Internet, or to a provider's carrier network. It is the least secure of all the organization's networks. It is physically located on the customer's premises, and is a a link between the provider's dmarc and the organization's router.
edge network
The primary function of a GBIC or an SFP is to convert ______ into _______ and vice versa.
electrical signals, optical signals
An _______ is a rogue access point that appears to be legitimate and can be difficult or impossible to differentiate from a valid access point.
evil twin
A _________ is a network cable that transmits signals through light instead of a copper core.
fiber optic cable
The inner core of a _______ is made of glass through which the signal is transmitted. Even the slightest damage can decrease signal integrity.
fiber optic cable
Both shielded and unshielded cables typically contain ______ of stranded or solid conductors.
four pairs
In ____________, the switch scans the first 64 bytes of each packet for evidence of damage by a collision.
fragment-free switching
A _______ is a subset of an organization's network that is designed for temporary use by visitors. Typically, ________ provide full Internet connectivity while severely restricting access to the internal intranet. This helps keep an organization's internal information private, and helps avoid spreading any malware that visitors may have on their systems.
guest network
The ________ of communication permits two-way communications, but in only one direction at a time. When one device sends, the other must receive; then the devices can switch roles to transfer information in the other direction. _________ can use the full bandwidth of the medium because the transmission takes place in only one direction at a time.
half duplex mode,
A virtual firewall does not allow the host computer to act as a _________. A virtual router would be needed for this.
hardware router
In the _________ VPN connection model also, there are two types of networks—open and closed. In the case of an open VPN, the path between the end node and the IPSec gateway is not secured. In the case of a closed VPN, the path between the end node and the IPSec gateway is secured.
host-to-site
A virtual firewall operating in _______ mode resides in the core _______ kernel and monitors the virtual host machine's incoming and outgoing traffic.
hypervisor
________ is used to facilitate data transfers over intranets and to manage storage over long distances by carrying SCSI commands over IP networks. This type of SAN is popular because it does not require an investment in expensive Fibre Channel cabling, and can run along an existing Ethernet network.
iSCSI
The first stage in the troubleshooting process is to_________.
identify the problem
What are the fifth, sixth, and seventh stages of the CompTIA Network+ Troubleshooting model?
implement, verify, document
The _______ command provides you with network information for each network adapter. It also displays connection-specific DNS suffix, IP address, subnet mask, and default gateway information. Must be run from a command line.
ipconfig
A _________ is an Ethernet frame with a payload greater than the standard MTU of 1,500 bytes. _______ can be as large as 9,000 bytes, and are used on Local Area Networks (LANs) that support at least 1 Gbps.
jumbo frame
Changing the default IP address ______ would require additional configuration steps.
lease time
A ________ is not a certifier. A _______ only tests for end-to-end connectivity, but not transmission quality.
line tester
Distributing work evenly across servers for processing efficiency is the goal of ___________.
load balancing
Also known as network maps, network diagrams provide ________ and _______ for network devices.
location, routing information
A _______ is a record of actions and events performed on an operating system. There are three common types of log files: system, general, and history files.
log file
A ________ is simply a switch that can be configured by the user, and does not relate specifically to a switch that operates at Layers 4 through 7.
managed switch
The ______ is a database that has a top-down hierarchical structure
management information base
A ________ enables networks running on different media to interconnect and exchange signals.
media converter
A ________ enables networks running on different media to interconnect and exchange signals. Technically, a ________ is considered a transceiver because it transmits and receives signals. _______ are often built into other devices such as high-end switches.
media converter
The ______ command in Linux is equivalent to the pathping command, having the functionality of both the ping and the traceroute commands.
mtr
A _________ operates at Layers 2 and 3 of the OSI model. Content switches are sometimes considered to be another type of multilayer switch, but the term "___________" generally refers to switches that perform only limited routing functions at Layers 2 and 3.
multilayer switch
A ______is a tool that allows you to determine the voltage, current, and resistance along the cable.
multimeter
The _______ command displays extensive routing table information for troubleshooting.
netstat -r
A network analyzer is a software or hardware management tool that integrates diagnostic and reporting capabilities to provide a comprehensive view of an organization's network.
network analyzer
Basic _________ enable a technician to analyze network traffic on a LAN or DSL connection. ________ also have the ability to provide an administrator with an overview of systems and reports from one location on the network. Full-featured ________ offer a variety of monitoring, analyzing, and reporting functions.
network analyzers
The _______ is the common connecting point for all nodes in a network segment.
network switch
A ________ means that the DNS server that gave you the answer is not the source Domain Name System (DNS) server for that domain. The answer is accurate, reliable, and trustworthy.
non-authoritative response
If a port has a solid _______, this means the software inside the switch shut down the port, either by way of the user interface or by internal processes.
orange light
You would use a _______ program to sniff network traffic to grab URL information so that you can passively monitor Internet site information.
packet analyzer
A _________ is a form of traffic shaping. The goal of traffic shaping is to delay metered traffic such that each packet complies with the relevant traffic contract. This is common in Quality of Service (QoS) implementations in which traffic must not exceed the administratively defined rate.
packet shaper
A ___________ is a variant in which only some nodes have direct links to all other nodes. This helps reduce the complexity and cost of a full mesh setup, and also involves fewer redundancies.
partial mesh topology
The ________ command's value is in its capability of identifying routers or subnets with latency problems by displaying packet loss data.
pathping
A ________ often requires reimaging or reinstalling the operating system and all configurations due to the low-level hack that has taken place. Often, the system's firmware has been removed or replaced with a damaged one.
permanent DoS attack
The pathping command combines the functionality of _____ and _____.
ping, tracert
A _____ is a number that represents a process running on a network. Both clients and servers use _____ numbers to identify themselves.
port
A _____ is an agreed-upon format of data transmission between two devices
protocol
A _______ boosts the strength of a signal by regenerating it, which helps when dealing with greater transmission distances.
repeater
A _______ is a type of proxy server that retrieves resources on behalf of a client from one or mutliple servers.
reverse proxy
A _______ is a database created manually or by a route-discovery protocol that contains network addresses as perceived by a specific router.
routing table
There are _______ in the change management process.
seven stages
Cable and network professionals will sometimes refer to _______ as opens, referring to the fact that the electrical signal loop is open.
shorts
EMI disrupts the signal. The _______ decreases as the transmitting distance increases.
signal to noise ratio
A _______ is an analysis technique that determines the coverage area of a wireless network.
site survey
A ________ is an analysis technique that determines the coverage area of a wireless network.
site survey
In a _______ connection model, each node on the network is connected to a remote network, which may be separated by public or other unsecured networks. _______ VPNs may be either open or closed.
site-to-site
The ______ command line utility displays a list of all results that lie within the subtree rooted on the specified OID. ______ can also be used to display a single object if an exact instance of an OID is specified.
snmpwalk
An Ethernet frame includes the ______ computer MAC address and the _______ computer MAC address.
source, destination
One workaround to the count-to-infinity problem is the ________, where a router does not include any routes to the router from which it discovered its own location in its broadcasts.
split horizon method
A ________ is used to connect unlike devices, such as computers, to hubs or switches. These cables are also known as patch cables.
straight-through cable
A ________ is similar to a Straight Tip (ST) connector and is typically used where water or other environmental factors necessitate a waterproof connection, unlike a bayonet-style connector.
subminiature connector
A ________ listens for the MAC addresses of all the nodes plugged into it, and builds a table in memory that maps each MAC address with its associated port.
switch
A _________is a network device that acts as a common connecting point for various nodes or segments. Working at Layer 2 of the OSI model, switches make forwarding decisions based on Layer 2 (MAC) addresses.
switch
Working at Layer 2 of the OSI model, _______ make forwarding decisions based on Layer 2 (MAC) addresses.
switches
You have blocked a vulnerable Transmission Control Protocol (TCP) port on your network—3333, for example—and you want to test your firewall's rule for it. What simple command would you use to test the port block from outside the firewall to server1?
telnet server1 3333
All patches should be installed in a ________ first to observe any resulting problems or issues prior to installing them on production systems.
test environment
The _____ generally refers to the amount of time after which a client will cease attempting to reach a host when a connection cannot be established.
timeout
The _______ emits a tone when it detects a signal in a pair of wires. It's used to trace and locate voice, audio, and video signals on a network.
toner probe
Shielded twisted pair is generally more expensive than ________.
unshielded twisted pair
A ________ is a software-based routing framework that enables the host computer to act as a hardware router over a LAN. The VRRP advertises a ________ as the default gateway, which is backed by a group of physical routers that provide redundancy in case one fails. This helps you increase the availability of your networks.
virtual router
A _________ is a software-based framework that enables the host computer to act as a hardware router over a Local Area Network (LAN).
virtual router
A _________ can occur when the provisioned value for wavelength does not match the supported wavelength.
wavelength mismatch
The correct wiring scheme for the T568B standard is ______________
white orange, orange, white green, blue, white blue, green, white brown, brown.
