Download Network+ Certification Exam Questions and Answers and more Exams Biology in PDF only on Docsity! Network+ Certification exam questions with complete verified solutions Peer-to-Peer Network - answer Individual hosts don't have a specific role. Hosts both provide and consume network resources Client-Server Network - answer Hosts have specific roles assigned to them In this case, some hosts may be assigned to be servers LAN - answer When multiple networks within the same organization are connected together, it's a LAN MAN - answer When LANs within the same city are connected together, they form a MAN WAN - answer Many networks in many different cities that are connected together, they form a WAN Internetwork - answer Connection between 2 separate networks Intranet - answer A private network that uses internet technologies but is limited to only users within the private network Extranet - answer A Intranet that is made partially available for entities outside your organization Bus Topology - answer Messages are sent to all devices connected to the bus Ring Topology - answer Messages are sent from device to device in a predetermined order until they reach the destination device Network Layer - answer Responsible for moving data between system throughout the network and is where routing happens. IP Address assignment happens at this layer Uses packets (source and destination IP addresses) Data Link Layer - answer Responsible for interfacing between the physical transmission media. (the physical devices and the network layer) This layer is divided into 2 sub layers: LLC (Logical Link Control): provides the interface between the lower layers and the upper layers MAC (Media Access Control): identifies how devices can access the network medium MAC address is assigned at this layer and uses frames (Source and destination MAC are added) CRC (Cyclic Redundancy Check): this is also added to the frame at this layer. This helps the receiving device identify errors that may have occurred during transmission. Defines the logical topology of the network. Physical Layer - answer Where we work with physical hardware Works with protocols that identify cables, connectors, and devices we can put on a network Data at this layer is just a series of bits. They become electrical impulses, light pulses, or some kind of radio wave TCP/IP Model - answer Application: Application, Presentation, Session Transport: Transport Internet: Network Network Interface: Data Link Digital Network Signal - answer Composed of current that have distinct changes A positive volt is considered a '1' A negative volt is considered a '0' Analog Network Signal - answer A continuous electrical current that has no distinct changes, but gradual changes The wave created is adjusting the signals amplitude, or 'strength' overtime Unlike digital signals, it doesn't specifically represent bits Modulation - answer the process of encoding digital signals into an analog signal Demodulation - answer The process of converting analog signals back into digital signals Modem - answer Modulates and demodulates (turns analog signals to digital signals and digital signals to analog signals) CAT 3 - answer Supports up to 10 Mbps CAT 5 - answer supports 100/1000 Mbps CAT 5e - answer Supports 100/1000 Mbps w/ EMI protection CAT 6 - answer Supports up to 10 Gbps. Often has a solid plastic core that keeps the twisted pairs separate and prevents cables from being too tightly bent. CAT 6e - answer Supports up to 10 Gbps. Designed to provide better protection against EMI and crosstalk. Also has better performance that CAT 6 especially at 10 Gbps RG-58 - answer uses BMP connector and 10BASE2 Ethernet RG-59 - answer used for Cable TV primarily, uses F-Type connector RG-6 - answer used primarily for networking, uses F-Type connector, 75 Ohms of resistance (very high) Define Fiber Optic cabling - answer Immune to EMI and interference. It is used for long-distance and high- bandwidth runs. Uses light pulses instead of electricity to transmit data Single mode Fiber - answer Thin core. Can only transfer data like half-duplex. Multi mode fiber (what is it, and what are the distances for 100 mbps, 1gbps, and 10gbps) - answer Thick core. Can transfer data like full-duplex. (send multiple light pulses at once) Transfer rates: 100 Mbps=2km. 1000Mbps= 1000m. 10 Gbps= 500m ST Connector - answer used with single mode and multimode. Bayonet connector. Push and twist SC Connector - answer used with single mode and multi- mode. Locking-tab connector. Push-in pull-out LC Connector - answer used with single mode and multimode. Plastic connector with locking tab. MT-RJ connector - answer used with single mode or multimode: uses tabs to make sure that plug is aligned and plugged in properly. Use metal guide pins to ensure correct alignment FC Connector - answer typically used with only single mode: threaded, designed to stay security connected and not pop loose in severe environments Straight-through cable - answer Used to connect unlike devices to each other (router to switch) (PC to switch) T568A Wiring - answer GW, G, OW, B, BW, O, BRW, BR T568B Wiring - answer OW, O, GW, B, BW, G, BRW, BR Demarc - answer The point in the building where the ISP and you meet. Anything outside the demarc is the responsibility of the ISP, anything inside of it is my responsibility MDF - answer Main Distribution Frame (MDF) this is the wiring closet usually closest to the demarc and is usually on the main floor or basement Define a NIC - answer transmits and receives data over a network What does a Wireless NIC do? - answer converts computer data into radio waves What do Media Converters do? - answer allow you to connect two different types of wires, like UTP to fiber Define a MAC address - answer a 48-bit 12-character number that uniquely identifies a device First 6 characters identify the manufacturer ID, the last 6 characters identify the device's ID What is the Broadcast MAC address? - answer FF-FF-FF- FF-FF-FF RARP - answer