1. Networking Concepts Flashcards by Maria Mendez

This part of the OSI model transmits raw bit streams over a physical medium, including cables, connectors, and signaling standards.

Layer 1 - Physical

How well did you know this?

Not at all

Perfectly

This part of the OSI model is responsible for node-to-node data transfer, framing, MAC addressing, and error detection (not correction).

Layer 2 - Data Link

How well did you know this?

Not at all

Perfectly

This part of the OSI model handles logical addressing (IP), routing, and packet forwarding across networks.

Layer 3 - Network

How well did you know this?

Not at all

Perfectly

This part of the OSI model ensures reliable end-to-end communication with segmentation, flow control, and error correction (e.g., TCP/UDP).

Layer 4 - Transport

How well did you know this?

Not at all

Perfectly

This part of the OSI model establishes, maintains, and terminates communication sessions between applications.

Layer 5 - Session

How well did you know this?

Not at all

Perfectly

This part of the OSI model translates, encrypts, compresses, or formats data for delivery between systems.

Layer 6 - Presentation

How well did you know this?

Not at all

Perfectly

This part of the OSI model provides network services directly to end-user applications, including protocols like HTTP, FTP, and SMTP.

Layer 7 - Application

How well did you know this?

Not at all

Perfectly

Which OSI layer is responsible for IP addressing and routing?
A. Transport
B. Network
C. Data Link
D. Presentation

B. Network

How well did you know this?

Not at all

Perfectly

At which OSI layer do MAC addresses operate?
A. Physical
B. Network
C. Data Link
D. Session

C. Data Link

How well did you know this?

Not at all

Perfectly

Which layer ensures reliable transmission of data segments, handles flow control, and retransmissions?
A. Transport
B. Network
C. Session
D. Application

A. Transport

How well did you know this?

Not at all

Perfectly

Which OSI layer is responsible for establishing and managing sessions between applications?
A. Transport
B. Session
C. Application
D. Presentation

B. Session

How well did you know this?

Not at all

Perfectly

Which of the following layers deals with syntax, encryption, and compression of data?
A. Session
B. Presentation
C. Application
D. Data Link

B. Presentation

How well did you know this?

Not at all

Perfectly

HTTP, FTP, and SMTP protocols operate at which OSI layer?
A. Transport
B. Session
C. Presentation
D. Application

D. Application

How well did you know this?

Not at all

Perfectly

Which OSI layer converts bits to electrical signals and defines the hardware elements involved in data transmission?
A. Data Link
B. Network
C. Physical
D. Presentation

C. Physical

How well did you know this?

Not at all

Perfectly

Which two layers are primarily responsible for delivering data from one device to another on the same local network? (Choose two)
A. Physical
B. Network
C. Data Link
D. Application

A. Physical and C. Data Link

How well did you know this?

Not at all

Perfectly

This appliance directs traffic between different networks and determines the best path for data.

Router

How well did you know this?

Not at all

Perfectly

This appliance connects devices on the same network and forwards data based on MAC addresses.

Switch

How well did you know this?

Not at all

Perfectly

This appliance monitors and filters incoming/outgoing traffic based on security rules.

Firewall

How well did you know this?

Not at all

Perfectly

This appliance monitors traffic for malicious activity and alerts admins without taking action.

Intrusion Detection System (IDS)

How well did you know this?

Not at all

Perfectly

This appliance monitors traffic and actively blocks malicious activity in real time.

Intrusion Prevention System (IPS)

How well did you know this?

Not at all

Perfectly

This appliance distributes incoming network traffic across multiple servers to improve performance and reliability.

Load Balancer

How well did you know this?

Not at all

Perfectly

This appliance acts as an intermediary for requests between clients and servers, often for filtering or caching.

Proxy

How well did you know this?

Not at all

Perfectly

This storage device connects to a network and allows file-level access to shared data.

Network-Attached Storage (NAS)

How well did you know this?

Not at all

Perfectly

This storage system provides block-level access to data across a dedicated high-speed network.

Storage Area Network (SAN)

How well did you know this?

Not at all

Perfectly

This device enables wireless devices to connect to a wired network using Wi-Fi.

Wireless Access Point (AP)

This device manages multiple access points and centralizes configuration for wireless networks.

Wireless Controller

This application distributes content (like video or web data) from edge servers to reduce latency and load times.

Content Delivery Network (CDN)

This function creates an encrypted tunnel over the internet to securely connect remote users or sites.

Virtual Private Network (VPN)

This function prioritizes network traffic based on type, user, or application to ensure performance for critical services.

Quality of Service (QoS)

This function limits the lifespan of a packet by specifying how many hops it can take before being discarded.

