Get ahead with a $300 test prep scholarship
| Enter to win by Tuesday 9/24
Networking Study Guide
Terms in this set (649)
The primary function of a ____________ device is to divide work as evenly as possible among the devices on a network. This allows more resources to be utilized efficiently, resulting in faster data processing.
An ________ is intended to protect a specific high-value device, as opposed to the entire network. A host-based system primarily uses software installed on a specific host, and uses the resources of the host it is installed on.
host-based intrusion detection system
___________ are capable of making intelligent decisions about data by analyzing data packets in real time, and understand the criticality and type of the request.
______________ is an operating mode in which the switch forwards a data packet as soon as it receives it, without performing any error checking or packet processing.
A _________ operates at Layers 2 and 3 of the OSI model. Content switches are sometimes considered to be another type of multilayer switch, but the term "___________" generally refers to switches that perform only limited routing functions at Layers 2 and 3.
A ________ is simply a switch that can be configured by the user, and does not relate specifically to a switch that operates at Layers 4 through 7.
A _______ is a network device that acts as a common connecting point for various nodes or segments.
_________ collect data from multiple access routers and redistribute them to an enterprise location. Their capabilities are greater than those of regular access routers.
Working at Layer 2 of the OSI model, _______ make forwarding decisions based on Layer 2 (MAC)
A ________ listens for the MAC addresses of all the nodes plugged into it, and builds a table in memory that maps each MAC address with its associated port.
________ are common inexpensive routers that are generally located at customer sites.
____________ are powerful routers that are located at the center of network backbones. They connect multiple distribution routers located in different buildings.
A _______ is simply one that operates on two different frequencies (such as 2.4 GHz and 5.0 GHz). These are often used in Small Office/Home Office (SOHO) environments.
A _______ is a networking device that connects multiple networks. Operating at Layer 3 of the OSI model, it makes forwarding decisions based on Layer 3 addresses, such as IP addresses.
The _______is a more recent PPP implementation used by many DSL broadband Internet connections.
_________ is a tunneling protocol that encapsulates network layer protocols.
Generic Routing Encapsulation
_____is a more secure version of EAP that uses an encrypted channel between a remote client and a server.
Protected Extensible Authentication Protocol
_______ provides a method for spreading traffic across multiple distinct PPP connections.
In a _______ connection model, each node on the network is connected to a remote network, which may be separated by public or other unsecured networks. _______ VPNs may be either open or closed.
In the _________ VPN connection model also, there are two types of networks—open and closed. In the case of an open VPN, the path between the end node and the IPSec gateway is not secured. In the case of a closed VPN, the path between the end node and the IPSec gateway is secured.
In the _________ VPN connection model, rather than connecting to another network, a single computer makes a secure connection to another single computer. This can be used either internally or on the Internet. Where this is most common is when one server needs a secure connection to another server. Typically the tunneling protocol for _________ VPNs is IPSEC.
_______ is used to prevent switching loops and broadcast storms. All switches in the same broadcast domain elect a root bridge (switch) to act as a reference point for all other switches. This switch will then listen for special frames coming from the root to determine if those frames are coming into different ports. If they are, then there is a redundant link.
Spanning Tree protocol
Content switching is helpful for server ___________.
____________ is the logical separation of nodes until there is a need to connect them. This helps prevent collision domains.
_______ connect incompatible systems by stripping encapsulation of the incoming protocol and re-encapsulating it in the outgoing protocol.
_______ is a platform-independent desktop sharing system. A ______viewer on a Linux system can connect to a ______ server on a Microsoft system and vice-versa.
Virtual Network Computing
_______ is used specifically for Microsoft's Remote Desktop system.
Remote Desktop Protocol
The ________ protocol is a remote terminal protocol used by Citrix WinFrame and Citrix Presentation Server software as an add-on to Microsoft Terminal Services.
Current ________ are based on the X11 protocol and normally used on UNIX- and Linux-based systems to display local applications.
X Window systems
_______ is a Microsoft extension of CHAP that is specifically designed for authenticating remote Windows workstations.
________ is a protocol that enables a server to provide standardized, centralized authentication for remote users.
________ and ________ are authentication protocols that provide centralized authentication and authorization services for remote users.
Both _____and ______are tunneling protocols that increase traffic security through data encryption.
The ______ is a network protocol that works on the Application layer (Layer 7) of the OSI model and the Application layer of the TCP/IP model to provide web services.
HTTP uses port ____for communicating with web clients and servers and runs on ______.
A _________ is a form of traffic shaping. The goal of traffic shaping is to delay metered traffic such that each packet complies with the relevant traffic contract. This is common in Quality of Service (QoS) implementations in which traffic must not exceed the administratively defined rate.
A packet shaper is a form of _________. The goal of __________ is to delay metered traffic such that each packet complies with the relevant traffic contract. This is common in Quality of Service (QoS) implementations in which traffic must not exceed the administratively defined rate.
Distributing work evenly across servers for processing efficiency is the goal of ___________.
Proving _______ of as close to 100 percent as possible is the goal of high availability.
Providing faster responses to future requests is the goal of _______.
A _______ makes forwarding decisions based on Layer 2 (MAC) addresses. It listens for the MAC addresses of all the nodes plugged into it, and builds a table in memory that maps each MAC address to its associated port.
A ______ makes forwarding decisions based on Layer 3 addresses, typically IP addresses.
A ______ operates at Layer 3 and above of the OSI model.
A _______ boosts the strength of a signal by regenerating it, which helps when dealing with greater transmission distances.
______is a remote-access authentication method that sends client IDs and passwords as cleartext. It is typically used when a remote client connects to a non-Windows PPP server that does not support password encryption.
_______ are used to provide tunneling services to individual users through common subscriber lines such as cable, dial-up, or ISDN.
________ are used to connect different sections of a corporate network.
_______ connect networks that belong to different companies for the purposes of sharing resources.
__________ are just a form of VPNs that operate through a web browser, and do not require the installation of a separate client.
A _______ is a private network that is configured by tunneling through a public network such as the Internet. Because tunneling is used to encapsulate and encrypt data, _____ ensure that connections between endpoints, such as routers, clients, and servers are secure. To provide ______ tunneling, security, and data encryption services, special ______ protocols are required.
Virtual Private Network
A ________ VPN is a VPN format that works with a web browser—without needing the installation of a separate client. _______ ensures that the connection can be made only by using HTTPS instead of HTTP. This format works well in schools and libraries where easy access is required but security is still a concern.
Secure Socket Layer
________ is capable of providing process-wide encryption for authentication, not just password encryption. ________ uses TCP instead of UDP and supports multiple protocols.
______ supports multifactor authentication, and is considered more secure and more scalable than RADIUS because it accepts login requests and authenticates the access credentials of the user.
_______ is not compatible with TACACS because it uses an advanced version of the algorithm.
A ________ is a hardware component that helps connect a computer to a network.
_______ and ______ are authentication protocols that provide centralized authentication and authorization services for remote users. TACACS includes process-wide encryption for authentication, while RADIUS encrypts only passwords. TACACS uses TCP instead of UDP and supports multiple protocols. Extensions to the TACACS protocols exist, such as Cisco's TACACS+ and XTACACS.
Terminal Access Controller Access Control System, TACACS Plus
_______, which is open standard, uses TCP port 49 and also supports multifactor authentication.
An _______ is a VPN format that works within a web browser. This means that a separate dedicated VPN client is not needed.
Both an _____ and ______ use tunneling to encapsulate and encrypt data.
SSL VPN, VPN
An _______ would be used for connecting sections of a network. Common implementations involve connecting remote offices to a corporate headquarters.
_____ in Tunnel mode is often used with Layer Two Tunneling Protocol (L2TP). _____uses DES or 3DES encryption to provide data confidentiality
In most VPNs, data encryption is accomplished by either _____or _____.
In ______ switching, the switch calculates the CRC value for the packet's data and compares it to the value included in the packet. This is the slowest type of switching mode, since the switch must receive the entire frame before the first bit of the frame is forwarded.
In _______, the switch forwards a data packet as soon as it receives it. No error checking or processing of the packet is performed.
In ____________, the switch scans the first 64 bytes of each packet for evidence of damage by a collision.
________ is a Layer 2 protocol used to prevent switching loops.
Spanning Tree Protocol
______ make forwarding decisions based on Layer 2 (MAC) addresses. They do this through a process called microsegmentation, in which all nodes are logically separated from each other until there is a need to connect them.
Switches make forwarding decisions based on Layer 2 (MAC) addresses. They do this through a process called _______, in which all nodes are logically separated from each other until there is a need to connect them.
________ is a device that incorporates advanced encryption and authentication methods to handle a large number of VPN tunnels. _______ are usually specifically geared towards secure remote access or site-to-site VPNs. They offer high performance, high availability, and very good scalability.
_______ ensure that connections between endpoints, such as routers, clients, and servers, are secure. They use tunneling to encapsulate and encrypt data sent through a public network, such as the Internet.
_______ is the ability to assess the content of websites based on words or word combinations, and block content that is deemed undesirable.
_______ is a feature that allows administrators to grant or deny Internet access based on user names or group membership.
_______ is a feature that allows administrators to generate reports on users' Internet activity.
_________ provide access to the internal network for remote clients.
Remote access services
The _______ retrieves network configuration settings for computers.
Internet Protocol Helper
A ________ is a service that captures a BOOTP or DHCP broadcast and forwards it through the router as a unicast transmission to the DHCP server on another subnet.
_______ uses a local broadcast that cannot be sent through routers on the network.
The _______ command is used to verify the network connectivity of a computer, and also to check to see if the target system is active. It verifies the IP address and host name of the remote system by listening for echo replies.
The _______ command displays the status of currently active network interface devices, and is supported on Linux and UNIX.
_______ enables a permanent translation entry that maps a protocol port on a gateway to an IP address and protocol port on a private LAN.
_______ enables web proxies to cache web data for clients locally for improved response time.
_______ conceals internal addressing schemes from external networks.
______ is a subset of dynamic NAT functionality that maps either one or more unregistered addresses to a single registered address using multiple ports.
A ________ isolates internal clients from the servers by downloading and storing files on behalf of the clients. Not only does this improve security, but it also caches commonly requested data and reduces network traffic by providing frequently used resources to clients from a local source.
A _______ is a system that isolates internal clients from the servers by downloading and storing files on behalf of the clients. It intercepts requests for web-based or other resources that come from the clients, and, if it does not have the data in its cache, it can generate a completely new request packet using itself as the source, or simply relay the request.
A _______ is a type of proxy server that retrieves resources on behalf of a client from one or mutliple servers.
The ______ record type maps an IP address to the host name for the purpose of reverse lookup.
The ______ record type maps multiple canonical names (aliases) to an A record.
The _______ record maps a host name to its IP address using a 128-bit IPv6 address.
The _______ record maps a domain name to an email server list.
A host name combined with the host's domain name forms the node's _______.
Fully Qualified Domain Name
Secure Socket Layer virtual private network
Host Intrusion Detection System
Network Intrusion Detection System
Password Authentication Protocol
Challenge-Handshake Authentication Protocol
Microsoft Point-to-Point Encryption
Data Encryption Standard
virtual private network
Spanning Tree Protocol
Virtual Network Computing
Point-to-Point Protocol over Ethernet
Integrated Services Digital Network
Remote Access Service
Intrusion Detection System
An ______ is a DNS server that possesses an actual copy of the records for a zone, as opposed to just caching a lookup from another DNS server. Its key function is delegation, which means that part of a domain is delegated to other DNS servers.