RARP (Reverse ARP) is used when a device knows a destination's MAC but not it's IP Hub/repeater - answer Work like a bus topology: relaying data to all devices Wired physically like a star because all devices connect to it centrally Because hubs don't look at and Bridge - answer A device that connects two (or more) media segments on the same subnet, and it filters traffic between both segments based on the MAC address in the frame. Switch - answer A multiport bridge that performs filtering based on MAC addresses, in addition to providing additional features not found in a bridge When learning MAC addresses for its table, it learns MAC addresses based on the source MAC of the incoming frame When a frame comes in with a destination MAC to an unknown port, the switch sends it to all the ports until one port accepts it WAP - answer Wireless Access Point any message sent to any wireless host connected to the AP can be received by all other wireless hosts An AP is often configured as a bridge, connecting a wireless segment to a wired segment. Router - answer Makes forwarding decisions based off the IP, not the MAC like a switch would Firewall - answer Determines what network traffic is allowed to enter or leave a network Packet Filtering Firewall - answer make decisions based on the source address and the destination address within each network packet What does a Layer 3 Switch do? - answer similar to a regular switch, but like a router, it makes forwarding decisions based off of the IP of the incoming packet What happens to the MAC and IP when being transferred between routers - answer MAC address changes, destination IP never changes How do routers make forwarding decisions of packets? - answer Routers receive packets, read their headers to find addressing information, and send them on to their correct destination on the network or Internet. To send a If two devices transmit at the same time, a collision occurs. When this happens both devices send out jam signals so that no one else can transmit for a random period of time. This is known as a BACKOFF (Collision Detection) a. Collison - 2 stations are talking at once b. Used with half-duplex What is Full-Duplex? - answer Definition: hosts can transmit and receive at same exact time Provides double the bandwidth as half-duplex Collision detection is turned off. The device can send and receive at the same time. Requires full-duplex capable NICs. Requires switches with dedicated switch ports (a single device per port). What is Half-Duplex? - answer hosts can only send but not receive at one time or receive and not send at one time. Collision detection is turned on. The device can send or receive in only one direction at a time. Devices connected to a hub must use half-duplex communication. What is inside the frame? (Disregard the packet) - answer The preamble is a set of alternating ones and zeros terminated by two ones (11) that mark it as a frame. The destination address identifies the receiving host's MAC address. The source address identifies the sending host's MAC address. The data is the information that needs to be transmitted from one host to the other. Optional bits to pad the frame. Ethernet frames are sized between 64 and 1518 bytes. If the frame is smaller than 64 bytes, the sending NIC places "junk" data in the pad to make it the required minimum of 64 bytes. The cyclic redundancy check (CRC) is the result of a mathematical calculation performed on the frame. The CRC helps verify that the frame contents have arrived uncorrupted. SONET - answer A Wide area network technology that uses fiber to multiplex signals across a single wire. Describe the components or Ethernet Specifications of a time that looks like this: 10BaseT or 1000BaseFx - answer i. 10Base__ is 10Mbps, 100Base__ is Fast Ethernet, 1000Base__ is Gigabit, and 10GBase is 10 Gig speeds i. T, FL are used in 10Base (T=CAT 3,4,5; FL=fiber) ii. Tx, Fx, are used in 100Base (Tx=CAT 5 or higher, Fx=fiber) iii. T, Cx (short copper), Sx (short) used in 1000Base. (T=CAT 5e or higher; Cx= special copper of 150ohm or higher; Sx=Fiber) iv. T, SR/SW, LR/LW, ER(extended reach)/EW. Used in 10GBase. (T=Cat 6 or 7; SR/SW=multimode fiber; LR/LW What does the link light tell me? - answer indicates that there is a physical connection between 2 different devices a. On gigabit NICs, a solid green light indicates full gigabit speeds b. Orange light indicates probable 100 Mbps speeds c. Red light indicates there is probably a physical Layer 1 issue going on On a Activity Light, what does it mean when it is not lit, flashing, or a solid light? - answer a. Not lit: no data being sent to and from the device b. Periodic flashes of light indicate activity and probable valid connections c. Solid light indicates that there is simply a lot of traffic going on. If light is solid, but not being used, this indicates a possible NIC problem On a collision light, what does it mean when it is not lit, flashing, or a solid light? - answer a. If there is no light, that good, that means there are no collisions going on currently b. If the light is on for a little bit, that is normal as collisions happen from time to time c. If the light is steady or flashing frequently, this indicates a mal-functioning network port or that there are too many devices on the network Explain 10BaseT - answer 10 Mbps CAT 3,4,5 Up to 100m Explain 10BaseFL - answer 10 Mbps Fiber cable Up to 1,000-2000m Explain 100BaseTx - answer 100 Mbps Cat 5 or higher Up to 100m Explain 100BaseFX - answer 100 Mbps Fiber 412m-2000m Explain 1000BaseT - answer 1000 Mbps CAT 5e or higher Up to 100m Explain 1000BaseCx - answer Cx= short copper 1000 Mbps Special Copper (150ohm) Up to 25m Explain 1000BaseSx - answer Sx=Short Fiber 1000 Mbps Fiber 220-550m Explain 1000BaseLx - answer Lx=Long Fiber 1000 Mbps Fiber 550m-5km Explain 10GBaseT - answer 10 Gbps CAT 6,7 Up to 100m Explain 10GBaseSR/SW - answer SR= Short Reach SW= Short w/SONET 10 Gbps Multimode Up to 300m What does RIR do? - answer