Time to Live (TTL)

Which device is responsible for directing data packets between different networks based on IP addresses? A. Switch B. Firewall C. Router D. Load Balancer

C. Router

Which device forwards traffic based on MAC addresses and is commonly used within LANs? A. Router B. Switch C. Firewall D. Access Point

B. Switch

Which appliance is designed to analyze traffic and automatically block malicious activity? A. IDS B. VPN C. IPS D. Proxy

C. IPS

Which device can act as an intermediary to filter or cache internet traffic for users? A. Load Balancer B. Proxy C. Firewall D. NAS

B. Proxy

Which storage technology provides block-level access over a dedicated high-speed network? A. NAS B. SAN C. CDN D. VPN

B. SAN

Which wireless device manages and configures multiple access points centrally? A. Switch B. Wireless Controller C. Access Point D. IDS

B. Wireless Controller

Which application helps reduce latency by distributing content from geographically close servers? A. QoS B. VPN C. CDN D. SAN

C. CDN

Which function helps prioritize traffic to improve the performance of time-sensitive applications? A. TTL B. Load Balancing C. IDS D. QoS

D. QoS

What is the main purpose of TTL in a network packet? A. Encrypt data B. Determine maximum hops C. Identify application layer D. Assign MAC address

B. Determine maximum hops

This cloud concept allows network services like firewalls and load balancers to run as software-based solutions rather than physical appliances.

Network Functions Virtualization (NFV)

This is a logically isolated section of a cloud provider's network that simulates a traditional on-premises network.

Virtual Private Cloud (VPC)

These are firewall-like rules that control inbound and outbound traffic at the virtual machine or instance level.

Network Security Groups

These are rule sets used to control traffic at the subnet level in a cloud network.

Network Security Lists

This gateway connects a cloud environment to the public internet.

Internet Gateway

This gateway allows private cloud resources to access the internet using private IP addresses, translating them to public IPs.

NAT Gateway

This cloud connectivity option creates a secure encrypted tunnel between on-premises and cloud environments.

VPN

This cloud connectivity option establishes a dedicated, private physical connection between an organization and the cloud provider.

Direct Connect

This deployment model delivers services over the public internet from a cloud provider.

Public Cloud

This deployment model is used by a single organization and offers more control and security.

Private Cloud

This deployment model combines on-premises infrastructure with public cloud services.

Hybrid Cloud

This service model provides end-user applications over the internet without requiring local installation.

Software as a Service (SaaS)

This service model offers virtualized computing resources like servers and storage.

Infrastructure as a Service (IaaS)

This service model provides a framework for developers to build, deploy, and manage applications.

Platform as a Service (PaaS)

This concept refers to the ability to increase or decrease cloud resources as needed.

Scalability

This cloud capability automatically adds or removes resources in real time based on current demand.

Elasticity

This cloud feature allows multiple customers to share the same computing resources securely and efficiently.

Multitenancy

Which cloud concept allows network appliances to run as virtualized services? A. SaaS B. Elasticity C. NFV D. Direct Connect

C. NFV

Which cloud service model allows users to rent virtual servers and storage? A. SaaS B. PaaS C. NFV D. IaaS

D. IaaS

What does a Virtual Private Cloud (VPC) provide? A. Dedicated physical network access B. A shared public internet IP pool C. Isolated virtual network in the cloud D. Private WAN encryption

C. Isolated virtual network in the cloud

Which cloud feature allows for automatic resource allocation based on real-time demand? A. Scalability B. Elasticity C. Multitenancy D. NFV

B. Elasticity

Which service model provides access to applications like email or word processing online? A. IaaS B. SaaS C. NFV D. PaaS

B. SaaS

Which option provides a dedicated, private connection between an organization and the cloud provider? A. VPN B. Direct Connect C. Internet Gateway D. VPC

B. Direct Connect

Which concept allows multiple customers to share the same infrastructure securely? A. Hybrid Cloud B. Multitenancy C. Direct Connect D. VPC

B. Multitenancy

Which gateway allows private cloud resources to access the internet using public IPs? A. Direct Connect B. Internet Gateway C. NAT Gateway D. VPN

C. NAT Gateway

This protocol uses ports 20 and 21 to transfer files over a network without encryption.

File Transfer Protocol (FTP)

This encrypted file transfer protocol operates over port 22.

Secure File Transfer Protocol (SFTP)

This secure command-line protocol also uses port 22 for remote administration.

Secure Shell (SSH)

This unencrypted command-line access protocol uses port 23.

Telnet

This protocol, using port 25, is used to send emails.

Simple Mail Transfer Protocol (SMTP)

This protocol resolves domain names to IP addresses over port 53.

Domain Name System (DNS)

This protocol dynamically assigns IP addresses using ports 67 and 68.

Dynamic Host Configuration Protocol (DHCP)

A simplified file transfer protocol that operates over port 69 without authentication.

Trivial File Transfer Protocol (TFTP)

This protocol delivers web content using port 80.

Hypertext Transfer Protocol (HTTP)

This protocol syncs clocks between networked devices using port 123.

Network Time Protocol (NTP)

This protocol collects and manages network data using ports 161 (requests) and 162 (traps).

Simple Network Management Protocol (SNMP)

This protocol is used for directory services and authentication over port 389.

Lightweight Directory Access Protocol (LDAP)

This encrypted version of HTTP uses port 443.

Hypertext Transfer Protocol Secure (HTTPS)

Used for file sharing on Windows networks over port 445.

