Networking Unit 7: Virtualization & Cloud Computing

Ace your homework & exams now with Quizwiz!

VPN Concentrator

A specialized device that authenticates VPN clients, establishes tunnels for VPN connections, and manages encryption for VPN transmissions.

vSwitch

A specialized device that authenticates VPN clients, establishes tunnels for VPN connections, and manages encryption for VPN transmissions.

Data Plane

The actual contact made between physical devices and data transmissions as messages traverse a network.

hypervisor

The element of virtualization software that manages multiple guest machines and their connections to the host (and by association, to a physical network).

virtualization

The emulation of all or part of a computer or network.

VNC (Virtual Network Computing)

Software that uses the cross-platform protocol RFB (remote frame buffer) to remotely control a workstation or server.

PaaS (Platform as a Service )

A service model in which various platforms are provided virtually, enabling developers to build and test applications within virtual, online environments tailored to the specific needs of a project.

Digital Certificate

A small file containing verified identification information about the user and the user's public key.

IKEv2

The current version of IKE that offers fast throughput and good stability when moving between wireless hotspots.

Which protocol can be used to connect to and control Microsoft computers?

VNC & RDP

PPP (Point-to-Point Protocol)

A Layer 2 communications protocol that enables a workstation to connect to a server using a serial connection such as dial-up or DSL.

PPTP (Point-to-Point Tunneling Protocol)

A Layer 2 protocol developed by Microsoft that encapsulates PPP data frames for transmission over VPN connections.

IPsec (Internet Protocol Security)

A Layer 3 protocol that defines encryption, authentication, and key management for TCP/IP transmissions. IPsec is an enhancement to IPv4 and is native to IPv6.

L2TP (Layer 2 Tunneling Protocol)

A VPN tunneling protocol that encapsulates PPP data for use on VPNs.

SDN (Software-Define Network)

A centralized approach to networking that removes most of the decision-making power from network devices and instead handles that responsibility at a software level.

POP (Point of Presence)

A data center facility at which a provider rents space to allow for dedicated connection services.

Colocation Facility

A data center facility that is shared by a variety of providers. Also called a carrier hotel.

out-of-band management

A dedicated connection (either wired or wireless) from the network administrator's computer used to manage each critical network device, such as routers, firewalls, servers, power supplies, applications, and security cameras.

Community Cloud

A deployment model in which flexible data storage, applications, or services are shared between multiple organizations, but not available publicly.

hybrid cloud

A deployment model in which shared and flexible data storage, applications, or services are made available through a combination of other service models into a single deployment, or a collection of services connected within the cloud.

public cloud

A deployment model in which shared and flexible data storage, applications, or services are managed centrally by service providers and delivered over public transmission lines, such as the Internet.

private cloud

A deployment model in which shared and flexible data storage, applications, or services are managed on and delivered via an organization's own network, or established virtually for a single organization's private use.

private key encryption

A deployment model in which shared and flexible data storage, applications, or services are managed on and delivered via an organization's own network, or established virtually for a single organization's private use.

HVD (Hosted Virtual Desktop)

A desktop operating environment hosted virtually on a different physical computer from the one the user interacts with.

Console Router

A device that provides centralized management of all linked devices.

Console Server

A device that provides centralized management of all linked devices.

public key encryption

A form of key encryption in which data is encrypted using two keys: One is a key known only to a user (that is, a private key), and the other is a key associated with the user and that can be obtained from a public source, such as a public key server. Public key encryption is also known as asymmetric encryption.

Type 2 Hypervisor

A hypervisor that installs in a host OS as an application and is called a hosted hypervisor.

vNIC (virtual network interface card)

A logically defined network interface associated with a virtual machine.

Type 1 Hypervisor

A method of encryption that requires the same key to encode the data as is used to decode the cipher text.

NFV (Network functions virtualization)

A network architecture that merges physical and virtual network devices.

DMVPN (Dynamic Multipoint VPN)

A particular type of enterprise VPN using Cisco devices that dynamically creates VPN tunnels between branch locations as needed rather than requiring constant, static tunnels for site-to-site connections.

SDN Controller

A product that integrates configuration and management control of all network devices, both physical and virtual, into one cohesive system that is overseen by the network administrator through a single dashboard.

Handshake Protocol

A protocol within SSL that allows the client and server to authenticate (or introduce) each other and establishes terms for how they securely exchange data during an SSL session.

key

A series of characters that is combined with a block of data during that data's encryption.

RAS (remote access sever)

A server that runs communications services enabling remote users to log on to a network and grant privileges to the network's resources.

remote access

A server that runs communications services enabling remote users to log on to a network and grant privileges to the network's resources.

SaaS (Software as a Service)

A service model in which applications are provided through an online user interface and are compatible with a multitude of devices and operating systems.

IaaS (Infrastructure as a Service)

A service model in which hardware services are provided virtually, including network infrastructure devices such as virtual servers.

subscription model

A service model in which software is provided by subscription.

in-band management

A switch management option, such as Telnet, that uses the existing network and its protocols to interface with a switch.

CIA (Confidentiality, Integrity, and Availability) triad

A three-tenet, standard security model describing the primary ways that encryption protects data. Confidentiality ensures that data can only be viewed by its intended recipient or at its intended destination. Integrity ensures that data was not modified after the sender transmitted it and before the receiver picked it up. Availability ensures that data is available to and accessible by the intended recipient when needed.