A RIR assigns blocks of addresses to Internet Service Providers (ISPs). Describe the Subnet mask of a Classfull IP Address - answer They use the default Subnet mask Descrive the subnet mask of a Classless IP address - answer Classless IP addresses use custom Variable length subnet masks (VLSM) What is the subnet mask for CIDR notations /16 - /30? - answer /30 255.255.255.252 /29 255.255.255.248 /28 255.255.255.240 /27 255.255.255.224 /26 255.255.255.192 /25 255.255.255.128 /24 255.255.255.0 /23 255.255.254.0 /22 255.255.252.0 /21 255.255.248.0 /20 255.255.240.0 /19 255.255.224.0 /18 255.255.192.0 /17 255.255.128.0 /16 255.255.0.0 What is supernetting? - answer Takes multiple smaller network addresses and combines them into one larger subnet address. What does a DHCP scope do? - answer Contains a range (pool) of IP addresses available for use An Appropriate Subnet Mask Address of the DNS server Address of the Gateway The DHCP server can be configured to prevent specific addresses in the range from being assigned to clients. This is called an exclusion. You can also configure a DHCP server to deliver the same address to a specific host each time it requests an address. This is called a reservation. Describe the DHCP sequence of a host receiving an IP (acronym) - answer Discover Offer Request Acknowledge Describe a DHCP Discover message - answer The client begins by sending out a DHCP Discover frame to identify DHCP servers on the network. Describe a DHCP Offer message - answer A DHCP server that receives a Discover request from a client responds with a DHCP Offer advertisement, which contains an available IP address. If more than one DHCP server responds with an offer, the client usually responds to the first offer that it receives. Describe a DHCP Request message - answer The client accepts the offered address by sending a DHCP Request back to the DHCP server. If multiple offers were sent, the DHCP Request message from the client also informs the other DHCP servers that their offers were not accepted and the IP addresses contained in their offers can be made available to other clients. Describe a DHCP Acknowledge message - answer The DHCP server responds to the request by sending a DHCP iii. The PTR record maps an IP address to a hostname (it "points" to an A record). It is the reverse of a A or AAAA record. You provide a name, it will then provide you with an IP address. iv. The MX record: Determines the host name for the mail server. v. CNAME: (Canonical Name Record) a name is an alias of another, a canonical a. This allows us to name a single device, but have multiple names. These names can be a nickname, a secondary name, etc; these all associate with 1 individual device. What is DDNS? - answer DDNS enables clients or the DHCP server to update records in the zone database. Without dynamic updates, all A (host) and PTR (pointer) records must be configured manually. With dynamic updates, host records are created and deleted automatically whenever the DHCP server creates or releases an IP address lease. updates name records with a secure, automatic process. This is used in environments where IP addresses are changing a lot What is a DNS Forward Lookup Zone? - answer finds the IP address for a given hostname. What is a DNS Reverse Lookup Zone? - answer finds the hostname from a given IP address How many bits are in a IPv6 address and how many total addresses are there? - answer 128 bits 10 x 10^38 addresses Discuss IPv6 compression as far as colons and 0's go - answer You can omit the leading zero within a quartet, training zero's must be left as they are. (ex: 08CA = 8CA) You can omit blocks of zero's, replacing them with a double colon :: (ex: ACAD:0000:0000:0000:0000:0000:0000:0DB8 = ACAD::DB8 (YOU CAN ONLY USE DOUBLE COLONS ONCE!!!!!) What is a IPv6 Prefix - answer i. Prefix: the first 4 quartets, it is comparable to the network address 1. It can also be divided into several other parts that have some significance. For example, the first 3 digits of the prefix vary on Reginal Internet Registries (RIR) 2. Prefix's length must be specified with a slash. a. Entire prefix is designated with a /64 b. RIR's use 12 bits c. The next quartet is usually for ISPs, if this is the case, then the prefix will be /32 What is a IPv6 Interface ID? - answer the last 4 quartets, comparable to the host address You can dynamically make your device's MAC address incorporated into the Interface ID. Since the Interface ID is 64 bits and the MAC is 48, you add "FFFE" in the first quartet of the Interface ID. IF you see FFFE, you know a MAC address is being used in the IPv6 address as well What is Dual Stack? - answer It lets you use both IPv4 and IPv6 addresses together on every host Dual Stack will not work if devices within a network are separated by a router unless the router is configured for both IPv4 and IPv6 What is Tunneling? - answer Allows you to send IPv6 packets through an IPv4 network and vice versa It works by encapsulating an IPv6 packet within an IPv4 packet. The IPv4 network sees the IPv4 packet and routes it accordingly, then when the packet reaches the IPv6 network, the network strips off the IPv4 encapsulation and looks at the IPv6 packet inside What is a global unicast address? - answer addresses that are assigned to individual interfaces that are globally unique What is a Multicast Address? - answer addresses represent a dynamic group of hosts. Packets sent to a multicast address are sent to all interfaces identified by that address Addresses have FF00::/8 prefix What is a Anycast Address? - answer unicast address that is assigned to more than one interface, typically belonging to different hosts 1. An anycast address is the same as a unicast address. Assigning the same unicast address to more than one interface makes it an anycast address. 