Server Message Block (SMB)

This protocol sends system logs over port 514.

Syslog

This is a secure version of SMTP using port 587.

Simple Mail Transfer Protocol Secure (SMTPS)

This protocol provides secure directory access over port 636.

Lightweight Directory Access Protocol over SSL (LDAPS)

This protocol is used to manage Microsoft SQL Server over port 1433.

Structured Query Language (SQL) Server

This protocol provides remote desktop access over port 3389.

Remote Desktop Protocol (RDP)

This protocol initiates VoIP and video calls using ports 5060 (unencrypted) and 5061 (encrypted).

Session Initiation Protocol (SIP)

This protocol is used for sending error and status messages, like ping.

Internet Control Message Protocol (ICMP)

A connection-oriented transport protocol that ensures reliable delivery.

Transmission Control Protocol (TCP)

A connectionless transport protocol that is faster but doesn’t guarantee delivery.

User Datagram Protocol (UDP)

Encapsulates packets for tunneling through IP networks.

Generic Routing Encapsulation (GRE)

A suite of protocols that secure IP communications through encryption and authentication.

Internet Protocol Security (IPSec)

An IPSec protocol that provides authentication and integrity, but no encryption.

Authentication Header (AH)

An IPSec protocol that provides encryption, integrity, and authentication.

Encapsulating Security Payload (ESP)

The key management protocol used in IPSec to establish secure sessions.

Internet Key Exchange (IKE)

A one-to-one communication between a single sender and a single receiver.

Unicast

A one-to-many communication to multiple specific recipients.

Multicast

A one-to-nearest communication that routes to the closest node in a group.

Anycast

A one-to-all communication sent to all devices on the network segment.

Broadcast

Which protocol uses port 443 to secure web traffic? A. HTTP B. FTP C. HTTPS D. SSH

C. HTTPS

Which protocol is used to send system logs over port 514? A. SNMP B. Syslog C. LDAP D. SMTP

B. Syslog

What is the primary function of DHCP? A. File sharing B. Email delivery C. IP address assignment D. DNS resolution

C. IP address assignment

Which protocol uses port 22 for secure remote login and file transfer? A. Telnet B. FTP C. SSH D. HTTP

C. SSH

Which protocol is used for resolving domain names to IP addresses? A. SMTP B. DNS C. DHCP D. SNMP

B. DNS

Which port is used by SQL Server? A. 3389 B. 1433 C. 161 D. 514

B. 1433

Which of the following is a connection-oriented protocol that ensures reliable delivery? A. UDP B. TCP C. ICMP D. GRE

B. TCP

Which protocol is used to encapsulate data for tunneling across IP networks? A. ICMP B. IPSec C. GRE D. SNMP

C. GRE

Which IPSec protocol ensures encryption, integrity, and authentication? A. AH B. ESP C. GRE D. IKE

B. ESP

Which term describes traffic sent from one device to all others in the same network segment? A. Unicast B. Multicast C. Anycast D. Broadcast

D. Broadcast

What type of traffic is directed to the nearest device in a group? A. Unicast B. Multicast C. Anycast D. Broadcast

C. Anycast

Which protocol operates on ports 20 and 21 and transfers files without encryption? A. SFTP B. FTP C. SCP D. SMB

B. FTP

Which protocol uses port 25 and is used to send email messages? A. IMAP B. SMTP C. SNMP D. SFTP

B. SMTP

Which protocol is used for initiating voice or video communication sessions? A. RDP B. SIP C. SMB D. TFTP

B. SIP

This set of standards defines wireless LAN communication, including 802.11a/b/g/n/ac/ax.

802.11 Standards

This wireless technology enables data transmission over mobile networks like 4G and 5G.

Cellular

This wireless technology uses orbiting satellites to provide network connectivity.

Satellite

This set of IEEE standards governs Ethernet communication over twisted pair and fiber.

802.3 Standards

This type of fiber uses a single path of light for long-distance, high-bandwidth connections.

Single-mode Fiber

This type of fiber uses multiple paths of light and is suited for shorter distances.

Multimode Fiber

This copper cable directly connects servers and storage with minimal latency, often using Twinax.

Direct Attach Copper (DAC) Cable

This is a type of DAC cable made with two inner conductors and is used in short-distance high-speed networking.

Twinaxial Cable

This older cable type uses a central conductor and shielding, commonly found in cable internet.

Coaxial Cable

This refers to the maximum data transfer rates supported by various media types.

Cable Speeds

This cable jacket type is fire-resistant and emits minimal toxic smoke; required in air-handling spaces.

Plenum Cable

This cable jacket type is not rated for fire-resistance and is cheaper but limited in use.

Non-Plenum Cable

This protocol is commonly used for LAN communication over twisted pair or fiber.

Ethernet

This high-speed network protocol is primarily used in storage area networks (SANs).

Fibre Channel (FC)

This hot-swappable transceiver module supports Ethernet and fiber and is commonly used in switches and routers.

