CNT 120: Chapter 1, CNT 120 Chapter 2, CNT 120 Chapter 3, CNT CHAPTER 4, CNT 125: Chapters 3 & 4, CNT CHAP 5, CNT120 CHAP 6, CNT 125: Chapter 7, CNT 125: Chapter 8, CNT 125 Chapter 9, CNT 125 Chapter 10, CNT 125 Chapter 11, CNT 125 Chapter 12, CNT 12...

IS-IS

-link-state routing protocol -uses a more complex algorithm to calculate the best path to a destination -fast convergence time -used ONLY on interior routers -can be used for IPv4 and adapted for IPv6

OSPF

-link-state routing protocol -uses a more complex algorithm to calculate the best path to a destination -fast convergence time -very commonly used interior and border routers -used primarily for IPv4

packet-filtering firewall

-Examines header of every entering packet (inbound traffic) -Can block traffic entering (inbound traffic) or exiting a LAN (outbound traffic)

stateless firewall

-manages each incoming packet as a stand-along entity without regard to active connections -Faster .... But less sophisticated

OpenVPN

-open source VPN protocol that uses OpenSSL for encryption -has ability to cross many firewalls -highly secure and highly configurable

NFV

-pfSense VMware Ready Virtual Firewall by Netgate -Barracuda's NextGen Firewall F-Series

IDS

-stand alone device or software running on a computer -used to monitor network traffic and create alerts when suspicious activity happens

PPPoE

-standard for connecting home computers to ISP via DSL or broadband cable -When PPP is used over Ethernet Network

symmetric DSL

-technology provides equal capacity for data traveling both upstream and downstream -HDSL, SDSL, SHDSL

asymmetric DSL

-technology that offers more capacity for data traveling downstream than data traveling upstream -ADSL, VDSL

command-line software

-telnet -SSH

MU-MIMO

-that allows multiple antennas to service multiple clients simultaneously -Reduces congestion and contributes to faster data transmission -Available with WAVE 2 802.11ac products

site-to-site VPN

-tunnels connect multiple sites on a WAN -VPN gateway encrypts and encapsulates data to exchange over the -tunnel with another VPN gateway -clients and servers do not have to run special VPN software

Cat 7

10 Gbps - Each wire pair is shielded ... and ... there is shielding right under the cable jacket that is around all 4 wire pairs. Different type of connector is used.

Cat 6a

10 Gbps - cables include a solid plastic core that keeps the twisted pairs separated - cables often include shielding around all pairs for better shielding from cross-talk and interference

Cat 6

10 Gbps - cables include a solid plastic core that keeps the twisted pairs separated and prevents the cable from being bent too tightly.

10GBase-SR and 10GBase-SW

10 Gigabit Ethernet MMF 850 nm wavelength light source distances up to 300 meters

10GBase-LR and 10GBase-LW

10 Gigabit Ethernet SMF 1310 nm wavelength light source distances can reach 10,000 meters

10GBase-ER and 10GBase-EW

10 Gigabit Ethernet SMF 1550 nm wavelength light source distances can reach 40,000 meters

10GBase-T

10 Gigabit Ethernet, Cat 6a or higher UTP, 100 meters

Cat 3

10 Mbps - Designed for use with 10 Mbps Ethernet or 4 Mbps token ring networks - paired cable, but little to no twisting for cancellation - rarely found on any modern networks

Cat 5

100 Mbps - Required for Fast Ethernet (100 Mbps) - paired cable that is twisted for cancellation.

Cat 5e

1000 Mbps - Similar to Cat 5 but better quality cable and higher twist pitch (tighter twists for better cancellation) provides better EMI protection.

RG-59

75 Ohm, 20 or 22AWG, stranded core coax cable - typically used for short distance applications (video distribution within a building)

Unintentional DoS Attack

Called a friendly attack because it is not done with malicious intent (busy shopping day on website)

management VLAN

Can be used to provide administrative access to a switch.

data VLAN

Carries user-generated traffic, such as email, web browsing, or database updates.

insecure protocols and services

Certain TCP/IP protocols are inherently insecure - UDP requires no authentication, and TCP requires only weak authentication. FTP is notorious for its vulnerabilities. Other protocols include - HTTP, telnet, SLIP, and TFTP.

Wireless USB

Certified ______ products mimic wired USB 2.0 connections with similar speeds, security, ease of use and compatibility. _________ radios transmit in the range between 3.1 and 10.6 GHz.

EAP

The Enterprise versions of WPA and WPA2 implement additional security measures. In most cases, a RADIUS server is used in cooperation with an authentication mechanism called ______

show vlan

The ______________ command is used to list the current VLANs recognized by a switch.

SIP

The _______protocol is a signaling protocol used to make an initial connection between hosts but it does not participate in the data transfer during the session. (Typically used for setting up VoIP calls)

NTP

The _______protocol is most commonly used by computers as they are booting up to request configuration files from another computer on the local network.

SMB

The _______protocol was used by earlier Windows OS for file sharing on networks. UNIX uses a version of ______ in its Samba software, which can share files with other operating systems, including windows systems.

DMZ

The area between firewalls is called a _______.

error rate

The calculated percentage of how often Bits are damaged in transit due to EMI or other interference

802.11b

Freq Band - 2.4 GHz Max Throughput - 11 Mbps Effective Throughput - 5 Mbps Average Range - 100m

802.11g

Freq Band - 2.4 GHz Max Throughput - 54 Mbps Effective Throughput - 20-25 Mbps Average Range - 100m

802.11n

Freq Band - 2.4 GHz or 5 GHz Max Throughput - 600 Mbps Effective Throughput - 65-500 Mbps Average Range - Indoor 70m - Outdoor 250m

802.11ac

Freq Band - 5 GHz Max Throughput - 1.3 Gbps - 6.9 Gbps Effective Throughput - 561 Mbps per client Average Range - Indoor 70m - Outdoor 250m

802.11a

Freq Band - 5 GHz Max Throughput - 54 Mbps Effective Throughput - 11-18 Mbps Average Range - 50m

4

Generally, a twisted-pair cable's bend radius is equal to or greater than _____ times the diameter of the cable.

1000Base-SX

Gigabit Ethernet MMF 850 nm wavelength light source distance can reach 550 meters

1000Base-LX

Gigabit Ethernet SMF or MMF 1300 nm wavelength light source MMF distance can reach 550m SMF distance can reach 5000 meters

1000Base-T

Gigabit Ethernet, Cat 5 UTP or better (Cat 5e UTP is preferred), 100 meters

NOS (Network Operating System)

The client-server network model requires a(n) ______ which controls access to the entire network. (Examples are: Windows 2016 Server, Ubuntu Server, Red Hat Enterprise Linux)

APIPA Address

The following IP address: 169.254.0.23 is an example of what TYPE of IP address?

Private IP Address

The following IP address: 172.16.0.35 is an example of what type of IP address?

Private IP Address

The following IP address: 192.168.0.35 is an example of what type of IP address?

Class C

The following IP address: 193.160.223.1 is an example of what class of IP address?

Class D

The following IP address: 224.0.0.10 is an example of what class of IP address?

Broadcast

The following IP address: 255.255.255.255 is an example of what TYPE of IP address?

Class A

The following Subnet Mask: 255.0.0.0 is the default Subnet Mask for what class of IP Address?

Class B

The following Subnet Mask: 255.255.0.0 is the default Subnet Mask for what class of IP Address?

Class C

The following Subnet Mask: 255.255.255.0 is the default Subnet Mask for what class of IP Address?

Class A

The following Subnet Mask: 255.0.0.0 is the default Subnet Mask for what class of IP Address?

Class B

The following Subnet Mask: 255.255.0.0 is the default Subnet Mask for what class of IP Address?

Class C

The following Subnet Mask: 255.255.255.0 is the default Subnet Mask for what class of IP Address?

True

The following are advantages of a Client-Server network: user accounts and passwords to the network are assigned in one place access to multiple shared resources can be centrally granted to a single user or groups of users problems on a network can be monitored, diagnosed, and often fixed from one location network is scalable

True

The following are advantages of a Peer-to-Peer network: simple to configure less expensive than other network options

True

The following are disadvantages of a Peer-to-Peer network: they are not scalable they are not necessarily secure not practical for connecting more than a few computers

Socket

The following number: 192.168.100.50:23 Is an example of which of the following choices?

True

In most situations, each VLAN is assigned its own subnet of IP addresses. This means that the subnet, working at Layer 3, includes the same group of hosts as the VLAN, working at Layer 2.

FCC

In the United States, the collection of frequencies available for communication - known as "the airwaves" - is considered a natural resource available for public use. The ____ grants organizations in different locations exclusive rights to use each frequency.

RDP

In the Windows Operating System, the ______ application is used to provide a secure, encrypted transmission that allows a technician to remote in to a machine to make configuration changes or troubleshoot that device.

8

Select from the options shown below the number of bits that are available for the Host Portion of a Class C Address.

8

Select from the options shown below the number of bits used to represent the Network Portion of a Class A Address.

16

Select from the options shown below the number of bits used to represent the Network Portion of a Class B Address.

24

Select from the options shown below the number of bits used to represent the Network Portion of a Class C Address.

105.0.0.0

Select the correct Network Number or Network ID of the following IPv4 Address: 105.15.32.12 /8

132.16.0.0

Select the correct Network Number or Network ID of the following IPv4 Address: 132.16.25.92 /16

195.168.32.0

Select the correct Network Number or Network ID of the following IPv4 Address: 195.168.32.12 /24

FHSS

Short bursts of data are transmitted on a particular frequency within the band and the next burst goes to the next frequency in the sequence.

Flags

Signals special conditions (SYN, ACK, PSH, RST, FIN, etc...)

Preamble & SFD (Start of Frame Delimiter)

Signals the receiving node that data is incoming and indicates where the data frame begins

EAP-TLS

Similar to how HTTPS uses SSL/TLS encryption to secure HTTP transmissions, ________ uses TLS encryption to protect communications. __________ also uses PKI (public-key infrastructure) certificates to exchange public keys and authenticate both the supplicant and the server through mutual authentication.

SSO

-Form of authentication in which a client signs on one time to access multiple systems or resources -Primary advantage is convenience -Disadvantage is that once authentication is cleared, the user has access to numerous resources -Kerberos is an example

PDoS Attack

-attack damages a device's firmware beyond repair. -called "bricking" the device -usually target routers or switches

back doors

Software might contain security flaws that allow unauthorized users to gain access to the system. Unless the network administrator performs regular updates, a hacker might exploit these flaws.

stateful firewall

-inspect each packet and determine if it belongs to a currently active connection (legitimate packet) -Slower ... but more sophisticated

NIU or NID

end of the local loop - the box at the customer site that connects customer to local loop (box on the side of your house) - this is the customer's demarcation point

fault

malfunction of one component of a system

TFTP

simple version of FTP that includes no authentication of security - most often used by machines behind the scenes to transfer boot files or configuration files

Physical

simplest layer and is responsible for sending bits via a wired or wireless transmission (Twisted Pair Copper, Fiber Optic, Radio Frequency)

CDMA

spreads the signal over a wider bandwidth so that multiple users occupy the same channel - codes on the packets keep the various calls separated

bandwidth

the theoretical potential for data to transmit during a given period of time

business continuity

The goal of a disaster recovery plan is to ensure ____________, which is the ability of the company to continue doing business with the least amount of interruption possible.

patch panel

This is a panel of data receptors which can be mounted to a wall or a rack which provides a central termination point when many patch cables converge in a single location.

66 block

This is an older connection block used primarily for telephone connections.

entrance facility

This is the location where an incoming network, such as the Internet, connects with a school or corporate network.

Metasploit

This popular penetration testing tool combines known scanning and exploit techniques to explore potentially new attack routes.

TLD

This portion of the following: .edu is an example of a __________________.

Host Name

This portion of the following: dbrown is an example of a __________________.

FQDN

This portion of the following: dbrown.hacc.edu is an example of a __________________.

Domain Name

This portion of the following: hacc.edu is an example of a __________________.

IDF

This provides an intermediate connection between the MDF and the end-user equipment on each floor and in each building.

management URL

When you use a web browser and plug in the IP Address of the router to connect to and configure the router, you are using a _________.

Bare-Metal Hypervisor

XenServer by Citrix, ESXi by VMware, Hyper-V by Microsoft

EMI

________ is the noise/interference caused by electrical devices (motors, fluorescent lights) or wires (power lines) carrying electrical signals.