2. Usually used for trying to locate the nearest server of a specific type (like DNS, DHCP etc..) IGMP - answer IGMP: Internet Group Management Protocol It's used to define multicast groups and group members What is a stateful DHCP Server Provision? - answer Stateful: DCHP server provides each client with the IP address, default gateway, and other IP configuration such as DNS server IP. This server tracks the status (state) of the client What is a stateless DHCP Server Provision? - answer Stateless: DHCP server does not provide the client and IP address and does not track the status of the client, but does supply the client only with the DNS server IP ARP - answer Address Resolution Protocol ARP maps IP addresses to MAC addresses so we know which physical interface a packet needs to be delivered to What does the arp -a command do? - answer shows the IP address-to-MAC address mapping table (the address cache). What does the netstat command do? - answer shows the active connections, shows network connections, routing table, and protocol stats for each network interface netstat -a - answer shows detailed information for active connections. netstat -r - answer shows the routing table of the local host netstat -s - answer shows TCP/IP statistics. nbtstat -c - answer shows the IP address-to-NetBIOS name mapping table (the name cache). What is an Unmanaged switch? - answer Low end switches sold in most retail stores. They're convent and easy to implement Lack many advanced management and security features What is a managed switch? - answer Must be manually configured before use What does AAA Authentication stand for? - answer (Authentication, Authorization, Accountability) What does the CAM table do? - answer (Content Addressable Memory) table: stores the relationship between the MAC addresses on the network and the switch port each on is connected to Can trunk ports be members of multiple vlans or not? - answer Yes what is vlan tagging? - answer a part inserted into the frame to let the switch know what vlan the frame should go to What is 802.1Q - answer The vlan tagging standard Where is the vlan tag inserted on a frame? - answer The vlan tag is inserted right after the Destination MAC, then source MAC What is VTP? - answer Vlan Trunking Protocol: simplifies the Vlan configuration process on a multi switch network. It does this by propagating configuration changes between the switches list and describe the 3 configuration modes of VTP - answer Server, Client, Transparent Mode 1. Server: used to modify the vlan configuration, then tell the other switches on the network the changes that were made 2. Client: Receives the changes from the VTP server switch, changes cannot be made on a client switch 3. Transparent mode: allows you to make local configuration of information ONLY on the switch you are currently on. It does not forward its own configurations to other switches. When it does receive changes from the server, it forwards it to other switches on the network. What is Native Vlan? - answer the only VLAN which is not tagged in a trunk, in other words, native VLAN frames are transmitted unchanged When you configure "switchport trunk native vlan 10" this means that no traffic originating from vlan 10 crossing this connection will not be tagged What is a broadcast storm? - answer Broadcast storm is where (in this scenario) 2 switches are connected with 2 cables (for redundancy), and one switch sends a broadcast to another, the second switch receives it, and forwards it to the 1st switch, the first switch receives it and forwards it back to the 2nd switch. This will not stop and cause network outage and is a form of DOSing yourself. What is STP and what does it do? - answer Spanning Tree Protocol. Protects against Broadcast storms. i. To use STP, each switch needs to be assigned a Bridge ID number. ii. The Bridge ID does 2 things: Identifies the switch, and it also prioritizes the switch iii. If 2 switches have 2 redundant cables to connect them, Bridge ID in this case would identify which switch is the "boss" meaning that the "boss" switch would take charge of the redundant links iv. When a switch first comes online, STP sends out special frames called BPDUs (Bridge Protocol Data Units). It sends these out to each switch's ports 1. Each BPDU contains the switch's Bridge ID. 2. This is done to alert each neighboring switch that it has another switch actually connected to it. What is EtherChannel? - answer If 2 switches are connected with 2 redundant links, EtherChannel allows us to bundle those 2 connections together so that they're seen as one channel, but 2x the speed. Both links being used will double your bandwidth between switches. What is PAgP? - answer (Port Aggregation Protocol). Port Aggregation Protocol prevents loops, limits packet loss due to misconfigured channels, and aids in network reliability. PAgP operates in the following modes: 5. The router that the new frame was sent to receives the frame. It strips off the frame and puts together a new frame. This new frame has the new router's MAC as the source MAC, and it adds Host 2's MAC as the destination MAC. 6. The frame is sent from the router and host 2 receives the frame. What is convergence in routing? - answer a state when all routers have a consistent view of the network (all routers are in harmony with each other) What is a default route? - answer This specifies that any packet with a destination address that isn't on a known network should be sent to the default gateway router. In other words, if a host on the private network wants to send a packet out to the internet, default route gets the packet to the perimeter router on the edge of the private network. 