The "war" in war driving and war chalking stands for __________.
wireless access receiver
A ________ is a software program that is installed directly onto a host and that filters incoming and outgoing packets to and from that host.
host-based firewall
_______ is Fast Ethernet and is rated for 100 Mbps throughput.
CAT5 cable
_______ provides all your required features for a cable standard.
CAT6
________ is the Data Link layer and NICs are part of this layer.
Layer 2
_______ is the European version of the standard.
SDH
(3DES)
Triple DES
What is the practical length limit of a CAT7 Ethernet cable?
100 meters
The range for IPv4 numbers is _______.
0 to 255
A device is said to be saturated or has reached saturation when its percent utilization is close to _____.
100
SMTP operates on port _____ in the outbound direction.
25
_________ is an internetwork broadcast entry that identifies the route for broadcasts to the entire network.
255.255.255.255
The maximum default number of hops for a traceroute or tracert is ____. You can specify a higher number using a command line switch and the number of hops you wish to use for the trace.
30
HTTP uses port ____for communicating with web clients and servers and runs on ______.
80, TCP
During a normal patching session, you find that one of your systems will not shut down when it is time for it to reboot. What do you suspect has happened?
A malware program is keeping processes alive.
One of your colleagues recently replaced several of your old servers with new ones. She also had to set up all network services on the new servers. The next day you arrive at work and no one in the office can connect to the network. What do you suspect is the problem?
A misconfigured DHCP server
Identify a solution for monitoring malicious Internet Control Message Protocol (ICMP) traffic on your network.
A network intrusion detection system
________ are common inexpensive routers that are generally located at customer sites.
Access routers
_______ is the injecting of safe test traffic onto a network to conduct performance tests. ________ is the collection of existing traffic for further analysis.
Active monitoring, Passive monitoring
What are the possible states of a network interface controller (NIC) team?
Active-active or active-passive
The ______________ is a table used for maintaining the correlation between each MAC address and its corresponding IP address.
Address Resolution Protocol cache
_______ is a feature that allows administrators to generate reports on users' Internet activity.
Auditing
_________ is an application that is run on a firewall or proxy that negotiates a connection between a network application running on a computer behind the firewall and another computer. This connection provides added security to computers behind the firewall, by only displaying the IP address of the firewall or proxy, but at the cost of decreasing the overall speed, you send and receive information.
Application gateway
In configuring RADIUS, what does the acronym AAA mean?
Authentication, Authorization, and Accounting
(ANS)
Authoritative Name Server
A _____ connector type is a cable connector used to terminate a coaxial cable.
BNC
A ________ type is a cable connector used to terminate a coaxial cable.
BNC connector
_______ uses a local broadcast that cannot be sent through routers on the network.
BOOTP
The average number of bits of data that can be transmitted from a source to a destination over the network in one second.
Bandwidth
________ is one of the easiest ways to fingerprint an OS or an application/service. In many cases you can configure the service (web server, email server, etc.) to not respond to clients with any banner. Firewalls can also be configured to block banners.
Banner grabbing
What is the appropriate (most secure) way to configure your firewall?
Block all traffic; create exceptions as required.
What is the practice that involves preventing certain types of data from being transmitted to a network?
Blocking
This is a method used by attackers to send out unwanted Bluetooth signals from tablets, mobile phones, and laptops to other Bluetooth-enabled devices. Because Bluetooth has a 30-foot transmission limit, this is a very close-range attack. With the advanced technology available today, attackers can send out unsolicited messages along with images and video. These types of signals can lead to many different types of threats. They can lead to device malfunctions, or even propagate viruses, including Trojan horses. Users should reject anonymous contacts, and configure their mobile devices to the non-discoverable mode.
Bluejacking
_______ and _______ both have to do with Bluetooth communications between devices.
Bluejacking, Bluesnarfing
________ is a technology that allows broadband transmission over domestic power lines.
Broadband over power lines
You receive an alert that an application server system has crashed, rebooted, and now is exhibiting unusual behavior. Under further investigation, you find that there is an unusual network connection with an origin external to your network that attempts to connect to other systems inside your network. The system you are investigating was likely compromised by which one of the following attacks?
Buffer overflow
The _______ is the piece of hardware that interfaces your network to your provider's network. It is installed at your site and is often owned by the provider.
CSU/DSU
A new user reports that he cannot connect to the network. You check the computer, his patch cable, and the switch port, and all are fine. Although the port shows no light, it tests as good. What do you check next?
Check the network drop.
A user is attempting to open an application that requires a connection to a server for functionality; however, she receives an error message that the application cannot connect to the server. She tells you that this happens sporadically. What do you investigate to find the problem's source?
Check the server's utilization to see if it's overloaded.
A user reports that she cannot connect to a wireless access point. Her computer detects the access point, but cannot connect. Which of the following would you not check in order to resolve her problem?
Check the user's network patch cable for breaks and proper termination.
The ________ protocol is a remote terminal protocol used by Citrix WinFrame and Citrix Presentation Server software as an add-on to Microsoft Terminal Services.
Citrix ICA
________ is a classless addressing method that considers a custom subnet mask as a 32-bit binary word. Mask bits can move in one-bit increments to provide the exact number of nodes and networks required. The ______ notation combines a network address with a number to represent the number of one bits in the mask. With _______, multiple class-based networks can be represented as a single block.
Classless interdomain routing
(CWDM)
Coarse Wavelength Division Multiplexing
Your corporate security policy should include a statement such as, "While using the organization's network or resources, any activity may be intercepted, monitored, recorded, copied, audited, inspected, and disclosed to the organization." An employee's signature or initials should accompany this sentence, which is legally known as what?
Consent to monitoring clause
_______ is the ability to assess the content of websites based on words or word combinations, and block content that is deemed undesirable.
Content filtering
___________ are capable of making intelligent decisions about data by analyzing data packets in real time, and understand the criticality and type of the request.
Content switches
____________ are powerful routers that are located at the center of network backbones. They connect multiple distribution routers located in different buildings.
Core routers
________ are based on the client's MAC address.
DHCP reservations
(DWDM)
Dense Wavelength Division Multiplexing
___________ is a multiplexing technology that uses light wavelengths to transmit data.
Dense Wavelength Division Multiplexing
_______ is an example of a real-time Unified Communications technology because it allows for instant, synchronous communication between users. The other formats are considered asynchronous, because a message that is delivered by the sender might not be accessed by the recipient for hours or days.
Desktop sharing
You find that your fiber signal is weak on a particular cable, but you find no breaks or physical interference problems. In fact, the cable is in excellent condition throughout its length. What do you look for next?
Dirty or obstructed connectors
________ is used on packet-switched networks to automatically calculate route costs and routing table entries. In essence, ________ is trying to determine how far the destination is, and in what direction. The goal is to reach the destination is the fewest number of hops.
Distance-vector routing
On Windows Server, you have multiple network options for enabling the software firewall: Domain network, Private network, and Public network. On which networks should you enable the firewall?
Domain, Public, and Private
The appearance of the ________ might cause you to investigate further on a corporate network because cloud storage services, such as Dropbox, are often prohibited in business settings.
Dropbox LAN sync Discovery Protocol
(DHCP)
Dynamic Host Configuration Protocol
________ show a more accurate network because they are updated more often than static tables. This is because the routers update the routing tables, not the admin. If the network suffers traffic congestion or a hardware failure, a router running dynamic routing protocols can automatically detect the problem and calculate a different routing path.
Dynamically built routing tables
The ________ is a dedicated digital line that transmits voice or data. It is used in Europe, Mexico, and South America.