RFI

________ is the noise/interference caused by strong broadcast signals from a radio or TV station.

Attenuation

________ is the the weakening of a signal over a distance as the signal propagates.

Jitter

________ is when packets arrive out of order due to varying amounts of delay on a link.

local loop

a pair of copper wires between CO and customer - the portion of the PSTN that connects any residence or business to the nearest CO - also called the "last mile"

MitM Attack (Man-in-the-Middle)

a person redirects and captures secure transmissions as they occur (hacker could intercept transmissions between clients and a rogue access point). Through these captured transmissions, the attacker can learn users' passwords or even supply users with a phony website that looks valid but presents clickable options capable of harming their systems

IP phone

a phone that transmits and receives digital voice signals - the users voice is immediately digitized and issued from the telephone to the network in packet form

IP-PBX

a private switch that accepts and interprets both analog and digital voice signals and will also communicate and connect with network connectivity devices like routers and gateways - can connect to traditional PSTN lines and data networks

trojan horse

a program that disguises itself as something useful but actually harms you computer

bots

a program that runs automatically without requiring a person to start or stop the program

Recursive

a query that demands a resolution or the answer "It can't be found"

Iterative

a query where the local server issues queries to other servers ... and ...other servers only provide information if they have it (there is no demand for an answer)

patch cable

a relatively short cable (3 to 25 feet) length with connectors at both ends - used to connect user device to a data outlet

Terminal Emulation

allows a remote client to take over and command a host computer (Examples: Telnet, SSH, Remote Desktop and VNC)

SIP

an IETF protocol - an Application layer signaling and control protocol for multiservice, packet-based networks (protocol is modeled on HTTP)

ATA

an adapter that allows an analog phone(s) to connect into a VoIP network

Virtualization

________________ is a virtual, or logical version of something (emulation of a computer, operating system environment, or application) rather than the actual or physical version of something.

fault tolerance

___________________ is the capacity for a system to continue performing despite an unexpected hardware or software malfunction.

disaster recovery

____________________ is the process of restoring your critical functionality and data after an outage that affects more than a single system or a limited group of users.

physical security

____________________ refers to the mechanisms used to restrict physical access to critical components in a network or system.

Cloud Computing

_____________________ refers to the flexible provision of data storage, applications, or services to multiple clients over a network. The term includes a broad range of offerings, from hosting Web sites, to delivering specialized applications to providing virtual servers for collaboration or software development.

phishing

a hacker sends an email asking a user to input their user ID and password to a website whose link is provided in the message, claiming it is necessary to verify your account with an online retailer

PVC

a leased connection established before transmissions occur - bandwidth is shared with other frame relay users - connection remains after transmission is completed

heat map

a map of Wi-Fi signals and noise in your location

NIC

a network port used to attach a device to a network and allow it to send and receive data on the network

load balancing

automatic distribution of traffic over multiple connections to optimize performance and fault tolerance

dynamic IP address

automatically assigned by by DHCP server when computer connects to network

MTTR

average amount of time required to repair the failed device

MTBF

average amount of time that will pass before the next failure is expected to occur

ipconfig

displays the currently assigned IP address

ipconfig /all

displays the currently assigned IP address, the address of the DNS server, DHCP leasing information, and the MAC address of the NIC

nonpersistent agent

dissolvable agent, remains on the device long enough to verify compliance and complete authentication, and then uninstalls.

WEP

encryption that uses a static key to authenticate and encrypt the clients data - use of the shared key makes it more susceptible to discovery - has been replaced by WPA/WPA2

WPA

encryption that dynamically assigns every transmission its own key

RG-6

75 Ohm, 18AWG, solid core coax cable - typically used for broadband internet service and cable TV

blackout

A complete power loss.

broadcasting

ARP relies on ________, which transmits simultaneously to all nodes on a particular network segment.

NGFWs (Next Generation Firewalls)

(Layer 7 Firewall) firewall that can analyze data at higher layers

host-to-host VPN

-2 computers create a VPN tunnel directly between them -both computers have appropriate software installed

SaaS

-Applications -Provider now handles the Application for the customer -Vendor has the hardware for customer, OS's, and associated SW for the OS, the application and data backup -Example: Gmail & Yahoo email -Example: Google drive

PPP

-Can negotiate and establish a connection between two computers -Can authenticate a client to a remote system (PAP or CHAP) -Can support several types of Network layer protocols -Can encrypt the transmissions, although encryption is considered weak by today's standards

hybrid cloud

-Combination of the other service models into a single deployment -Public cloud for email ... but private cloud for storing data

Frame Aggregation

-Combine multiple frames into one larger frame -Reduces Overhead

traffic shaping

-Delaying less-important traffic -Increasing the priority of more-important traffic

L2TP

-Developed by Cisco and standardized by IETF -Encapsulates PPP data in a similar manner to PPTP -Can connect a VPN that uses a mix of equipment types -It is a standard accepted and used by multiple vendors -Can connect two routers, a router and a RAS, or a client and a RAS -typically implemented with IPsec for security

PPTP

-Developed by Microsoft -A Layer 2 protocol that encapsulates PPP data frames so they can traverse the Internet masked as an IP transmission -Uses TCP segments at the Transport layer -Outdated and no longer considered secure

SLIP

-Early and less sophisticated -Does not support encryption -Can only carry IP packets -Works strictly on serial connections (Dial up or DSL)

DS0 -or- analog phone line

64 Kbps

IaaS

-Hardware services and network infrastructure devices -Vendor has the hardware for customer ... but the customer is responsible for own applications, OS's, licenses and data backup -Example: customer uses vendor servers to store data, host websites, provide email, DNS or DHCP Services

traffic policing

-Limiting the volume of traffic flowing in to or out of an interface during a specified time period -Limiting the momentary throughput rate for an interface

RADIUS

-Most popular -Runs in application layer -Defined by the IETF -Transported over UDP or TCP -Treats authentication and authorization as a single process -Can operate as application on remote access server .... or on a dedicated server -Highly scalable -May be used to authenticate wireless connections -Can work in conjunction with other network servers

MIMO

-Multiple antennas on access points and client devices process incoming and outgoing data simultaneously -Increases network's throughput, access point's range -First Available in 802.11n Access Points

PaaS

-OS, runtime libraries or modules the OS provides to applications, and the hardware on which the OS runs -Provider now handles the OS and associated SW for OS -Vendor has the hardware for customer, OS's, and associated SW for the OS ... but customer is responsible for own applications and data backup

CHAP

-Operates over PPP -Encrypts user names, passwords -Uses three-way handshake -Three steps to complete authentication process -Password never transmitted alone -Password never transmitted in clear text

PAP

-Operates over PPP -Uses two-step authentication process -Simple -Not secure -Sends client's credentials in clear text

DDoS Attack

-Orchestrated through several sources, called zombies -botnet ... or ... zombie army

Kerberos

-Purpose: connect a valid user with a service it wants to access -Cross-platform authentication protocol -Uses key encryption -Verifies client identity -Securely exchanges information after client logs on -Private key encryption service -Provides significant security advantages over simple NOS authentication -does not automatically trust clients - instead it requires clients to prove their identity through a 3rd Party

TACACS

-Relies on TCP at the Transport layer -Proprietary protocol developed by Cisco Systems, Inc. -Typically installed on a router -Encrypts all information transmitted for AAA

GUI-based software

-Remote Desktop for Windows -join.me -VNC -Team Viewer

private cloud

-Service established on an organization's own servers in its own data center -Customer maintains own virtual servers

public cloud

-Service provided over public transmission lines -Most examples discussed occur in public cloud (Gmail, etc..)

community cloud

-Service shared between multiple organizations -Medical Database between hospitals and doctors in area

Channel Bonding

-Two adjacent 20-MHz channels bonded to make 40-MHz channel -Doubles the bandwidth available in single 20-MHz channel

default VLAN

-Typically preconfigured on a switch and initially includes all the switch's ports -cannot be renamed or deleted

SDN

-VMware, Cisco, HP, IBM and Juniper controller software -OpenDaylight, Beacon, OpenShift

BGP

-an exterior gateway routing protocol -can span multiple autonomous systems -can be used on border and on exterior routers on the Internet -"protocol of the Internet"

T3

672 channels of 64 Kbps (44.736 Mbps)

Distance-Vector routing protocol

-calculates best path to destination on the basis of distance (typically hops) to that network -periodically (sometimes every 30 seconds) exchange their routing tables with neighbor routers (usually via broadcast) -RIP and RIPv2 are examples

Distance-Vector routing protocol

-calculates the best path to a destination on the basis of distance (typically hops) to that network -periodically (sometimes every 30 seconds) exchange their routing tables with neighbor routers (usually via broadcast) -RIP and RIPv2 are examples

content-filtering firewall

-can block traffic based on upper layer (application layer) data contained in the packet -can block questionable content from a website

client-to-site VPN

-clients, servers and other hosts establish tunnels with a private network using a remote access server or VPN gateway -each client must run their own VPN software to create the tunnel for, and encrypt and encapsulate data -method usually associated with remote access

IKEv2

-component of IPsec protocol -offers fast throughput and good stability when moving between wireless hotspots -compatible with a variety of devices

LAN

-covers a relatively small area (room, floor, building) -uses are for sharing resources and data

WAN

-covers a very large area (between cities and even continents) -uses are for connecting sites of a company (Harrisburg Office to Pittsburgh Office

MAN

-covers usually a "city-wide" area -used to typically connect buildings within a city (government buildings for example)

GRE

-developed by Cisco -Layer 3 protocol used to transmit PPP, IP and other messages through a tunnel -typically implemented with IPsec for security

IPS

-device between attacker and network or host -stands inline with the network traffic and can stop traffic -can prevent traffic from reaching the protected network or host

RIP

-distance-vector routing protocol -only factors hop count to determine the best path to a destination -broadcasts routing table every 30 seconds -convergence time is poor -limited network size (15 routers)

Link-State routing protocol

-independently map the network and determine the best path between itself and destination network -will usually only exchange routing tables when a topology change occurs -will typically use multicasts to exchange routing tables with all routers directly -OSPF and IS-IS are examples

analog phone line

1 channel of 64 Kbps

1 Kbps

1,000 bps

1 Mbps

1,000,000 bps

1 Gbps

1,000,000,000 bps

1 Tbps

1,000,000,000,000 bps

DS1 -or- T1

1.544 Mbps

Global unicast

2000:: /3

T1

24 channels of 64 Kbps (1.544 Mbps)

Source IP address

32 bit address of sending node

Destination IP address

32 bit address of the receiving node

Cat 7a

40 Gbps - 100 Gbps - ISO Standards are still being drafted.

DS3 -or- T3

44.736 Mbps

LTE

4G technology - theoretically achieve downlink data rates of up to 1 Gbps and uplink rates up to 100 Mbps - currently the fastest wireless broadband service available in the United States

/8

A Class A network that has no subnetting would have a default CIDR notation of _____.

255.0.0.0

A Class A network that has no subnetting would have a default Subnet Mask of _______________.

/16

A Class B network that has no subnetting would have a default CIDR notation of _____.

255.255.0.0

A Class B network that has no subnetting would have a default Subnet Mask of _______________.

/24

A Class C network that has no subnetting would have a default CIDR notation of _____.

255.255.255.0

A Class C network that has no subnetting would have a default Subnet Mask of _______________.

Do Not Forward

A LAN is defined as a group of computers and other devices that can directly address each other without going through a router. A LAN which consists of all the nodes a broadcast reaches, can be referred to as a broadcast domain. Routers _______________ broadcast messages, thus creating a boundary for a LAN.

IP Addresses

A Layer 3 Switch is a switch that is capable of interpreting __________ and works much like a router: Layer 3 switches were designed to work on large LANs, similar to core routers, except they are faster and less expensive.

TCP Ports

A Layer 4 Switch is a switch that is capable of interpreting __________ . They operate anywhere between Layers 4 and 7 and are also know as content switches or application switches.

time division multiplexing

A T-Carrier uses ______ over 2 wire pairs to combine multiple signals onto a single cable.

Software Running on a Server

A Windows Server that is running Direct-Access that can automatically authenticate remote users and computers to the Windows Domain

DSLAM

A ____ aggregates multiple DSL subscriber lines and connects them to the carrier's CO.

PBX

A ____ is a telephone switch that connects and manages calls within a private organization.

subnet

A _____ is a smaller network within a larger network. A _______ is a logically visible subdivision of an IP network that is usually created for performance or security reasons and is usually implemented by a router (or other Layer 3 device).

Type 2

A ______ hypervisor installs in a host OS as an application and is called a hosted hypervisor.

Type 1

A ______ hypervisor installs on a computer before any OS and is often called a bare-metal hypervisor.

VPNs

A ______ is a network connection encrypted from end to end that create a private connection to a remote network.

NAC

A ______ system employs a set of rules, called network policies, which determine the level and type of access granted to a device when it joins a network. A popular _____ solution by Cisco includes Cisco firewalls, routers, switches, and ASA (Adaptive Security Appliance) devices that all collectively perform ______ functions.

IPv6

A _______ Address is assigned to nearly every interface, which is a network connection made by a node on a network. An _____ Address has 128 Bits and is written as 8 blocks of hexadecimal numbers separated by colons.

IPv4

A _______ Address is assigned to nearly every interface, which is a network connection made by a node on a network. An _____ Address has 32 Bits and is written as 4 decimal numbers separated by dots.

MAC

A _______ Address is embedded on every NIC and is assumed to be unique to that NIC. It is 48 Bits in length, written as 6 HEX numbers separated by colons. Nodes on a LAN find each other by using the ______ Address.

firewall

A _______ is a dedicated device or software on a computer that selectively filters or blocks traffic between networks.