Authoritative Name Server
Domain Name System
Changing the default IP address ______ would require additional configuration steps.
______ is a different service that enables a DHCP client to configure itself automatically with an IP address in the event that no DHCP servers respond to the client's DHCP discover broadcast.
Dynamic Host Configuration Protocol
Network Address Translation
Synchronous Optical Network
Integrated Services for Digital Network
Long Term Evolution
Optical Carrier x
Coarse Wavelength Division Multiplexing
Dense Wavelength Division Multiplexing
Quality of Service
Multiprotocol Label Switching
________ are based on the client's MAC address.
_______ are lease assignments in DHCP that enable you to configure a permanent IP address for a particular client on the subnet.
_____is a network service that automatically assigns IP addresses and other TCP/IP configuration information on network nodes configured as _____ clients. A _____ server allocates IP addresses to _____clients dynamically, and should be configured with at least one _____scope. The scope defines the group of IP addresses that a _____server can use.
___________ is a network protocol for configuring IPv6 hosts with IP addresses, IP prefixes and other configuration data required to operate in an IPv6 network.
The Dynamic Host Configuration Protocol version 6
The purpose of _____ is to conceal the internal addressing schemes from external networks such as the Internet. This means that packets sent from multiple internal devices will all appear to have originated from the same single IP address, which prevents external hosts from communicating directly with internal clients.
Network Address Translation
A _____ is a number that represents a process running on a network. Both clients and servers use _____ numbers to identify themselves.
A _____ is a port that is in use.
An _____ is simply an identifier for a device on a Transmission Control Protocol Internet Protocol (TCP IP) network.
A _____ is an agreed-upon format of data transmission between two devices
_____ enables a permanent translation entry that maps a protocol port on a gateway to an IP address and protocol port on a private LAN. Network clients cannot see that _____ is being done. This allows communications from external source to a destination within a private LAN. For example, a remote computer could to connect to a specific computer or service within a private LAN using _____.
The _____ refers to the range of IP addresses that the client may be assigned.
The _____ generally refers to the amount of time after which a client will cease attempting to reach a host when a connection cannot be established.
_______ provides for long-range, global wide area network (WAN) transmissions.
Satellite Internet access
_____ is the standard for synchronous data transport over a fiber optic cable. It is the U.S. version of the standard published by ANSI.
_______ is the European version of the standard.
______ is a standard that describes Layer 1 and Layer 2 specifications for wireless local area networks (LANs).
_____is a set of networking technologies and media access methods specified for LANs.
_______ is a metropolitan area network that uses Ethernet standards. _______ can connect LANs and individual users to a WAN or to the Internet. Organizations in large cities can use _______ to connect branch locations or offices to an intranet. A typical ________ has a star network or mesh network topology with servers or routers interconnected through cable or fiber optic media. For example, Comcast Business offers a _______ service for businesses with different locations within a city to communicate with using a wider bandwidth.
The_________ standard specifies the bandwidth for fiber optic transmissions. It is a channelized technology based on the same 64 Kbps channel as DSH but with a base rate of 810 channels. The ______ standard is open-ended, enabling manufacturers to add specifications as they develop hardware that supports faster transmission speeds.
Optical Carrier x
______ is a packet-based wireless telecommunication technology that provides wireless broadband access over long distances.
_______ is a standard for data transport over a fiber optic cable.
Typical _______ implementations feature a star network or mesh network topology with servers or routers interconnected through cable or fiber optic media.
_______ carries both voice and data over conventional telephone lines.
__________ is a packet-based wireless telecommunication technology that provides wireless broadband access over long distances.
Wireless Interoperability for Microwave Access
________ is a metropolitan area network that uses Ethernet standards.
_________ is a high-performance, multi-service switching technology that is used in packet data networks.
Multiprotocol Label Switching
___________ is a multiplexing technology that uses light wavelengths to transmit data.
Dense Wavelength Division Multiplexing
________ is a digital circuit switching technology that carries both voice and data over digital phone lines or PSTN wires.
_______ is a framework of networking functions that uses labels on any combination of Layer 2 and Layer 3 headers.
Multiprotocol Label Switching
__________ is a high-performance, multi-service switching technology that is used in packet data networks. It is defined by a set of IETF specifications that enable Layer 3 devices such as routers to establish and manage network traffic. It ensures faster switching of data as it follows label switching that helps save processing time of packets by the label-switching routers.
Multiprotocol Label Switching
_______ is considered to exist somewhere between Layers 2 and 3 of the OSI model. It can travel
over PPP, Frame Relay, or ATM at Layer 2, and its labels are read and rewritten by Layer 3 routers.
_______ delivers increased performance with reduced network complexity and offers a pay-as-you-go structure. However, the bursty nature of traffic in a Frame Relay cloud, along with the use of variable-length frames, makes it difficult to provide QoS.
____________ uses digital channels for data transmission over conventional telephone lines.
Integrated Services for Digital Network
_________ is a cell-switching network technology. Unlike frame relay, it can guarantee QoS for a particular virtual channel.
Asynchronous Transfer Mode
________ is a WAN protocol that functions at the Physical and Data Link layers (Layers 1 and 2) of the OSI model. It is a packet-switched technology that allows transmission of data over a shared network medium and bandwidth using virtual circuits.
_______ is a contention-based medium, which means that bandwidth is impacted by the number of nodes within the group. If a lot of people are using the Internet at the same time, speed is usually affected.
_______ offers a slower method of Internet access over a public switched telephone network (PSTN).
_______ lines and leased lines are basically the same thing. Since a _______line is used by only a single user, bandwidth is fixed and is not impacted by other users in the area.
The ________ is a dedicated digital line that transmits voice or data. It is used in Europe, Mexico, and South America.
The ________ is a digital and packet-switched system designed to carry multiplexed telephone connections. It makes communications more scalable than analog, circuit-switched systems.
_____ is a radio technology for wireless broadband access. It offers data rates about 100 times faster than 3G networks, a downlink rate that exceeds 100 Mbps, and an uplink rate of more than 50 Mbps.
______is backwards compatible with GSM and HSPA.
_______ is a radio technology, and does not transmit over satellites or fiber optic cabling
___________ refers to a family of technologies based on the 3GPP Release 5 specification, which offers high data rate services in mobile networks.
High Speed Packet Access
_______ uses multicarrier technologies in which multiple 5 MHz carriers are aggregated and a bigger data channel is used for data transmission. This large data channel also decreases latency and provides an increased capacity for bursty traffic, such as web applications.
_______and ______differ in the spacing of the wavelengths, number of channels, and the ability to amplify the multiplexed signals in the optical space.
_______is the standard for synchronous data transport over a fiber optic cable. It is the U.S. version of the standard published by ANSI.
________is the European version of the standard.
Synchronous Digital Hierarchy
A ________ can test for the cable type and determine whether a cable is straight-through or crossover. It can also check if the NIC is functioning and determine its speed (half or full duplex).
A ______is a tool that allows you to determine the voltage, current, and resistance along the cable.
A variation of TDR that transmits light-based signals of different wavelengths over fiber optic cabling to determine cabling issues.
Optical Time-Domain Reflectometer
System and network monitoring software that runs on UNIX systems and offers both a command-line and web interface to monitor network and system devices.
System and Network Integrated Polling Software
A ________ type is a 75-ohm cable used to connect cable TV and FM antenna cables.
A _____ connector type is a cable connector used to terminate a coaxial cable.
A ________ is a type of bounded network media that transfers information between two devices by using serial transmission.
________ is a technology that allows broadband transmission over domestic power lines.
Broadband over power lines
A ________ enables networks running on different media to interconnect and exchange signals.
The ______ is a database that has a top-down hierarchical structure
management information base
________ is a packet capture tool that allows you to intercept and capture packets passing through a network interface. It will help to monitor the packet flow, packet flow responses, packet drop, and ARP information.
Users who don't want to be found in a typical sweep will configure a port above _____ hoping that a standard sweep will miss the rogue port.
_______ is includes different network monitoring tools.
_______ is free, open source network management software that uses SNMP traps to generate alerts and notifications for your network devices.
To find hidden SSIDs, you'd use a ______, which is also known as a wireless survey tool.
Stumbling a wireless network requires a _______ to identify wireless services.
A ________ is the process of planning and designing a wireless network that provides a wireless solution that will deliver the required wireless coverage, data rates, network capacity, roaming capability and QoS.
A ________ is piece of software or hardware that is used to analyze the physical aspects of wireless networks. This includes items such as: spectrum analysis, finding WAPs, reporting SSIDs, channel usage, signal strength, and identifying noise sources.
________ is not a native Windows application, even in Windows Server 2012. You'll have to download and install the syslog agent for Windows operating systems.
An ________ consists of three key components: network-connected devices, SNMP agents, and a management station.
You would use a _______ program to sniff network traffic to grab URL information so that you can passively monitor Internet site information.
A network analyzer is a software or hardware management tool that integrates diagnostic and reporting capabilities to provide a comprehensive view of an organization's network.
Basic _________ enable a technician to analyze network traffic on a LAN or DSL connection. ________ also have the ability to provide an administrator with an overview of systems and reports from one location on the network. Full-featured ________ offer a variety of monitoring, analyzing, and reporting functions.
_______and ___________ are software that can analyze networks.
Wireshark, Microsoft Network Monitor
The ______ command line utility displays a list of all results that lie within the subtree rooted on the specified OID. ______ can also be used to display a single object if an exact instance of an OID is specified.
There is also ______________ which is a category of solutions which were created to extend the traditional data center management function to include all of the physical assets and resources found in the facilities and IT domains. It is a combination of hardware and software tools that can be used to constantly monitor power consumption of the data center, including networking equipment, which allow you to proactively strike a continual balance between efficiency and availability. You can look for areas where the power load is too great or too light, and re-route power availability as needed.
Data center infrastructure management
Identifying the different types of traffic on your network and shaping the network through the use of _______ is the most effective method of limiting bandwidth for non-business or low-priority traffic.
_______ is a simple, easy to set up logfile-based monitoring system that collects data from many types of devices via the _______ agent that is already present on most operating systems and networked devices.
______ is a term used to define the process of logging program messages or data logs. The term collectively includes the software or operating system that generates, reads, and analyzes log files.
A _______ is a record of actions and events performed on an operating system. There are three common
types of log files: system, general, and history files.
A log file is a record of actions and events performed on an operating system. There are three common
types of log files: ___________.
system, general, history files
Critical systems should have a redundant system as a _______ in case the primary fails.
The _______ is a single server and therefore a single point of failure for the corporate website.
corporate web server
The first stage in the troubleshooting process is to_________.
identify the problem
The third stage states: _________.
Test the theory to determine the cause
What are the fifth, sixth, and seventh stages of the CompTIA Network+ Troubleshooting model?
implement, verify, document
According to the fourth stage of CompTIA Network+ Troubleshooting model, what two things must you do in the troubleshooting process?
Establish a plan of action, identify potential effects
You should use the OSI model from ______ and from ________ to divide and conquer a problem.
top to bottom, bottom to top
A ________, unlike an analog signal that can have many possible values, can have combinations of only two values: one and zero.