E-carrier system
_________ are hardware tools that ensure that environmental conditions do not spike or plummet to place temperatures above or below equipment specifications. In addition to temperature, _______ allow you to monitor the humidity in the environment where the network devices are placed. By monitoring humidity, you can ensure that condensation does not build in devices, and that there is enough humidity to decrease static electricity buildup.
Environment monitors
According to the fourth stage of CompTIA Network+ Troubleshooting model, what two things must you do in the troubleshooting process?
Establish a plan of action, identify potential effects
_______ connect networks that belong to different companies for the purposes of sharing resources.
Extranet VPNs
(HIDS)
Host Intrusion Detection System
(IPSec)
IP Security
The separation of the network address portion and the host address portion is a characteristic of an _______.
IPv4 address
_______ carries both voice and data over conventional telephone lines.
ISDN
________ is a digital circuit switching technology that carries both voice and data over digital phone lines or PSTN wires.
ISDN
How do you connect a network-based firewall to your network?
Internet>Router>Firewall>Switch
Typical _______ implementations feature a star network or mesh network topology with servers or routers interconnected through cable or fiber optic media.
Metro-Ethernet
_______ is a metropolitan area network that uses Ethernet standards. _______ can connect LANs and individual users to a WAN or to the Internet. Organizations in large cities can use _______ to connect branch locations or offices to an intranet. A typical ________ has a star network or mesh network topology with servers or routers interconnected through cable or fiber optic media. For example, Comcast Business offers a _______ service for businesses with different locations within a city to communicate with using a wider bandwidth.
Metro-Ethernet
________ is a metropolitan area network that uses Ethernet standards.
Metro-Ethernet
(MPLS)
Multiprotocol Label Switching
(NAT)
Network Address Translation
SSL VPN
Secure Socket Layer virtual private network
________is the European version of the standard.
Synchronous Digital Hierarchy
(SONET)
Synchronous Optical Network
_______ ensure that connections between endpoints, such as routers, clients, and servers, are secure. They use tunneling to encapsulate and encrypt data sent through a public network, such as the Internet.
VPNs
_______ encrypts wireless communications, making them less vulnerable. It was designed to provide the same level of security as wired networks, but _____ has many well-known security flaws.
WEP
_______ was developed for the purpose of providing comparable confidentiality over a wireless network to that of a traditional wired network. The problem with _____ is that the same pre-shared key (PSK) is shared among all clients that use the network. This makes it very easy for an attacker on the network to acquire the PSK and then crack another user's _____ key within minutes. For this reason, _____ is not a recommended wireless encryption standard.
WEP
To find hidden SSIDs, you'd use a ______, which is also known as a wireless survey tool.
Wi-Fi stumbler
______ is a packet-based wireless telecommunication technology that provides wireless broadband access over long distances.
WiMAX
_______and ___________ are software that can analyze networks.
Wireshark, Microsoft Network Monitor
Current ________ are based on the X11 protocol and normally used on UNIX- and Linux-based systems to display local applications.
X Window systems
A ________ is a network segment on which broadcasts occur.
broadcast domain
Most of the original protocols from the TCP/IP stack that are still used have no ________ and can be abused in some way.
built-in security
You would use a ________ to check the cable for adherence to ISO or TIA standards.
certification tester
The _______ is put into place to assess and prevent unnecessary risks from being introduced into an environment due to hasty decisions and undocumented changes.
change management process
A ________ can test for the cable type and determine whether a cable is straight-through or crossover. It can also check if the NIC is functioning and determine its speed (half or full duplex).
cable certifier
The _____ refers to the range of IP addresses that the client may be assigned.
scope
A ________ is your network segment's router, also known as the first hop.
default gateway
Critical systems should have a redundant system as a _______ in case the primary fails.
failover node
Content switching is helpful for server ___________.
load balancing
A _______ describes the paths through which data moves through a network. By contrast, a physical topology describes a network's physical wiring layout. Even though the computers in a network might be wired a certain way, the manner in which data flows between those devices might differ.
logical topology
The bit rate and baud rate are equal at ________.
one bit per symbol
A ________ provides its services over a network that is open for public use. The architecture might be indistinguishable from a private cloud, but the security needs are typically quite different.
public cloud
A _____ is a port that is in use.
socket
________ are networks and systems used to support municipal services and industrial processes such as power generation and distribution, water treatment and distribution, wastewater collection and treatment, oil and natural gas collection and production, chemical synthesis and other production processes, as well as in transportation systems.
Industrial Control Systems
________ involves sending pulses of infrared light from one device to another.
Infrared transmission
(ISDN)
Integrated Services Digital Network
(ISDN)
Integrated Services for Digital Network
The _______ command is a Windows command that displays information that isn't available with other TCP/IP utilities.
NBTSTAT
______ is a technology that allows devices to establish a radio connection from a very short distance, generally 10 inches or less. A common example of _____ in action is when two smartphones are tapped together to establish a very short-range connection.
NFC
_______, which is open standard, uses TCP port 49 and also supports multifactor authentication.
TACACS+
Users who don't want to be found in a typical sweep will configure a port above _____ hoping that a standard sweep will miss the rogue port.
1024
The local loopback entry provides a delivery route for packets addressed to the local loopback address. This will appear as _______.
127.0.0.1
This address is a generic address that indicates that your system is set up to use DHCP, but cannot find a DHCP server.
169.254.36.63
You are also replacing Telnet with the Secure Shell (SSH) protocol. Which port do you need to deny and which do you need to open to complete this transition?
23, 22
The frequency in hertz that AT&T originally used to indicate when a line is free. In 1974 John Draper aka Captain Crunch discovered a breakfast cereal children's whistle was capable of making this tone. He and others used this technique or similar techniques in conjunction with a blue box to generate the ________ tone and make free long distance calls around the world. These individuals came to be known as phreaks.
2600 hertz
Your support staff requires remote access to Windows servers so that they can connect via remote desktop connections. Which port(s) should you allow through the firewall?
3389
Introduced in 1998, _______, is a cryptographic cipher. It is a symmetric-key block cipher, meaning that the same key is used to encrypt and decrypt data in fixed-length groups of bits called blocks. It is called "________" because it applies the DES cipher three times when encrypting data. When DES was originally developed in 1976, it used a key size of 56 bits, which was a sufficient level of security to resist brute-force attacks. Since then computers have become cheaper and more powerful, enabling the ______ algorithm to apply DES three times consecutively; essentially stopping brute-force on modern computers.
3DES
The payload of the frame (or the information being sent) must be a minimum of ___ bytes long. If the length of data is less than ____ bytes, the data field must be extended by adding a filler to increase the length to a minimum of ______bytes.
46
_____ defines the standards for commercial building cabling. It recognizes _____ as a media type. It also defines the minimum bend radius for both shielded and unshielded twisted pair cables. In addition, it specifies the maximum untwist value for _____ cable termination.
586C, CAT6a
______ is a standard that describes Layer 1 and Layer 2 specifications for wireless local area networks (LANs).
802.11
________ covers a large area (35 meters or more) and at a very high bandwidth (up to 1 Gbps) making it the clear—but more expensive—choice for such an application.
802.11ac
An IEEE standard used to describe Power over Ethernet (PoE) technology.
802.3af standard
Which standard describes Power over Ethernet Plus (PoE+) technology, which enables networks to deliver electrical power and standard data over Ethernet cabling, with up to 30 W of power supplied to each powered device and with 25.5 W being assured to the powered device?
802.3at
An ______ is a DNS server that possesses an actual copy of the records for a zone, as opposed to just caching a lookup from another DNS server. Its key function is delegation, which means that part of a domain is delegated to other DNS servers.
ANS
______ is a different service that enables a DHCP client to configure itself automatically with an IP address in the event that no DHCP servers respond to the client's DHCP discover broadcast.
APIPA
_______ is a service that enables a DHCP client computer to assign itself an IP address in case no DHCP servers respond to its DHCP discover broadcast. Clients can use ______ to assign themselves an IP address in the 169.254.x.x address range to enable communication with other clients until the issue with the DHCP server is resolved. ______ addresses are not routable, however, which means that communication is restricted to the local subnet.
APIPA
MAC flooding is an _______ technique aimed at network switches.
ARP cache poisoning
________ occurs when an attacker redirects an IP address to the MAC address of a computer that is not the intended recipient. Before the attack can begin, the attacker must gain access to the target network.