Port

A _______ is a number used by the transport layer to find an application. It identifies one application among several that might be running on a host.

router

A _______ joins two or more networks and passes packets from one network to another. A ________ is responsible for determining the next network to which a packet should be forwarded on its way to its destination.

vSwitch

A _______ or bridge is a logically defined device that operates at the data link layer to pass data frames between nodes. Thus, it can allow VMs to communicate with each other and with nodes on a physical LAN or WAN.

hacker

A _______, in the original sense of the word, is someone who masters the inner workings of computer hardware and software in an effort to better understand them. Today, _________ is used more generally to describe individuals who gain unauthorized access to systems or networks with or without malicious intent.

DSL modem

A ________ is a device that modulates outgoing signals and demodulates incoming DSL signals for the DSL subscriber.

DHCP

A _________ Server manages the dynamic distribution of IP addresses to devices on a network.

Generator

A _________ serves as a backup power source, providing power redundancy in the event of a total blackout. ____________ can be powered by diesel, liquid propane gas, natural gas, or steam.

standby

A __________ UPS provides continuous voltage to a device by switching virtually instantaneously to the battery when it detects a loss of power from the wall outlet. Upon restoration of power, the ___________ UPS switches the device back to AC power. The problem with a _________ UPS is that, in the brief amount of time it takes the UPS to discover that power from the wall outlet has faltered, a device may have already detected the power loss and shut down or restarted.

proxy server

A __________ acts as an intermediary between external and internal networks (Screens all incoming and outgoing traffic) and works at Application Layer to protect the network.

VLAN

A __________ groups ports on a layer 2 switch so that some of the local traffic on the switch is forced to go through a router.

WAN

A __________ is a network that traverses some distance and usually connects LANs, whether across a city or across the nation.

resolver

A ___________ is a DNS client that requests information from DNS name servers.

media converter

A ___________ is designed to convert the electrical signals on a copper cable to light signals on a fiber optic cable ...... so that a copper port of a device can be connected to a fiber optic port on another device.

continuity tester

A ____________ can be used to check if a network patch cable is functioning correctly and usable or if there is a fault in the cable.

optical power meter

A ____________ can be used to measure the amount of light power transmitted on a fiber-optic line.

multimeter

A ____________ can be used to take voltage and resistance measurements to help locate the cause of interference or a short circuit.

cable certifier / performance tester

A ____________ can be used to verify if the installed network cabling is performing to the desired TIA performance level.

security policy

A ____________ for network users identifies your security goals, risks, levels of authority, designated security coordinator and team members, responsibilities for each team member, and responsibilities for each employee. In addition, it specifies how to address security breaches.

rack diagram

A ________________ shows the devices stacked in a rack system and are typically drawn to scale.

wiring schematic

A ________________, which is a graphical representation of a network's wired infrastructure. In it's most detailed form, it shows every wire necessary to interconnect network devices and the location of those wires.

protocol analyzer

A _________________, can monitor traffic at a specific interface between a server or client and the network.

network monitor

A __________________ is a tool that continually monitors network traffic.

routing table

A __________is a database that holds information (networks and interfaces) about where hosts are located and the most efficient way to reach them (best path).

socket

A _________consists of host's IP address and the port number of an application running on the host, with a colon separating the 2 numbers. (Ex: 10.43.3.87:23)

circuit-switched

A connection is established between two nodes before they begin transmitting data. Bandwidth is dedicated to this connection and remains available until the users terminate communication between the two nodes.

patch

A correction, improvement or enhancement to software. It corrects a bug, closes a vulnerability, or adds minor enhancements to only part of the software, leaving most of the code untouched.

jabber

A device that handles electrical signals improperly - device always re-transmitting (bad NIC or electrical interference)

subnet mask

A device uses a _______________ to determine which subnet or network it belongs to.

DC

A flashlight, uses ______. The batteries in a flashlight have positive and negative poles, and the current always flows at a steady rate in the same direction between those poles,

True

A good guideline to follow on network documentation is to label every data jack or port, patch panel or punchdown block, connector or circuit.

True

A good guideline to follow on network documentation is to use color-coded cables for different purposes and record the color schemes in your documentation.

War Driving

A hacker searches for unprotected wireless networks by driving around with a laptop configured to receive and capture wireless data transmissions

upgrade

A major change to a software package that enhances functionality and features of the software.

WPAN

A mini version of a LAN is a PAN, and the purely wireless version is a ________, as defined by the IEEE 802.15 specifications.

brownout

A momentary decrease in voltage; also known as a sag. An overtaxed electrical system can be the cause.

surge

A momentary increase in voltage due to lightning strikes, solar flares, or electrical problems.

FCoE

A newer technology that allows FC to travel over Ethernet hardware and connections. FC frame is encapsulated inside an ______ frame, which is then encapsulated inside an Ethernet frame

virus

A program that replicates itself with the intent to infect more computers, either through network connections when it piggybacks on other files or through the exchange of external storage devices.

security audit

A qualified consulting company can also assess the security of your network. If the company is accredited by an agency that sets security standards, the assessment qualifies as a _____________.

Evil Twin

A rogue AP planted in a network's geological area to pose as an authorized AP

True

A router can do all of the following: -connect dissimilar networks -interpret layer 3 and often layer 4 addressing -determine the best path for data to follow from point A to B -reroute traffic if a primary path is down but another path is available

True

A router can do all of the following: -connect dissimilar networks -interpret layer 3 and often layer 4 addressing -determine best path for data to follow from point A to B -reroute traffic if a primary path is down but another path is available

access list (ACL)

A router's __________ can decline or forward packets based on it's content.

non-disclosure agreement

A security policy should also define what confidential and private means to the organization. This is often done in an ________________ . In general, information is confidential if it could be used by other parties to impair an organization's functioning, decrease customers' confidence, cause a financial loss, damage an organization's status, or give a significant advantage to a competitor.

trunking

A single switch can support traffic belonging to several VLANs across the network, thanks to the technique known as__________.

less

A wireless network with a theoretical maximum throughput of 10 Mbps will, in fact, transmit _________ data per second than a wired Ethernet network with the same theoretical maximum throughput of 10 Mbps.

T-Carrier

AT&T developed _________ technology in 1957 in an effort to digitize voice signals and thereby enable such signals to travel longer distances over the PSTN. In the 1990's, with increased data communications demands, _________ became a popular way to connect WAN sites.

fixed length 53 byte cell

ATM uses a __________ to carry data from node to node.

star

According to IEEE 802.3 ... and ... ANSI/TIA-568 .... modern Ethernet networks should be connected as a _________ topology.

Core

According to the Cisco Hierarchical Internetworking Model - the _______ Layer Provides fast transport between distribution switches within the enterprise campus. _________ switches and routers are usually the most powerful, in terms of raw forwarding power, in the enterprise; _______ network devices manage the highest-speed connections, such as 10 Gigabit Ethernet or 100 Gigabit Ethernet.

Distribution

According to the Cisco Hierarchical Internetworking Model - the _______ Layer Provides policy-based connectivity and controls the boundary between the access and core layers. The __________ layer is the smart layer in the three-layer model. Routing, filtering, and QoS policies are managed at the ____________ layer.

Access

According to the Cisco Hierarchical Internetworking Model - the _______ Layer Provides workgroup/user access to the network. End-stations and servers connect to the enterprise at the ________ layer. This layer is also called the desktop layer because it focuses on connecting client nodes, such as workstations to the network.

attenuation

After a signal is transmitted, the farther it moves away from the transmission source, the more it weakens. Similar to wired transmission, wireless signals can be amplified by increasing the power of the transmission or extended by repeating the signal from a closer broadcast point called a wireless range extender.

True

After connecting, a remote client can access files, applications, and other shared resources, such as printers, like any other client on the LAN or WAN.

IoT

All sorts of things can be connected to a network, from toasters, refrigerators, bathrooms scales, and garage doors to watches, lamps, cars and even the kitchen sink. This _____ is made up of any device that can be connected to the Internet - that is any sensor, computer or wearable device that talks to other devices over a network.

SKA - Shared Key Authentication

All wireless access clients use the same key, which can then be used for encrypted transmissions.

wireless spectrum

All wireless signals are carried through the air by electromagnetic waves. The ______________, commonly called the airwaves, is the frequency range of electromagnetic waves used for data and voice communications.

MDF

Also know as the MC (main cross-connect) ... this is the centralized point of interconnection for an organization's LAN or WAN.

32

An IPv4 address is a ____ bit number that is commonly written as a dotted decimal number (4 numbers that range from 0 to 255, and each number separated by a decimal point).

32

An IPv4 address is a ____ bit number that is usually written as a dotted decimal number.

128

An IPv6 address is a _____ bit number that is composed of eight blocks of hexadecimal numbers

128

An IPv6 address is a _____ bit number that is composed of eight blocks of hexadecimal numbers.

128

An IPv6 address is a ______ bit number that is usually written as a hexadecimal number (32 hexadecimal digits).

True

An NOS is a special type of software designed to: manage data and other resources for a number of clients ensure that only authorized users access the network control which type of files a user can open restrict when and from where users can access the network dictate which rules computers will use to communicate supply applications and data files to clients

online

An __________ UPS uses the AC power from the wall outlet to continuously charge its battery, while providing power to a network device through its battery. In other words, a server connected to an __________ UPS always relies on the UPS battery for its electricity.

acceptable use policy

An _______________________ explains to users what they can and cannot do while accessing a network's resources. It also explains penalties for violations, and might describe how these measures protect the network's security.

radiation pattern

An antenna's ___________________ describes the relative strength over a three-dimensional area of all the electromagnetic energy the antenna sends or receives.

disaster

An extreme type of incident, involving a network outage that affects more than a single system or limited group of users.

rogue DHCP server

An unauthorized server running on a client device handing out IP addresses, could be used to implement a MitM attack by configuring the attacker's IP address as the victim computers' default gateway. Alternatively, the attacker could give her IP address as the DNS server and then spoof websites.

rogue access point

An unauthorized wireless access point is called a(n) _____________.

incident

Any event, large or small, that has adverse effects on a network's availability or resources. This could be a security breach, such as a hacker gaining access to a user's account, an infection, such as a worm or virus, or an environmental issue, such as a fire or flood.

managed device

Any network node monitored by the NMS- each object is assigned an OID

Data -or- Payload

Application Layer Presentation Layer Session layer

data mining

Application Layer Presentation Layer Session layer

SNMP

Application layer protocol that communicates data between the managed device (the agent) and the management console (NMS)

remote access

As a remote user, you can connect to a network via ____________, a service that allows a client to connect with and log on to a LAN or WAN in a different geographical location.

fading

As a signal runs into various obstacles, its energy will gradually fade, which causes the strength of the signal that reaches the receiver to be lower than the transmitted signal's strength.

refraction

As waves travel into and through a different transmission medium, such as traveling through glass or other solids, the wave's direction, speed, and wavelength are altered, or "bent".

2

As you have learned, a subnet groups IP addresses so that clients on a large network can be logically organized into smaller networks. This is often accomplished with adding routers (or layer 3 switches) to the network or by using multiple ports on a single router (or layer 3 switch). By contrast, a VLAN groups ports on a layer ____ switch so that some of the local traffic on the switch is forced to go through a router. Therefore, VLANs are considered a Layer ____ solution for segmenting a network.

transponder

At a satellite, a _______ receives the uplink signal, then transmits to an Earth-based receiver in a downlink. A typical satellite contains 24 to 32 ____________. Each satellite uses unique frequencies for its downlink. These frequencies, as well as the satellite's orbit location, are assigned and regulated by the FCC.

deauth (deauthentication) attack

Attacker sends faked deauthentication frames to the AP, the client, or both (or as a broadcast to the whole wireless network) to trigger the deauthentication process and knock one or more clients off the wireless network. This is essentially a Wi-Fi DoS attack.

ESSID

BSSes that belong to the same ESS share a special identifier

differential backup

Backs up data that has changed since the last full backup

full backup

Backs up everything every time a backup is done

incremental backup

Backs up only data that has changed since the last backup

ZigBee

Based on the IEEE 802.15.4 standard, _______ is a low-powered, battery-conserving wireless technology. It is designed to handle small amounts of data and is therefore ideal for use in ISM sensors. _____ is also used for IoT devices for purposes of building automation, HVAC control, AMR, and fleet management.

sequence number(s)

Because messages do not always arrive at the destination host in same order that they were created, TCP attaches a chronological _______________ to each segment so that the destination host can, if necessary, reorder segments as they arrive.

device hardening

Besides securing network devices from external tampering, you can take many steps to secure the device from network- or software-supported attacks as well. These practices are called ______________.

Packet-switched networks

Break data into "chunks/pieces" before they are transported (Ex: IP Phone Network)

security

Broadband cable requires many subscribers to share the same local line, thus raising concerns about ____ and actual (versus theoretical) throughput.

DNS poisoning

By altering DNS records on a DNS server, an attacker can redirect Internet traffic from a legitimate web server to a phishing website

1/2

By some estimates, human errors, ignorance, and omissions cause more than ______ of all security breaches sustained by networks.