________ is also called bi-directional transmission. If someone speaks about duplex transmissions, they are likely referring to ___________.
Full duplex mode
An IPv4 address is shown and discussed in decimal or base 10 numbers for convenience, but are actually _______.
_______ is the Application layer and email protocols all operate at this layer.
The bit rate and baud rate are equal at ________.
one bit per symbol
________ is the process of adding delivery information to the actual data transmitted on each layer. _______ takes place on the transmission end as data is passed down the layers.
_______ is the Network layer and cabling and wiring of all types are part of this layer.
______ is the Physical layer and cabling and wiring of all types are part of this layer.
________ is the Data Link layer and NICs are part of this layer.
________ is the Transport layer and firewalls are part of this layer.
Telephone systems are _________; all people involved can talk simultaneously.
full duplex devices
________ is a form of multiplexing, which is a controlled media access method where a central device combines signals from multiple nodes and transmits the combined signal across a medium.
An Ethernet frame includes the ______ computer MAC address and the _______ computer MAC address.
The range for IPv4 numbers is _______.
0 to 255
________ is the Data Link layer and NICs are part of this layer.
The five characteristics of an analog signal are __________.
amplitude, cycle, frequency, phase, and wavelength
________ is the Session layer and Transmission Control Protocol (TCP) and User Datagram Protocol (UDP) ports are both a part of this layer. This layer is also referred to as the ________.
Layer 5, port layer
________ is the Network layer and ping operates on this layer.
A _________ is a technique in which digital signals are sent via DC pulses over a single, unmultiplexed signal channel.
The ________ of communication permits two-way communications, but in only one direction at a time. When one device sends, the other must receive; then the devices can switch roles to transfer information in the other direction. _________ can use the full bandwidth of the medium because the transmission takes place in only one direction at a time.
half duplex mode,
In _______, a communication channel is divided into discrete time slots. Each node on a network is assigned a time slot, and each sender is given exclusive access to the medium for a specific period of time.
Layer 2 is the Data Link layer and NICs are part of this layer.
_______ is the injecting of safe test traffic onto a network to conduct performance tests. ________ is the collection of existing traffic for further analysis.
Active monitoring, Passive monitoring
_________ are hardware tools that ensure that environmental conditions do not spike or plummet to place temperatures above or below equipment specifications. In addition to temperature, _______ allow you to monitor the humidity in the environment where the network devices are placed. By monitoring humidity, you can ensure that condensation does not build in devices, and that there is enough humidity to decrease static electricity buildup.
________ is an Application-layer (Layer 7) protocol used to collect information from network devices for diagnostic and maintenance purposes. _______ includes two components: management systems and agent software, which are installed on network devices such as servers, routers, and printers. The agents send information to an ________manager. The _______manager can then notify an administrator of problems, run a corrective program or script, store the information for later review, or query the agent about a specific network device.
Simple Network Management Protocol
An SNMP-managed network consists of three key components: ___________________
network-connected devices, SNMP agents, management station
________ includes searching logs to determine when events occurred on a network. Analysis tools allow you to search logs simultaneously based on patterns or time ranges to speed the discovery of breaches or anomalies.
_______ is typically a feature built into a switch, router or server. The device can provide statistics about its own interfaces. Usually these are transmit (TX) and receive (RX) traffic loads, packet errors, and link status. In most cases, you can get a point in time snapshot, as well as some history. You can use classic SNMP-based third party monitoring tools to continuously query many devices and report their status to a central console in a graphical format. You can typically also set alerts and track trends on interfaces/devices of interest.
If two nodes transmit at the same time, a collision has occurred. The collision is most likely to occur during the _______.
The payload of the frame (or the information being sent) must be a minimum of ___ bytes long. If the length of data is less than ____ bytes, the data field must be extended by adding a filler to increase the length to a minimum of ______bytes.
Full duplex mode is also called ________. If someone speaks about duplex transmissions, they are likely referring to full duplex mode.
_______ is the Application layer and email protocols all operate at this layer.
The _________ maps an IP address to a physical or media access control (MAC) address recognized within a local network. ______ resides on Layer 2, or the Data Link layer of the OSI model (Network Interface layer of the TCP/IP model), encapsulated by an Ethernet header. ________ enables you to dynamically discover the mapping of a Layer 3 IP address to a Layer 2 MAC address.
Address Resolution Protocol
If a port has a solid _______, this means the software inside the switch shut down the port, either by way of the user interface or by internal processes.
The appearance of the ________ might cause you to investigate further on a corporate network because cloud storage services, such as Dropbox, are often prohibited in business settings.
Dropbox LAN sync Discovery Protocol
To find related errors, filter the capture for ______ and read through the errors until you find the malformed packet entry.
Which term refers to a logical grouping of ports on a switch?
HTTP GET requests for large image files is a common _________. As you expect, the requests for large image files are made and the responses are very large in comparison to the requests.
An _______ is the act of exploiting vulnerability on a system, a service, or a network. A ______ is a potential cause of an incident that may result in harm to systems and the organization.
Most of the original protocols from the TCP/IP stack that are still used have no ________ and can be abused in some way.
A ________ often requires reimaging or reinstalling the operating system and all configurations due to the low-level hack that has taken place. Often, the system's firmware has been removed or replaced with a damaged one.
permanent DoS attack
MAC flooding is an _______ technique aimed at network switches.
ARP cache poisoning
________ occurs when an attacker redirects an IP address to the MAC address of a computer that is not the intended recipient. Before the attack can begin, the attacker must gain access to the target network.
ARP cache poisoning
An attacker with the intent of using ________ will first have to gain access to the target network.
ARP-related security flaws
A _______ could mean that an attacker is testing your response to a traffic spike prior to a coordinated attack.
A ________ is performed using legitimate traffic against a system or systems with malicious intent.
An _______ is a rogue access point that appears to be legitimate and can be difficult or impossible to differentiate from a valid access point.
________ can be considered one form of reflected attack, as the flooding hosts send Echo Requests to the broadcast addresses of mis-configured networks, thereby enticing hosts to send Echo Reply packets to the victim.
_____ have produced the highest volume and highest bandwidth attacks ever witnessed by many security firms.
NTP amplification attacks
A _______ is performed using legitimate traffic against a system or systems with malicious intent.
A ________ attack is a type of DoS attack that uses multiple computers on disparate networks to launch the coordinated attack from many simultaneous sources. These can sometimes be difficult to differentiate from traffic spikes when they first begin. The attacker introduces unauthorized software called a zombie or drone that directs the computers to launch the attack.
Distributed Denial of Service
A ______ is a collection of Internet-connected programs communicating with other similar programs in order to perform tasks which can be used to send spam email or participate in DDoS attacks.
A _________ involves sending forged requests of some type to a very large number of computers that will reply to the requests. Using Internet Protocol address spoofing, the source address is set to that of the targeted victim, which means all the replies will go and flood the target.
Reflective DoS attack
__________ involve a new mechanism that increased the amplification effect, using a much larger list of DNS servers than seen earlier. SNMP and NTP can also be exploited as reflector in an amplification attack.
DNS amplification attacks
A _________ is a situation where a website ends up denied because of a sudden enormous spike in popularity. This can happen when an extremely popular website posts a prominent link to a second, less well-prepared site, for example, as part of a news story.
Friendly DOS attack
A ________ is an attack that damages a system so badly that it requires replacement or reinstallation of hardware. A _______ attack exploits security flaws which allow remote administration on the management interfaces of the victim's hardware, such as routers, printers, or other networking hardware. The attacker uses these vulnerabilities to replace a device's firmware with a modified, corrupt, or defective firmware image.
The maximum default number of hops for a traceroute or tracert is ____. You can specify a higher number using a command line switch and the number of hops you wish to use for the trace.
The ________ command's value is in its capability of identifying routers or subnets with latency problems by displaying packet loss data.
You would use a ________ to check the cable for adherence to ISO or TIA standards.
A _______, or a _________, is a Wi-Fi spectrum analyzer used to detect devices and points of interference, as well as analyze and troubleshoot network issues on a WLAN or other wireless networks. Like network analyzers, wireless testers give an overview of the health of a WLAN in one central location, enabling technicians to troubleshoot problems efficiently.
wireless tester, WiFi analyzer
A ________, or a _________, is diagnostic software that can examine and display data packets that are being transmitted over a network. It can examine packets from protocols that operate in the Physical, Data Link, Network, and Transport layers of the OSI model.
protocol analyzer, network analyzer
This address is a generic address that indicates that your system is set up to use DHCP, but cannot find a DHCP server.
The ______________ is a table used for maintaining the correlation between each MAC address and its corresponding IP address.
Address Resolution Protocol cache
A _______ is a web server that allows external users to get a look at routing and network behavior as it originates from the remote network. A _______ accesses a remote router and performs commands allowing a view of the IP and BGP route tables.The information is then presented to the user. _______ are used for verifying routing between providers, and for verifying that routes are propagating correctly across the Internet.
Looking Glass site
The _______ command provides you with network information for each network adapter. It also displays connection-specific DNS suffix, IP address, subnet mask, and default gateway information. Must be run from a command line.
The _______ command is a Windows command that displays information that isn't available with other TCP/IP utilities.
The _______ emits a tone when it detects a signal in a pair of wires. It's used to trace and locate voice, audio, and video signals on a network.
A _______ is a device that sends an electrical signal through one pair of UTP wires. A tone locator or a tone probe is a device that emits an audible tone when it detects a signal in a pair of wires. ________ and tone locators are most commonly used on telephone systems to trace wire pairs. A digital toner and toner probe traces and locates voice, audio, and video cabling on a network. In addition to confirming the cable location, a toner and probe can verify continuity and detect faults.
On Windows, use the _______ command to print the route packets trace to a remote host.
The _______ command displays extensive routing table information for troubleshooting.
A ________ means that the DNS server that gave you the answer is not the source Domain Name System (DNS) server for that domain. The answer is accurate, reliable, and trustworthy.
The ________ utility is used to test and troubleshoot domain name servers. _______has two modes: the interactive mode enables you to query name servers for information about hosts and domains, or to print a list of hosts in a domain. The non-interactive mode prints only the name and requested details for one host or domain. The non-interactive mode is useful for a single query.
_______ is a UNIX/Linux command-line tool that can be used to display name server information. Some experts consider it to be generally easier to use than nslookup, and that it supports more flexible queries and is easier to include in command scripts. It is included with the BIND version of DNS, and can be downloaded from many UNIX and Linux resource sites on the Internet.
Domain Internet Groper
The pathping command combines the functionality of _____ and _____.
The ______ command in Linux is equivalent to the pathping command, having the functionality of both the ping and the traceroute commands.
A ________ is not a certifier. A _______ only tests for end-to-end connectivity, but not transmission quality.
________ features good coverage within 70 meters, compatibility with 5 GHz and 2.4 GHz devices, and transmission speeds of 150 Mbps or more.
The correct wiring scheme for the T568B standard is ______________
white orange, orange, white green, blue, white blue, green, white brown, brown.
STP is short for __________.
Shielded Twisted Pair
________ covers a large area (35 meters or more) and at a very high bandwidth (up to 1 Gbps) making it the clear—but more expensive—choice for such an application.
_______ is Fast Ethernet and is rated for 100 Mbps throughput.
_______ is the Fast Ethernet fiber cable specification.
________ is Fast Ethernet.
What is the practical length limit of a CAT7 Ethernet cable?