0.0.0.0 or ::/0 What is the Scope when classifying routing protocols? - answer The Scope identifies what information is shared and remembered. What is an Autonomous System? - answer A private network connected to the internet IGP - answer (Interior Gateway Protocol): This is an interior gateway protocol that is used to share internal routes within your private network (Autonomous System) EGP - answer This is an exterior gateway protocol that is used to share routing information between private networks (Autonomous Systems) Metric - answer a value assigned to the network that identifies the preferred route when multiple routes exist. A route with a low metric indicates the best route What is the Hop Count metric? - answer Identifies the number of routers that must be used to reach a destination network What is the Bandwidth/Delay metric? - answer Measures how fast a message is sent from source to destination What is the Distance Vector metric? - answer Every router shares it's routing table with its's directly connected neighbors. This is particularly useful with hop count. Each router learns the routing tables of every connected router, and routers connected to it's connected routers, thus creating Convergence What is the Link State Metric? - answer Routers only share their information about their own directly connected network. What is the difference between Link State and Distance Vector? - answer The main difference between Distance Vector and Link State methods are that the Link State method routers only share their information about their own routes with their neighbors, and these updates are being passed along between routers What is VLSM? - answer (Variable Length Subnet Mask) Allows routers to use subnet masks that are different from the default classful masks. (ex: instead of using a classful Class C subnet of 255.255.255.0, VLSM allows you to use a classless Class C subnet of 255.255.255.240 instead) RIP - answer It is a IGP (Interior Gateway Protocol). RIP uses the Hop Count metric and is limited to 15 hops between any 2 networks. If you see a hop count of 16 on RIP, that indicates the host is unreachable. Private IP address range of a Class A - answer 10.0.0.0 - 10.255.255.255 Private IP address range of a Class B - answer 172.16.0.0 - 172.31.255.255 Private IP address range of a Class C - answer 192.168.0.0 - 192.168.255.255 NAT - answer (Network Address Translation) NAT will translate Private IP's on the network into registered IP's. (Registered IPs are paid to your ISP and are unique on the internet) PAT - answer (Port Address Translation) When information is returned from the public network, it keeps track of which request goes to which host on the internal network What are the 2 NAT implementations? - answer Dynamic NAT (Many-to-one) 1. Multiple internal private hosts are mapped to a limited number of registered IP addresses. Static NAT (one-to-one NAT) 1. Allows you to manually configure a permanent one-to- one mapping in the translation table. 2. By doing this, we map a particular host with a private IP to a particular port on a NAT router. This is called Port Forwarding What is Administrative Distance? - answer The value that is used by the router to make routing decisions if they receive multiple sources of routing information about a remote network. i. This helps routers determine which source of routing (or which protocol) is most trustworthy ii. A default administrative distance value has been assigned to each source of routing information. (ex: EIGRP=90, OSPF=110, RIP=120) If a router receives routing information from multiple sources, it will trust the one with the lowest AD value. (In the example, the router would trust the EIGRP source) iii. The most trustworthy source is the source that is directly connected to the router. FHRP - answer i. FHRP (First Hop Redundancy Protocol): Creates redundant default gateways for a network segment. 1. If one default gateway goes down, a redundant router or link can be used to allow networking operations to continue as normal 2. FHRP configures redundant default gateways on the same subnet to share a virtual IP address, and in some cases a same virtual MAC. 3. Because the IP is virtual, FHRP dynamically determines which routers the traffic should actually go to. 4. The redundant routers periodically share messages with one another that basically ask "Are you still up?" Firewall - answer A Firewall is a software or hardware- based network security system that allows or denies network traffic according to a set of rules. Hardware Firewall - answer used to protect an entire network or a specific network segment Software Firewall - answer Used to protect a single computer or device Network-based Firewall - answer It sits on the edge of your network and acts as a barrier between your entire network and the outside Internet. These are usually Hardware firewalls Proxy Server - answer All of the requests going from the clients to the internet are going to be intercepted by the Proxy Server. The Proxy Server is going to take those requests and apply Application Layer filtering to decide whether the request should be allowed or blocked ***Proxy Servers can also Cache data from a particular website locally. When another user tries to access that specific webpage, the proxy server simply pulls the page out of its cache and delivers it to the requesting client. THIS SAVES BANDWIDTH Reverse Proxy - answer Instead of filtering requests going out onto the internet, it handles requests from the internet to the internal servers. An example of this is if a client from the internet tries to access a webpage inside of your servers, the request gets filtered through the Reverse Proxy Server, then based on what it is, the Proxy will direct the request to the correct server. Reverse Proxy Servers can cache data like the Proxy server, and can also balance the load being placed on the internal servers. DMZ - answer Demilitarized Zone is a physical or logical subnetwork that contains and exposes an organization's external-facing services to an untrusted network, usually a larger network such as the Internet. i. A DMZ might be setup as this: Internal Network-High Security Firewall- Web server - low security firewall that lets in ports 80, 443- Internet. Routed Firewall - answer Routed Firewall: The firewall device is a layer 3 router. These support multiple network interfaces, each connected to a different network segment. This can be counted as a next