Small Form-Factor Pluggable (SFP)

This transceiver module supports four channels and is commonly used in high-speed data centers.

Quad Small Form-Factor Pluggable (QSFP)

This fiber optic connector uses a push-pull mechanism and is square-shaped.

Subscriber Connector (SC)

This small fiber optic connector resembles an RJ45 and is commonly used in SFP modules.

Local Connector (LC)

This fiber optic connector uses a bayonet-style twist lock and is cylindrical.

Straight Tip (ST)

This fiber optic connector supports multiple fibers in a single rectangular connector.

Multi-fiber Push On (MPO)

This RJ-style connector is used with telephone lines.

RJ11

This RJ-style connector is used for Ethernet networking.

RJ45

This threaded coaxial connector is commonly used for cable modems and TVs.

F-Type

This coaxial connector uses a bayonet-style locking mechanism and is often used for video or legacy Ethernet.

Bayonet Neill–Concelman (BNC)

Which IEEE standard defines Ethernet over twisted pair and fiber? A. 802.11 B. 802.3 C. 802.15 D. 802.1X

B. 802.3

Which fiber type is designed for short-distance communication using multiple paths of light? A. Single-mode B. Multimode C. Coaxial D. DAC

B. Multimode

Which type of cable is fire-resistant and suitable for use in air ducts? A. Non-Plenum B. Coaxial C. Shielded Twisted Pair D. Plenum

D. Plenum

Which connector is most commonly used for Ethernet networking? A. RJ11 B. F-type C. RJ45 D. SC

C. RJ45

Which type of transceiver supports four channels and is used in high-speed data centers? A. SFP B. QSFP C. BNC D. MPO

B. QSFP

Which protocol is typically used in a SAN environment for high-speed data transfer? A. Ethernet B. Fibre Channel C. TCP/IP D. SNMP

B. Fibre Channel

Which connector uses a push-pull design and is square-shaped, common in fiber optic networks? A. ST B. RJ11 C. SC D. BNC

C. SC

Which of the following transmission media is used in Direct Attach Copper (DAC) connections? A. Coaxial B. Fiber C. Twinaxial D. Plenum

C. Twinaxial

Which wireless technology provides long-distance communication using satellites? A. Cellular B. Wi-Fi C. Satellite D. ZigBee

C. Satellite

Which connector is commonly used with coaxial cables for cable modems and TVs? A. SC B. F-Type C. RJ45 D. MPO

B. F-Type

This topology connects every node directly to every other node, offering high redundancy.

Mesh

This topology combines two or more topologies (e.g., mesh and star) for flexibility and scalability.

Hybrid

In this topology, all devices connect to a central node (like a switch or hub) that manages communication.

Star / Hub and Spoke

This modern data center topology has spine switches connected to all leaf switches to reduce latency.

Spine and Leaf

This is the simplest topology with a dedicated link between two devices.

Point to Point

This architecture uses three layers—core, distribution, and access—to segment traffic and functions.

Three-Tier Hierarchical Model

This layer of the hierarchical model provides fast switching and routing between distribution layers.

Core Layer

This layer aggregates traffic from the access layer and applies routing policies.

Distribution Layer

This layer provides endpoint access, typically involving switches or wireless access points.

Access Layer

This architecture merges the core and distribution layers into a single layer to reduce complexity.

Collapsed Core

This traffic flow refers to data traveling between endpoints and centralized resources like servers or the cloud.

North-South Traffic

This traffic flow refers to data moving laterally between devices within the same data center or layer.

East-West Traffic

This topology is highly fault-tolerant because multiple redundant paths exist between devices.

Mesh

This topology is expensive and complex to implement due to the number of connections required.

Mesh

This topology allows organizations to combine different topologies based on specific needs for flexibility and scalability.

Hybrid

This topology is commonly used in enterprise environments where some segments use star and others use mesh.

Hybrid

This topology is simple to manage and isolate faults, since all devices connect to a central point.

Star / Hub and Spoke

A downside of this topology is that a central device failure can take down the entire network.

Star / Hub and Spoke

This topology reduces bottlenecks in east-west traffic in large-scale data centers.

Spine and Leaf

In this topology, spine switches are at the top level and connect to every leaf switch without connecting to each other.

Spine and Leaf

This topology is ideal for direct connections between two locations, such as site-to-site links or two routers.

Point to Point

This topology lacks redundancy, as only a single path exists between devices.

Point to Point

This architecture separates core, distribution, and access functions for modularity and scalability.

Three-Tier Hierarchical Model

This model improves network performance and design by localizing traffic within layers.

Three-Tier Hierarchical Model

This architecture simplifies network design by combining core and distribution layers, reducing cost and complexity.

Collapsed Core

This architecture is common in smaller enterprise networks that don't need full three-tier separation.

Collapsed Core

North-south traffic typically describes communication between internal users and external servers or cloud applications.

North-South Traffic

East-west traffic refers to lateral communication between internal resources, such as between virtual machines or application tiers.

East-West Traffic

East-west traffic optimization is a key goal of spine-leaf and software-defined network designs.