_____ defines the standards for commercial building cabling. It recognizes _____ as a media type. It also defines the minimum bend radius for both shielded and unshielded twisted pair cables. In addition, it specifies the maximum untwist value for _____ cable termination.
_______ provides all your required features for a cable standard.
Also known as network maps, network diagrams provide ________ and _______ for network devices.
location, routing information
_________ is a general term for the collected protocols, policies, and hardware that govern access on device network interconnections. ______ provides an additional security layer that scans systems for conformance and allows or quarantines updates to meet policy standards. Security professionals will deploy a _______ policy according to an organization's needs based on three main elements: the authentication method, endpoint vulnerability assessment, and network security enforcement. Once the _______ policy is determined, professionals must determine where _______ will be deployed within their network structure.
Network Access Control
______ implementations are generally implemented to vet mobile devices for network access. And the new bring-your-own-device policies make this process even more critical to businesses, since personal devices might have been jailbroken or otherwise compromised by malware or other hacks.
Logical network diagrams contain ________ and _________. Additionally, they contain node IP addresses, device FQDNs, and application types.
routing topology, node trust relationships
A _________ is a formalized statement or set of statements that defines network functions and establishes expectations for users, management, and IT personnel. It describes in detail the acceptable use policies of network equipment for a particular organization, including the appropriate methods to maintain, upgrade, and troubleshoot the network.
____________ depict how data moves through a network and don't attempt to show any physical relationships between nodes.
Logical network diagrams
___________ hopping is a method where an attacking host on a ______ gains access to traffic on other _______ that would normally not be accessible. There are two primary methods of ______ hopping: switch spoofing and double tagging:
A ___________ is where an attacking host imitates a trunking switch by speaking the tagging and trunking protocols used in maintaining a VLAN. Traffic for multiple VLANs is then accessible to the attacking host.
switch spoofing attack
A _________ is where an attacking host connected on a 802.1q interface prepends two VLAN tags to packets that it transmits. The packet is forwarded without the first tag, because it is the native VLAN. The second (false) tag is then visible to the second switch that the packet encounters. This false VLAN tag indicates that the packet is destined for a target host on a second switch. The packet is then sent to the target host as though it originated on the target VLAN bypassing the network mechanisms that logically isolate VLANs from one another.
double tagging attack
________ is a simple version of FTP that uses UDP as the transport protocol, and does not require log on to the remote host. As it uses UDP, it does not support error correction but provides for higher data integrity. It is commonly used for bootstrapping and loading applications and not for file transfer. FTP traffic is not encrypted and all transmissions are in clear text. Usernames, passwords, commands and data can be read by anyone able to perform packet capture (sniffing) on the network.
Trivial File Transfer Protocol
_______ and _______ both have to do with Bluetooth communications between devices.
This is a method used by attackers to send out unwanted Bluetooth signals from tablets, mobile phones, and laptops to other Bluetooth-enabled devices. Because Bluetooth has a 30-foot transmission limit, this is a very close-range attack. With the advanced technology available today, attackers can send out unsolicited messages along with images and video. These types of signals can lead to many different types of threats. They can lead to device malfunctions, or even propagate viruses, including Trojan horses. Users should reject anonymous contacts, and configure their mobile devices to the non-discoverable mode.
This is a method in which attackers gain access to unauthorized information on a wireless device using a Bluetooth connection within the 30-foot Bluetooth transmission limit. Unlike _________, access to wireless devices such as tablets, mobile phones, and laptops by ________ can lead to the exploitation of private information including email messages, contact information, calendar entries, images, videos, and any data stored on the device.
A _________ is a type of man-in-the-middle attack that involves exploiting a session to obtain unauthorized access to an organization's network or services. It involves stealing an active session cookie that is used to authenticate a user to a server and controlling the session. __________ also initiate denial of service to either the client's system or the server system, or both.
session hijacking attack
The "war" in war driving and war chalking stands for __________.
wireless access receiver
The act of using symbols to mark off a sidewalk or wall to indicate that there is an open wireless network which may be offering Internet access.
The act of searching for instances of wireless networks using wireless tracking devices such as tablets, mobile phones, or laptops. It locates wireless access points while traveling, which can be exploited to obtain unauthorized Internet access and potentially steal data. This process can be automated using a GPS device and war driving software.
Common tools that are used for war driving and war chalking include NetStumbler, Kismet, Aircrack, and Airsnort.
NetStumbler, Kismet, Aircrack, Airsnort
_______ is the unsecure protocol because its authentication is passed in cleartext.
A _________ is a type of network attack where a potential attacker scans the computers and devices that are connected to the Internet or other networks to see which TCP and UDP ports are listening and which services on the system are active.
port scanning attack
A _________ is an attack that exploits a previously unknown vulnerability in an application or operating system. In this situation developers have not had time to address the vulnerability and patch it. It is called a "_________" because the developer has had _________ to fix the flaw.
Zero day attack
When a cable is ____, it is shorted. Often the short involves bare wire coming in contact with other conductive surfaces.
______ occurs when there is a degradation of signal strength, which results in slow responses from the network.
____ are similar to gigabit interface converters in their architecture, but they allow higher port density than gigabit interface converters.
Small form-factor pluggables
The primary function of a GBIC or an SFP is to convert ______ into _______ and vice versa.
electrical signals, optical signals
This is an unauthorized wireless access point on a corporate or private network. _______ can cause considerable damage to an organization's data. They are not detected easily, and can allow private network access to many unauthorized users with the proper devices. A _______ can allow man-in-the-middle attacks and access to private information. Organizations should protect themselves from this type of attack by implementing techniques to constantly monitor the system, such as installing an IDS.
Rogue Access Point
EMI disrupts the signal. The _______ decreases as the transmitting distance increases.
signal to noise ratio
You are checking a particular area of your network and note significant signal loss. What could be the problem?
Having the tester look for excessive crosstalk usually detects a _______. You have to use a certifier device to detect a ______ because a simple line tester isn't sufficient for the job.
Cable and network professionals will sometimes refer to _______ as opens, referring to the fact that the electrical signal loop is open.
A device is said to be saturated or has reached saturation when its percent utilization is close to _____.
You should have each contractor read and sign the _______ and explain each section to them.
Corporate Security Policy
The __________ is put into place to assess and prevent unnecessary risks from being introduced into an environment due to hasty decisions and undocumented changes.
change management process
Your corporate security policy should include a statement such as, "While using the organization's network or resources, any activity may be intercepted, monitored, recorded, copied, audited, inspected, and disclosed to the organization." An employee's signature or initials should accompany this sentence, which is legally known as what?
Consent to monitoring clause
The ________ describes the steps that you take to back out of a change in case of failure or in case the change cannot be safely implemented.
Generally, if your change takes you outside of the prescribed change window, you have to ______ the change and start the change process again to modify the window (the time required to process a change).
The _______ is put into place to assess and prevent unnecessary risks from being introduced into an environment due to hasty decisions and undocumented changes.
change management process
_______ is a systematic method of approving and executing change to ensure maximum security, stability, and availability of information technology services.
There are _______ in the change management process.
The_______, for example, requires network segmentation for PCI systems. This is to guarantee that external attacks can't traverse into PCI systems and vice versa.
PCI Security Standards Council
_______ are a security risk because they are end of life and out of vendor support, which means that the vendor no longer supplies patches for critical security bugs.
Patching isn't always a perfect process and all systems are not created or maintained equally. Drivers and libraries in one system may differ from the others, so there are no guarantees that a patch will work on every system. A _______ usually means uninstalling an errant patch.
Most testing labs are far outside the control of security, so _______ is necessary to ensure the safety of the rest of the network.
A honeypot's purpose is to attract attention and any attacks. _______ prevents the attacker from traversing the network into production systems.
All patches should be installed in a ________ first to observe any resulting problems or issues prior to installing them on production systems.
Network administrators are separating _______ into their own network segments known as security zones, where, among an array of hardware and software security, firewalls are implemented.
The two main reasons why network administrators segment networks are to _______ and to ________.
boost network performance, enhance security
________ are exposed, at least in part, to the Internet. This exposure makes them more vulnerable to attacks. Sometimes, these ________ are referred to as DMZs to designate their lack of protection outside the corporate firewall.
_________ reduces the scope of any attack to that particular segment, since the attacker will have no access to, or any knowledge of, any other segment without launching a separate attack.
_____ is a technology for transmitting data between computer devices at data rates of up to
16 Gbps. Optical fiber is not required for ________. It works by using coaxial cable and ordinary telephone twisted pair.
________ is used to facilitate data transfers over intranets and to manage storage over long distances by carrying SCSI commands over IP networks. This type of SAN is popular because it does not require an investment in expensive Fibre Channel cabling, and can run along an existing Ethernet network.
A ________ can operate in different modes, which provide different services. A _________ operating in bridge mode does not actively participate in routing the traffic, and also does not require any IP routing changes or subnetting to be inserted into place.
A virtual firewall operating in _______ mode resides in the core _______ kernel and monitors the virtual host machine's incoming and outgoing traffic.
A virtual firewall does not allow the host computer to act as a _________. A virtual router would be needed for this.
A _______ is a firewall service or appliance running entirely within a virtualized environment. This can be a software firewall on a guest VM, a virtual security appliance designed for virtual network security, a virtual switch with additional security capabilities, or a managed kernel process running within the host hypervisor that sits below all VM activity.
____________ (also known as patch cables) are used to connect unlike devices. All wire pairs are in the same order at each end of the cable.
_________ are used to connect like devices, such as device to device, switch to switch, or router to router.
_________ are used to connect a device to a router's console port. In this type of cable, one end of the cable is wired exactly the opposite of the other end of the cable.
A _________ is a network cable that is jacketed tightly around conductors to prevent poisonous gas from emanating in the event of a fire.
_________ are continuous announcements by a wireless access point that transmits the name of the access point in order to be discoverable by wireless devices searching for a network connection. By disabling ________, clients that wish to connect to the access point must manually specify the name of the access point. This can help prevent unauthorized devices from getting on the network.
A ________ is a software application that enables communication between virtual machines. It is capable of intelligently directing the communication on a network by checking data packets before moving them on.
A ____________ is a program that virtualizes a physical network interface card.
virtual network interface controller
A _________ is a virtual machine that runs a network operating system or other server software.
A _________ is a software-based framework that enables the host computer to act as a hardware router over a Local Area Network (LAN).
_______ was developed for the purpose of providing comparable confidentiality over a wireless network to that of a traditional wired network. The problem with _____ is that the same pre-shared key (PSK) is shared among all clients that use the network. This makes it very easy for an attacker on the network to acquire the PSK and then crack another user's _____ key within minutes. For this reason, _____ is not a recommended wireless encryption standard.
______ enables a service provider to make applications available over the Internet. This gives you an alternative to installing software on user computers, and it can be helpful for mobile or transient workforces. A common example of ______ is Google AppsTM.
_______ is an arrangement whereby instead of purchasing equipment and running your own data center, you rent those resources as an outsourced service.
_______ enables you to rent a fully configured system that is set up for a specific purpose.
_______ provides network-based services through the cloud, including monitoring and Quality of Service (QoS) management.
_________ is an authentication infrastructure that you can rent from a service provider. Essentially, it provides single sign-on capabilities for the cloud. It is an approach to digital identity management in which an organization or individual performs an electronic transaction which requires identity data managed by a service provider. Functionality includes authentication, registration, identity verification, federation, risk and activity monitoring, roles and entitlement management, provisioning and reporting others.