hop because data is routed through the firewall. Transparent Firewall - answer (Sometimes called a virtual firewall) This operates at layer 2 and it's not seen by the router as a next hop. The internal and external interfaces are actually connected to the same network segment Standard ACL - answer Standard ACL: Should be placed as close to the destination as possible Extended ACL - answer Should be placed as close to the source as possible Port 20, 21 - answer FTP Port 22 - answer SSL Port 23 - answer Telnet Port 25 - answer SMTP Port 53 - answer DNS Port 67,68 - answer DHCP Port 69 - answer TFTP Port 80 - answer HTTP Port 110 - answer POP3 Port 119 - answer NNTP (Network News Transfer Protocol) Port 123 - answer NTP (Network Time Protocol) Port 143 - answer IMAP4 iii. Connect each server to the FC switch using fiber cable iv. Deploy shared storage device. Usually external RAID device is used. b. When physically configured, FC uses SCSI protocols to access and manage the shared storage: i. The storage devices on the FC target appear to the operating system on the initiators to be locally attached SCSI hard disks. ii. The initiators send SCSI commands over the SAN fabric to manage the remote storage on the target. iii. ***FC supports multiple initiators. Each server in the SAN fabric is an initiator and can send disk I/O SCSI commands to the shared storage device. What is iSCSI? - answer is a much less expensive type of SAN, but it doesn't provide the same performance as FC. a. iSCSI is a network protocol that encapsulates SCSI commands within IP packets and transmits them over a standard Ethernet network. (Uses Ethernet cables, not fiber cables) b. To build a iSCSI, you need: i. Dedicated Ethernet cabling (fiber optic or UTP). ii. Dedicated Ethernet switch. iii. Dedicated Ethernet NIC in each server. iv. Storage array with an Ethernet interface. c. When physically configured, iSCSI uses SCSI protocols to access and manage the shared storage: i. The iSCSI initiator connects to and communicates with iSCSI targets. ii. The iSCSI initiator sends SCSI commands within IP packets to the iSCSI target over the network. iii. The iSCSI target redirects the SCSI commands to its locally attached storage devices. iv. The storage devices on the remote iSCSI target appear to the operating system on the iSCSI initiator as locally attached hard disks. Port 3260 - answer iSCSI What is VoIP - answer Voice over IP (VoIP) is a protocol optimized for the transmission of voice data (telephone calls) through a packet-switched IP network. What is NAS? - answer (Network Attached Storage) A storage appliance that plugs directly to your network medium to provide file storage services RTP - answer RTP (Real Time Protocol): Contains the actual voice data stream. Used in VoIP H.323 - answer H.323 is a recommendation from the ITU Telecommunication Standardization Sector that defines the protocols to provide audio-visual communication sessions on any packet network What is QoS - answer (Quality of Service) with VoIP that can help reduce Latency (delay), reduce jitter, and prevent packet loss What is UC? - answer (Unified Communications) i. IP-based digital communications are integrated together, they include: voice calls, audio conferencing, video conferencing (VTC), desktop sharing, IM, ii. UC solutions typically support user-to-user communications using Unicast iii. Supports Multicast transmission to share data among multiple users Virtualization - answer Allows you to put and run multiple OS's on the same physical hardware What is a Virtual Machine - answer These run on top of the hypervisor. They act like real pieces of hardware even though they are emulated hardware devices running through the hypervisor. Virtual Router - answer To do virtual routing, a virtual router must support virtual routing and forwarding with VRF This allows the router to support multiple networks at the same time on the same physical interface The Cloud - answer a set of hardware, networks, storage devices, services and interfaces that enable the delivery of computing as a service. What does the Public Cloud mean? - answer resources can be accessed by anybody What is the Private Cloud mean? - answer resources are provided by a particular organization and access is restricted to just that organization or to other paying clients who want to use it. What is a Hybrid Cloud? - answer combine aspects of both public and private clouds. What is a community cloud? - answer designed to be shared by several organizations. Access is granted to only the users within the organizations who are sharing the community cloud infrastructure IaaS - answer (Infrastructure as a Service) 1. IaaS is the delivery of what we traditionally associate with computer hardware as a service. 2. You can rent out cloud storage and cloud computing resources SaaS - answer (Software as a Service) 1. Provides end users with business applications that they need to do their day to day work. 2. Instead of installing apps on their HDD, they go to a webpage (provided by the cloud service provider) and within the browser, run the app they need Ex: word, PowerPoint, spreadsheet, etc.... what are the 2 forms of SaaS - answer a. Simple multi- tenancy i. Customer of cloud service provider has their own resources that are completely segregated from other customers b. Fine grain multi-tenancy i. Offers same level of segregation as simple multi- tenancy ii. All resources are used by each customer are shared iii. Data is segregated, but computing power and applications are shared SCADA - answer Supervisor Control and Data Acquisition system. i. These types of system embed smart technology into their systems like we've embedded smart technology into fridges, cars, thermostats etc.. ii. SCADA infrastructure is used to manage automated factory equipment 2 Functions of SCADA - answer 1. Supervisory control (SC part of SCADA) SC is used to control remote equipment over a network connection 2. Data Acquisition (DA part of SCADA) Used