HSRP

CARP is a free alternative to VRRP (Virtual Router Redundancy Protocol), or Cisco's propriety version called _________. Although VRRP and _______ function somewhat differently than CARP and are used solely for routers, the general idea is the same.

password policy

Choosing a secure password is one of the easiest and least expensive ways to help guard against unauthorized access. Unfortunately, too many people prefer to use an easy-to-remember password. If your password is obvious to you, however, it might also be easy for a hacker to figure out. A ___________ with guidelines for creating passwords should be part of your organization's security policy. It is especially important for network administrators to choose difficult passwords, and also to keep passwords confidential and change them frequently.

Dedicated Devices

Cisco AS5800 access server that performs authentication for clients

multicast

Class "D" IPv4 Addresses begin with octets 224 to 239 and are used for __________ transmissions, in which one host sends a message to multiple participants.

public

Class A, B and C licensed IP addresses are available for use on the Internet and are therefore called ____________ IP addresses.

Hosted Hypervisor

Client Hyper-V, VirtualBox, VMware Player, Linux KVM

True

Collectively the IEEE 802.11 standards and their amendments, extensions, and corrections are known as Wi-Fi, which stands for Wireless Fidelity.

Hot Site

Computers, devices, and connectivity necessary to rebuild a network exist, and all are appropriately configured, updated, and connected to match your network's current state.

Cold Site

Computers, devices, and connectivity necessary to rebuild a network exist, but they are not appropriately configured, updated, or connected.

Warm Site

Computers, devices, and connectivity necessary to rebuild a network exist, with some pieces appropriately configured, updated, or connected.

Acknowledgement Number

Confirms receipt of the data via a return message to the sender

Circuit-switched networks

Connection is established between two network nodes before transmitting data (Ex: Traditional Phone Network)

trunk port

Connects the switch to a router or another switch. This interface manages traffic from multiple VLANs.

access port

Connects the switch to an endpoint, such as a workstation

root server

DNS name servers are organized in a hierarchical structure. A __________ holds information used to locate top-level domain (TLD) servers.

Frames

Data Link Layer

packet-switched

Data is broken into "chunks" before it's transported. "Chunks" can travel any path to their destination - each "Chunk" contains the destination address and sequencing information.

RAID 1

Data is mirrored—or duplicated—on multiple disks to provide fault tolerance. If one copy is lost, the other copy is still available.

RAID 5

Data is striped across three or more drives, and parity information is added to the data. Parity checking can be used to recreate data from any one drive if that drive fails, even though only one copy of the data is stored.

RAID 0

Data is striped—or written across—multiple disks to improve performance. Provides no real redundancy, in that only one copy of data is stored.

DSSS

Data streams are divided and encoded into small chunks, which are spread over all available frequencies within one of three, wide channels, all at the same time.

Nmap

Designed to scan large networks quickly and provide information about a network and its hosts. _______ began as a simple port scanner, which is an application that searches a device for open ports indicating which insecure service might be used to craft an attack.

Nessus

Developed by Tenable Security (tenable.com), _______ performs even more sophisticated vulnerability scans than Nmap. Among other things, _____ can identify unencrypted, sensitive data, such as credit card numbers, saved on your network's hosts.

red team-blue team exercise

During this exercise, the "A" team conducts the attack, and the "B" team attempts to defend the network. Usually the "A" team is a hired attacker, such as a consultant or security organization, and the "B" team is the company's own IT, security, and other staff.

EAPoL

EAP is also adaptable to new technology. EAP was originally designed to work only on point-to-point connections (usually on a WAN) and relied on PPP. However, it was adapted to work on both wired and wireless LANs in the 802.1X standard, dubbed ________.

True

Each VLAN and subnet combination acts as a single broadcast domain. Although it is possible to do otherwise, network administrators find life much easier when they adhere to the following rule: 1 Broadcast Domain = 1 VLAN = 1 Subnet

only limited by virtualization software

Each VM can have ____ vNICs, no matter how many NICs the host machine has.

administrative distance

Each routing protocol is assigned a default _________________, which is a number indicating the protocol's reliability, with the lower values being given priority (this number will range from 0 to 255).

OSHA

Electrical and tool safety in workplaces are is generally regulated by______.

interference

Electromagnetic waves in the atmosphere can interfere with wireless communications similar to how EMI affects wired transmissions.

cipher

Encryption is the use of mathematical code, called a __________, to scramble data into a format that can be read only by reversing the _________ - that is by decrypting the data.

Trailer or FCS

Error check field to ensure that the data at the destination exactly matches the data issued from the source

10Base-T

Ethernet, Cat 3 or higher UTP, 100 meters

vNIC

Every VM has its own virtual network adapter, or ___________, that can connect the VM to other machine, both physical and virtual. Just like a physical NIC, a ___________ operates at the Data Link Layer and provides the computer with network access.

posture assessment

Every organization should assess its security risks by conducting a ________________, which is a thorough examination of each aspect of the network to determine how it might be compromised. A _________________ should be performed at least annually and preferably quarterly. They should be performed after making any significant changes to the network.

Unique local unicast

FC00:: /7

Link Local unicast

FE80:: /64

Multicast

FF00:: /8

100Base-T

Fast Ethernet, Cat 5 or higher UTP, 100 meters

noise

Fluctuation in voltage levels caused by other devices on the network or EMI.

EMI

Fluorescent lights, power lines and motors can all be sources of interference called ________ that can cause problems if they are too close to twisted pair copper cabling.

demarc

For most situations .... this is the device that marks where a telecommunications service provider's network ends and the organization's network begins.

LACP

For multiple NICs or ports to use link aggregation, they must be properly configured in each device's operating system. _______ dynamically coordinates communications between hosts on aggregated connections, kind of like what DHCP does for IP addressing.

War Chalking

Hackers draw symbols with chalk on the sidewalk or wall near a vulnerable AP ... to make it known to other hackers

Network

ICMP is a ________ layer protocol that reports on the success or failure of data delivery.

CSMA/CA

IEEE 802.11 Wireless Ethernet Networks

TKIP

IEEE 802.11i incorporates an encryption key generation and management scheme known as _________ to improve security for legacy WEP-based devices.

CSMA/CD

IEEE 802.3 Wired Ethernet Networks

outside

IP Address

TCP

IP does not guarantee delivery of data and no connection is established before data is transmitted. IP depends on _______ to ensure that data packets are delivered with reliability.

connectionless

IP is a _____________ protocol. IP does not guarantee delivery of data and no connection is established before data is transmitted.

Network

IP operates in the ________ layer of the TCP/IP and OSI models and it specifies how and where data should be delivered.

2

ISDN BRI uses ____ B channels and 1 D channel.

23

ISDN PRI uses ____ B channels and 1 D channel.

Metro Ethernet

ISPs are now developing ways to send Ethernet traffic across MAN (called ___________) and WAN (called Carrier Ethernet) connections.

White Hat Hacker

IT security experts are hired by organizations to assess their security and risks. They're sometimes called ethical hackers.

H.323

ITU standard that describes an architecture and for a group of protocols for establishing and managing multimedia sessions on a packet-switched network

Destination address

Identifies the full address of the receiving host

Source address

Identifies the full address of the sending host

Version

Identifies whether it is the IPv4 or IPv6 protocol being used

Version

Identifies which IP version the packet uses

implicit deny

If a packet does not match any criteria in a router's ACL, the packet is dropped. This "rule" is called an ____________.

the FTP packet will be denied

If a packet of FTP encounters the following ACL on a router .... what will happen? access-list 102 deny tcp any any eq 23 access-list 102 deny tcp any any eq ftp access-list 102 deny tcp any any eq ftp-data access-list 102 permit ip any any

the FTP packet will be denied

If a packet of FTP from the 192.168.10.7 workstation encounters the following ACL on a router .... what will happen? access-list 102 deny tcp 192.168.10.0 0.0.0.255 any eq ftp access-list 102 deny tcp 192.168.10.0 0.0.0.255 any eq ftp-data access-list 102 permit ip any any

the FTP packet will be permitted

If a packet of FTP from the 192.168.30.7 workstation encounters the following ACL on a router .... what will happen? access-list 102 deny tcp 192.168.10.0 0.0.0.255 any eq ftp access-list 102 deny tcp 192.168.10.0 0.0.0.255 any eq ftp-data access-list 102 permit ip any any

the HTTP packet will be permitted

If a packet of HTTP encounters the following ACL on a router .... what will happen? access-list 102 deny tcp any any eq 23 access-list 102 deny tcp any any eq ftp access-list 102 deny tcp any any eq ftp-data access-list 102 permit ip any any

the TELNET packet will be denied

If a packet of TELNET encounters the following ACL on a router .... what will happen? access-list 102 deny tcp any any eq 23 access-list 102 deny tcp any any eq ftp access-list 102 deny tcp any any eq ftp-data access-list 102 permit ip any any

server-based

If the anti-malware software resides on the server and checks every file and transaction

1,000 (or 1 Gbps)

If the desktop computers in a network are connected to 100 Mbps ports on the switch, then the switch uplink port (port connected to another switch) should be ________ Mbps.

10,000 (or 10 Gbps)

If the desktop computers in a network are connected to 1000 Mbps ports on the switch, then the switch uplink port (port connected to another switch) should be ________ Mbps.

toner & probe

If you are trying to locate where a specific unlabeled wire (or wire pair) is terminated in a data closet a ___________ can be used to help locate the wire (or wire pair) termination.

ESD

If you are working on the sensitive electronic components of the computer, you should wear a(n) _______ strap to protect the sensitive electronic parts from damage.

host-based

If you install anti-malware software on every desktop, you have addressed the most likely point of entry

4

If you were viewing the following IP Address and Subnet Mask: 150.50.32.12 / 18 How many Subnets are being created in this network.

16,382

If you were viewing the following IP Address and Subnet Mask: 150.50.32.12 / 18 How many Usable Hosts per Subnet are being created in this network.

8

If you were viewing the following IP Address and Subnet Mask: 150.50.32.12 / 19 How many Subnets are being created in this network.

8190

If you were viewing the following IP Address and Subnet Mask: 150.50.32.12 / 19 How many Usable Hosts per Subnet are being created in this network.

16

If you were viewing the following IP Address and Subnet Mask: 150.50.32.12 / 20 How many Subnets are being created in this network.

4094

If you were viewing the following IP Address and Subnet Mask: 150.50.32.12 / 20 How many Usable Hosts per Subnet are being created in this network.

62

If you were viewing the following IP Address and Subnet Mask: 205.55.92.72 / 26 How many Usable Hosts per Subnet are being created in this network.

8

If you were viewing the following IP Address and Subnet Mask: 205.55.92.72 / 27 How many Subnets are being created in this network.

30

If you were viewing the following IP Address and Subnet Mask: 205.55.92.72 / 27 How many Usable Hosts per Subnet are being created in this network.

16

If you were viewing the following IP Address and Subnet Mask: 205.55.92.72 / 28 How many Subnets are being created in this network.

14

If you were viewing the following IP Address and Subnet Mask: 205.55.92.72 / 28 How many Usable Hosts per Subnet are being created in this network.

32

If you were viewing the following IP Address and Subnet Mask: 205.55.92.72 / 29 How many Subnets are being created in this network.

signaling

In VoIP, ______________ is the exchange of information between the components of a network or system for the purposes of establishing, monitoring, or releasing connections as well as controlling system operations.

host-only mode

In _________ mode, VMs on one host can exchange data with each other and with their host, but they cannot communicate with any node beyond the host.

bridged mode

In _________ mode, a vNIC accesses a physical network using the host machine's NIC.

NAT mode

In _________ mode, the VM obtains IP addressing information from its host, rather than a service or router on the physical network.

promiscuous

In __________ mode, also called monitoring mode, a device driver directs the NIC to pass all frames to the operating system and on to the monitoring software, not just those broadcast or intended for the host.

two-factor authentication

In ____________________ , a user must provide something and know something. For example, they might have to provide a fingerprint scan as well as know and enter their password.

availability

In the world of networking, the term _____________ refers to how consistently and reliably a connection, system, or other network resource can be accessed by authorized personnel. It's often expressed as a percentage, such as 98% or 99.5%.

Flow Label

Indicates "the sequence of packets" from one source to one or multiple destinations, the packet belongs to (to ensure that packets belonging to the same transmission arrive together)

Window or Sliding Window Size

Indicates how many bytes the sender can issue to a receiver without acknowledgement

Hop Limit

Indicates the # of times the packet can be forwarded by routers on the network

TTL

Indicates the maximum time a packet can remain on the network before it is discarded

Identification

Indicates the message to which the datagram belongs to and allows the receiver to re-assemble a fragmented packet

Traffic Class

Indicates the packet's priority - it is similar to the DiffServ field in IPv4 packets

Payload Length

Indicates the size of the data carried by the packet

Next Header

Indicates the type of header immediately following the IP header

protocol

Indicates what upper layer protocol is encapsulated inside the packet

Fragment Offset

Indicates where in the data stream the fragment belongs

Flags

Indicates whether a message is fragmented - if fragmented also indicates if this is the last fragment

in-line monitoring

Install a device, called a network TAP (test access point) or packet sniffer, in line with network traffic.