Identity as a Service
___________ provides network-based services through the cloud, including monitoring and Quality of Service (QoS) management.
Network as a Service
A _________ is an Ethernet frame with a payload greater than the standard MTU of 1,500 bytes. _______ can be as large as 9,000 bytes, and are used on Local Area Networks (LANs) that support at least 1 Gbps.
________ still use the same headers as typical Ethernet frames. They are more efficient because more data is sent within the data portion of the frame, resulting in fewer overall frames that need to be processed at the network level.
________ is a computer or appliance that provides only file-based data storage services to other devices on the network. _____ devices are specialized for the file server task either by its hardware, software, or configuration of both. ______ devices typically do not have a keyboard or display, and are configured through a web-based management utility. Some ______ devices will run a standard operating system, while others may run their own proprietary operating system.
A ________ is where multiple organizations from a specific community with common interests share the cloud infrastructure.
A ________ is operated solely for a single organization. It can be managed internally or by a third party, and can be hosted either internally or externally.
A ________ provides its services over a network that is open for public use. The architecture might be indistinguishable from a private cloud, but the security needs are typically quite different.
A ________ is a combination of two or more clouds that remain distinct but are bound together.
_______ is a technology through which one or more simulated computers run within a physical computer. The physical computer is called the host. The simulated computers are typically called virtual machines (VMs), though other terms may be used. The virtual machines communicate with each other by using virtual switches.
A _______, also known as a virtual machine manager, is the software or firmware that creates a virtual machine on the host hardware. The _______ provides the guest operating systems with a virtual operating platform and manages the execution of the guest operating systems.
What is a distinct advantage of omni-directional antennas over directional antennas?
A _______ is a site survey of wireless signals and their strengths.
A ________ can be used to connect two wired networks by using a wireless connection. A ________ receives the signal from your wireless router and sends it out to other wired devices. The ________ needs to be within range of the wireless router's signal and also within cable length of the other wired devices.
A _______ is an analysis technique that determines the coverage area of a wireless network.
_______ is the application-level throughput, i.e. the number of useful informational bits delivered by the network to a certain destination per unit of time.
What is one significant advantage that 2.4 GHz networks have over 5.0 GHz networks?
________ is a mechanism whereby wireless access points can choose among several different available VLANs to assign to incoming client connections. This strategy distributes and load balances wireless client traffic among multiple VLANs so that no single network segment is overwhelmed by too many wireless client connections.
________ is a protocol that controls multiple Wi-Fi wireless access points. This can reduce the amount of time spent on configuring, monitoring, or troubleshooting a large network.
A _______ is a subset of an organization's network that is designed for temporary use by visitors. Typically, ________ provide full Internet connectivity while severely restricting access to the internal intranet. This helps keep an organization's internal information private, and helps avoid spreading any malware that visitors may have on their systems.
An ________ is a network located on the periphery of a centralized network. It is the one where an organization's network actually connects to the Internet, or to a provider's carrier network. It is the least secure of all the organization's networks. It is physically located on the customer's premises, and is a a link between the provider's dmarc and the organization's router.
________ starts at the edge network. A VPN server, or even a firewall itself, can accept client VPN connections at the edge. These clients and their users have to pass some sort of _________ to authenticate, and the client may also have to prove its health before the connection is accepted. If there is no VPN connection, the firewall will still have a lot of ________ rules to filter out undesirable or uninvited traffic.
If you conduct a network security assessment by collecting data on security agents such as antivirus and personal firewalls and Windows Registry settings, what is this type of assessment known as?
A ________ is a restricted network that provides users with routed access only to certain hosts and applications. Users are denied access to the network and are assigned to a ______ when a NAC product determines that an end-user is out-of-date. They are assigned to a network that is routed only to patch and update servers, and not to the rest of the network. They can then update their device to bring it up to NAC standards and gain access to the network.
A standard for securing networks by implementing EAP as the authentication protocol over either a wired or wireless Ethernet LAN, rather than the more traditional implementation of EAP over PPP.
An IEEE standard used to address the need for MAC-sub-layer addressing in bridges.
An IEEE standard used to standardize Ethernet and expand it to include a wide range of cable media.
An IEEE standard used to describe Power over Ethernet (PoE) technology.
You have performed exhaustive tests for a WAN connectivity problem up to the interface between your network and the provider's network, and now it is time to engage the provider to do some research. The provider's first step prior to sending out a technician is to perform what physical test?
Test the line up to the smart jack.
Use the ________ to show you what's happening in real time while it happens so that you can track incoming and outgoing traffic.
If you suddenly lose Wide Area Network (WAN) connectivity, which device would you investigate first for the problem?
The Internet-connected route
If you check your router's ________, you can see if the router's authentication is failing or if there's some other problem with the connection that shows up in the logs. Calling your provider will only work if there's not a general communications outage with your provider.
When troubleshooting WAN problems, you have to keep in mind where your equipment and responsibility end and where your provider's begins. That is the_______. You have to do your due diligence in proving that your equipment and practices are not the problem before the provider will begin troubleshooting.
Identify a quick test for Domain Name System (DNS) connectivity.
Perform an nslookup using a system's or a site's name.
The _______ is the piece of hardware that interfaces your network to your provider's network. It is installed at your site and is often owned by the provider.
One workaround to the count-to-infinity problem is the ________, where a router does not include any routes to the router from which it discovered its own location in its broadcasts.
split horizon method
What is the practice that involves preventing certain types of data from being transmitted to a network?
Another workaround to the count-to-infinity problem is called a _______. Unlike in split horizon, routers using _______ broadcast routes back to the router from which they calculated their location. Instead of giving a true hop count, to discourage use of the route, the router broadcasts a hop count of 16 as a warning not to use the value specified and as an intimation that the route was learned from router 1.
What command would you use in Windows Server 2012 R2 to clear a static routing table of all entries?
______ is a parameter used in data and voice protocols to differentiate the types of payloads contained in the packet being transmitted. It aids Quality of Service (QoS) by assigning priorities to the data payload or access levels to the telephone call.
_______ is another component that aids in QoS. It is a field in an IP packet that enables different levels of service to be assigned to network traffic.
______ is a signaling protocol for multimedia communication sessions that initiates, modifies, and terminates a session.
Session Initiation Protocol
______ describes the content of a multimedia communication session.
Routers that are running a _________ such as Routing Information Protocol version 2 (RIPv2) or IGRP express the distance to the destination by the number of hops to the destination (known as a hop count). The number of hops refers to the number of intermediate devices that the data must travel to in order to reach its destination. It does not refer to the actual geographic distance between the source and destination.
_____ describes the size of the largest protocol data unit that the layer can pass onwards, and is expressed in bytes. The standard ______ of an Ethernet frame is 1,500 bytes, but this can be surpassed in jumbo frames.
_______ uses table mappings that the network administrator establishes manually in the router prior to routing.
________ is used on packet-switched networks to automatically calculate route costs and routing table entries. In essence, ________ is trying to determine how far the destination is, and in what direction. The goal is to reach the destination is the fewest number of hops.
A ________ is a virtual network interface that network applications can communicate with when executing on the local machine. The ________ has no hardware associated with it, and it is not physically connected to a network.
A ________ connects your private UC network with a public network. It allows users to connect with the outside world, and also allows mobile users to connect from the outside into the private network.
Unified Communications gateway
A ________ provides the actual services that users will use, such as voice, video, fax, messaging, etc.
Unified Communications server
A ________ is the client-side device that allows the user to use unified communications services. These are items such as headsets, webcams, VoIP phones, and so on.
Unified Communications device
________ show a more accurate network because they are updated more often than static tables. This is because the routers update the routing tables, not the admin. If the network suffers traffic congestion or a hardware failure, a router running dynamic routing protocols can automatically detect the problem and calculate a different routing path.
Dynamically built routing tables
______ is the process of selecting the best route for transferring a packet from a source to its destination on a network.
A ______ applies appropriate algorithms to generate and maintain an information base about network paths. It considers various routing metrics such as the bandwidth and reliability of the path, and communication costs while evaluating available network paths to determine the optimal route for forwarding a packet. Once the optimal route for a packet is assigned, packet switching is done to transport the packet from the source host to a destination host. The action of forwarding a packet from one router to the next is called a I.
The time delay for a packet to go from a source to a destination and back to the source.
A numerical value assigned to a routing protocol, static route, or a direct-connected route to signify more desirable routes.
______ describes the size of the largest protocol data unit that the layer can pass onwards, and is expressed in bytes. The standard ______ of an Ethernet frame is 1,500 bytes, but this can be surpassed in jumbo frames.
The average number of bits of data that can be transmitted from a source to a destination over the network in one second.
The local loopback entry provides a delivery route for packets addressed to the local loopback address. This will appear as _______.
_________ is an internetwork broadcast entry that identifies the route for broadcasts to the entire network.
________ is a multicast broadcast entry that identifies the address for sending multicast transmissions.
________ is an example of a common gateway address.
A ________ is a software-based routing framework that enables the host computer to act as a hardware router over a LAN. The VRRP advertises a ________ as the default gateway, which is backed by a group of physical routers that provide redundancy in case one fails. This helps you increase the availability of your networks.
An ________ or a routing domain is a self-contained network or group of networks governed by a single administration.
________ is best suited to smaller environments in which the network topology is very unlikely to change. It is also helpful in lower-bandwidth infrastructures, since static routers are not constantly creating traffic by network status updates to other routing devices.
A ________ is a routing process in which two routers discover different routes to the same location that include each other, but have incorrect information and thereby never reach the endpoint. Data caught in a _______ circles around until its TTL expires. _______ can be difficult to detect and to troubleshoot; the best prevention is proper router configuration.
______ is widely popular and has many advantages. However, there are some limitations that prevent _____ from replacing traditional telephony. One such limitation is that a power outage will usually prevent you from getting online, which is necessary in order to make a ______ call. The variable latency and spotty reliability of the Internet mean that ______ calls aren't always a dependable choice.
_____ combines an Ethernet data path with an IS-IS link state control protocol running between Shortest
Path bridges. It is a replacement for STP that simplifies the creation and configuration of networks, while enabling multipath routing.
_______ is a hybrid routing protocol used to establish routing between ISPs.
Border Gateway Protocol
_______ is an improvement over RIP that is designed to be deployed on interior routers within an autonomous system.
Interior Gateway Routing Protocol
______ is a proprietary routing protocol by Cisco that supports classful and classless subnet masks.
Enhanced Interior Gateway Routing Protocol
_____ are protocols that are responsible for exchanging routing information between gateways within an AS. Examples of ______ include RIP, OSPF, EIGRP, IS-IS, and IGRP.
A _______ is a database created manually or by a route-discovery protocol that contains network addresses as perceived by a specific router.
_______ is an example of a real-time Unified Communications technology because it allows for instant, synchronous communication between users. The other formats are considered asynchronous, because a message that is delivered by the sender might not be accessed by the recipient for hours or days.
The _______ is the common connecting point for all nodes in a network segment.
________ with segmentation balances the load by separating traffic from other segments. Only traffic destined for a particular segment will reach that segment and only affects that segment.