ARP cache poisoning
_______ validates ARP packets in a network. _______ determines the validity of packets by performing an IP-to-MAC address binding inspection before forwarding the packet to the appropriate destination. ARP packets with invalid IP-to-MAC address bindings that fail the inspection are dropped.
ARP inspection
_______ are used to provide tunneling services to individual users through common subscriber lines such as cable, dial-up, or ISDN.
Access VPNs
________ starts at the edge network. A VPN server, or even a firewall itself, can accept client VPN connections at the edge. These clients and their users have to pass some sort of _________ to authenticate, and the client may also have to prove its health before the connection is accepted. If there is no VPN connection, the firewall will still have a lot of ________ rules to filter out undesirable or uninvited traffic.
Access control
The _________ maps an IP address to a physical or media access control (MAC) address recognized within a local network. ______ resides on Layer 2, or the Data Link layer of the OSI model (Network Interface layer of the TCP/IP model), encapsulated by an Ethernet header. ________ enables you to dynamically discover the mapping of a Layer 3 IP address to a Layer 2 MAC address.
Address Resolution Protocol
A numerical value assigned to a routing protocol, static route, or a direct-connected route to signify more desirable routes.
Administrative Distance
________ is an encryption algorithm first used by the United States government to protect sensitive documents. _______ is designed as a substitute for DES and supported in many encryption programs such as PGP.
Advanced Encryption Standard
A document containing detailed information about potential security risks. _______ help companies keep their customers informed about the latest threats and what to do about them. For example, a company may issue a security advisory about a version of their program that allows unauthorized access to your computer and recommend updating to the latest version of that program to fix the problem
Advisories
_________ is a cell-switching network technology. Unlike frame relay, it can guarantee QoS for a particular virtual channel.
Asynchronous Transfer Mode
______ occurs when there is a degradation of signal strength, which results in slow responses from the network.
Attenuation
_______ is a system developed by AT&T that is similar to Caller ID that provides the phone number of the person calling a number as well as the number they dialed. Because _____ is not Caller ID, even if caller ID block is enabled this information could still be obtained.
Automatic Number Identification
This is a method in which attackers gain access to unauthorized information on a wireless device using a Bluetooth connection within the 30-foot Bluetooth transmission limit. Unlike _________, access to wireless devices such as tablets, mobile phones, and laptops by ________ can lead to the exploitation of private information including email messages, contact information, calendar entries, images, videos, and any data stored on the device.
Bluejacking, Bluesnarfing
_______ is a hybrid routing protocol used to establish routing between ISPs.
Border Gateway Protocol
_______and ______differ in the spacing of the wavelengths, number of channels, and the ability to amplify the multiplexed signals in the optical space.
CWDM, DWDM
_______ is a systematic method of approving and executing change to ensure maximum security, stability, and availability of information technology services.
Change management
_______ addresses provide a small number of network addresses for networks with a large number of nodes per network. Used only by extremely large networks, _______ addresses are too expensive for use by most organizations. The technical definition of a ______ address is any address where the first octet (on the left) begins with 0.
Class A
________ addresses provide a large number of network addresses for networks with a small number of nodes per network. The technical definition of a ______ address is any address in which the first three bits of the first octet are 110.
Class C
You should have each contractor read and sign the _______ and explain each section to them.
Corporate Security Policy
______ is a proprietary routing protocol by Cisco that supports classful and classless subnet masks.
Enhanced Interior Gateway Routing Protocol
In ______, as the name suggests, control is not as centralized as in a SCADA system. In most instances, each main process is broken down into a series of sub-processes, each of which is assigned an acceptable tolerance level.
DCSs
A ________ is performed using legitimate traffic against a system or systems with malicious intent.
DDoS attack
_______ is a network service that automatically assigns IP addresses and other TCP/IP configuration information on network nodes configured as _____ clients. A _______ server allocates IP addresses to _______ clients dynamically, and should be configured with at least one ______ scope. The scope defines the group of IP addresses that a ______ server can use.
DHCP
_____is a network service that automatically assigns IP addresses and other TCP/IP configuration information on network nodes configured as _____ clients. A _____ server allocates IP addresses to _____clients dynamically, and should be configured with at least one _____scope. The scope defines the group of IP addresses that a _____server can use.
DHCP
Can harden the security on the network to allow only clients with specific IP or MAC addresses to have access to the network. It uses information from the DHCP server to track the physical location of hosts, ensure that hosts only use the IP addresses assigned to them, and ensure that only authorized DHCP servers are accessible.
DHCP Snooping
A ________ is a service that captures a BOOTP or DHCP broadcast and forwards it through the router as a unicast transmission to the DHCP server on another subnet.
DHCP relay
There is also ______________ which is a category of solutions which were created to extend the traditional data center management function to include all of the physical assets and resources found in the facilities and IT domains. It is a combination of hardware and software tools that can be used to constantly monitor power consumption of the data center, including networking equipment, which allow you to proactively strike a continual balance between efficiency and availability. You can look for areas where the power load is too great or too light, and re-route power availability as needed.
Data center infrastructure management
_______ lines and leased lines are basically the same thing. Since a _______line is used by only a single user, bandwidth is fixed and is not impacted by other users in the area.
Dedicated
________ are used in process-based industries such as electric power generation; oil refining; water treatment; wastewater treatment; and chemical, food, and automotive production. In most instances, each main process is broken down into a series of sub-processes, each of which is assigned an acceptable tolerance level. Programmable Logic Controllers (PLCs) provide control over these sub-processes by using control loops, and the ____ manages the PLCs. ______ are used primarily in industries where the parts of the manufacturing system are in close geographic proximity, and where feedback and feed-forward loops are used to create a closed-loop or closed network system.
Distributed Control Systems
What is the relationship between VLANs and IP address pools?
Each VLAN gets its own subnet of addresses.
An _________ is a twisted cable that uses the RJ-45 connector.
Ethernet Cable
_______ uses multicarrier technologies in which multiple 5 MHz carriers are aggregated and a bigger data channel is used for data transmission. This large data channel also decreases latency and provides an increased capacity for bursty traffic, such as web applications.
HSPA+
The ______ is a network protocol that works on the Application layer (Layer 7) of the OSI model and the Application layer of the TCP/IP model to provide web services.
HTTP
_______ is the most commonly used trunk link protocol to address this issue. ______ inserts a special tag in the Ethernet header identifying the VLAN for that frame. The switch at the other end of the trunk link will read that tag and forward the frame to the appropriate VLAN.
IEEE 802.1q
A security control for switch ports that determines the packets which will be allowed to pass and those which will be dropped by screening the packet based on certain criteria.
IP filtering
_____ in Tunnel mode is often used with Layer Two Tunneling Protocol (L2TP). _____uses DES or 3DES encryption to provide data confidentiality
IPSec
_______ is typically a feature built into a switch, router or server. The device can provide statistics about its own interfaces. Usually these are transmit (TX) and receive (RX) traffic loads, packet errors, and link status. In most cases, you can get a point in time snapshot, as well as some history. You can use classic SNMP-based third party monitoring tools to continuously query many devices and report their status to a central console in a graphical format. You can typically also set alerts and track trends on interfaces/devices of interest.
Interface monitoring
_______ is an improvement over RIP that is designed to be deployed on interior routers within an autonomous system.
Interior Gateway Routing Protocol
An _______ would be used for connecting sections of a network. Common implementations involve connecting remote offices to a corporate headquarters.
Internal VPN
The problem with disabling ______ on your network is that you'll also disable your ability to ping hosts to check for connectivity.
Internet Control Message Protocol
The _______ retrieves network configuration settings for computers.
Internet Protocol Helper
Which of the following is the proper method setting up a demilitarized zone (DMZ) on your network?
Internet>Firewall>DMZ>Firewall->Switch
________ are used to connect different sections of a corporate network.
Intranet VPNs
(IDS)
Intrusion Detection System
________ still use the same headers as typical Ethernet frames. They are more efficient because more data is sent within the data portion of the frame, resulting in fewer overall frames that need to be processed at the network level.
Jumbo frames
_____ is a radio technology for wireless broadband access. It offers data rates about 100 times faster than 3G networks, a downlink rate that exceeds 100 Mbps, and an uplink rate of more than 50 Mbps.
