Local Area Network (LAN)
two or more computers that exchange data, confined to a small geographic area usually one building.
Most popular Lan
Wired-computers and other devices are wired together using copper-based twisted-pair cables RJ45 plugs on each end.
wireless access point (WAP)
acts as the central connecting device for the network, such as laptops, PDAs, tablet computers, micro computers
VLAN- Virtual LAN
is a group of host with a common set of requirements that communicate as if they were connected together in a normal fashion on one switch, regardless of their physical location.
aka as demilitarized zone DMZ-Small network that is set up separately from a company's private LAN and the internet.
involves DMZ situated between two firewall devices, which could be black box appliances or Microsoft Internet Security.
3-leg perimeter configuration
the DMZ is usually attached to a seperate connection of the company firewall- 1 to company LAN -1 to the DMZ -1 to the Internet.
most common topology, each computer is individually wired to a central connecting device with twisted-pair cabling.
every computer connects to every other computer; no central connecting device is needed
each computer is connected to the network using a closed loop; done with coaxial cable. This is a pretty outdated concept
sends data logicaly in a ring fashion, Token Ring network are physically connected in a star fashion, but logically a ring.
a group of networking technologies that define how information is sent and received between network adapters, hubs, switches, and other devices.
is a group of bytes packaged by a network adapter for transimission across the network, these frames are created on Layer 2 of the OSI model.
IEEE Institute of Electrical and Electronics engineers 802.3
defines carrier sense multiple access with collision detection or CSMA/CD
100 Mbps - 100Base-TX, 100Base-T4, 100Base-FX = TP using 2 pairs, TP using 4 pairs, Fiber optic
an architecture that distributes applications between servers such as Windows Server 2008 and client computers such as Windows 7 or Windows Vista.
controls printers that can be connected directly to the server or are connected to the network.
email servers, but also fax, instant messaging, collaborative, and other types of messaging servers.
means each computer has an equal ability to serve data and to access data, just like any other computer on the network.
7 layers which house different protocols within one of several protocol suites, how data communicates occur on computer networks.
Layer 1 - Physical layer
physical and electrical medium for data transfer, includes but is not limited to cables, jacks, patch pannels, punch blocks, hubs, and MAUs. UOM=Bits
Layer 2 - Data Link Layer
establishes, maintains, and decides how transfer is accomplished over the physical layer. Think-MAC address UOM= Frames
Layer 3 - Network layer
dedicated to routing and switching information to different networks. UOM= Packets
Layer 4 - Transport Layer
This layer ensures error-free transmission between host through logical addressing. Inbound & outbound ports are controlled in this layer. Ports = transport layer.
Layer 5 - Session Layer
This layer governs the establishment, termination, synchronization of sessions within the OS over the network and between host. Think log on, log off
Layer 6 - Presentation Layer
This layer translates the data format from sender to receiver in the various OSes that may be used. Exp = code conversion, data compression, and file encryption.
the guts of OSI model transmission, consisting of layers 1 thru 3. Physical, data, network
MAC - Media Access Control
is a unique identifier assigned to network adapters by the manufacturer, 6 octets, and written in hexadecimal.
command prompt that will show IP addresses and corresponding MAC addresses of remote computers.
Layer 2 switch
Resides on the data link layer, most common type of switch used on a LAN. Hardware based and use MAC address, but security is a concern.
Virtual Lan (VLAN)
Layer 2 switching allows VLAN to be implemented to segment the network,reduce collisions, organize the network, boost performance, and hopefully, increase security.
Difference between layer 2 & 3
Layer 3 switches forward packets like a router, used in busy environments, and layer 2 switches forward frames like an advanced bridge.
Upper layers of OSI model
layers 4-7, transport, session, presentation, and application, deals with protocols, compression, encryption, and session creation.
cable most commonly used, copper based cables, 8 wires grouped into 4 pairs, they are twisted to reduce crosstalk and interference.
Straight through cable
most common type of patch cable, used to connect a computer to the central connecting device like a switch, usually a 568B on each end.
used to connect like devices to each other, computer to computer, or switch to switch. 568B on one side and 568A on the other
Fiber Optic cable
used in longer distance runs, high data rate transfer, transmits light instead of electricity over glass or plastic.
optic cable with an optical fiber that is meant to carry a single ray of light, used in longer distance runs 10km to 80km
optic cable w/ larger fiber core, carries multiple rays of light. used in shorter runs up to 600 meters.
Wireless access point (WAP)
this device acts as a router, firewall, and IP proxy, allows connectivity of various wireless devices such as laptops, PDAs, and tablets.
Wireless network adapters
allows connectivity between a desktop computer or laptop and the wireless access point.
used to extend the coverage of a wireless network extends the signal out further, usually placed on the perimeter of the wireless network
Internet Protocol version 4, is the most frequently used communications protocol and resides on the network layer of the OSI model, IP addresses consist of 4 numbers each between 0-255.
Public IP address
are ones that are exposed to the internet; any computers on the Internet can potentially communicate with them.
Private IP address
are hidden from the Internet and any other networks. usually behind a IP proxy or firewall device
Automatic Private IP Addressing (APIPA)
type of private range that was developed by Microsoft for use on small peer-to-peer Windows networks. Uses class B, auto assigns IP addresses.
is the first IP address of the device that a client computer will look for when attempting to gain access outside the local network.