Network load balancing
The ________ gives you a secure command line shell login to a remote system.
_______ operates mainly at Layer 2 of the TCP/IP protocol stack and is generally performed by a screening router, although other network devices can also perform ________.
______ is a convenience mechanism used in enterprise networks where multiple, unrelated authentication systems exist. _______ is designed to make security easier for users, but this ease of use comes at a potential cost. ______ passwords must be ultra-secure.
The purpose of _________ is to encrypt passwords or other messages so that they can be transmitted securely over potentially non-secure channels.
cryptographic hash functions
________ is any authentication scheme that requires validation of at least two of the possible authentication factors. It can be any combination of who you are, what you have, and what you know.
_______ encrypts wireless communications, making them less vulnerable. It was designed to provide the same level of security as wired networks, but _____ has many well-known security flaws.
_____ is a security protocol that protects sensitive communication from being eavesdropped and tampered with.
_______ validates ARP packets in a network. _______ determines the validity of packets by performing an IP-to-MAC address binding inspection before forwarding the packet to the appropriate destination. ARP packets with invalid IP-to-MAC address bindings that fail the inspection are dropped.
_______ uses information from the DHCP server to track the physical location of hosts, ensure that hosts only use the IP addresses assigned to them, and ensure that only authorized DHCP servers are accessible.
______ uses a combination of MD5 hashing and a challenge-response mechanism, and authenticates without sending passwords as plaintext over the network. The security of the MD5 hash function is severely compromised.
The ________ is a remote-access authentication method that sends client IDs and passwords as cleartext. It is generally used when a remote client is connecting to a non- Windows PPP server that does not support password encryption. When the server receives a client ID and password, it compares them to its local list of credentials. If a match is found, the server accepts the credentials and allows the remote client to access resources. If no match is found, the connection is terminated.
Password Authentication Protocol
_________ is a protocol that enables systems to use hardware-based identifiers, such as fingerprint scanners or smart card readers, for authentication. _____ categorizes the devices into different _____ types depending on each device's authentication scheme. The ______ method associated with each type enables the device to interact with a system's account database.
Extensible Authentication Protocol
_______ is ahash function that is published by NIST.
secure hash algorithim
Can harden the security on the network to allow only clients with specific IP or MAC addresses to have access to the network. It uses information from the DHCP server to track the physical location of hosts, ensure that hosts only use the IP addresses assigned to them, and ensure that only authorized DHCP servers are accessible.
Blocking of individual or ranges of TCP/IP ports is known as _______. Often, all ports above 1024 are blocked and then allowed individually as needed for certain services to function.
_______ is an authentication service that is based on a time-sensitive ticket-granting system.
You find that your fiber signal is weak on a particular cable, but you find no breaks or physical interference problems. In fact, the cable is in excellent condition throughout its length. What do you look for next?
Dirty or obstructed connectors
One of your colleagues recently replaced several of your old servers with new ones. She also had to set up all network services on the new servers. The next day you arrive at work and no one in the office can connect to the network. What do you suspect is the problem?
A misconfigured DHCP server
A user's computer hardware and software both check out as good. The network cable has end-to-end connectivity. Speed and duplexing have been verified. Where would you look next for the problem?
The VLAN ID on the switch port
No one on your network segment can connect to the Internet, nor can you connect to or ping other machines on the same segment. What do you suspect has happened?
Switch is offline
A new user reports that he cannot connect to the network. You check the computer, his patch cable, and the switch port, and all are fine. Although the port shows no light, it tests as good. What do you check next?
Check the network drop.
A user is attempting to open an application that requires a connection to a server for functionality; however, she receives an error message that the application cannot connect to the server. She tells you that this happens sporadically. What do you investigate to find the problem's source?
Check the server's utilization to see if it's overloaded.
________ are a variation of TDR used specifically for fiber optic cabling to determine cabling issues.
Optical Time-Domain Reflectometers
In troubleshooting fiber cable connections, other than physical damage, what physical problems can a fiber cable have that hinders signal transmission?
A user reports that she cannot connect to a wireless access point. Her computer detects the access point, but cannot connect. Which of the following would you not check in order to resolve her problem?
Check the user's network patch cable for breaks and proper termination.
A _________ can occur when the provisioned value for wavelength does not match the supported wavelength.
A user's computer checks out as functional, but cannot get a good network connection. What do you test next?
Check the network cable for end-to-end connectivity with a cable tester.
You have installed a new server on your network and plugged it into an available network cable. Everything checks out as working, yet you cannot connect to the rest of the network. What two things do you check first?
NIC speed and duplex settings; switch port speed and duplex settings
A user receives a notification on his desktop that reads, "The system has detected an IP address conflict with another system on the network. The local interface has been disabled. More details are available in the system event log. Consult your network administrator to resolve the conflict." The user contacts you, the network administrator, to resolve the problem. What do you do?
Run ipconfig /renew on the user's computer
The inner core of a _______ is made of glass through which the signal is transmitted. Even the slightest damage can decrease signal integrity.
fiber optic cable
If a network segment experiences frequent broadcast storms, what can you do to prevent them?
Install a managed switch and enable Spanning Tree Protocol
A user's newly deployed laptop computer will not connect to the network, even after several reboots. You open Device Manager and see that in the list of network adapters, there is a listing for Ethernet adapter with a yellow question mark next to it. What does this tell you?
The NIC driver hasn't been installed
What are the possible states of a network interface controller (NIC) team?
Active-active or active-passive
The _________ is the safest in case of a failure because it will fail to the passive NIC. You will have the same single NIC bandwidth, but with the safety factor of a "hot spare" NIC.
A user reports that she is able to contact her network printers and a file server located on her floor, but she is unable to browse the Internet or to connect to a remote system on another floor. What is likely her problem?
Incorrect or missing default gateway
What is the industry standard data center rack width?
The _______ connector is used with Category 1 cables in telephone system connections and is not suitable for network connectivity.
The ______ is an eight-pin connector used by twisted pair cables in networking.
The _______ connector is commonly used for T1 lines.
An _____ cable is a coax cable with a solid core that is used for Ethernet networking.
A _______ is a tool that allows you to determine the voltage, current, and resistance along the cable.
_________ include foil wrapper shielding around the conductors to improve the cable's resistance to interference and noise.
Shielded twisted pair cables
Both shielded and unshielded cables typically contain ______ of stranded or solid conductors.
Shielded twisted pair is generally more expensive than ________.
unshielded twisted pair
Both STP and UTP cables use ________ to identify the pairs of wires.
________, also known as Fiber Jack, is a compact snap-to-lock connector used with multimode fiber. It is similar in size to an RJ-45 connector.
A ________ is a screw-on type connector with a tapered sleeve that is fixed against guided rings.
A ________ is similar to a Straight Tip (ST) connector and is typically used where water or other environmental factors necessitate a waterproof connection, unlike a bayonet-style connector.
A ________ is a tubular structure made of ceramic or metal that supports the fiber.
A _________ type is a 75-ohm cable used to connect cable TV and FM antenna cables.
A ________ type is a cable connector used to terminate a coaxial cable.
A _______ is a type of bounded network media that transfers information between two devices by using serial transmission.
A ________ enables networks running on different media to interconnect and exchange signals. Technically, a ________ is considered a transceiver because it transmits and receives signals. _______ are often built into other devices such as high-end switches.
A ________ is a network cable that is jacketed tightly around conductors so that fire cannot travel within the cable. A _______ jacket won't give off poisonous gases when it burns. Fire codes usually require this special grade cabling when wires must be run through the plenum (an air handling space), including ducts and other parts of the heating, ventilating, and air conditioning (HVAC) system in a building.
_______ jacketed cabling is inexpensive and flexible. The ______ cable is also referred to as the non-plenum cable. However, when _____ burns, it gives off noxious or poisonous gases. Additionally, _____ jacketing is not formed tightly to the conductors it contains. Tests show that fire can travel within a PVC cable, passing through firebreaks.
A ________ is a type of bounded network media that transfers information between two devices by using serial transmission. These cables typically use an RS-232 (also referred to as DB-9) connector, but can also use a DB-25 connector.
An _______ is a twisted pair connector that is used with Category 1 cables in telephone system connections, and is not suitable for network connectivity.
An _____ cable is a very common type of coaxial cable that is typically used in routing cable television signals.
An _________ is a twisted cable that uses the RJ-45 connector.
A _________ is a network cable that transmits signals through light instead of a copper core.
fiber optic cable
A _______ is a PC connection that allows you to connect peripherals to a single port with high performance and minimal device configuration.
In a Transmission Control Protocol/Internet Protocol (TCP/IP) network, _______ clients, such as Windows systems, use ________ over TCP/IP to connect to servers, and then issue SMB commands to complete tasks such as accessing shared files and printers.
______ initiates, modifies, and terminates a session. It is a signaling protocol for multimedia communication sessions. ______ must work with other protocols because it is responsible only for the signaling portion of a communication session.
Session Initiation Protocol
_______ uses ports 67 and 68, which are likely denied in your firewall. Check the firewall, allow the ports, and then attempt to acquire an IP address again.
________ uses port 69.
Trivial File Transfer Protocol
______ is the protocol Windows systems use to browse other systems and shared resources.
Server Message Block
______ uses port 53 on both UDP and TCP. You have to be sure that both are allowed in the firewall.
______ uses port 23 and ______ uses port 22
You are also replacing Telnet with the Secure Shell (SSH) protocol. Which port do you need to deny and which do you need to open to complete this transition?
________ uses port number 3389, so you have to allow that port through your firewall.
Remote Desktop Protocol
Your support staff requires remote access to Windows servers so that they can connect via remote desktop connections. Which port(s) should you allow through the firewall?
_______ is analogous to POP in that they are both used to transfer email from an email server.
Which one of the following is considered to be a competing Voice over IP (VoIP) protocol with the H.323 suite?
Media Gateway Control Protocol
Unlike ______, IMAP4 enables users to access folders other than their mailbox.
To deny _______, deny ports 137, 138, and 139 in your firewall rules.
______ is an example of a connection-oriented transport protocol and ______ is an example of a connectionless protocol.
For years, your users have used File Transfer Protocol (FTP) to update files on websites, but you have decided to use more secure protocols for all your services. Which protocol will you substitute for FTP?
Secure File Transfer Protocol
You have a directive to use Dynamic Host Configuration Protocol (DHCP) on your network to alleviate the need to manage hundreds of static IP addresses. You've tried implementing it, yet none of your systems can acquire an IP address. What is likely the problem?
Ports 67 and 68 are denied in the firewall.
Secure File Transfer Protocol (SFTP), Session Control Protocol (SCP), and Secure Shell (SSH) all use port ____.
A manager comes to you and demands that you only allow file transfers, file copying, and remote connectivity to Linux servers via secure protocols. Which port(s) must you allow through the firewall to accommodate their request?
Identify the major difference between the Session Initiation Protocol (SIP) and the Real-Time Transport Protocol (RTP).
SIP doesn't transport data.
SMTP operates on port _____ in the outbound direction.
The ______ was developed by Cisco as an alternative to H.323.
Media Gateway Control Protocol
Some members of your staff suggest using one of the network booting protocols so that they can relieve some of the company's desktop support costs. You agree, but have to allow the protocol through the firewall for it to function. Which protocol and port do you allow?