East-West Traffic

Which network topology connects every device directly to every other device? A. Star B. Mesh C. Point to Point D. Hybrid

B. Mesh

Which topology combines multiple types of topologies in one network design? A. Spine and Leaf B. Hybrid C. Star D. Mesh

B. Hybrid

Which data center topology connects each leaf switch to all spine switches for high performance? A. Hub and Spoke B. Three-Tier C. Spine and Leaf D. Mesh

C. Spine and Leaf

In the three-tier model, which layer is responsible for high-speed backbone connectivity? A. Access B. Distribution C. Core D. Collapsed Core

C. Core

Which type of traffic flow describes data going from users to servers or cloud resources? A. East-West B. North-South C. Hub-Spoke D. Star

B. North-South

Which architecture simplifies network design by combining the core and distribution layers? A. Spine and Leaf B. Mesh C. Collapsed Core D. Hybrid

C. Collapsed Core

Which topology has devices connected through a central hub, common in small networks? A. Star / Hub and Spoke B. Point to Point C. Mesh D. Leaf-Spine

A. Star / Hub and Spoke

What is a key benefit of the point-to-point topology? A. Redundancy B. Simplicity C. Scalability D. Broadcast support

B. Simplicity

Which traffic flow refers to communication between devices in the same data center layer or segment? A. North-South B. East-West C. Core D. Leaf-Spine

B. East-West

This type of IP address is routable over the internet and must be unique across the global network.

Public IP Address

This type of IP address is not routable on the internet and is used within internal networks.

Private IP Address

This is a non-routable address range automatically assigned when DHCP fails.

Automatic Private IP Addressing (APIPA)

This set of IP ranges (defined by an RFC) is reserved for internal/private use.

RFC1918

This IP address range (127.0.0.0/8) is used for internal testing and communication with the host machine.

Loopback / Localhost

This subnetting method allows networks to use different subnet mask lengths for more efficient IP allocation.

Variable Length Subnet Mask (VLSM)

This IP addressing method removes the traditional class system, using prefix notation to define networks.

Classless Inter-Domain Routing (CIDR)

This IPv4 class supports extremely large networks with a default mask of /8 and a range from 1.0.0.0 to 126.255.255.255.

Class A

This IPv4 class supports medium-sized networks with a default mask of /16 and a range from 128.0.0.0 to 191.255.255.255.

Class B

This IPv4 class supports smaller networks with a default mask of /24 and a range from 192.0.0.0 to 223.255.255.255.

Class C

This IPv4 class is reserved for multicast traffic (224.0.0.0 to 239.255.255.255).

Class D

This IPv4 class is reserved for experimental use (240.0.0.0 to 255.255.255.254).

Class E

The private IP ranges are: 10.0.0.0/8, 172.16.0.0/12, and 192.168.0.0/16.

RFC1918

These addresses must be assigned by IANA or a regional registry to ensure global uniqueness.

Public IP Address

Used for internal networks and must be translated via NAT for internet access.

Private IP Address

Addresses in the 169.254.0.0/16 range are assigned when a DHCP server is unreachable.

Automatic Private IP Addressing (APIPA)

Used to test TCP/IP stack functionality without accessing the physical network.

Loopback / Localhost

Enables subnetting a subnet for better IP address utilization in hierarchical networks.

Variable Length Subnet Mask (VLSM)

Expresses IP networks using prefix length (e.g., /24) instead of class boundaries.

Classless Inter-Domain Routing (CIDR)

Offers over 16 million host addresses and is used by very large networks.

Class A

Supports up to 65,534 hosts and is often used by large organizations.

Class B

Supports up to 254 hosts and is ideal for small networks.

Class C

Used for multicast groups, not regular unicast communication.

Class D

Experimental and reserved; not used in standard networking.

Class E

Which of the following is a private IP address? A. 192.0.2.1 B. 172.20.15.10 C. 8.8.8.8 D. 198.51.100.4

B. 172.20.15.10

Which class of IP addresses allows for 16,777,214 hosts per network? A. Class B B. Class C C. Class D D. Class A

D. Class A

Which IPv4 address is used for loopback testing? A. 0.0.0.0 B. 169.254.0.1 C. 127.0.0.1 D. 192.168.1.1

C. 127.0.0.1

What does APIPA assign when a device fails to get a DHCP address? A. 127.0.0.1 B. 0.0.0.0 C. 192.168.1.1 D. 169.254.x.x

D. 169.254.x.x

Which addressing scheme replaces classful addressing with subnet masks in slash notation? A. VLSM B. CIDR C. APIPA D. NAT

B. CIDR

Which IP class is used for multicast traffic? A. Class A B. Class C C. Class D D. Class E

C. Class D

Which subnetting technique allows multiple subnet masks within the same network? A. CIDR B. NAT C. VLSM D. DHCP

C. VLSM

This networking model separates the control plane from the data plane for centralized network management.

Software-Defined Network (SDN)

This WAN architecture applies SDN concepts to wide area networks for greater flexibility and efficiency.