LTE
_______ is a radio technology, and does not transmit over satellites or fiber optic cabling
LTE
________ is a protocol that controls multiple Wi-Fi wireless access points. This can reduce the amount of time spent on configuring, monitoring, or troubleshooting a large network.
LWAPP
Layer 2 is the Data Link layer and NICs are part of this layer.
Layer 2
________ is the Network layer and ping operates on this layer.
Layer 3
________ is the Transport layer and firewalls are part of this layer.
Layer 4
_______ are a security risk because they are end of life and out of vendor support, which means that the vendor no longer supplies patches for critical security bugs.
Legacy systems
The primary function of a ____________ device is to divide work as evenly as possible among the devices on a network. This allows more resources to be utilized efficiently, resulting in faster data processing.
Load-balancing
A _______ is a web server that allows external users to get a look at routing and network behavior as it originates from the remote network. A _______ accesses a remote router and performs commands allowing a view of the IP and BGP route tables.The information is then presented to the user. _______ are used for verifying routing between providers, and for verifying that routes are propagating correctly across the Internet.
Looking Glass site
A _______ is a hardware-level address assigned to every networking device by its manufacturer. It is also known as a physical address. ________ are written in hexadecimal form.
MAC address
An example of a ________ is 00-00-86-46-F6-65.
MAC address
_____ describes the size of the largest protocol data unit that the layer can pass onwards, and is expressed in bytes. The standard ______ of an Ethernet frame is 1,500 bytes, but this can be surpassed in jumbo frames.
MTU
The _______ record maps a domain name to an email server list.
MX DNS
Which one of the following is considered to be a competing Voice over IP (VoIP) protocol with the H.323 suite?
Media Gateway Control Protocol
____________ is the logical separation of nodes until there is a need to connect them. This helps prevent collision domains.
Microsegmentation
(MPPE)
Microsoft Point-to-Point Encryption
________ also involves sending signals via pulses of electromagnetic energy in the microwave region of the electromagnetic spectrum.
Microwave transmission
_______ is a framework of networking functions that uses labels on any combination of Layer 2 and Layer 3 headers.
Multiprotocol Label Switching
_________ is a high-performance, multi-service switching technology that is used in packet data networks.
Multiprotocol Label Switching
You have installed a new server on your network and plugged it into an available network cable. Everything checks out as working, yet you cannot connect to the rest of the network. What two things do you check first?
NIC speed and duplex settings; switch port speed and duplex settings
_________ is a general term for the collected protocols, policies, and hardware that govern access on device network interconnections. ______ provides an additional security layer that scans systems for conformance and allows or quarantines updates to meet policy standards. Security professionals will deploy a _______ policy according to an organization's needs based on three main elements: the authentication method, endpoint vulnerability assessment, and network security enforcement. Once the _______ policy is determined, professionals must determine where _______ will be deployed within their network structure.
Network Access Control
The purpose of _____ is to conceal the internal addressing schemes from external networks such as the Internet. This means that packets sent from multiple internal devices will all appear to have originated from the same single IP address, which prevents external hosts from communicating directly with internal clients.
Network Address Translation
(NIDS)
Network Intrusion Detection System
What is the most common in-band remote-management hardware device?
Network adapter
________ with segmentation balances the load by separating traffic from other segments. Only traffic destined for a particular segment will reach that segment and only affects that segment.
Network load balancing
_______ attacks affect all users on a network segment. Worms, botnets, and mass mailers are all examples of _______ attacks.
Network malware
________ is a computer or appliance that provides only file-based data storage services to other devices on the network. _____ devices are specialized for the file server task either by its hardware, software, or configuration of both. ______ devices typically do not have a keyboard or display, and are configured through a web-based management utility. Some ______ devices will run a standard operating system, while others may run their own proprietary operating system.
Network-attached storage
Network administrators typically use ________ when standard connectivity isn't available.
OOB management
_______ is free, open source network management software that uses SNMP traps to generate alerts and notifications for your network devices.
OpenNMS
The_________ standard specifies the bandwidth for fiber optic transmissions. It is a channelized technology based on the same 64 Kbps channel as DSH but with a base rate of 810 channels. The ______ standard is open-ended, enabling manufacturers to add specifications as they develop hardware that supports faster transmission speeds.
Optical Carrier x
________ are a variation of TDR used specifically for fiber optic cabling to determine cabling issues.
Optical Time-Domain Reflectometers
______is a remote-access authentication method that sends client IDs and passwords as cleartext. It is typically used when a remote client connects to a non-Windows PPP server that does not support password encryption.
PAP
______ is a subset of dynamic NAT functionality that maps either one or more unregistered addresses to a single registered address using multiple ports.
PAT
The_______, for example, requires network segmentation for PCI systems. This is to guarantee that external attacks can't traverse into PCI systems and vice versa.
PCI Security Standards Council
Unlike ______, IMAP4 enables users to access folders other than their mailbox.
POP3
The _______is a more recent PPP implementation used by many DSL broadband Internet connections.
PPPoE
The ______ record type maps an IP address to the host name for the purpose of reverse lookup.
PTR DNS
The ________ is a remote-access authentication method that sends client IDs and passwords as cleartext. It is generally used when a remote client is connecting to a non- Windows PPP server that does not support password encryption. When the server receives a client ID and password, it compares them to its local list of credentials. If a match is found, the server accepts the credentials and allows the remote client to access resources. If no match is found, the connection is terminated.
Password Authentication Protocol
_________ is the practice of duplicating all traffic on one port in a switch to a second port, effectively sending a copy of all the data to the node connected to the second port. Port mirroring is useful as a diagnostic tool when you need to monitor all traffic going to a particular port or node with minimal impact on the network performance.
Port mirroring
_____is a more secure version of EAP that uses an encrypted channel between a remote client and a server.
Protected Extensible Authentication Protocol
What is the correct sequence of information presented in an IPv6 address?
RIR, ISP, Site, Subnet, Host
The _______ connector is used with Category 1 cables in telephone system connections and is not suitable for network connectivity.
RJ-11
An _______ is a twisted pair connector that is used with Category 1 cables in telephone system connections, and is not suitable for network connectivity.
RJ-11 connector
The ______ is an eight-pin connector used by twisted pair cables in networking.
RJ-45
The _______ connector is commonly used for T1 lines.
RJ-48C
A _________ involves sending forged requests of some type to a very large number of computers that will reply to the requests. Using Internet Protocol address spoofing, the source address is set to that of the targeted victim, which means all the replies will go and flood the target.
Reflective DoS attack
_______ are lease assignments in DHCP that enable you to configure a permanent IP address for a particular client on the subnet.
Reservations
_____ combines an Ethernet data path with an IS-IS link state control protocol running between Shortest Path bridges. It is a replacement for STP that simplifies the creation and configuration of networks, while enabling multipath routing.
SPB
This is an unauthorized wireless access point on a corporate or private network. _______ can cause considerable damage to an organization's data. They are not detected easily, and can allow private network access to many unauthorized users with the proper devices. A _______ can allow man-in-the-middle attacks and access to private information. Organizations should protect themselves from this type of attack by implementing techniques to constantly monitor the system, such as installing an IDS.
Rogue Access Point
A user receives a notification on his desktop that reads, "The system has detected an IP address conflict with another system on the network. The local interface has been disabled. More details are available in the system event log. Consult your network administrator to resolve the conflict." The user contacts you, the network administrator, to resolve the problem. What do you do?
Run ipconfig /renew on the user's computer
Network administrators are separating _______ into their own network segments known as security zones, where, among an array of hardware and software security, firewalls are implemented.
SCADA systems
A ________ VPN is a VPN format that works with a web browser—without needing the installation of a separate client. _______ ensures that the connection can be made only by using HTTPS instead of HTTP. This format works well in schools and libraries where easy access is required but security is still a concern.
Secure Socket Layer
_________ reduces the scope of any attack to that particular segment, since the attacker will have no access to, or any knowledge of, any other segment without launching a separate attack.
Segmentation
______ initiates, modifies, and terminates a session. It is a signaling protocol for multimedia communication sessions. ______ must work with other protocols because it is responsible only for the signaling portion of a communication session.
Session Initiation Protocol
______ is a signaling protocol for multimedia communication sessions that initiates, modifies, and terminates a session.
Session Initiation Protocol
____ are similar to gigabit interface converters in their architecture, but they allow higher port density than gigabit interface converters.