Trivial File Transfer Protocol
A ______ has an obvious symptom but usually no quick solution. Most _______ are network-based, where the network is being flooded with traffic. The only fix for a network-based _______ is to wait for it to stop.
_______ is used to gain access to a system inside a network to exploit vulnerabilities in systems, to steal data, or to disrupt network functions. Other listed attacks generally don't include an "outside to inside" style attack the way a _______ does.
Trojan horse malware
An _________ is a type of software attack where an attacker creates IP packets with a forged source IP address and uses those packets to gain access to a remote system. One sign of an IP spoofing attack is a network packet from an external source that appears to have an internal source address.
IP spoofing attack
You have blocked a vulnerable Transmission Control Protocol (TCP) port on your network—3333, for example—and you want to test your firewall's rule for it. What simple command would you use to test the port block from outside the firewall to server1?
telnet server1 3333
In a _______, the attacker sends an oversized, fragmented Internet Control Message Protocol (ICMP) echo request (ping) packet to the victim. The maximum length of an IP packet, including the header, is 65535 bytes. However, a larger packet can be transmitted if it is fragmented. On a vulnerable system, a buffer overflow can occur when the packet is reassembled, causing the victim to freeze or crash.
ping of death attack
_______ has the greatest potential to collect personal data, watch keystrokes, or grab user names and passwords from a user's computer or live session.
If you observe the following two error messages when reviewing Terminal Access Controller Access Control System (TACACS) log entries, what would you suspect if the message is repeated many times in a row?
err tamd: pam_tacplus: unable to obtain username
err tamd: pam_tacplus: auth failed: Login incorrect
Someone is attempting to guess usernames and passwords
The best solution is to use a ______ to monitor and audit user traffic. Automate the monitoring as much as possible to prevent activity from being overlooked.
Network studies and surveys assert that a majority of malicious attacks actually originate inside corporate walls, not from the outside. Assuming that is true, what can you do to detect and prevent system and service compromises caused by employees?
Use Host-based Intrusion Detection Systems for monitoring.
A __________ is a type of malware that is itself a software attack and can pave the way for a number of other types of attacks. There is a social engineering component to a _______ attack since the user has to be fooled into executing it.
The problem with disabling ______ on your network is that you'll also disable your ability to ping hosts to check for connectivity.
Internet Control Message Protocol
________ is one of the easiest ways to fingerprint an OS or an application/service. In many cases you can configure the service (web server, email server, etc.) to not respond to clients with any banner. Firewalls can also be configured to block banners.
IT administrators will often set up ________ so if the normal channels get hacked or compromised, they'll still have access to the system(s) through this backdoor route.
Using the previous scenario, you have created an allow rule for Transmission Control Protocol (TCP) port 3333 to server1, but the test fails. What could not be the problem with your firewall rule?
You've exceeded the maximum number of rules in your firewall.
To troubleshoot Terminal Access Controller Access Control System (TACACS) sessions, which utility should you turn to for assistance?
During a normal patching session, you find that one of your systems will not shut down when it is time for it to reboot. What do you suspect has happened?
A malware program is keeping processes alive.
Active Directory groups can be very confusing to implement correctly. What is the possible harm of group mishandling and sprawl?
Users may accidentally gain unnecessary privileges
You receive an alert that an application server system has crashed, rebooted, and now is exhibiting unusual behavior. Under further investigation, you find that there is an unusual network connection with an origin external to your network that attempts to connect to other systems inside your network. The system you are investigating was likely compromised by which one of the following attacks?
Identify a method of working around Address Resolution Protocol's (ARP's) inherent security problems.
Use software that checks the accuracy of the ARP table
If users report Terminal Access Controller Access Control System (TACACS) login failures, where should you look to find the root cause?
The BIG-IP log files
_______ attacks affect all users on a network segment. Worms, botnets, and mass mailers are all examples of _______ attacks.
A ______ affects individual computers systems and cannot cause network problems.
boot sector virus
Identify a solution for monitoring malicious Internet Control Message Protocol (ICMP) traffic on your network.
A network intrusion detection system
A _______ describes the paths through which data moves through a network. By contrast, a physical topology describes a network's physical wiring layout. Even though the computers in a network might be wired a certain way, the manner in which data flows between those devices might differ.
________ are networks and systems used to support municipal services and industrial processes such as power generation and distribution, water treatment and distribution, wastewater collection and treatment, oil and natural gas collection and production, chemical synthesis and other production processes, as well as in transportation systems.
Industrial Control Systems
________ systems are used in situations where sites are at great geographical distances from one another, and where centralized data collection and management is critical to the industrial operation. Examples of industries where ______ systems are common include systems like water distribution systems, wastewater collection systems, oil or natural gas pipelines, electrical power grids, and railway transportation systems. A _______ control center monitors and manages remote sites by collecting and processing data and then sending supervisory commands to the remote station's control devices. Remote control devices, or field devices, are responsible for controlling operations like opening and closing valves, collecting data from sensor systems, and monitoring the environment for alarm conditions.
Supervisory Control and Data Acquisition
________ are used in process-based industries such as electric power generation; oil refining; water treatment; wastewater treatment; and chemical, food, and automotive production. In most instances, each main process is broken down into a series of sub-processes, each of which is assigned an acceptable tolerance level. Programmable Logic Controllers (PLCs) provide control over these sub-processes by using control loops, and the ____ manages the PLCs. ______ are used primarily in industries where the parts of the manufacturing system are in close geographic proximity, and where feedback and feed-forward loops are used to create a closed-loop or closed network system.
Distributed Control Systems
_______ systems are used in situations where sites are at great geographical distances from one another. A _______ control center monitors and manages remote sites by collecting and processing data and then sending supervisory commands to the remote station's control devices.
supervisory control and data acquisition
In ______, as the name suggests, control is not as centralized as in a SCADA system. In most instances, each main process is broken down into a series of sub-processes, each of which is assigned an acceptable tolerance level.
In a _________, every node on the network is directly connected to all other nodes on the network. Since each node has a dedicated line to every other node, any given node can communicate with multiple nodes at the same time. Data can travel very fast in this type of configuration. Because of the redundant connections, the failure of a single node will not cause the network to go down.
physical mesh topology
However, the number of required connections increases exponentially with the number of nodes added to the network. This can make a _______ difficult to implement and maintain over time.
full mesh topology
A ___________ is a variant in which only some nodes have direct links to all other nodes. This helps reduce the complexity and cost of a full mesh setup, and also involves fewer redundancies.
partial mesh topology
A _________ is a network that spans a large area, often across multiple geographical locations. _____ typically connect multiple LANs and other networks using long-range transmission media. Such a network scheme facilitates communication among users and computers in different locations. _____ can be private, such as those built and maintained by large, multinational corporations, or they can be public, such as the Internet.
Wide Area Network
When a WAN includes sites and networks around the world, it is considered a ________.
Global Area Network
A ________ is a network topology that uses a central connectivity device, such as a switch, with individual physical connections to each node. The individual nodes send data to the connectivity device, and the device then forwards data to the appropriate destination node. In legacy implementations, hubs were also used in physical star topologies, where nodes sent data to the hub, which simply passed it through to all attached nodes. Star topologies are reliable and easy to maintain, as a single failed node does not bring down the whole network. However, if the central connectivity device fails, the entire network fails.
physical star topology
______ is a technology that allows devices to establish a radio connection from a very short distance, generally 10 inches or less. A common example of _____ in action is when two smartphones are tapped together to establish a very short-range connection.
A _________ is a network topology in which nodes receive the data transmitted all at the same time, regardless of the physical wiring layout of the network. A common implementation is physical star-logical bus. In this topology, even though nodes connect to a central switch and resemble a star, data appears to flow in a single, continuous stream from the sending node to all other nodes through the switch. Because the transmission medium is shared, only one node can transmit at a time.
logical bus topology
In a ________, one end of the cable is wired exactly the opposite of the other end of the cable, going from one to eight on end A and from eight to one on end B. Instead of allowing data transfer, they provide an interface for programmers to connect to and adjust the router's configuration.
A ________ is used to connect unlike devices, such as computers, to hubs or switches. These cables are also known as patch cables.
A ________ is used to connect like devices, such as computer to computer, switch to switch, or router to router.
A __________ is a network in which servers provide resources to clients. Typically, there is at least one server providing central authentication services. Servers also provide access to shared files, printers, hardware storage, and applications. In client/server networks, processing power, management services, and administrative functions can be concentrated where needed, while clients can still perform many basic end-user tasks on their own.
A _________ is a network in which resource sharing, processing, and communications control are completely decentralized. All clients on the network are equal in terms of providing and using resources, and each individual workstation authenticates its users.
________ involves sending pulses of infrared light from one device to another.
________ also involves sending signals via pulses of electromagnetic energy in the microwave region of the electromagnetic spectrum.
A ________ is a network topology in which each node is connected to the two nearest nodes: the upstream and downstream neighbors. The flow of data in a ring network is unidirectional to avoid collisions. All nodes in the network are connected to form a circle. There is no central connecting device to control network traffic, and each node handles all data packets that pass through it. Data moves in one direction through each node that scans data packets, accepts packets destined for it, and forwards packets destined for another node.
physical ring topology
In configuring RADIUS, what does the acronym AAA mean?
Authentication, Authorization, and Accounting
_______ is also known as link aggregation, port teaming, EtherChannel, and NIC bonding, among other names.
If it weren't for implementation of the Spanning Tree Protocol (STP), or one of its equivalent replacement protocols, such as SPB or RSTP, what would inevitably happen?
Your network segment would be flooded with broadcast storms.
What is the IEEE standard designation for the Spanning Tree Protocol (STP)?
What is the most common in-band remote-management hardware device?
_______ is a Layer 2 protocol used to prevent switching loops.
Which standard describes Power over Ethernet (PoE) technology that enables networks to deliver electrical power and standard data over Ethernet cabling, with up to 15.4 W of DC power supplied to each powered device and with 12.95 W being assured due to power dissipation during delivery?
What type of entity or object is a virtual LAN (VLAN)?
The _______ is the messaging protocol that switches use to update each other's VLAN databases. Developed by Cisco, it allows switches to quickly advertise to each other when a VLAN is created or deleted. This saves an administrator some manual labor. If the administrator wishes to extend a VLAN across several switches, he or she would have to manually configure each switch with the same VLANs. With VTP, this is done automatically.
VLAN Trunking Protocol
Which standard describes Power over Ethernet Plus (PoE+) technology, which enables networks to deliver electrical power and standard data over Ethernet cabling, with up to 30 W of power supplied to each powered device and with 25.5 W being assured to the powered device?
_________ is the practice of duplicating all traffic on one port in a switch to a second port, effectively sending a copy of all the data to the node connected to the second port. Port mirroring is useful as a diagnostic tool when you need to monitor all traffic going to a particular port or node with minimal impact on the network performance.
________ is a mechanism whereby wireless access points can choose from among several different available VLANs to assign incoming client connections. This strategy distributes and load balances wireless client traffic among multiple VLANs so that no single network segment is overwhelmed by too many wireless client connections.
A ________ is your network segment's router, also known as the first hop.
________, also known as frame tagging, is a method developed by Cisco to help identify packets traveling through trunk links.
_______ is the most commonly used trunk link protocol to address this issue. ______ inserts a special tag in the Ethernet header identifying the VLAN for that frame. The switch at the other end of the trunk link will read that tag and forward the frame to the appropriate VLAN.