Software-Defined Wide Area Network (SD-WAN)

This feature allows network policies to adjust based on the type or priority of application traffic.

Application Aware

This feature allows devices to be deployed and configured automatically without manual setup.

Zero-Touch Provisioning

This design allows WAN connections to function across multiple underlying transport types (MPLS, LTE, broadband, etc.).

Transport Agnostic

This SDN/SD-WAN feature allows policies to be managed from a centralized controller.

Central Policy Management

This network technology enables Layer 2 communication across Layer 3 boundaries using encapsulation.

Virtual Extensible LAN (VXLAN)

This VXLAN use case connects two geographically separate data centers at Layer 2.

Data Center Interconnect (DCI)

This technique encapsulates Layer 2 Ethernet frames inside Layer 3 packets for greater flexibility.

Layer 2 Encapsulation

This security model enforces granular controls where every user and device must be explicitly verified.

Zero Trust Architecture (ZTA)

This component of ZTA evaluates users or devices before granting access to a network resource.

Policy-Based Authentication

This ZTA principle allows users or devices only the access required for their role—nothing more.

Least Privilege Access

This cloud-delivered framework integrates networking and security functions at the network edge.

Secure Access Service Edge (SASE)

This subset of SASE focuses exclusively on delivering security functions from the cloud.

Security Service Edge (SSE)

This practice uses code to manage and provision IT infrastructure automatically.

Infrastructure as Code (IaC)

In IaC, these prewritten scripts define reusable configurations and automation tasks.

Playbooks/Templates/Reusable Tasks

IaC helps detect and correct unintended changes to configurations over time.

Configuration Drift / Compliance

IaC can automate versioned rollouts of new features or patches.

Upgrades

This technique allows tools to discover and adjust to active resources in real time.

Dynamic Inventories

This tracks changes to infrastructure code over time and allows rollback if needed.

Version Control

This shared space stores infrastructure code and makes it accessible to collaborators.

Central Repository

This version control feature identifies and flags overlapping changes made by multiple users.

Conflict Identification

This technique allows developers to work on separate changes independently before merging.

Branching

This IP addressing standard solves IPv4 exhaustion by expanding the address space.

IPv6

This IPv6 mechanism allows IPv6 and IPv4 to coexist by enabling communication between them.

Dual Stack

This compatibility technique wraps IPv6 packets inside IPv4 for transport.

Tunneling

This protocol translates IPv6 addresses to IPv4 so IPv6 clients can access IPv4-only services.

NAT64

This SDN/SD-WAN feature improves application performance by dynamically routing based on the type of traffic.

Application Aware

Zero-touch provisioning is ideal for branch office rollouts where manual configuration would be too costly or slow.

Zero-Touch Provisioning

Being transport agnostic allows SD-WAN to prioritize business-critical traffic across whatever links are available.

Transport Agnostic

Centralized policy management lets admins enforce consistent configurations across all locations from a single console.

Central Policy Management

VXLAN allows networks to overcome VLAN ID limitations (4096) by supporting up to 16 million segments.

Virtual Extensible LAN (VXLAN)

DCI (Data Center Interconnect) enables seamless Layer 2 connectivity between geographically separate facilities.

Data Center Interconnect (DCI)

Layer 2 encapsulation with VXLAN allows VMs to migrate between sites without changing IPs.

Layer 2 Encapsulation

Zero trust assumes no device or user is inherently trusted, even inside the perimeter.

Zero Trust Architecture (ZTA)

Policy-based authentication uses device posture, user identity, and location to make access decisions.

Policy-Based Authentication

Least privilege access limits the damage a compromised user or device can cause by restricting access.

Least Privilege Access

SASE unifies SD-WAN with cloud-based security tools like CASB, firewall-as-a-service, and secure web gateways.

Secure Access Service Edge (SASE)

SSE delivers security features without SD-WAN functionality, focusing on cloud-native security tools.

Security Service Edge (SSE)

Infrastructure as Code reduces human error by codifying configurations that can be tested and reused.

Infrastructure as Code (IaC)

Playbooks and templates improve consistency by standardizing configuration across multiple environments.

Playbooks/Templates/Reusable Tasks

IaC detects drift when the current configuration deviates from the declared state in code.

Configuration Drift / Compliance

IaC can safely roll out updates by scripting and versioning infrastructure changes.

Upgrades

Dynamic inventory systems (like those used in Ansible) update host lists in real time from cloud platforms.

Dynamic Inventories

Version control systems track all changes, allowing teams to revert to known-good states.

Version Control

A central repository, such as GitHub, serves as the authoritative source for infrastructure code.

Central Repository

Conflict identification occurs when multiple contributors modify the same lines of code.

Conflict Identification

Branching enables developers to work independently on features or fixes without impacting production code.

Branching

IPv6 eliminates the need for NAT by offering a vastly larger address space.

Mitigating Address Exhaustion (IPv6)

Dual stack allows devices to handle both IPv4 and IPv6 traffic during the transition period.

Dual Stack

Tunneling techniques (like 6to4 or ISATAP) enable IPv6 traffic to traverse IPv4 networks.