Small form-factor pluggables
If you observe the following two error messages when reviewing Terminal Access Controller Access Control System (TACACS) log entries, what would you suspect if the message is repeated many times in a row? err tamd[6695]: pam_tacplus: unable to obtain username err tamd[6695]: pam_tacplus: auth failed: Login incorrect
Someone is attempting to guess usernames and passwords
_______ is used to prevent switching loops and broadcast storms. All switches in the same broadcast domain elect a root bridge (switch) to act as a reference point for all other switches. This switch will then listen for special frames coming from the root to determine if those frames are coming into different ports. If they are, then there is a redundant link.
Spanning Tree protocol
_______ uses table mappings that the network administrator establishes manually in the router prior to routing.
Static routing
________ is best suited to smaller environments in which the network topology is very unlikely to change. It is also helpful in lower-bandwidth infrastructures, since static routers are not constantly creating traffic by network status updates to other routing devices.
Static routing
____________ (also known as patch cables) are used to connect unlike devices. All wire pairs are in the same order at each end of the cable.
Straight-through cables
________ is capable of providing process-wide encryption for authentication, not just password encryption. ________ uses TCP instead of UDP and supports multiple protocols.
TACACS
______ supports multifactor authentication, and is considered more secure and more scalable than RADIUS because it accepts login requests and authenticates the access credentials of the user.
TACACS+
________ systems are used in situations where sites are at great geographical distances from one another, and where centralized data collection and management is critical to the industrial operation. Examples of industries where ______ systems are common include systems like water distribution systems, wastewater collection systems, oil or natural gas pipelines, electrical power grids, and railway transportation systems. A _______ control center monitors and manages remote sites by collecting and processing data and then sending supervisory commands to the remote station's control devices. Remote control devices, or field devices, are responsible for controlling operations like opening and closing valves, collecting data from sensor systems, and monitoring the environment for alarm conditions.
Supervisory Control and Data Acquisition
_______ can connect to each other using trunk links that will carry all VLAN traffic from one switch to the next. In this way, a single VLAN can extend across an entire campus and not be limited to one switch or one building. Ethernet-based metropolitan area networks also use VLAN tagging to keep different customers' traffic separate.
Switches
______ is a term used to define the process of logging program messages or data logs. The term collectively includes the software or operating system that generates, reads, and analyzes log files.
Syslog
_______ is a simple, easy to set up logfile-based monitoring system that collects data from many types of devices via the _______ agent that is already present on most operating systems and networked devices.
Syslog
_______ is not compatible with TACACS because it uses an advanced version of the algorithm.
TACACS+
______ is an example of a connection-oriented transport protocol and ______ is an example of a connectionless protocol.
TCP, UDP
To troubleshoot Terminal Access Controller Access Control System (TACACS) sessions, which utility should you turn to for assistance?
Tcpdump
________ is a packet capture tool that allows you to intercept and capture packets passing through a network interface. It will help to monitor the packet flow, packet flow responses, packet drop, and ARP information.
Tcpdump
_______ and ______ are authentication protocols that provide centralized authentication and authorization services for remote users. TACACS includes process-wide encryption for authentication, while RADIUS encrypts only passwords. TACACS uses TCP instead of UDP and supports multiple protocols. Extensions to the TACACS protocols exist, such as Cisco's TACACS+ and XTACACS.
Terminal Access Controller Access Control System, TACACS Plus
You have performed exhaustive tests for a WAN connectivity problem up to the interface between your network and the provider's network, and now it is time to engage the provider to do some research. The provider's first step prior to sending out a technician is to perform what physical test?
Test the line up to the smart jack.
The third stage states: _________.
Test the theory to determine the cause
If you suddenly lose Wide Area Network (WAN) connectivity, which device would you investigate first for the problem?
The Internet-connected route
A user's newly deployed laptop computer will not connect to the network, even after several reboots. You open Device Manager and see that in the list of network adapters, there is a listing for Ethernet adapter with a yellow question mark next to it. What does this tell you?
The NIC driver hasn't been installed
A user's computer hardware and software both check out as good. The network cable has end-to-end connectivity. Speed and duplexing have been verified. Where would you look next for the problem?
The VLAN ID on the switch port
________ is a simple version of FTP that uses UDP as the transport protocol, and does not require log on to the remote host. As it uses UDP, it does not support error correction but provides for higher data integrity. It is commonly used for bootstrapping and loading applications and not for file transfer. FTP traffic is not encrypted and all transmissions are in clear text. Usernames, passwords, commands and data can be read by anyone able to perform packet capture (sniffing) on the network.
Trivial File Transfer Protocol
A __________ is a type of malware that is itself a software attack and can pave the way for a number of other types of attacks. There is a social engineering component to a _______ attack since the user has to be fooled into executing it.
Trojan horse
_______ is used to gain access to a system inside a network to exploit vulnerabilities in systems, to steal data, or to disrupt network functions. Other listed attacks generally don't include an "outside to inside" style attack the way a _______ does.
Trojan horse malware
_______ is also known as link aggregation, port teaming, EtherChannel, and NIC bonding, among other names.
Trunking
A ________ provides the actual services that users will use, such as voice, video, fax, messaging, etc.
Unified Communications server
________ is a network security solution that is used to monitor and manage a wide variety of security-related applications and infrastructure components through a single management console. ______ provide multiple security functions such as network firewalling, network intrusion prevention, anti-malware, VPN, spam and content filtering, load balancing, data leak prevention and on-appliance reporting. ______ can be network appliances or a cloud service.
Unified Threat Management
The _______ is the messaging protocol that switches use to update each other's VLAN databases. Developed by Cisco, it allows switches to quickly advertise to each other when a VLAN is created or deleted. This saves an administrator some manual labor. If the administrator wishes to extend a VLAN across several switches, he or she would have to manually configure each switch with the same VLANs. With VTP, this is done automatically.
VLAN Trunking Protocol
Which term refers to a logical grouping of ports on a switch?
Virtual LAN
(VNC)
Virtual Network Computing
_______ is a platform-independent desktop sharing system. A ______viewer on a Linux system can connect to a ______ server on a Microsoft system and vice-versa.
Virtual Network Computing
A _______ is a private network that is configured by tunneling through a public network such as the Internet. Because tunneling is used to encapsulate and encrypt data, _____ ensure that connections between endpoints, such as routers, clients, and servers are secure. To provide ______ tunneling, security, and data encryption services, special ______ protocols are required.
Virtual Private Network
In ________, the firewall logically binds two ports together and passes all traffic to the other port without any switching or routing. It is not seen as a router hop to connected devices. Full inspection and control for all traffic is enabled, and no networking protocol configuration is required.
Virtual Wire mode
_______ is a technology through which one or more simulated computers run within a physical computer. The physical computer is called the host. The simulated computers are typically called virtual machines (VMs), though other terms may be used. The virtual machines communicate with each other by using virtual switches.
Virtualization
______ is widely popular and has many advantages. However, there are some limitations that prevent _____ from replacing traditional telephony. One such limitation is that a power outage will usually prevent you from getting online, which is necessary in order to make a ______ call. The variable latency and spotty reliability of the Internet mean that ______ calls aren't always a dependable choice.
VoIP
The act of searching for instances of wireless networks using wireless tracking devices such as tablets, mobile phones, or laptops. It locates wireless access points while traveling, which can be exploited to obtain unauthorized Internet access and potentially steal data. This process can be automated using a GPS device and war driving software.
War driving
The ________ describes the steps that you take to back out of a change in case of failure or in case the change cannot be safely implemented.
rollback process
__________ is a packet-based wireless telecommunication technology that provides wireless broadband access over long distances.
Wireless Interoperability for Microwave Access
Using the previous scenario, you have created an allow rule for Transmission Control Protocol (TCP) port 3333 to server1, but the test fails. What could not be the problem with your firewall rule?
You've exceeded the maximum number of rules in your firewall.
If it weren't for implementation of the Spanning Tree Protocol (STP), or one of its equivalent replacement protocols, such as SPB or RSTP, what would inevitably happen?
Your network segment would be flooded with broadcast storms.
A _________ is an attack that exploits a previously unknown vulnerability in an application or operating system. In this situation developers have not had time to address the vulnerability and patch it. It is called a "_________" because the developer has had _________ to fix the flaw.