3

Install twisted pair copper cable at least _____ feet away from fluorescent lights, power lines and motors to avoid possible interference caused by these devices.

on-boarding

Installing a specific app or agent onto a device to give it trusted access to certain portions of the network

WPA Attacks

Involves an interception of the network keys communicated between stations and APs

KVM switch

It is impractical to install a console for every device in a rack. Typically. racks have one or more __________, which connects to a single console to provide a central control portal for all devices on the rack.

site survey

Larger WLANs warrant a more systematic approach to access point placement. Before placing APs in every data room, it's wise to conduct a(n) __________. A(n) ___________ assesses client requirements, facility characteristics, and coverage areas to determine an AP arrangement that will ensure reliable wireless connectivity within a given area.

Network Portion

Left Portion 192.168.10 portion

16

Select from the options shown below the number of bits that are available for the Host Portion of a Class B Address.

IB

Like FC, requires specialized network hardware. It's very fast, _____ tends to serve a few niche markets rather than being widely available. ________ falls on the difficult end of the installation and configuration spectrum, and runs on the expensive side as well.

OpenLDAP

Linux

spoofing attack

MAC (and IP) addresses can be impersonated in an attack

inside

MAC Address

spoofing

MAC Addresses can be impersonated, which is a security risk called ___________.

Destination Address

MAC address of receiving node

Source Address

MAC address of sending node

Address 1 & Address 4 fields

MAC address of sending node and MAC address of receiving node

AD - Active Directory

MS Windows

NFV - Network Functions Virtualization

Merging physical and virtual network architecture is called ________.

CIR

Minimum bandwidth guaranteed by carrier

True

Most WLANs utilize frequencies around 2.4 GHz or 5 GHz to send and receive wireless signals.

virtualization

Most cloud service providers use ___________ software to supply multiple platforms to multiple users.

GEO

Most satellites circle the Earth 22,300 miles above the equator in _______ orbit. ______ means that satellites orbit the Earth at the same rate as the Earth turns.

Packets

Network Layer

WLANs

Networks that transmit signals through the air via radio frequency (RF) waves are known as ____________.

OSA - Open System Authentication

No key is used at all.

51.84 Mbps

OC-1

622.08 Mbps

OC-12

155.52 Mbps

OC-3

ipconfig

On a Windows computer, you can use the ___________ utility in a command prompt window to find out the current TCP/IP settings on that computer.

CSMA/CD

On the first Ethernet networks the _________ media access control (MAC) method was used to get data onto the network.

Bits

Physical Layer

In 2003, IEEE released its 802.af standard, which specifies a method for supplying electrical power over twisted pair Ethernet connections, also know as ___________.

PoE

19

Rack systems provide mounting hardware for network equipment to optimize the use of square footage in equipment rooms. Equipment racks come in standard ____ -inch frame, meaning the front is ______inches wide.

port mirroring

Program a switch to use ________, whereby all traffic sent to any port on the switch is copied to this specified port

transport protocols

RTP, RTCP

U

Rack systems provide mounting hardware for network equipment to optimize the use of square footage in equipment rooms. Equipment racks are measured in Rack Units or ____, with the industry standard being 42__ tall.

24

Select from the options shown below the number of bits that are available for the Host Portion of a Class A Address.

native VLAN

Receives all untagged frames from untagged ports

terminal emulation

Remote virtual computing, also called _____________, allows a user on one computer, called a client, to control another computer, called the host or server, across a network connection.

off-boarding

Removing the app or agent that gave devices special permissions on the network

Host Portion

Right Portion 10 portion

don't pass

Routers ________ broadcast traffic.

neighbor discovery

Routers learn about all devices on their network through a process called ________________.

True

Routers may perform any of the following optional functions: -Filter broadcast transmissions -Prevent certain types of traffic from getting to a network -Support simultaneous local and remote connectivity -Provide high network fault tolerance through redundant components such as power supplies Monitor network traffic and report statistics Diagnose internal or other connectivity problems and trigger alarms

True

Routers may perform any of the following optional functions: -Filter broadcast transmissions -Prevent certain types of traffic from getting to a network -Support simultaneous local and remote connectivity -Provide high network fault tolerance through redundant components such as power supplies -Monitor network traffic and report statistics -Diagnose internal or other connectivity problems and trigger alarms

convergence time

Routing protocols are rated on the time it takes to recognize a best path in the event of a change or network outage. This is referred to as the _______________.

wireless monitoring

Run monitoring software on a computer connected wirelessly to the network

signaling protocols

SIP, H.323, SCCP

trap

SNMP agents can be programmed to detect certain abnormal conditions (port goes down) that prompt the generation of SNMP ________ messages, where the agent sends the NMS unsolicited data once the specified condition (port goes down) on the managed device are met.

SDH

SONET has emerged as the best choice for linking WANs between North America, Europe, and Asia. The international implementation of SONET is known as_______.

root bridge

STP selects the ________ based on its BID (Bridge ID). The BID is a combination of a 2-byte priority field, which can be set by a network admin, and the bridge's MAC address. To begin with, all bridges on the network share the same priority number, and so the bridge with the lowest MAC address becomes the _________ by default.

Private/Symmetric Key Encryption

Same key used during both encryption and decryption

network-based

Securing the network's gateways, where the Internet connects with the interior network, can provide a formidable layer of defense against the primary source of intrusion—the Internet

.edu, .com, and .net

Select from the following list 3 common Top Level Domains.

True

Some example of routing metrics are as follows: -Hop count -Theoretical bandwidth and actual throughput -Delay, or latency, on a potential path -Load, or the traffic or processing burden -MTU (maximum transmission unit), or the largest IP packet size in bytes allowable without fragmentation -Routing cost, or a value assigned to a particular route -Reliability of a potential path

True

Some example of routing metrics are as follows: -Hop count -Theoretical bandwidth and actual throughput -Delay, or latency, on a potential path -Load, or the traffic or processing burden -MTU (maximum transmission unit), or the largest IP packet size in bytes allowable without fragmentation -Routing cost, or a value assigned to a particular route Reliability of a potential path

Data

Specifies the upper layer protocol to receive the data

honeypot

Staying a step ahead of hackers and constantly evolving exploits requires vigilance. Those who want to learn more about hacking techniques or nab a hacker in the act might create a ___________, or a decoy system that is purposely vulnerable and filled with what appears to be sensitive (though false) content, such as financial data.

voice VLAN

Supports VoIP traffic, which requires high bandwidths, priority over other traffic, flexible routing, and minimized latency.

event viewer

Systems generate different logs so that an administrator can troubleshoot and audit these systems. On a Windows system these logs can be reviewed using the ____________ utility.

DS1

T1 line

DS3

T3 line

HTTPS

TCP Port # 443

HTTP

TCP Port # 80

data from upper layer

TCP Segment = TCP Header + ___________

connection-oriented

TCP is a _____________ protocol. Before TCP transmits, it ensures that a connection or session is established before actual data is sent between hosts.

checksum(s

TCP on the sending host will send a character string called a ________; TCP on the destination host then generates a similar string. If the two ___________ fail to match, then the destination host asks the source to re-transmit the data. (So this is acting as a "error check").

Transport

TCP operates in the ________ layer of the TCP/IP and OSI models and provides reliable data delivery services.

flow control

TCP uses __________, which is the process of gauging the appropriate rate of transmission based on how quickly the recipient can accept data. (This is typically in the form of sliding-window size).

3-Way Handshake

TCP uses a ________ to establish a TCP connection before data is transmitted between hosts.

in-band management

Telnet, SSH, RDP, VNC, management URL

MAC

The Data Link Layer address is more commonly called the ______ Address.

IP

The Network Layer address is more commonly called the ______ Address.

PSK

The Personal versions of WPA and WPA2 are sometimes referred to as WPA-____ or WPA2-____ .

Client-Server

The ____________ network model, the resources are managed by the NOS via a centralized directory database.

IEEE 802.1Q

The VLAN identifier is specified in the ________ standard, which is the IEEE standard that defines how VLAN information appears in frames and how switches interpret that information. This is also referred to as VLAN Tagging or Frame Tagging.

TTL

The _____ field identifies how long a record should be saved in cache on a server.

ITU

The _____ is a United Nations agency that sets standards for international wireless services, including frequency allocation, signaling and protocols used by wireless devices; wireless transmission and reception equipment; satellite orbits and so on.

SSID

The ______ is a unique character string used to identify an access point.

RTP

The ______ protocol operates at the Application Layer and relies on UDP at the Transport Layer to carry/deliver the voice or video packets across the network.

PSTN

The ______, also called POTS, is a circuit-switching network for lines and carrier equipment that provides telephone service to most homes and businesses.

PSTN

The ______, based on Alexander Graham Bell's circuit-switched model, carries telephone calls and fax transmissions.

nslookup

The _______ command allows you to query the DNS database from any computer on a network to find the host name of a device by specifying its IP address, or vice versa.

ping

The _______ command used to verify that TCP/IP is installed, bound to the NIC, configured correctly, and communicating with the network.

SSH

The _______ protocol is used at the command-line to allow an administrator to connect to remote systems (computer, server, router, switch) to make configuration changes to that device. The ______ protocol is encrypted (it creates a secure tunnel between the 2 systems), so it is secure and more commonly used that its predecessor.

Telnet

The _______ protocol is used at the command-line to allow an administrator to connect to remote systems (computer, server, router, switch) to make configuration changes to that device. The ______ protocol is not encrypted, so it has been replaced by a protocol that is more secure.

dig

The _______ utility allows you to query the DNS database from any computer on a network to find the host name of a device by specifying its IP address, or vice versa. The ____ utility is available on Linux and macOS and provides more detailed information than nslookup.

tracert ..or ... traceroute

The ________ command uses ICMP echo requests to "show" the path from one networked node to another, identifying the all intermediate hops between the 2 nodes.

CSU/DSU

The ________ device is commonly found at or near the demarc. A _________ A device that serves as the connection point for a T1 line at the customer's site. A ________ is the equivalent of the modem for an entire LAN.

smart jack

The ________ device is commonly found at or near the demarc. A more intelligent version of an NIU is a _________, which can provide diagnostic information about the interface. For example, a _________ might include loopback capabilities. Just like the loopback adapter you use to test a port or cable on your computer, the ___________ can loop the ISP's signal back to the CO (central office) for testing.

line driver

The ________ device is commonly found at or near the demarc. Essentially a repeater, a _________ can be installed either on copper lines (in which case, it is called a copper _________) or fiber lines (in which case, it is called a fiber _________) to boost the signal across greater distances.

NIU or NID

The ________ device is commonly found at or near the demarc. The __________ at the demarc connects the ISP's local loop to the customer's network. A more intelligent version is a smart jack, which can provide diagnostic information about the interface.

pathping ..or... mtr

The ________ utility combines elements of both ping and tracert to provide deeper information about network issues along a route. It sends multiple pings to each hop along a route, then compiles the information into a single report.

netstat

The ________ utility displays TCP/IP statistics and details about TCP/IP components and connections on a host.

tcpdump

The ________ utility is a free, command-line packet sniffer that runs on Linux and other Unix operating systems.

subnet mask

The _________ is a 32 Bit number that identifies which portion of the IP address is the network portion, (what portion is subnet - if there is any subnetting), and what portion is host portion.

default gateway

The _________ is the address of a computer, router, or other device that a host uses to access another network.

logical

The _________ topology has to do with software, how access to the network is controlled, including how users and programs initially gain access to the network, and how specific resources, such as applications and databases are shared on the network.

physical

The _________ topology refers to a network's hardware and how computers, other devices, and cables fit together to form the network.

IEEE 802.11

The __________ data frame carries significant overhead - that is, it includes a large quantity of fields in addition to the data field.

TIA/EIA-568

The ____________ Commercial Building Wiring Standard, or structured cabling, describes a uniform, enterprise-wide cabling systems, regardless of who manufactures or sells the various parts used in the system.

Peer-to-Peer

The ____________ network model, the operating system of each computer on the network is responsible for controlling access to its resources without centralized control.

BNC

The connector shown above for coaxial cable is a(n) ______ connector.

F-Connector (or F-Type)

The connector shown above for coaxial cable is a(n) ______ connector.

46 to 1500

The data portion of an Ethernet Frame may contain from __________ bytes of information.

OC (Optical Carrier) level

The data rate of a particular SONET connection is indicated by its ____, a rating that is internationally recognized by networking professionals and standards organizations.

Sequence Number

The data segments position in the stream of data segments already sent

ARP table

The database of IP-to-MAC address mappings is called an ________ .

128 Kbps

The effective throughput of ISDN BRI is ____________.

1.544 Mbps

The effective throughput of ISDN PRI is ____________.

Private or Reserved IP Address

The following IP address 10.80.90.1 is an example of a(n) ________ IP address.