DNS server address
is the IP address of the device or server that resolves DNS address to IP address. This could be a Windows server or a all in one multifunction network device.
NAT- Network address translation
the process of modifying an IP address while it is in transit across a router, computer, or similar device, hides a person's private internal IP address.
is used to protect an organization's computers and switches on the LAN from possible attacks initiated by mischievous people on the Internet or other locations outside the LAN
Classless inter-domain routing (CIDR)
is a way of allocating IP addresses and routing Internet Protocol packets. EXP= 192.168.0.0/16, /16 means that the subnet mask has 16 masked bits (1s)
new generation of IP addressing for the Internet, can be used in small office networks and home networks. 128-bit 340 undecillion addresses.
assigned to a group of interfaces and are also most likely on separate host, but packets sent to such an address are delivered to all the interfaces in the group.
This is the individual host IP portion. It can be assigned to one interface or more than one interface, depending on the type of IPv6 address.
a tool that administrators can use to configure and monitor Windows computers from the command prompt.
command displays information pertaining to your network adapter, namely TCP/IP configurations.
displays information pertaining to your network, TCP/IP configurations including your MAC address
built in command line scripting utility that enables you to display and modify the network configurations of the local computer.
sends IP information to clients automatically making configuration of IP addresses on the network easier and automated.
also known as Remote desktop services is a type of thin-client terminal server it uses port 3389.
IPsec - Internet Protocol Security
protocol within the TCP/IP suite tat encrypts and authenticates IP packets.
ESP - Encapsulating security payload
provides connectionless integrity and the authentication of data but also confidentiality when sending data
DNS - Domain Name System
Worldwide service that resolves host names to IP addresses, facilitates proper communication between computers
RIP - Routing Info Protocol
dynamic protocol tat uses distance-vector routing algorithms to decipher which route to send data packets.
OSPF - Open Shortest Path First
link-state protocol that monitors the network for routers that have a change in their link state,meaning they were turned off, on and restarted, used in large networks
IGRP - Interior Gateway Routing Protocol
proprietary protocol used in large networks to overcome the limitations of RIP
BGP - Border Gateway Protocol
core routing protocol that bases routing decisions on the network path ad rules
how data packets are moved over switched wide area networks, such as X.25 and Frame Relay
PAD (packet assembler disassembler)
similar to a router which disassembles packets and sends them to a CSU/DSU which is like a modem for the LAN.
means that there is a clocking circuit that controls the timing of communications between the different routers.
is the advancement of X.25 packet switching, designed for faster connections, packets are referred to as frames and it uses a virtual circuit.
T-carrier or telecommunications carrier system
is a cabling and interface implemented in mid-sized and large organizations that carry data at high speeds generally 1.544 MB or higher.
actual trunk carrier circuit that is brought into a company, a dedicated high-speed link or have other shared technologies running on top of it like Frame Relay and ISDN
Trunk carrier 3= 28 T1s, will come into a company as 224 wires or thereabouts and must be punched down to a DSX or like device.
ISDN - Integrated Services Digital Network
is a digital technology developed to combat the limitations of PSTN, sends data, fax, or talk on the phone simultaneously from one line.
a private computer network or single Web site that an organization implements in order to share data with employees around the world.
extended to users outside a company and possible to entire organizations tat are separate from or lateral to the company
VPN - Virtual private network
a connection between two or more computers or devices that are not on the same private network.
PPTP - Point-to-point tunneling protocol
more common VPN (virtual private network) but is a less secure option.
inspects each packet that passes through the firewall and accepts or rejects it based on a set of rules.
Stateless packet inspection SPI
aka pure packet filter, does not retain memory of packets that have passed through the firewall, more vulnerable to spoofing attacks
Stateful packet inspection
keeps track of the state of network connections by examining the header in each packet, is able to distinguish between legitimate and illegitimate packets.
Application-level gateway - ALG
supports address and port translation and checks whether the type of application traffic is allowed.
works on the session layer of the OSI model when a TCP or UDP connection is established, and hides information about a private network, but they do not filter individual packet
Back-to back configuration
a DMZ is situated between two firewall devices, which could be a black box appliance or Mircrosoft Internet Security and Acceleration Servers
DMZ or perimeter network
a small network that is set up separately from a company's private LAN and the Internet, allows users outside a company LAN to access specific services located on the DMZ
3-leg perimeter configuration
DMZ is attached to a separate connections of the company firewall. one to the company-one to the DMZ - one to the Internet.
You are a consultant for a small business that is just starting up. They will have a file server, FTP server, email server, and web server for employees. They will have a firewall with 3 interfaces. Where should they put the file server?
when you have multiple circuits connected to a site, the entire circuit is known as a
Which layer of the OSI model is used to create a connection so that a host can transfer files?
You have a key network administrator leave a company. Therefore what does the company depend on to continue to use the network?
What technology used in firewalls keeps track of connections so that it knows what to allow back into the network?
What is known as pure packet filtering, does not retain memory of packets that have passed through the firewall.
Which type of firewall blocks packets based on rules that are based on IP addresses or ports?
What acts as a middleman that translates between internal and external addresses and that caches previously accessed web pages so that it can provide those more quickly in the future?
what type of device is used to detect malicious network activities and reports only those issues to the administrator?
what type of device is designed to inspect traffic, detect malicious activities, and take steps to mitigate the malicious activity?
What type of firewall works on the session layer that creates a connection and allows packets to flow between the two host without further checking?