Zero day attack
In a ________, one end of the cable is wired exactly the opposite of the other end of the cable, going from one to eight on end A and from eight to one on end B. Instead of allowing data transfer, they provide an interface for programmers to connect to and adjust the router's configuration.
rollover cable
Any system designed to prevent and restrict access to users. For example, a primary form of _______ is only allowing users who have accounts to login to a system or only allowing the user access to files he or she should be able to see. Hardware and software systems may also have _______ built into them, which means they require a specific security validation to allow users access or use of the hardware or software. _______ typically relies on particular security measures to determine who should have access.
access control
With ________ a person or program records login and password information from a legitimate user in order to illegally gain access to their accounts. The hacker who is working to harvest accounts may use sniffing software to find the data on a network, phishing scams, or shoulder surf to harvest account information. Once multiple accounts have been harvested the hacker uses the collected information illegally to gain access to accounts, if successful they may gain access to information they do not have the right to view, spam other users, or use the account for other illegal monetary gain.
account harvesting
What command would you use in Windows Server 2012 R2 to clear a static routing table of all entries?
route-f
_______ is a program installed without a user's consent or knowledge during the install of another program. Much like spyware, _______ tracks individuals Internet activities and habits to help companies advertise more efficiently. _______ is usually installed on a computer with free programs since the developers are often paid if they include it with their program. Like spyware, _______ can be located and removed from a computer using software utilities available on the Internet.
adware
An _______ is the act of exploiting vulnerability on a system, a service, or a network. A ______ is a potential cause of an incident that may result in harm to systems and the organization.
attack, threat
An ________ or a routing domain is a self-contained network or group of networks governed by a single administration.
autonomous system
Full duplex mode is also called ________. If someone speaks about duplex transmissions, they are likely referring to full duplex mode.
bi-directional transmission
An IPv4 address is shown and discussed in decimal or base 10 numbers for convenience, but are actually _______.
binary
The two main reasons why network administrators segment networks are to _______ and to ________.
boost network performance, enhance security
A ______ affects individual computers systems and cannot cause network problems.
boot sector virus
Providing faster responses to future requests is the goal of _______.
caching
A _______ is a networking device that connects multiple networks. Operating at Layer 3 of the OSI model, it makes forwarding decisions based on Layer 3 addresses, such as IP addresses.
router
A ________ type is a 75-ohm cable used to connect cable TV and FM antenna cables.
coax connector
A _________ type is a 75-ohm cable used to connect cable TV and FM antenna cables.
coax connector
In a ________, nodes contend for access to the same physical medium. This occurs on a logical bus, where the transmission of a single node is heard by all nodes. A collision can happen in this type of situation.
collision domain
A ________ is where multiple organizations from a specific community with common interests share the cloud infrastructure.
community cloud
When troubleshooting WAN problems, you have to keep in mind where your equipment and responsibility end and where your provider's begins. That is the_______. You have to do your due diligence in proving that your equipment and practices are not the problem before the provider will begin troubleshooting.
demarcation point
A ________ is a small section of a private network that is located between two firewalls and made available for public access. A ______ enables external clients to access data on private systems, such as web servers, without compromising the security of the internal network as a whole. The external firewall enables public clients to access the service whereas the internal firewall prevents them from connecting to protected internal hosts.
demilitarized zone
A ________ is a routing process in which two routers discover different routes to the same location that include each other, but have incorrect information and thereby never reach the endpoint. Data caught in a _______ circles around until its TTL expires. _______ can be difficult to detect and to troubleshoot; the best prevention is proper router configuration.
routing loop
Logical network diagrams contain ________ and _________. Additionally, they contain node IP addresses, device FQDNs, and application types.
routing topology, node trust relationships
Telephone systems are _________; all people involved can talk simultaneously.
full duplex devices
However, the number of required connections increases exponentially with the number of nodes added to the network. This can make a _______ difficult to implement and maintain over time.
full mesh topology
A ______ operates at Layer 3 and above of the OSI model.
gateway
A software program or bot designed to parse through large amounts of data such as web pages on the Internet and grab specific information. For example, a _______ may be designed to grab accounts, addresses, e-mail addresses, names, and phone numbers.
harvester
A ________ is a number assigned to each host, which divides the IP address into a network ID and node ID.
subnet mask
A _______ is a site survey of wireless signals and their strengths.
heat map
An ________ is intended to protect a specific high-value device, as opposed to the entire network. A host-based system primarily uses software installed on a specific host, and uses the resources of the host it is installed on.
host-based intrusion detection system
In the _________ VPN connection model, rather than connecting to another network, a single computer makes a secure connection to another single computer. This can be used either internally or on the Internet. Where this is most common is when one server needs a secure connection to another server. Typically the tunneling protocol for _________ VPNs is IPSEC.
host-to-host
A ________ is a combination of two or more clouds that remain distinct but are bound together.
hybrid cloud
A _______, also known as a virtual machine manager, is the software or firmware that creates a virtual machine on the host hardware. The _______ provides the guest operating systems with a virtual operating platform and manages the execution of the guest operating systems.
hypervisor
The _______ command displays the status of currently active network interface devices, and is supported on Linux and UNIX.
ifconfig
A _________ is a network topology in which nodes receive the data transmitted all at the same time, regardless of the physical wiring layout of the network. A common implementation is physical star-logical bus. In this topology, even though nodes connect to a central switch and resemble a star, data appears to flow in a single, continuous stream from the sending node to all other nodes through the switch. Because the transmission medium is shared, only one node can transmit at a time.
logical bus topology
Switches make forwarding decisions based on Layer 2 (MAC) addresses. They do this through a process called _______, in which all nodes are logically separated from each other until there is a need to connect them.
microsegmentation
A ________ removes the node ID from the IP address, leaving just the network portion. A _________ is a series of continuous binary 1s that end abruptly at some point, followed by all 0s.
subnet mask
A _______ is a tool that allows you to determine the voltage, current, and resistance along the cable.
multimeter
A _________ is a formalized statement or set of statements that defines network functions and establishes expectations for users, management, and IT personnel. It describes in detail the acceptable use policies of network equipment for a particular organization, including the appropriate methods to maintain, upgrade, and troubleshoot the network.
network policy
A ________ is a dedicated hardware/software combination that protects all the computers on a network behind the firewall.
network-based firewall
An SNMP-managed network consists of three key components: ___________________
network-connected devices, SNMP agents, management station
The ________ utility is used to test and troubleshoot domain name servers. _______has two modes: the interactive mode enables you to query name servers for information about hosts and domains, or to print a list of hosts in a domain. The non-interactive mode prints only the name and requested details for one host or domain. The non-interactive mode is useful for a single query.
nslookup
A _________ is a network in which resource sharing, processing, and communications control are completely decentralized. All clients on the network are equal in terms of providing and using resources, and each individual workstation authenticates its users.
peer-to-peer network
In a _________, every node on the network is directly connected to all other nodes on the network. Since each node has a dedicated line to every other node, any given node can communicate with multiple nodes at the same time. Data can travel very fast in this type of configuration. Because of the redundant connections, the failure of a single node will not cause the network to go down.
physical mesh topology
A ________ is a network topology in which each node is connected to the two nearest nodes: the upstream and downstream neighbors. The flow of data in a ring network is unidirectional to avoid collisions. All nodes in the network are connected to form a circle. There is no central connecting device to control network traffic, and each node handles all data packets that pass through it. Data moves in one direction through each node that scans data packets, accepts packets destined for it, and forwards packets destined for another node.
physical ring topology
A ________ is a network topology that uses a central connectivity device, such as a switch, with individual physical connections to each node. The individual nodes send data to the connectivity device, and the device then forwards data to the appropriate destination node. In legacy implementations, hubs were also used in physical star topologies, where nodes sent data to the hub, which simply passed it through to all attached nodes. Star topologies are reliable and easy to maintain, as a single failed node does not bring down the whole network. However, if the central connectivity device fails, the entire network fails.
physical star topology
The _______ command is used to verify the network connectivity of a computer, and also to check to see if the target system is active. It verifies the IP address and host name of the remote system by listening for echo replies.
ping
In a _______, the attacker sends an oversized, fragmented Internet Control Message Protocol (ICMP) echo request (ping) packet to the victim. The maximum length of an IP packet, including the header, is 65535 bytes. However, a larger packet can be transmitted if it is fragmented. On a vulnerable system, a buffer overflow can occur when the packet is reassembled, causing the victim to freeze or crash.