Class A

The following IP address 113.52.172.98 is an example of a(n) ________ IP address.

Loopback Address

The following IP address 127.0.0.1 is an example of a(n) ________ IP address.

Class B

The following IP address 132.152.12.8 is an example of a(n) ________ IP address.

Automatic Private IP Addressing (APIPA)

The following IP address 169.254.100.100 is an example of a(n) ________ IP address.

Private or Reserved IP Address

The following IP address 172.16.54.1 is an example of a(n) ________ IP address.

Private or Reserved IP Address

The following IP address 192.168.20.50 is an example of a(n) ________ IP address.

Class C

The following IP address 201.15.182.62 is an example of a ________ IP address.

Class D

The following IP address 224.0.0.1 is an example of a(n) ________ IP address.

Private IP Address

The following IP address: 10.0.0.35 is an example of what type of IP address?

Class A

The following IP address: 125.50.83.21 is an example of what class of IP address?

Loopback Address

The following IP address: 127.0.0.1 is an example of what TYPE of IP address?

Class B

The following IP address: 128.60.123.201 is an example of what class of IP address?

APIPA Address

The following IP address: 169.254.0.23 is an example of what TYPE of IP address?

Private IP Address

The following IP address: 192.168.0.35 is an example of what type of IP address?

Class C

The following IP address: 193.160.223.1 is an example of what class of IP address?

Class D

The following IP address: 224.0.0.10 is an example of what class of IP address?

Broadcast

The following IP address: 255.255.255.255 is an example of what TYPE of IP address?

Private IP Address

The following IP address: 10.0.0.35 is an example of what type of IP address?

Class A

The following IP address: 125.50.83.21 is an example of what class of IP address?

Loopback Address

The following IP address: 127.0.0.1 is an example of what TYPE of IP address?

Class B

The following IP address: 128.60.123.201 is an example of what class of IP address?

100

The maximum allowable distance for horizontal wiring is ______ meters.

protocols

The methods and rules for communication on a network are called _______________.

Ethernet

The most important Data Link Layer standard, _____________, is adaptable, capable of running on a variety of network media, and offers excellent throughput at a reasonable cost.

employee training

The most important defense against social engineering is ___________, along with frequent reminders and tips regarding the latest scams.

BIND

The most popular DNS server software is ________ which is free, open source software that runs on Linux, UNIX and Windows platforms.

RBAC

The most popular authorization method is ___________. With _________, a network administrator receives from a user's supervisor a detailed description of the roles or jobs the user performs for the organization. The administrator is responsible for assigning the privileges and permissions necessary for the user to perform only these roles.

IANA

The organization responsible for tracking the assignment of port #'s, domain names, and IP Addresses is __________.

Destination Port

The port number of the destination node application

Source Port

The port number of the sending node application

HTTP

The primary protocol used by Web servers and browsers (without a layer of security) is _________.

SMTP

The primary protocol used by clients to send an email message is the _________ protocol.

system life cycle

The process of designing, implementing, and maintaining an entire network is called the ______________. A major part of this process is the removal and disposal of outdated assets, and the addition of compatible, updated devices.

rollback

The process of reverting to a previous version of software.

packet drops

The quantity of packets that are dropped due to .... being damaged beyond use, arrive after their expiration, or are not allowed through an interface

POP3 or IMAP4

The recipient's email server delivers the email message to the receiving client by using the _________ protocol.

star

The structured cabling standard describes the best way to install networking media to maximize performance and minimize upkeep. Structured cabling is based on a hierarchical design and assumes a network is based on a ________ topology.

CoS

The term QoS refers to techniques that are performed at various OSI layers via several protocols. By contrast, the term ______________ refers only to techniques performed at Layer 2, on Ethernet frames, and is one method of implementing QoS.

xDSL

The term _____ refers to all varieties of DSL.

inventory management

The term ____________ refers to the monitoring and maintaining of all the assets that make up a network.

more overhead

The use of ACK packets to verify every transmission means that 802.11 networks require __________________ than 802.3 networks.

9 kHz and 300 GHz

The wireless spectrum (as defined by the FCC) spans frequencies between _____ and _______.

Black Hat Hacker

These groups or individuals use their skills to bypass security systems to cause damage, steal data, or compromise privacy.

Gray Hat Hacker

These hackers abide by a code of ethics all their own. Although they might engage in illegal activity, their intent is to educate and assist.

penetration testing

This attack simulation uses various tools to find network vulnerabilities, as in vulnerability scanning, and then attempts to exploit those vulnerabilities.

vulnerability scanning

This technique is used to identify vulnerabilities in a network. It's often performed by a company's own staff, and does not attempt to exploit any vulnerabilities. ______________________ might also be the first step in other attack simulations or in a real attack.

ANDing

To calculate a host's network ID given its IPv4 Addresses and subnet mask, you follow a logical process of combining bits known as _________. "1" and "1" = "1" "1" and "0" = "0" "0" and "0" = "0" (This is the same process that routers use to determine the "destination network" for a packet it receives.)

True

To communicate via remote access, the client and host need a transmission path plus the appropriate software to complete the connection and exchange data.

private

To conserve its Public IP addresses, a company can use __________ IP addresses on its own personal network - that is, networks that do not directly connect to the Internet.

routing

To determine the best path, routers communicate with each other through __________ protocols.

tunneling

To ensure a VPN can carry all types of data in a private manner over any kind of connection, special VPN protocols encapsulate higher-layer protocols in a process known as _____________.

tag (frame tag or VLAN tag)

To identify the transmissions that belong to each VLAN, the switch adds a ______ to Ethernet frames that identifies the port through which they arrive at the switch.

baseline

To identify when there's a problem on the network, you must first know what is normal for that network. A(n) ____________ is a report of the network's normal state of operation and might include a range of acceptable measurements.

QoS

To support voice and video traffic on a network, network administrators must pay attention to a network's _________, which is a group of techniques for adjusting the priority a network assigns to various types of transmissions

all the same size

Traditional subnetting reduces the waste of IP addresses, but results in multiple subnets that are ________________.

inter-VLAN routing

Traffic between hosts on VLAN 1 and VLAN 2 must go through the router, which is called __________________ to be able to communicate. This simple VLAN configuration, where one router connects to a switch that supports multiple VLANs, is sometimes called an ROAS ("router-on-a-stick").

Segments

Transport Layer

iSCSI

Transport layer protocol that runs on top of TCP to allow fast transmissions over LANs, WANs, and the Internet. It can work on a twisted-pair Ethernet network with ordinary Ethernet NICs. ______ is an evolution of SCSI (Small Computer System Interface), which is a fast transmission standard used by internal hard drives and operating systems in file servers.

connectionless

UDP is a _____________ protocol. UDP does not use error checking or sequencing to keep track of data transferred between hosts.

Transport

UDP operates in the ________ layer of the TCP/IP and OSI models and provides efficient transfer of data with no error checking or sequencing.

syslog

UNIX or Linux based computer log containing monitored device information

ifconfig

UNIX or Linux command to view and edit the IP information on a computer

MAC Address

Upon creation, each vNIC is automatically assigned its own ______________.

Type

Upper Layer data

Checksum

Used by the receiving node to determine whether the TCP segment became corrupted

Two-factor authentication

User knows their password and provides their fingerprint scan

Multifactor authentication

User knows their password, provides their fingerprint scan, and provides the security token #

RAID 10

Using four or more disks, data is mirrored within each pair of disks, and then striped to multiple pairs of disks.

site prefix -or- prefix mask

Using the following IPv6 Address as an example .... 2000:FE10:1:A:002:50FF:FE2B:E708 /64 ... what is the correct name for the " /64 " portion of the address?

layer 2

VLANs

broadcast domain

VLANs or layer 3 devices (routers) define the borders for this type of domain

RTS, CTS

WLANs can use the optional RTS/CTS protocol. The source node sends a ________ signal to the access point requesting the exclusive opportunity to transmit. If the access point agrees to the request it will respond with a ______ and will temporarily suspend communication through the access point and wait for the source node to complete transmission.

1 and 2

WLANs work at OSI Layers ______. They support the same TCP/IP higher-layer OSI protocols and operating systems (Windows, Unix, Linux, Apple) as wired LANs.

Class C

What class of fire extinguisher is necessary to put out electrical fires?

MSDS

What piece of information would you consult to know how to properly handle substances such as chemical solvents and how to dispose of them?

DLCI

What the routers read to determine what to do with the frame it receives on a frame relay network

HTTPS

When HTTP is layered on top of an encryption protocol such as SSL or TLS .... the result is the ________ protocol.

domain

When a Windows Server controls network access to a group of computers, this logical group is called a Windows __________.

dial-up

When the Internet first became popular in the 1990s, most home users logged on to the Internet via a ________ connection. ________ required the user to enter a phone number. The computer then called, waited for a response, and negotiated a connection.

reflection

When waves encounter an obstacle and the signals "bounce off". This is usually caused by large flat surfaces - walls, ceilings, floors, etc...

static routing

When a network administrator configures a routing table to direct messages along a specific path between networks

dual stacked

When a network is configured for both IPv4 and IPv6 protocols, the network is said to be ____________.

dynamic routing

When a routing protocol automatically calculates the best path between 2 networks and accumulates this information in a routing table

scattering

When a wireless signal encounters an object that has small dimensions compared with the signal's wavelength, it's diffused or "broken into pieces" into multiple directions. This is usually caused by rough surfaces. Indoors this can be caused by books, chairs, computers. Outdoors this can be caused by rain, mist, hail, and snow.

diffraction

When a wireless signal is split into secondary waves when it encounters an obstruction. The waves appear to "bend around an obstacle". This is caused by objects with sharp edges including corners of walls or desks.

ARP poisoning

When attackers use faked ARP replies to alter ARP tables in the network

administrative credentials

When configuring a device, make it a habit to change the default ________________________ before you do anything else, and record this information in a safe place. When you do so, avoid common usernames and passwords.

global

When dealing with IPv6 Addresses: A(n) ________ address can be routed on the Internet and is similar to public IPv4 addresses.

link local

When dealing with IPv6 Addresses: A(n) ________ address can be used for communicating with nodes in the same link, and is similar to an autoconfigured APIPA address in IPv4.

anycast

When dealing with IPv6 Addresses: A(n) ________ address can identify multiple destinations, with packets delivered to the closest destination (closet DNS server for example)

multicast

When dealing with IPv6 Addresses: A(n) ________ address is used so that packets are delivered to all nodes in a specific _______ group (all routers for example .. or ... all nodes in a video conference).

unicast

When dealing with IPv6 Addresses: A(n) ________ address specifies a single node on a network.

global

When dealing with IPv6 Addresses: A(n) ________ address can be routed on the Internet and is similar to public IPv4 addresses.

link local

When dealing with IPv6 Addresses: A(n) ________ address can be used for communicating with nodes in the same link, and is similar to an autoconfigured APIPA address in IPv4.

anycast

When dealing with IPv6 Addresses: A(n) ________ address can identify multiple destinations, with packets delivered to the closest destination (closet DNS server for example)

multicast

When dealing with IPv6 Addresses: A(n) ________ address is used so that packets are delivered to all nodes in a specific _______ group (all routers for example .. or ... all nodes in a video conference).

unicast

When dealing with IPv6 Addresses: A(n) ________ address specifies a single node on a network.

broadcast traffic containment

When designing a network ..... switches are typically connected to a Layer 3 Device port - either L3 Switch or Router. Why is this typically done?

Yes Indeed

When designing a network ..... typically the following rule is followed .... 1 IP Address Subnet per VLAN

a device in it's own collision domain does not compete for bandwidth so receives "full bandwidth" of the port

When designing a network ..... workstations are typically connected to an individual switch port so they are in their own collision domain. Why is this done?

PoE

When designing a network and selecting a switch to use in your network .... special consideration should be made when selecting a switch to support a network with IP Phones, Wireless Access Points and IP Security cameras. What special consideration should be carefully selected for the switch?

link aggregation

When designing networks it is common to use 2 links to connect together 2 switches in a network. When dual links are used for redundancy .... this is called ____________ and will need to be configured in the switches.

router

When designing networks, VLANs are typically used for some broadcast traffic containment as well as some security. If communication between VLANs is desired, then the services of a ____________ is needed to allow this communication.

switches

When designing networks, VLANs are typically used for some broadcast traffic containment as well as some security. VLANs are implemented on _________.

plenum

When installing cable in a building .... if the cable is to be installed in the air space above the ceiling tile or below a raised floor, the cable must be ______-rated cable.

jitter

When successive packets experience varying amounts of latency, resulting in their arriving out of order

crosstalk

When terminating twisted pair copper cabling, do not leave more than 1 inch of exposed cable before a termination. Doing so would increase the possibility for transmission interference between wires, a phenomenon called __________.

event log

Windows-based computer log containing monitored device information

3

Wired and Wireless signals share many similarities, including the use of the same Layer _____ and above protocols.