GRE (Generic Routing Encapsulation)

A tunneling protocol developed by Cisco that is used to transmit PPP data frames through a VPN tunnel.

site-to-site VPN

A type of VPN in which VPN gateways at multiple sites encrypt and encapsulate data to exchange over tunnels with other VPN gateways. Meanwhile, clients, servers, and other hosts on a siteto- site VPN communicate with the VPN gateway.

Client-to-site VPN

A type of VPN in which clients, servers, and other hosts establish tunnels with a private network using a VPN gateway at the edge of the private network.

XaaS (Anything as a Service or Everything as a Service)

A type of cloud computing in which the cloud can provide any combination of functions depending on a client's exact needs, or assumes functions beyond networking including, for example, monitoring, storage, applications, and virtual desktops.

asymmetric encryption

A type of encryption (such as public key encryption) that uses a different key for encoding data than is used for decoding the cipher text.

host-only mode

A type of network connection in which VMs on a host can exchange data with each other and with their host, but they cannot communicate with any nodes beyond the host. In host-only mode, VMs use the DHCP service in the host's virtualization software to obtain IP address assignments.

Bridged Mode

A type of network connection in which a vNIC accesses a physical network using the host machine's NIC. The bridged vNIC obtains its own IP address, default gateway, and subnet mask information from the physical LAN's DHCP server.

NAT Mode

A type of network connection in which a vNIC relies on the host machine to act as a NAT device. The virtualization software acts as a DHCP server.

DTLS (Datagram Transport Layer Security)

A variant of TLS designed specifically for streaming communications.

FTPS (FTP Security or Secure)

A version of FTP that incorporates the TLS and SSL protocols for added security.

VPN (Virtual Private Network)

A virtual connection between a client and a remote network, two remote networks, or two remote hosts over the Internet or other types of networks, to remotely provide network resources.

Management URL

A web-based user interface where the user can make changes directly to a device.

DNS Spoofing

An attack in which an outsider forges name server records to falsify his host's identity.

virtual firewall

An installation of a firewall's operating system in a VM.

virtual router

An installation of a router's operating system in a VM.

OpenVPN

An open-source VPN software that is available for multiple platforms.

CA (Certificate Authority)

An organization that issues and maintains digital certificates as part of the PKI (public-key infrastructure).

What service in Windows Server 2016 authenticates remote users and computers to the Windows domain and its corporate network resources?

Direct Access

What software allows you to define VMs and manage resource allocation and sharing among them on a host computer?

Hypervisor

When examining tunneling protocols, which choice is a component of the IPsec protocol suite?

IKEv2

Which tunneling protocol is a component of the IPsec protocol suite?

IKEv2

Which encryption protocol does GRE use to increase the security of its transmissions?

IPsec

AH (authentication header)

In the context of IPSec, a type of encryption that provides authentication of the IP packet's data payload through public key techniques.

ESP (Encapsulating Security Payload)

In the context of IPsec, a type of encryption that provides authentication of the IP packet's data payload through public key techniques and encrypts the entire IP packet for added security.

Client Hello

In the context of SSL encryption, a message issued from the client to the server that contains information about what level of security the client's browser is capable of accepting and what type of encryption the client's browser can decipher.

server_hello

In the context of SSL encryption, a message issued from the server to the client that confirms the information the server received in the client_hello message. It also agrees to certain terms of encryption based on the options the client supplied.

guest

In the context of virtualization, a virtual machine operated and managed by a virtualization program.

Telnet, SSH, RDP and VNC all rely on which type of management?

In-band

Which encryption benchmark ensures data is not modified after it's transmitted and before it's received?

Integrity

With which network connection type does the VM obtain IP addressing information from its host?

NAT Mode

IKE (Internet Key Exchange)

One of two services in the key management phase of creating a secure IPsec connection. IKE negotiates the exchange of keys, including authentication of the keys.

ISAKMP (Internet Security Association and Key Management Protocol)

One of two services in the key management phase of creating a secure IPsec connection. ISAKMP works within the IKE process to establish policies for managing the keys.

PPPoE (Point-to-Point Protocol over Ethernet)

PPP running over an Ethernet network.

Which remote access protocol is used over an Ethernet network?

PPPoE

Which cloud computing services model gives software developers access to multiple operating systems for testing?

PaaS

Which remote file access protocol is an extension of SSH?

SFTP

When implementing secure remote file access which choices will be incompatible with each other?

SFTP / FTPS

Telnet, SSH, and VNC are which type of software?

Terminal Emulation

Cloud Computing

The flexible provision of data storage, applications, or services to clients over the Internet.

key management

The method whereby two nodes using key encryption agree on common parameters for the keys they will use to encrypt data.

platform

The operating system, the runtime libraries or modules the OS provides to applications, and the hardware on which the OS runs.

Control Plane

The process of decision making, such as routing, blocking, and forwarding, that is performed by protocols.

port forwarding

The process of redirecting traffic from its normally assigned port to a different port, either on the client or server.

PKI (Public-Key Infrastructure)

The use of certificate authorities to associate public keys with certain users.

What virtual, logically defined device operates at the Data Link layer to pass frames between nodes?

Virtual switch


Related study sets

Pediatrics Quiz 8 Alterations in Genitourinary Function

View Set

Spanish Quiz ~ La familia, la descripción física, Las partes del cuerpo

View Set

Javier the Most Chivalrous Chapter 8 Vocab

View Set

Leadership I (Corporal's Course)

View Set