ping of death attack
A ________ is a network cable that is jacketed tightly around conductors so that fire cannot travel within the cable. A _______ jacket won't give off poisonous gases when it burns. Fire codes usually require this special grade cabling when wires must be run through the plenum (an air handling space), including ducts and other parts of the heating, ventilating, and air conditioning (HVAC) system in a building.
plenum cable
A _________ is a network cable that is jacketed tightly around conductors to prevent poisonous gas from emanating in the event of a fire.
plenum cable
Another workaround to the count-to-infinity problem is called a _______. Unlike in split horizon, routers using _______ broadcast routes back to the router from which they calculated their location. Instead of giving a true hop count, to discourage use of the route, the router broadcasts a hop count of 16 as a warning not to use the value specified and as an intimation that the route was learned from router 1.
poison reverse
Blocking of individual or ranges of TCP/IP ports is known as _______. Often, all ports above 1024 are blocked and then allowed individually as needed for certain services to function.
port filtering
A _________ is a type of network attack where a potential attacker scans the computers and devices that are connected to the Internet or other networks to see which TCP and UDP ports are listening and which services on the system are active.
port scanning attack
If two nodes transmit at the same time, a collision has occurred. The collision is most likely to occur during the _______.
preamble
A ________ is operated solely for a single organization. It can be managed internally or by a third party, and can be hosted either internally or externally.
private cloud
A ________, or a _________, is diagnostic software that can examine and display data packets that are being transmitted over a network. It can examine packets from protocols that operate in the Physical, Data Link, Network, and Transport layers of the OSI model.
protocol analyzer, network analyzer
A ______ applies appropriate algorithms to generate and maintain an information base about network paths. It considers various routing metrics such as the bandwidth and reliability of the path, and communication costs while evaluating available network paths to determine the optimal route for forwarding a packet. Once the optimal route for a packet is assigned, packet switching is done to transport the packet from the source host to a destination host. The action of forwarding a packet from one router to the next is called a I.
router
A ______ makes forwarding decisions based on Layer 3 addresses, typically IP addresses.
router
A _______ is a system that isolates internal clients from the servers by downloading and storing files on behalf of the clients. It intercepts requests for web-based or other resources that come from the clients, and, if it does not have the data in its cache, it can generate a completely new request packet using itself as the source, or simply relay the request.
proxy server
A ________ isolates internal clients from the servers by downloading and storing files on behalf of the clients. Not only does this improve security, but it also caches commonly requested data and reduces network traffic by providing frequently used resources to clients from a local source.
proxy server
A ________ is a restricted network that provides users with routed access only to certain hosts and applications. Users are denied access to the network and are assigned to a ______ when a NAC product determines that an end-user is out-of-date. They are assigned to a network that is routed only to patch and update servers, and not to the rest of the network. They can then update their device to bring it up to NAC standards and gain access to the network.
quarantine network
Generally, if your change takes you outside of the prescribed change window, you have to ______ the change and start the change process again to modify the window (the time required to process a change).
roll back
_______ is ahash function that is published by NIST.
secure hash algorithim
Most testing labs are far outside the control of security, so _______ is necessary to ensure the safety of the rest of the network.
segmentation
A _______ is a type of bounded network media that transfers information between two devices by using serial transmission.
serial cable
A ________ is a type of bounded network media that transfers information between two devices by using serial transmission.
serial cable
A ________ is a type of bounded network media that transfers information between two devices by using serial transmission. These cables typically use an RS-232 (also referred to as DB-9) connector, but can also use a DB-25 connector.
serial cable
Proving _______ of as close to 100 percent as possible is the goal of high availability.
server uptime
A _________ is a type of man-in-the-middle attack that involves exploiting a session to obtain unauthorized access to an organization's network or services. It involves stealing an active session cookie that is used to authenticate a user to a server and controlling the session. __________ also initiate denial of service to either the client's system or the server system, or both.
session hijacking attack
_______ systems are used in situations where sites are at great geographical distances from one another. A _______ control center monitors and manages remote sites by collecting and processing data and then sending supervisory commands to the remote station's control devices.
supervisory control and data acquisition
Stumbling a wireless network requires a _______ to identify wireless services.
surveying application
A _______ is a network device that acts as a common connecting point for various nodes or segments.
switch
A _______ makes forwarding decisions based on Layer 2 (MAC) addresses. It listens for the MAC addresses of all the nodes plugged into it, and builds a table in memory that maps each MAC address to its associated port.
switch
Having the tester look for excessive crosstalk usually detects a _______. You have to use a certifier device to detect a ______ because a simple line tester isn't sufficient for the job.
split pair
In ______ switching, the switch calculates the CRC value for the packet's data and compares it to the value included in the packet. This is the slowest type of switching mode, since the switch must receive the entire frame before the first bit of the frame is forwarded.
store-and-forward
A _______ is a logical subset of a larger network, created by an administrator to improve network performance or to provide security.
subnet
A ___________ is where an attacking host imitates a trunking switch by speaking the tagging and trunking protocols used in maintaining a VLAN. Traffic for multiple VLANs is then accessible to the attacking host.
switch spoofing attack
A log file is a record of actions and events performed on an operating system. There are three common types of log files: ___________.
system, general, history files
A _______ is a device that sends an electrical signal through one pair of UTP wires. A tone locator or a tone probe is a device that emits an audible tone when it detects a signal in a pair of wires. ________ and tone locators are most commonly used on telephone systems to trace wire pairs. A digital toner and toner probe traces and locates voice, audio, and video cabling on a network. In addition to confirming the cable location, a toner and probe can verify continuity and detect faults.
tone generator
You should use the OSI model from ______ and from ________ to divide and conquer a problem.
top to bottom, bottom to top
On Windows, use the _______ command to print the route packets trace to a remote host.
tracert
Identifying the different types of traffic on your network and shaping the network through the use of _______ is the most effective method of limiting bandwidth for non-business or low-priority traffic.
traffic profiles
A packet shaper is a form of _________. The goal of __________ is to delay metered traffic such that each packet complies with the relevant traffic contract. This is common in Quality of Service (QoS) implementations in which traffic must not exceed the administratively defined rate.
traffic shaping
A _______ could mean that an attacker is testing your response to a traffic spike prior to a coordinated attack.
traffic spike
In the _______, a data packet is enveloped in a form that is acceptable to the carrier. To make sure the packets can travel across all Internet service providers (ISPs), the client encapsulates the IP version 6 (IPv6) packets into IPv4.
tunneling process
A _______ is a firewall service or appliance running entirely within a virtualized environment. This can be a software firewall on a guest VM, a virtual security appliance designed for virtual network security, a virtual switch with additional security capabilities, or a managed kernel process running within the host hypervisor that sits below all VM activity.
virtual firewall
A ________ can operate in different modes, which provide different services. A _________ operating in bridge mode does not actively participate in routing the traffic, and also does not require any IP routing changes or subnetting to be inserted into place.
virtual firewall
A ____________ is a program that virtualizes a physical network interface card.
virtual network interface controller
(VPN)
virtual private network
A _________ is a virtual machine that runs a network operating system or other server software.
virtual server
A ________ is a software application that enables communication between virtual machines. It is capable of intelligently directing the communication on a network by checking data packets before moving them on.
virtual switch
A ________ is piece of software or hardware that is used to analyze the physical aspects of wireless networks. This includes items such as: spectrum analysis, finding WAPs, reporting SSIDs, channel usage, signal strength, and identifying noise sources.
wireless analyzer
A ________ can be used to connect two wired networks by using a wireless connection. A ________ receives the signal from your wireless router and sends it out to other wired devices. The ________ needs to be within range of the wireless router's signal and also within cable length of the other wired devices.
wireless bridge
A ________ is the process of planning and designing a wireless network that provides a wireless solution that will deliver the required wireless coverage, data rates, network capacity, roaming capability and QoS.
wireless survey
A _______, or a _________, is a Wi-Fi spectrum analyzer used to detect devices and points of interference, as well as analyze and troubleshoot network issues on a WLAN or other wireless networks. Like network analyzers, wireless testers give an overview of the health of a WLAN in one central location, enabling technicians to troubleshoot problems efficiently.
wireless tester, WiFi analyzer