to gather information from those remote devices that allow you to monitor their status What are the 3 SCADA system components? - answer 1. Central Supervisory Computer a. Communicates with and sends control commands out to the SCADA systems iii. Used in early network standards like 802.11b and g OFDM - answer (Orthogonal Frequency Division Multiplexing) i. Used in newer wireless standards like 802.11n ii. This was designed to address the issue where multiple, reflected copies (ghost signals) of the same radio signal is received by the receiver. iii. These reflected signals (ghost signals) are created when radio signals bounce off environmental objects such as walls, buildings etc. iv. It avoids ghost signals by breaking data transmission into very small data streams much like spread spectrum does BSS - answer (The smallest networking unit of a wireless network) 1. BSS is a collection of all devices that communicate together using the same channel 2. A Channel is a portion of a wireless frequency that all devices use 3. Clients and the AP that connects them together are part of a BSS What is a Channel? - answer A portion of a wireless frequency that all devices use DS - answer (Distributed System) is the backbone of LANs and connects APs together Backhaul - answer the link between access points and the wired network BSSID - answer (Basic set service identifier) A client connects to the appropriate AP using the appropriate channel. It identifies the AP using its MAC, the AP's MAC is called the BSSID Do Wireless networks use CSMA/CD or /CA - answer CSMA/CA 802.11a - answer 1. 5.75 GHz Frequency 2. Max speeds of 54 Mbps 3. Max range of 150 ft. 4. Modulation: OFDM 802.11b - answer 1. 2.4 Ghz Frequency 2. 11 Mbps 3. 300 ft 4. compatible with g 5. Modulation: DSSS 802.11g - answer 1. 2.4 Ghz Frequency 2. 54 Mbps 3. 300 ft 4. compatible with b 5. Modulation: DSSS (lower speeds) OFDM (higher speeds) 802.11n - answer 1. 2.4 or 5.75 Ghz Frequencies 2. 600 Mbps 3. 1,200 ft 4. compatible with a/b/g 5. Modulation: OFDM Per frequencies 2.4 GHz and 5 GHz, how many channels are there, how many do NOT overlap, and what are the non-overlapping channels? - answer On frequency 2.4 Ghz and Wi-Fi standards b/g: There are 11 channels that overlap If you use channels that are overlapping, you may have slow connections speeds and timeouts 3 different kinds of light IrDA can use 1. Near IR: Light really close to the red-light frequency that you can actually see. 2. Intermediate IR 3. Far IR Infrared uses pulses of light to send data (like Fiber Optic) What are the 2 modes infrared operates in? - answer LOS (Line of Sight) a. The device's transmit and receive points need to be directly aimed at each other b. The range of distance is about 1m Diffuse Mode a. The light signal is fairly broad; may even radiate in all directions b. Not as narrow of a beam as LOS, so you don't have to aim devices directly at one another to work c. If obstacles are in the way, it may impact transmission d. Offers range of over 1m Bluetooth: what 802 standard does it use, its frequency range, what type of signal, - answer i. IEEE standard 802.15 standard ii. Frequency range of 2.4-2.45 iii. Distance range of up to 100m iv. Uses radio waves What are the Speeds of Bluetooth 1.0-4.0? - answer Bluetooth 1.0: 1 Mbps Bluetooth 2.0: 3 Mbps Bluetooth 3.0/4.0 :24 Mbps NFC: signal type, distance needed from devices to communicate, frequency? - answer Works like radio waves Designed to have 2 devices communicate at very close distances (4cm or less) Uses 13.55 MHz frequency (same frequency as RFID(Radio Frequency Identification)) 3 Implementations of NFC - answer 1. Card Emulation Allows NFC device to work as a contactless 'smart card' (Apple Pay or e-tickets at a train station) 2. Peer-to-Peer Allows 2 different NFC devices to establish NFC link and exchange data directionally using half-duplex 3. Reader/Writer Allows a NFC device like a phone or tablet to read information from a passive NFC device like a tag What is a Omnidirectional Antenna - answer Radiates and absorbs signals in all directions What is a directional Antenna? - answer Focuses its radiation in one direction What is Roaming? - answer As a user moves in and out of the range of APs, the device is looking for an AP to connect to, while out of the range of the AP, it is 'Roaming' What is a Wireless Controller? - answer Pushes a common configuration to all APs on the network 1. It uses a hub-and-spoke infrastructure b. Ensures that from wherever you're logging in from, the login will be the same experience as when you login from inside the private network WEP - answer (Wired Equivalent Privacy) 1. RC4 encryption algorithm 2. Comes in 64 and 128 bit varieties 3. WAP and client systems are statically configured with the same encryption key that has to be pre-shared What are the 2 types of authentication used in WEP - answer Open System Authentication i. Doesn't require system to provide its credentials to the AP ii. Any client system, regardless of which WEP key it has, can authenticate itself to the AP first and then connect to the wireless network iii. Effect: no real authentication because no real authentication occurs Shared Key i. 4-way handshake occurs between wireless client and AP 1. client sends authentication request to the WAP 2. AP sends back a clear text challenge to the workstation it wants to authenticate 3. The client has to encrypt the challenge text using the preconfigured, pre-shared WEP key and send it back to the WAP in another authentication request 4. The AP decrypts the material that it was sent and compares it to the text it sent in the first place ii. Keys that are used are static and can be sniffed easily with Wireshark WPA w/TKIP - answer (Wi-Fi Protected Access) w/TKIP (Temporal Key Integrity Protocol) 1. Provides dynamic key generation and key rotation (ensure the network doesn't use the same key over and over again like WEP does) 2. Wireless clients have to authenticate to the AP before