The separation of the network address portion and the host address portion is a characteristic of an _______.
An IP address is a binary address assigned to a computer so that it can communicate with other computers and devices on a Transmission Control Protocol/Internet Protocol (TCP/IP) network. IPv4 addresses are _____ bits in length, while IPv6 addresses are _____ bits long.
________ is a classless addressing method that considers a custom subnet mask as a 32-bit binary word. Mask bits can move in one-bit increments to provide the exact number of nodes and networks required. The ______ notation combines a network address with a number to represent the number of one bits in the mask. With _______, multiple class-based networks can be represented as a single block.
Classless interdomain routing
A ________ is an analysis technique that determines the coverage area of a wireless network.
The advantage of ________ is increased communications performance.
A _______ is a small network that can comprise up to 10 nodes. _________s can either be wired or wireless. The upper limit of 10 nodes is the generally accepted limit, but you might encounter __________s that include more than 10 nodes.
_________ is a set of MAC and physical layer specifications for implementing a WLAN.
The _________, like any LAN or WAN, benefits greatly from an infrastructure topology because of its stability and permanence.
What is the relationship between VLANs and IP address pools?
Each VLAN gets its own subnet of addresses.
A security control for switch ports that determines the packets which will be allowed to pass and those which will be dropped by screening the packet based on certain criteria.
_______ can connect to each other using trunk links that will carry all VLAN traffic from one switch to the next. In this way, a single VLAN can extend across an entire campus and not be limited to one switch or one building. Ethernet-based metropolitan area networks also use VLAN tagging to keep different customers' traffic separate.
A _________is a network device that acts as a common connecting point for various nodes or segments. Working at Layer 2 of the OSI model, switches make forwarding decisions based on Layer 2 (MAC) addresses.
The _______ is a Layer 2 protocol used to prevent switching loops. Whenever there are redundant paths between switches, where either two switches are connected using two different links or a ring of switches connected to each other, a switching loop will occur.
Spanning Tree Protocol
The IEEE standard for STP is _______.
If you link two 1 Gb/s ports on a switch, what is the resulting speed of the aggregate?
What is the most common in-band remote-management hardware device?
Network administrators typically use ________ when standard connectivity isn't available.
A ________ is a software program that is installed directly onto a host and that filters incoming and outgoing packets to and from that host.
A ________ is a dedicated hardware/software combination that protects all the computers on a network behind the firewall.
________ is a network security solution that is used to monitor and manage a wide variety of security-related applications and infrastructure components through a single management console. ______ provide multiple security functions such as network firewalling, network intrusion prevention, anti-malware, VPN, spam and content filtering, load balancing, data leak prevention and on-appliance reporting. ______ can be network appliances or a cloud service.
Unified Threat Management
How do you connect a network-based firewall to your network?
Which of the following is the proper method setting up a demilitarized zone (DMZ) on your network?
A ________ is a small section of a private network that is located between two firewalls and made available for public access. A ______ enables external clients to access data on private systems, such as web servers, without compromising the security of the internal network as a whole. The external firewall enables public clients to access the service whereas the internal firewall prevents them from connecting to protected internal hosts.
An ________ is a very powerful feature, but it comes at a cost. The processing overhead incurred in analyzing every individual packet passing through the filter is extremely resource intensive. In addition, ________ are typically expensive.
In _______, the firewall is considered to be a router hop in the network. It can perform NAT between connected networks, and can use OSPF or RIP (in single context mode). _______ supports many interfaces where each is on a different subnet.
In ________, the firewall logically binds two ports together and passes all traffic to the other port without any switching or routing. It is not seen as a router hop to connected devices. Full inspection and control for all traffic is enabled, and no networking protocol configuration is required.
Virtual Wire mode
On Windows Server, you have multiple network options for enabling the software firewall: Domain network, Private network, and Public network. On which networks should you enable the firewall?
Domain, Public, and Private
What is the appropriate (most secure) way to configure your firewall?
Block all traffic; create exceptions as required.
A _______ is a hardware-level address assigned to every networking device by its manufacturer. It is also known as a physical address. ________ are written in hexadecimal form.
An example of a ________ is 00-00-86-46-F6-65.
An _______ is a unique binary address assigned to a computer so that it can communicate with other computers and devices on a Transmission Control Protocol/Internet Protocol (TCP/IP) network.
A ________ is a number assigned to each host, which divides the IP address into a network ID and node ID.
In a ________, nodes contend for access to the same physical medium. This occurs on a logical bus, where the transmission of a single node is heard by all nodes. A collision can happen in this type of situation.
A ________ is a network segment on which broadcasts occur.
A _______ is a logical subset of a larger network, created by an administrator to improve network performance or to provide security.
_________ is a process by which all nodes are logically separated from each other until there is a need to connect them.
What is the correct sequence of information presented in an IPv6 address?
RIR, ISP, Site, Subnet, Host
________ addresses provide a large number of network addresses for networks with a small number of nodes per network. The technical definition of a ______ address is any address in which the first three bits of the first octet are 110.
_______ addresses provide a small number of network addresses for networks with a large number of nodes per network. Used only by extremely large networks, _______ addresses are too expensive for use by most organizations. The technical definition of a ______ address is any address where the first octet (on the left) begins with 0.
________ addresses provide a balance between the number of network addresses and the number of nodes per network. Most organizations lease _______ addresses for use on networks that connect to the Internet. The technical definition of a _______ address is any address where the first octet (on the left) begins with 10.
________ addresses are set aside to support multicast transmissions. Any network can use them, regardless of the base network ID. A multicast server assigns a single _______ address to all members of a multicast session. There is no subnet mask. _______ addresses are routable only with special support from routers. The technical definition of a _______ address is any address where the first octet (on the left) begins with 1110.
________ addresses are set aside for research and experimentation. The technical definition of a ______ address is any address where the first octet (on the left) begins with 1111.
_______ is a service that enables a DHCP client computer to assign itself an IP address in case no DHCP servers respond to its DHCP discover broadcast. Clients can use ______ to assign themselves an IP address in the 169.254.x.x address range to enable communication with other clients until the issue with the DHCP server is resolved. ______ addresses are not routable, however, which means that communication is restricted to the local subnet.
_______ is a network service that automatically assigns IP addresses and other TCP/IP configuration information on network nodes configured as _____ clients. A _______ server allocates IP addresses to _______ clients dynamically, and should be configured with at least one ______ scope. The scope defines the group of IP addresses that a ______ server can use.
A ________ removes the node ID from the IP address, leaving just the network portion. A _________ is a series of continuous binary 1s that end abruptly at some point, followed by all 0s.
An _______ consists of two portions: the network address portion that is common to all hosts and devices on a physical network, and the host address portion, which is unique to the individual host. For instance, suppose that you have an IP address of 192.168.10.1, with a subnet mask 255.255.0.0. This means that 192.168 is the network ID, and 10.1 is the host ID.
In the _______, a data packet is enveloped in a form that is acceptable to the carrier. To make sure the packets can travel across all Internet service providers (ISPs), the client encapsulates the IP version 6 (IPv6) packets into IPv4.
_______ is a subset of dynamic NAT functionality that maps either one or more unregistered addresses to a single registered address using multiple ports.
Port Address Translation
A _______ is any exploit in an operating system, software program, or hardware device that is taken advantage of on the same day it is discovered. These flaws become known to the public when a malware program exploits the flaw and compromises the product, the computer, or the network connected to the computer. Because the company is not prepared with a fix, these exploits can cause serious issues and keep a system vulnerable until the company releases a solution to the issue.
It can be difficult for companies to guard against a ________, but the best options for helping to protect against these occurrences include using an intrusion detection system, setting up network access control to prevent unauthorized computers from accessing a network and using Wi-Fi Protected Access (WPA or WPA2) security on wireless networks.
The frequency in hertz that AT&T originally used to indicate when a line is free. In 1974 John Draper aka Captain Crunch discovered a breakfast cereal children's whistle was capable of making this tone. He and others used this technique or similar techniques in conjunction with a blue box to generate the ________ tone and make free long distance calls around the world. These individuals came to be known as phreaks.
Introduced in 1998, _______, is a cryptographic cipher. It is a symmetric-key block cipher, meaning that the same key is used to encrypt and decrypt data in fixed-length groups of bits called blocks.
It is called "________" because it applies the DES cipher three times when encrypting data. When DES was originally developed in 1976, it used a key size of 56 bits, which was a sufficient level of security to resist brute-force attacks. Since then computers have become cheaper and more powerful, enabling the ______ algorithm to apply DES three times consecutively; essentially stopping brute-force on modern computers.
Any system designed to prevent and restrict access to users. For example, a primary form of _______ is only allowing users who have accounts to login to a system or only allowing the user access to files he or she should be able to see.
Hardware and software systems may also have _______ built into them, which means they require a specific security validation to allow users access or use of the hardware or software. _______ typically relies on particular security measures to determine who should have access.
A software program or bot designed to parse through large amounts of data such as web pages on the Internet and grab specific information. For example, a _______ may be designed to grab accounts, addresses, e-mail addresses, names, and phone numbers.
With ________ a person or program records login and password information from a legitimate user in order to illegally gain access to their accounts. The hacker who is working to harvest accounts may use sniffing software to find the data on a network, phishing scams, or shoulder surf to harvest account information.
Once multiple accounts have been harvested the hacker uses the collected information illegally to gain access to accounts, if successful they may gain access to information they do not have the right to view, spam other users, or use the account for other illegal monetary gain.
________ is a single item contained within an ACL that contains information about the user or group and the associated permissions. In many cases, a single ACL can contain multiple ACEs.
access control entry
________ is a listing containing one or more ACE that tells a computer operating system or other network device what rights users have to each item on a computer or network device. For example, an _______ may specify if a user or the users group have access to a file or folder on that computer or network.
Access Control List
A method of bypassing security measures on a network or a method of gaining access to a network by imitating a different IP address.
A document containing detailed information about potential security risks. _______ help companies keep their customers informed about the latest threats and what to do about them. For example, a company may issue a security advisory about a version of their program that allows unauthorized access to your computer and recommend updating to the latest version of that program to fix the problem
_______ is a program installed without a user's consent or knowledge during the install of another program. Much like spyware, _______ tracks individuals Internet activities and habits to help companies advertise more efficiently.
_______ is usually installed on a computer with free programs since the developers are often paid if they include it with their program. Like spyware, _______ can be located and removed from a computer using software utilities available on the Internet.
________ is an encryption algorithm first used by the United States government to protect sensitive documents. _______ is designed as a substitute for DES and supported in many encryption programs such as PGP.
Advanced Encryption Standard
_______ is a system developed by AT&T that is similar to Caller ID that provides the phone number of the person calling a number as well as the number they dialed. Because _____ is not Caller ID, even if caller ID block is enabled this information could still be obtained.
Automatic Number Identification
Term used to describe a person or computer that cannot be identified.
_________ is an application that is run on a firewall or proxy that negotiates a connection between a network application running on a computer behind the firewall and another computer. This connection provides added security to computers behind the firewall, by only displaying the IP address of the firewall or proxy, but at the cost of decreasing the overall speed, you send and receive information.
________ is an encryption technique that uses a different key to encrypt and decrypt the information. By using a different key, this prevents someone from creating a decryption key from the encryption key and helps the encrypted data stay even more secure.