ATM

____ is a WAN technology that functions primarily at Layer 2, although its protocols can reach to Layer 1 and 3. Its ITU standard prescribes both network access and signal multiplexing techniques. What sets this technology apart is the use of a fixed length cell (53 Byte Cell) instead of a variable length frame or a packet.

UPS

_____ is a battery-operated power source directly attached to one or more devices and to a power supply, such as a wall outlet, that prevents undesired fluctuations of the wall outlet's AC power from harming the device or interrupting its services.

NFC

_____ is a form of RFID and transfers data wirelessly over very short distances (usually 10cm or less). A tiny antenna embedded in the device sends its radio signal at a fixed frequency of 13.56 MHz. The signal can also be transmitted one way by an _____ tag, or smart tag, such as when employees need to access a secure area of a building.

QoS

_____ is a measure of how well a network service matches its expected performance.

DNS

_____ is an application layer client-server system of computers and databases designed to associate computer names with IP Addresses.

AC

_____ power comes from the power station through the wall outlet to a device for it's use.

NEXT

________ is the crosstalk that occurs between wire pairs near the source of a signal.

VTP

______ allows changes to a VLAN database on one switch, called the stack master, to be communicated to all other switches in the network. This provides network administrators with the ability to centrally manage all VLANs by making changes to a single switch.

SSL/TLS

______ are methods of encrypting TCP/IP transmissions - including web pages and data entered into web forms - en route between client and server using public key encryption technology. All modern browsers support (IE, Firefox, Chrome) support its use to create secure transmissions of HTTPS sessions.

FTP

______ is a client-server application that transfers files between 2 computers. _____ does not provide encryption and is therefore not secure.

2

______ strands of fiber are needed for full-duplex communication.

IR - Infrared

______ technology has found a new life in the world of IoT. ____ sensors are used to collect information such as: -presence or level of liquid -variations in reflections from skin caused by variations in blood flow which can be used to monitor heart rate -proximity to the device, which can trigger an action like steering a vehicle away from an object -commands from a control device

ARP

______ works in conjunction with IPv4 to discover the MAC address of a host or node on the local network and to maintain a database that maps IP addresses to MAC addresses on the local network.

STP

______, defined in IEEE standard 802.1D, functions at the Data Link layer. It prevents traffic loops, also called switching loops, by calculating paths that avoid potential loops and by artificially blocking the links that would complete a loop.

PEAP

_______ creates an encrypted TLS tunnel between the supplicant and the server before proceeding with the usual EAP process. ______ is called the outer method.

MPLS

_______ enables multiple types of Layer 3 protocols to travel over any one of several connection-oriented Layer 2 protocols. _______ supports IP and all the other Layer 3 and higher protocols used on TCP/IP networks. ______ can operate over Ethernet frames, but is more often used with other Layer 2 protocols, like those designed for WANs. ________ is often used by ISPs on their own networks for moving traffic from one customer site to another, and it's becoming the solution of choice for many enterprises to connect their branch offices. _______ labels are sometimes called a shim because of their placement between Layer 3 and Layer 2 information. For this reason, _______ is sometimes said to belong to "Layer 2.5."

CCMP

_______ improves wireless security for newer devices that can use WPA2. _____ is more future-focused.

DSL

_______ is a WAN connection method introduced by researchers at Bell Labs in the mid-1990's. It operates over the PSTN (combines voice and data onto an analog phone line) and compete directly with T-1 and Broadband Cable services.

Broadband Cable

_______ is a WAN connection method offered by cable companies that is based on the coaxial cable wiring used for TV signals and was standardized by an international, cooperative effort orchestrated by CableLabs that yielded DOCSIS.

PAT

_______ is a process of assigning a TCP port number to each ongoing session between a local host and Internet host.

Z-Wave

_______ is a smart home protocol that provides 2 basic types of functions: signaling to manage wireless connections, and control, to transmit data and commands between devices. A ________ network controller, called a hub, receives commands from a smartphone or computer and relays the commands to various smart devices on its network.

NAT

_______ is a technique designed to conserve public IP addresses needed by a network. A gateway device that stands between a private network and other networks substitutes the private IP address used by computers on the private network with its own public IP address when these computers need access to other networks or the Internet.

IPsec

_______ is an encryption protocol suite that defines rules for encryption, authentication, and key management for TCP/IP transmissions. It is an enhancement to IPv4 and is native in IPv6. ______ works at Network Layer - it sdds security information to the header of all IP packets and encrypts the data payload.

Bluetooth

_______, defined by the IEEE 802.15.1 specifications, is named after a medieval king of Denmark. Like its namesake, ___________ technology unities separate entities - it unites mobile devices, PCs, and accessories under a single communication standard. Most ________ devices require close proximity to form a connection.

SDN - Software-Defined Networking

________ is a centralized approach to networking that removes most decision-making power from network devices and instead handles the responsibility at a software level with a network controller.

Tunneling

________ is a method used by IPv6 to transport IPv6 packets through or over an IPv4 network.

NAS

________ is a specialized storage device or group of storage devices that provides centralized, fault-tolerant data storage for a network. You can think of _______ as a unique type of server dedicated to data sharing.

EAP-FAST

________ is also a form of tunneled EAP. It was developed by Cisco and works similarly to PEAP, except faster. The most important difference with ________ is that it uses PACs (Protected Access Credentials), which are somewhat similar to cookies that websites store on a user's computer to track their activities.

TCP/IP

________ is not simply one protocol, but rather a suite of specialized protocols - including TCP, IP, UDP, ARP, and many others.

Latency

________ is the brief delay it takes for a signal to propagate the length of a cable.

Alien crosstalk

________ is the crosstalk that occurs between 2 cables.

FEXT

________ is the crosstalk that occurs between wire pairs at the far end of the cable from the signal source.

ANT+

________ technology is an ad-hoc wireless protocol operating at about 2.4 GHz. While _____ is a proprietary Garmin protocol, it is also open-source and therefore used by many manufacturers in addition to Garmin. ______ gathers and tracks information from sensors that are typically embedded in heart rate monitors, GPS devices, and other activity monitoring devices. _______ can also synch data from multiple devices for the same activity, such as a smartwatch, smartphone, bicycle computer, or fitness equipment.

RFID

________ uses electromagnetic fields to store data on a small chip in an ________ tag, which includes an antenna that can both transmit and receive, and possibly a battery. The tag holds 1 to 8 KB of data, such as serial number, credit card info, or medical data, which can transmit to a nearby reader.

RDP

_________ is a Microsoft proprietary protocol used to remotely connect to and control Windows Desktop and Server systems.

SSH

_________ is a collection of protocols that does both authentication and encryption. With ________, you can securely log on to a host, execute commands on that host, and copy files to and from that host. _______ encrypts data exchanged throughout the session.

SAN

_________ is a distinct network of storage devices that communicate directly with each other and with other networks.

Frame Relay

_________ is a group of Layer 2 Protocols defined by ITU and ANSI in 1984. It was originally designed as a fast packet-switched network over ISDN, although today __________ is used as the Data Link protocol for various virtual circuit interfaces and media.

SONET

_________ is a high-bandwidth WAN signaling technique developed for fiber-optic cabling by Bell Communications Research in the 1980's, and later standardized by ANSI and ITU. __________specifies framing and multiplexing techniques at the Physical Layer.

telnet

_________ is a terminal emulation utility that allows an administrator or other network user to control a computer remotely. You can use ________ to access a router or switch and run commands to change the configuration settings. However, __________ provides little security for establishing a connection (poor authentication) and no security for transmitting data (no encryption).

ISDN

_________ is an international standard, originally established by the ITU in 1984, for transmitting digital data over the PSTN.

VNC

_________ is open source, so therefore is cross-platform, and can be used to remotely connect to and control desktop and server systems.

BYOD

_________ refers to the practice of allowing people to bring their smartphones, laptops, or other technology into a facility for the purpose of performing work or school responsibilities

CARP

____________ allows a pool of computers or interfaces to share one or more IP addresses. This pool is known as a group of redundancy or redundancy group. When using _______, one device, acting as the group master, receives requests for an IP address, then parcels out the requests to one of several devices in the group.

Port numbers

____________ ensure that data is transmitted to the correct application among other applications running on a computer.

DiffServ

____________ is a simple technique that addresses QoS issues by prioritizing traffic at Layer 3. _______ takes into account all types of network traffic, not just the time-sensitive services such as voice and video. That way, it can assign voice streams a high priority and at the same time assign unessential data streams (for example, an employee surfing the Internet on his lunch hour) a low priority.

managed

____________ switches, on the other hand, can be configured via a command-line interface or a web-based management GUI, and sometimes can be configured in groups. Usually, they are also assigned IP addresses for the purpose of continued management. VLANs can only be implemented through ___________ switches, whose ports can be partitioned into groups.

Network Management

_____________ refers to the assessment, monitoring and maintenance of all aspects of a network.

Spiceworks

______________ is a type of network monitoring software because it can be configured to monitor multiple devices on a network at one time.

Wireshark

______________ is a type of protocol analyzer because it monitors traffic on the interface between a single device and the network.

Clustering

______________ refers to the technique of grouping multiple devices so they appear as a single device to the rest of the network. ____________ can be configured with groups of servers, routers, or applications.

Incident response policy

______________ specifically define the characteristics of an event that qualifies as a formal incident and the steps that should be followed as a result. Qualifying incidents take into account the full spectrum of possible events, which might include a break-in, fire, weather-related emergency, hacking attack, discovery of illegal content or activity on an employee's computer, malware outbreak, or a full-scale, environmental disaster that shuts down businesses throughout the city or state. The policy is written with the intent of keeping people safe; protecting sensitive data; ensuring network availability and integrity; and collecting data to determine what went wrong, who is responsible, and what actions should be taken in the future to prevent similar damage.

network diagrams

_______________ are graphical representations of a network's devices and connections.

Nmap

_______________ is a utility that can assist with discovering and identifying the devices on a network.

Active Directory

_______________ is the centralized directory database that contains user account information and security for the entire group of computers.

network mapping

_______________ is the process of discovering and identifying the devices on a network.

VLSM

________________ allows subnets to be further divided into smaller and smaller groupings until each subnet is about the same size as the necessary IP address space. This is often referred to as "Subnetting a Subnet".

Hashing

_________means to transform data through an algorithm that generally reduces the amount of space needed for the data. __________ is not the same thing as encryption, though it's often listed as a type of encryption and does, in a similar manner, transform data from one format to another. ______ is mostly used to ensure data integrity—that is, to verify the data has not been altered, which is similar to the purpose of a checksum.

SCCP

a Cisco protocol for establishing and managing multimedia sessions on a packet-switched network

DRDoS Attack

a DDoS attack bounced off of uninfected computers, called reflectors, before being directed at target

dedicated line (private line)

a cable or other telecommunications path that is not shared with other users and has continuously available communications channels

automatic failover

a component that is able to automatically assume the responsibilities of an identical component that fails - example: a backup router automatically assumes the role of a failed router

softphone

a computer programmed to act like an IP phone - it transmits and receives digital voice signals (user may use headphone and microphone attached to the PC)

cells

a coverage area for a cellular network serviced by an antenna and a base station - antennas are posted at 3 of the corners of the coverage area - appears as a honeycomb pattern

spectrum analyzer

a device that can assess the quality of the wireless signal - helps with identifying where interference is greatest

router

a device that manages traffic between two or more networks .. and ... can help find the best path for traffic to get from one network to another typically by reading the destination IP address of the data packet

network-based firewall

a device/system that protects an entire network

RFP (request for proposal)

a document to vendors to submit an offer for a product or service your company wants to purchase

ESS

a group of access points connected to the same LAN

BSS

a group of nodes that share an access point

digital certificate

a small file containing verified identification information about the user and the user's public key

zero-day exploit

a software vulnerability that hasn't yet become public, and is known only to the hacker who discovered it

host-based firewall

a system/software that protects the computer on which it is installed

analog phone

a traditional phone that connects into the PSTN

SMF (Singlemode Fiber)

a type of fiber optic that is designed to transmit data using a single "ray" of light typical size of 8/125um .. or .. 10/125um accommodates the highest bandwidths and distances

MMF (Multimode Fiber)

a type of fiber optic that is designed to transmit data using multiple "rays" of light typical size of 50/125um or 62.5/125um only suitable for distances of a few kilometers

local authentication

a user can sign in to Windows PC using the account stored on that PC

network authentication

a user can sign in to the network using the account that is stored in Active Directory on a Windows domain server

VPN

a virtual connection between 2 hosts or sites over the Internet to remotely provide network resources

vulnerability

a weakness of a system, process, or architecture that could lead to compromised information or unauthorized access

FTPS

added layer of protection for FTP using SSL/TLS

Infrastructure WLAN

an intervening connectivity device (access point) accepts the signals from the nodes and re-transmits them to the rest of the network

social engineering

an intruder poses as a technical support person who needs a password to solve the problem, so the user gives the intruder their password

ipconfig /release

any dynamically assigned IP address lease is cleared

malware

any program or piece of code designed to intrude upon or harm a system or its resources