connecting 3. Supports Open authentication, Pre-shared key (personal), and 802.1X (enterprise) authentications WPA2 w/AES - answer 1. Supports Open authentication, Pre-shared key (personal), and 802.1X (enterprise) authentications 2. Generally uses AES 3. Can use dynamic keys or pre-shared keys Evil Twin Attack - answer (Rogue WAP) 1. Attacker sets up their own WAP that uses the same SSID as one in the local area 2. Jams connection to the legitimate WAP by sending out a stronger signal within very close proximity to the real WAP. This turns the attacker's WAP into an Evil Twin 3. The Evil Twin's WAP may still route traffic to the internet, but acts as a sniffer. It can see if it's victim is using a card to pay for something or logging on to their bank account 4. These rouge APs can also be used for Phishing, or Man- in-the-middle attacks Wardriving - answer 1. Involves driving around and looking for wireless networks to that are either insecure or have a low level of security. (enough so that you can connect to it without drawing attention to yourself) 2. Attackers will log the AP's location on a web map or GPS of some sort WarChalking - answer 1. Driving around and trying to find open networks. (Like Wardriving) 2. Attacker, instead of logging information on a map, use a piece of chalk to draw certain symbols on a light post, sidewalk, or side of a building to advertise to other Wardrivers that there is an available Wi-Fi network at its location T-Carrier System - answer 1. Digital, which means you can mix both voice and data on the 2 pairs of copper cabling 2. Uses 2 pair (4 wires) of copper cabling (one pair used for transmitting, other pair for receiving) a. Usually uses 100 ohm twisted pair cabling. It's NOT UTP, but called individually twisted pair cabling T1 Line - answer a. composed of 24 multiplexed channels on these 2 pair of copper wiring b. Each of these 24 multiplex channels can transfer data at a rate of 64 kbps. Total bandwidth = 1.544 Mbps c. Advantage of using T1 is that you get the same exact bandwidth for upload as you do for download T3 Line - answer a. Uses same basic technology as a T1, but uses many more channels. b. T3 provides 672 DS0 channels, each channel runs at 64 kbps i. Equivalent to 28 DS1 signals that are used with a T1 line ii. Together, the 672 DS0 channels are called a DS3 signal c. Total bandwidth is 44.736 Mbps SONET - answer a series of standards used by major telecommunications companies to provide high-speed WAN connections OC-1 - answer 54.84 Mbps is called the base rate OC-3 - answer 155.52 Mbps OC-12 - answer 622.08 Mbps (12x the speed of OC-1) OC-24 - answer 1.244 Gbps OC-768 - answer 39.82 Gbps DWDM - answer (Dense Wavelength Division Multiplexing) 1. A technology that uses multiplexing to combine multiple optical carrier signals onto a single fiber optic cable 2. Used with Fiber optic cabling PTSN speed - answer 1. Speed is 56 kbps (dial-up) 2. This speed limitation comes from the local loop that connects your modem to the telephone network at the central office Frame Relay/CIR - answer Apacket switching technology that uses T1 lines to connect your location to the WAN Cloud T1 lines have speeds of 1.544 Mbps A permanent virtual circuit is established through the WAN cloud to the destination network 2 kinds of virtual circuits Point-to-point All data being sent arrives only at the destination Multipoint connection A single virtual circuit connects multiple locations within the WAN cloud When implementing Frame Relay, you need a router and CSU/DSU a. One of the most cost-effective WAN types b. LAN traffic is encapsulated into frame relay frames and are sent to a frame relay cloud b. Usually a Star or Mesh Physical topology to connect businesses to each other or to the internet c. Offered by ISPs and built on top of MPLS infrastructures a. Commonly used today b. The Ethernet is usually running over a different topology i. Pure Ethernet ii. Ethernet over MPLS iii. Ethernet over DWDM PPP - answer (Point-to-point Protocol) WAN connections i. Layer 2 encapsulation protocol specifically designed to facilitate communication over a serial leased line ii. Cisco routers use HDLC iii. PPP vs HDLC 1. PPP supports synchronous and asynchronous links 2. PPP provides control protocol options not available with HDLC iv. PPP protocols: PAP (a PPP authentication) - answer Not very secure Uses username and password as clear text CHAP (a PPP authentication) - answer a. Uses a 3-step process instead of a passphrase. This is done using hashes b. Router 1 sends out an authentication request c. Router 2 sends a challenge, which is usually a random number you add to the password d. Router 1 then sends back the password with the added number in it a. Encrypted challenge sent over the network b. 3-way handshake i. After link has been established, the server sends a challenge message ii. client responds with a password hash iii. server compares received hash with stored hash DSL, ADSL, VDSL - answer (Digital Subscriber Line) i. DSL sends digital signals over the same telephone wires used for modem connectivity ii. Allows you to use telephone and internet connection at the same time by using a form of multiplexing called Broadband c. ADSL i. Download is faster than upload speed ii. Generally, 24 Mbps Download and 3 Mbps upload d. VDSL (Very-high-bit-rate DSL) i. Speeds range from 3-100 Mbps Multiplexing - answer let's you send more than 1 piece of data on the same copper wire at the same time by transmitting data at different frequencies ADSL - answer (Asymmetric Digital Subscriber Line) 1. Upload bandwidth is much slower than download bandwidth 2. Usually good for home or small office SDSL - answer (Symmetric Digital Subscriber Line) 1. Upload bandwidth is same as download bandwidth 2. Usually good for businesses 2 Types of Satellite - answer 1. 1-way a. This is an older technology b. Requires 2 connections. 1 for download which is through the satellite, and 1 for upload, which is through the modem.