Tunneling

NAT64 allows IPv6-only clients to access IPv4-only services by translating address formats.

NAT64

Which technology separates the control plane from the data plane for centralized network control? A. VLAN B. SDN C. NAT D. MPLS

B. SDN

Which solution extends SDN principles to WANs for more efficient routing and policy control? A. VXLAN B. SD-WAN C. OSPF D. DMVPN

B. SD-WAN

Which SD-WAN feature allows a network to operate over various transport types like MPLS, LTE, or broadband? A. Dual Stack B. Application-aware routing C. Transport Agnostic D. NAT64

C. Transport Agnostic

What is the purpose of Zero-Touch Provisioning in modern networks? A. Manually configure all devices B. Encrypt endpoint traffic C. Automatically deploy devices without user intervention D. Prevent configuration drift

C. Automatically deploy devices without user intervention

Which protocol allows Layer 2 networks to be extended across Layer 3 boundaries? A. GRE B. SD-WAN C. VXLAN D. SNMP

C. VXLAN

What is the main benefit of Zero Trust Architecture (ZTA)? A. Static IP addressing B. Centralized authentication C. Implicit trust for internal devices D. Continuous authentication and least privilege access

D. Continuous authentication and least privilege access

Which security model allows granular access based on user roles and context? A. SASE B. Zero Trust C. VPN D. VLAN

B. Zero Trust

Which model delivers both networking and security functions as cloud-based services? A. SDN B. SSE C. MPLS D. SASE

D. SASE

What does Infrastructure as Code (IaC) enable? A. Manual server provisioning B. Static network topologies C. Automated infrastructure deployment using code D. Real-time encryption of VLANs

C. Automated infrastructure deployment using code

Which IaC concept ensures that systems match the intended configuration over time? A. Playbooks B. Configuration Drift / Compliance C. NAT64 D. Branching

B. Configuration Drift / Compliance

What allows IPv6 devices to communicate with IPv4-only devices? A. NAT64 B. Dual Stack C. VXLAN D. SD-WAN

A. NAT64

Which IPv6 transition method enables simultaneous use of IPv4 and IPv6? A. Tunneling B. Dual Stack C. NAT64 D. CIDR

B. Dual Stack

Which version control feature helps identify overlapping changes to infrastructure code? A. Branching B. Playbooks C. Conflict Identification D. Dynamic Inventory

C. Conflict Identification

This Ethernet standard supports 10 Mbps over twisted pair copper cables with a maximum distance of 100 meters.

10Base-T

This Ethernet standard provides 100 Mbps over twisted pair copper cables, typically Cat5 or higher, up to 100 meters.

100Base-TX

A gigabit Ethernet standard that uses twisted pair copper cables (Cat5e or Cat6) with a maximum range of 100 meters.

1000Base-T

A fiber optic Ethernet standard that supports 1 Gbps over multimode fiber (MMF) with a maximum distance of 550 meters.

1000Base-SX

A fiber optic Ethernet standard for 1 Gbps that uses single-mode fiber (SMF) with a range up to 10 kilometers.

1000Base-LX

This Ethernet standard supports 10 Gbps over multimode fiber up to 300 meters.

10GBase-SR

A 10 Gbps Ethernet standard that uses single-mode fiber with a maximum range of 10 kilometers.

10GBase-LR

This copper Ethernet standard supports 10 Gbps over Cat6a or Cat7 cables with a range of up to 100 meters.

10GBase-T

A high-speed Ethernet standard designed for data centers, providing 40 Gbps over multimode fiber up to 150 meters.

40GBase-SR4

An Ethernet standard that supports 40 Gbps over single-mode fiber with distances up to 10 kilometers.

40GBase-LR4

This standard supports ultra-fast data transfer at 100 Gbps using multimode fiber with a maximum distance of 150 meters.

100GBase-SR4

An Ethernet standard designed for long-distance 100 Gbps transmission over single-mode fiber up to 40 kilometers.

100GBase-LR4

A copper-based Ethernet standard that provides up to 2.5 Gbps over existing Cat5e or Cat6 cables.

2.5GBase-T

This standard supports 5 Gbps Ethernet using Cat5e or Cat6 cables, extending the usability of current infrastructure.

5GBase-T

Designed for long-range fiber optic Ethernet, this standard supports 10 Gbps over single-mode fiber with a reach of up to 40 kilometers.

10GBase-ER

A legacy Ethernet standard that provides 10 Mbps over coaxial cable, primarily used in older networks.

10Base2

An Ethernet standard that supports 10 Mbps over coaxial cable using a bus topology with a maximum segment length of 500 meters.

10Base5

This standard uses fiber optic cables to provide Ethernet at 100 Mbps over distances up to 2 kilometers.

100Base-FX

A legacy Ethernet standard running at 10 Mbps over twisted pair copper. Although outdated, it was a popular choice for early LAN networks.

10Base-T

This Fast Ethernet standard reaches speeds of 100 Mbps using twisted pair copper cables like Cat5 or higher. It uses two pairs of wires for transmission.