HSPA+

began as a 3G technology - uses MIMO & sophisticated encoding - max 168 Mbps downlink throughput & 22 Mbps uplink throughput in its current release

head-end

cable company central office

DIA - dedicated Internet access

cable itself or a portion of its available bandwidth is dedicated to a single customer; this is more common for business customers and comes with an SLA-defined (service-level agreement) guarantee of minimum uptime percentages and maximum recovery times if the service goes down

DCE

carrier's endpoint device for the WAN

polling

collecting data from multiple network devices on regular intervals

FDM

combining multiple signals onto a wire/cable by using multiple frequency bands

STDM

combining multiple signals onto a wire/cable by using multiple time slots - time slots are allocated based on priority or need

TDM

combining multiple signals onto a wire/cable by using multiple time slots - time slots are reserved for their designated nodes regardless of whether they have data to send

DWDM

combining multiple signals onto a wire/cable by using multiple wavelengths of light - a to support between 80 and 320 channels - used as WAN Links between an ISP and larger NSP

CWDM

combining multiple signals onto a wire/cable by using multiple wavelengths of light - can support 4, 8, 16, or 18 channels per fiber

WDM

combining multiple signals onto a wire/cable by using multiple wavelengths of light - works on any type of fiber optic cable

Rollover

connect a serial port (com port) on a PC to a console port on a device like a router or switch

Crossover

connect a switch to a switch connect "like devices"

edge router ... or .... border router

connect an autonomous system with an outside network

SIM Card

contains a microchip to hold data about the subscription a user has with the cellular carrier

ping -t

continue pinging until interrupted

MSA (master service agreement)

contract that defines the terms of future contracts between parties, such as payment terms or arbitration arrangments

DTE

customer's endpoint device on the WAN

core router ... or ... interior router

direct data between networks within the same autonomous system (routers operated under the same organization)

Confidentiality

data can only be viewed by its intended recipient or at the intended destination

Availability

data is accessible to the intended recipient when needed

Integrity

data is not modified in the time after the sender transmits it and before the receiver picks it up

Session

describes how data between applications is synched and recovered if messages don't arrive intact at the receiving application

Application

describes the interface between two applications, on separate computers (HTTP, FTP, SMTP, POP3, DNS, etc...)

fault management

detection and signaling of device, link, or component failures

authorization

determines what the user can and cannot do with network resources. In other words, "What are you allowed to do?"

failure

deviation from a specified level of system performance for a given period of time

cable modem

device at the subscriber end that modulates and demodulates signals for transmission and reception via cable wiring

out-of-band management

dial-in modem, console connection

SOW (statement of work)

documents in detail the work that must be completed for a particular project, and includes specifics such as tasks, deliverables, standards, payment schedules and work timeline

MOU (memorandum of understanding)

documents the intentions of 2 or more parties to enter into a binding agreement, or contract, and is sometimes used between an informal handshake and the legally binding signatures on contracts

guest

each VM on the physical computer

HFC

fiber-optic link that connects the cable company's offices to a node location near a customer

SFTP

file-transfer version of SSH - it is an extension of the SSH protocol

management frame

frame involved in association and reassociation - such as probe and beacon

data frames

frames involved in carrying the data between stations

control frame

frames related to medium access and data delivery - such as ACK and RTS/CTS

ghosts

frames that are not actually frames - caused by device misinterpreting stray voltage on wire

dead zone

gaps in Wi-Fi coverage at your location

IGP - Interior Gateway Protocol

routing protocols used by core routers and edge routers within autonomous systems

MLA (master license agreement)

grants a license from a creator, developer, or producer, such as a software producer, to a third party for the purposes of marketing, sublicensing, or distributing the product to consumers as a stand-alone product of as a part of another product

CNAME record

holds alternative names for a host

frame control field

holds information about the protocol in use, the type of frame being transmitted, whether the frame is part of a larger, fragmented packet, whether the frame is one that was reissued, what type of security the frame uses, etc....

Windows Defender Firewall

host-based firewall

collision domain

hubs define the borders of this type of domain

MX record

identifies a mail server and is used for email traffic

Destination address

identifies the full address of the receiving host

Source address

identifies the full address of the sending host

Version

identifies whether it is the IPv4 or IPv6 protocol being used

Version

identifies which IP version the packet uses

"0" Bits

in a subnet mask indicates the host portion of the address

"1" Bits

in a subnet mask indicates the network and subnet portion of the address

Flow Label

indicates "the sequence of packets" from one source to one or multiple destinations, the packet belongs to (to ensure that packets belonging to the same transmission arrive together)

Hop Limit

indicates the # of times the packet can be forwarded by routers on the network

TTL

indicates the maximum time a packet can remain on the network before it is discarded

Identification

indicates the message to which the datagram belongs to and allows the receiver to re-assemble a fragmented packet

Traffic Class

indicates the packet's priority - it is similar to the DiffServ field in IPv4 packets

Payload Length

indicates the size of the data carried by the packet

Next Header

indicates the type of header immediately following the IP header

protocol

indicates what upper layer protocol is encapsulated inside the packet

Fragment Offset

indicates where in the data stream the fragment belongs

Flags

indicates whether a message is fragmented - if fragmented also indicates if this is the last fragment

:002:50FF:FE2B:E708

interface ID

SLA (service level agreement)

legally binding contract that defines in plain language and in measurable terms, the aspects of a service provided to a customer, such as service provided by ISP

Network

is a group of computers and other devices (printers, smart phones, tablet PC, Xbox, Wii, PS, IP Phone, etc...) that are connected by some type of transmission media (copper wire, fiber optic, or RF).

GSM

is an open standard accepted and used worldwide - uses digital communication of data that is separated by timeslots on a channel

MIB

list of objects managed by the NMS, as well as the descriptions of these objects - contains data about an object's performance in a database format that can be mined and analyzed

virtual circuit

logically appears to customer to be a dedicated line, but physically can be any configuration through the carrier cloud

accounting

logs users' access and activities on the network. In other words, "What did you do?"

static IP address

manually assigned by network administrator

MAC filtering

method to prevent an AP from authenticating any device whose MAC address is not listed by network admin

utilization

metric refers to the actual throughput used as a percentage of available bandwidth

performance management

monitoring how well links and devices are keeping up with the demands placed on them

cisco ASA firewall

network-based firewall

EGP - Exterior Gateway Protocol

routing protocols used by edge routers and exterior routers to distribute data outside of autonomous systems

giants

packets larger than maximum packet size (more than 1518 bytes)

packet loss

packets lost due to unknown protocol, unrecognized port, network noise - never arrive at destination

runts

packets smaller than minimum packet size (less than 64 bytes)

discarded packets

packets that arrive at destination but are discarded due to buffer overflow, latency, bottlenecks or congestion

persistent agent

permanently installed on a device. This more robust program might provide additional security measures, such as remote wipe, virus scans, and mass messaging.

layer 1

physical devices

ping www.google.com

ping a host using its host name to verify you have connectivity between the nodes

ping6

ping an IPv6 address from a Linux computer

ping -6

ping an IPv6 address from a windows computer

ping 127.0.0.1

ping the loopback of a node to determine whether your workstations TCP/IP services are running

authentication

process of comparing and matching a client's credentials with the credentials in a client database to enable the client to log on to the network

ransomeware

program that locks a user's data or computer system until $$$ is paid

worms

program that runs independently and travesl between computers and across networks - they may be transferred by any type of file transfer, including e-mail - they can carry viruses

cloud-based

provides the same kinds of benefits as other cloud-based solutions, such as scalability, cost efficiency, and shared resources

ipconfig /renew

re-establishes a dynamically assigned IP address lease from the DHCP server

pconfig /renew

re-establishes a dynamically assigned IP address lease from the DHCP server

switch

receives incoming data frame from one of its ports, reads the MAC address and then directs the data frame to the correct port to the destination node

DS0

regular analog phone line

Point-to-Point

remote access using a dedicated (usually leased) line, such as DSL or T-1

interface resets

repeated resets of the connection (interface misconfiguration)

Data Link

responsible for interfacing with physical hardware on the local network - responsible for getting data onto the network (NIC, MAC Address, Ethernet, Wi-Fi)

Network

responsible for moving messages from one node to another until reaches destination (IP, ICMP, ARP)

Presentation

responsible for reformatting, compressing, and/or encrypting data in a way that the receiving application can read (.txt, .png, .mp3, .html, etc....)

Transport

responsible for transporting Application layer payloads from one application to another (TCP ... and ... UDP)

exterior router

router outside of an autonomous systems (routers that operate on the Internet backbone)

UTM (Unified Threat Management)

security strategy that combines multiple layers of security appliances and technologies into a single safety net

1G

service for analog signals from the 1970's to 1980's

2G

service for digital transmission that paved the way for texting and media downloads from the 1990's - did not exceed 240 kbps

5G

services don't yet exist - expected download speeds of up to 20 Gbps and upload speeds of up to 10 Gbps

4G

services for digital transmission (packet switching for data and for voice) where data rates rose to 100Mbps for fast moving mobile clients - from 2008

3G

services for digital transmission (packet switching for data but not for voice) where data rates rose to 384 kbps - from the early 2000's

half-duplex

signals are free to travel in both directions over a medium but in only 1 direction at a time

full-duplex

signals are free to travel in both directions over a medium simultaneously

simplex

signals may travel in only 1 direction

2000:FE10:1:A:

site prefix ... or ... global routing prefix

guest network

smart security precaution - gives guests access to Internet through an open network without opening doors to entire LAN on the router

network management agent

software routine that collects information about the device's operation and provides it to the NMS

wireless analyzer (Wi-Fi analyzer)

software that can evaluate Wi-Fi network availability, optimize Wi-Fi signal settings, and help identify Wi-Fi security threats

Fibre Channel

storage networking architecture that runs separately from Ethernet networks to maximize speed of data storage and access. Fiber-optic cable is much more commonly used. Requires special hardware, which makes it an expensive storage connection technology.

A record

stores the name-to-address mapping for a host - using IPv4 Addresses

AAAA record

stores the name-to-address mapping for a host - using IPv6 Addresses

layer 3

subnetting

Address 2 & Address 3 fields

the MAC address of the access points or intermediary device on the wireless network

exploit

the act of taking advantage of a vulnerability

throughput

the actual measure of how much data is transmitted during a given period of time

MTSO or MSC

the base stations are connected to this office - this is the connection point between the wireless portion of the network and the wired portion of the network

backbone cable

the cables or wireless links that provide inter-connection between the entrance facility and MDF, and between MDF and IDF - this is often fiber-optic cable

Core

the center glass portion of the fiber that transmits the Data (the light signal)

NMS

the central collection point .... the management console - the software installed on the management console that collects and displays the data gathered from the managed devices

cable drop

the coax or fiber connection from the cable company to a customer

link aggregation -or- port aggregation

the combination of multiple network interfaces or ports to act as one logical interface

CO

the switching office - a place where the telephone company terminates lines and switches calls between different locations

captive portal

the first page a new wireless client sees in the browser when connecting to a guest network

BSSID

the identifier for the group of nodes that share the same access point

certificate authority

the organization that issues and maintains the digital certificates

host

the physical computer

authentication

the process of verifying a user's credentials (typically a username and password) to grant the user access to secured resources on a system or network

hypervisor

the software that allows you to define VMs and manage resource allocation and sharing

codec

the software that coverts (usually compresses and converts) analog voice signals into digital binary bits to be sent across a network

passive scanning

the station listens on all channels within its frequency range for a special signal, known as a beacon frame, issued from an access point

active scanning

the station transmits a special frame, known as a probe, on all available channels within its frequency range

Cladding

the surrounding glass portion of the fiber that reflects the light back into the "center of the fiber" so it does not leave the fiber

handoff

the transition that occurs when a client passes from one coverage area to a new coverage area

public-key infrastructure

the use of certificate authorities to associate public keys with certain users

transport protocols

these protocols are used to actually deliver the voice or video payload

signaling protocols

these protocols set-up and manage sessions between clients

horizontal cable

this is the cabling used to connect workstations to the closet data room and to switches housed in the room - maximum allowable length is 100 meters

Public/Asymmetric Key Encryption

two keys are used for data encryption - #1 for encrypting and #2 for encrypting

encryption

use of an algorithm to scramble data into a format that can be read only by reversing the algorithm - purpose is to keep information private

PTR record

used for reverse lookups - when you know the IP and need the Name

sequence control field

used to indicate how a large packet is fragmented for more reliable delivery

unidirectional antenna

used when a source needs to communicate with one destination - point-to-point link

omnidirectional antenna

used when many different receivers must be able to pick up the signal - point-to-multipoint links

broadband

well-suited for residential customers, the cables (whether telephone, copper, or fiber) and available bandwidth are shared between multiple customers

DoS Attack

when a legitimate user is unable to access normal network resources, such as a web server, because of an attacker's intervention

static routing

when a network administrator configures a routing table to direct messages along a specific path between networks

dynamic routing

when a routing protocol automatically calculates the best path between 2 networks and accumulates this information in a routing table

Ad Hoc WLAN

wireless nodes transmit directly to each other via wireless NICs without and intervening connectivity device