100Base-TX

A gigabit Ethernet standard that operates over copper cables (Cat5e or Cat6) with a range of 100 meters. It is widely used in modern networks for high-speed LANs.

1000Base-T

Designed for use in data centers and LANs, this standard uses multimode fiber to provide 1 Gbps speeds at distances up to 550 meters.

1000Base-SX

This fiber standard uses single-mode fiber to transmit 1 Gbps over long distances, often used for WAN connections up to 10 kilometers.

1000Base-LX

A short-range fiber standard designed for 10 Gbps Ethernet over multimode fiber. It’s commonly deployed in data centers with runs up to 300 meters.

10GBase-SR

Providing 10 Gbps Ethernet over single-mode fiber, this standard is ideal for long-distance WAN connections, supporting ranges up to 10 kilometers.

10GBase-LR

This standard enables 10 Gbps Ethernet over twisted pair copper cables, using Cat6a or Cat7. It can support up to 100 meters of transmission.

10GBase-T

Designed for high-speed connectivity within data centers, this Ethernet standard supports 40 Gbps over multimode fiber, with distances up to 150 meters.

40GBase-SR4

Using single-mode fiber, this 40 Gbps Ethernet standard is used for long-distance communication, reaching up to 10 kilometers.

40GBase-LR4

Supporting ultra-fast data transfer at 100 Gbps, this standard operates over multimode fiber with a maximum range of 150 meters.

100GBase-SR4

Designed for WAN and metropolitan area networks, this Ethernet standard provides 100 Gbps over single-mode fiber for distances up to 40 kilometers.

100GBase-LR4

Providing an upgrade path for existing networks, this Ethernet standard offers 2.5 Gbps over Cat5e or Cat6 cables for up to 100 meters.

2.5GBase-T

This copper standard supports speeds up to 5 Gbps using Cat5e or Cat6 cables, balancing speed and cost-effectiveness in modern networks.

5GBase-T

An extended range fiber optic Ethernet standard, this provides 10 Gbps over single-mode fiber with a range of up to 40 kilometers.

10GBase-ER

A legacy Ethernet standard operating at 10 Mbps over coaxial cable. Once common in LANs, it is now obsolete.

10Base2

An older Ethernet standard using coaxial cable to provide 10 Mbps over a bus topology, supporting segment lengths up to 500 meters.

10Base5

Designed for Fast Ethernet over fiber optic cable, this standard provides 100 Mbps at distances up to 2 kilometers using multimode fiber.

100Base-FX

Which Ethernet standard provides 10 Mbps over twisted pair copper cables up to 100 meters? A. 10Base-T B. 100Base-TX C. 1000Base-T D. 10GBase-T

A. 10Base-T

Which Ethernet standard is designed for 1 Gbps transmission using multimode fiber up to 550 meters? A. 1000Base-SX B. 1000Base-LX C. 10GBase-SR D. 10GBase-LR

A. 1000Base-SX

Which of the following supports 10 Gbps over Cat6a or Cat7 cables up to 100 meters? A. 10Base-T B. 100Base-TX C. 10GBase-T D. 1000Base-T

C. 10GBase-T

What is the maximum range for 1000Base-LX over single-mode fiber? A. 550 meters B. 10 kilometers C. 300 meters D. 40 kilometers

B. 10 kilometers

A network engineer needs to establish a 40 Gbps connection in a data center over a distance of 100 meters using multimode fiber. Which standard should be used? A. 40GBase-SR4 B. 40GBase-LR4 C. 10GBase-T D. 1000Base-SX

A. 40GBase-SR4

Which Ethernet standard offers speeds of 5 Gbps over Cat5e or Cat6 cables? A. 2.5GBase-T B. 5GBase-T C. 1000Base-T D. 10GBase-T

B. 5GBase-T

Which legacy Ethernet standard used coaxial cable in a bus topology, supporting 10 Mbps over distances up to 500 meters? A. 10Base2 B. 10Base5 C. 10Base-T D. 100Base-FX

B. 10Base5

A company requires a long-distance 10 Gbps link over single-mode fiber. Which standard should they select? A. 10GBase-SR B. 10GBase-LR C. 1000Base-SX D. 10GBase-T

B. 10GBase-LR

Which Ethernet standard supports speeds of 100 Gbps using multimode fiber over short distances up to 150 meters? A. 100GBase-SR4 B. 100GBase-LR4 C. 10GBase-SR D. 40GBase-SR4

A. 100GBase-SR4

A technician needs to provide Fast Ethernet connectivity over fiber for up to 2 kilometers. Which standard is most suitable? A. 100Base-FX B. 100Base-TX C. 1000Base-SX D. 10Base-T

A. 100Base-FX

In this mode, IPsec protects the payload of the original IP packet, leaving the original IP header intact. This mode is often used for end-to-end communication between devices.

Transport Mode

In this mode, IPsec encrypts and encapsulates the entire IP packet within a new IP header. This mode is commonly used for VPNs to secure communication between networks.

Tunnel Mode