C5. Networking Devices

Question 1

What is a network interface card? What kind of connections does it provide?

Answer 1

NIC is a card installed on your computer to connect, or interface, your computer to the network. It provides the physical, electrical, and electronic connections to the network media

Question 2

What layer is the NIC based on?

Answer 2

The NIC is a layer 2 device because the information it uses for communication - the MAC address - resides on the Data Link layer

Question 3

What is the NIC built into?

Answer 3

It’s built into a computer motherboard - or it is an expansion card. Either way

Question 4

What do the NIC LEDs indicate?

Answer 4

There typically are a couple of LEDs.

1) One, usually green, is called a link light - it indicates that the Ethernet connection has been established w the device on the other end of the cable; it flickers when the traffic goes back and forth
2) Another is activity LED - tends to flicker constantly; the activity indicates intermittent transmission and reception of frames arriving at the network or leaving it
2) Others are just there to indicate connection speed

Question 5

What is a hub?

Answer 5

A hub is a device that connects all network segments together in a star topology

Question 6

What layer is a hub?

Answer 6

A hub is a layer 1 device - it has no intelligence of its own

Question 7

How do other devices interface with the network?

Answer 7

• Each network device connects directly to the hub through a single cable and is used to connect multiple devices without segmenting a network.
• Any transmission received on one port will be sent out to all other ports in the hub, including the receiving pair for the transmitting device - so that CSMA/CD on the transmitter can monitor for collisions

Question 8

What happens when one station sends a broadcast to a network?

Answer 8

All other devices in a network receive it! Based on the addressing found in the frame, only the intended recipient will actually listen to the broadcast message and process it

Question 9

Why are hubs not recommended for today’s corporate networks?

Answer 9

Because any two or more of these connected devices have the potential of causing a collision with one another, which means that the hardware device will create a LAN with the most network traffic collisions

Question 10

What is a bridge?

Answer 10

A bridge is a network device that connects two similar network segments together. Its primary function is to keep traffic separated on either side of the bridge, breaking up collision domains

Question 11

When is the traffic allowed to pass through the bridge?

Answer 11

It’s allowed to pass only if the transmission is intended for a station on the opposite side

Question 12

Why would you place a bridge on a network?

Answer 12

To connect two network segments together or to divide a busy network into two segments

Question 13

Which layer are bridges on?

Answer 13

As bridges use MAC addresses to make forwarding decisions, they are Layer 2 devices

Question 14

What is a switch?

Answer 14

Switches are devices that connect multiple network segments together much like hubs do - but
!) a switch recognizes frames
!!) it pays attention to the source and dest. MAC addresses of the incoming frame as well as the port on which it was received

Question 15

How does switch interpret/handle its ports?

Answer 15

It makes each of its ports a unique, singular collision domain

Question 16

What does a switch do when it notes that a frame’s final destination happens to be on a segment connected via a different port than the one on which the frame was received?

Answer 16

The switch will only forward the frame out from the specific port on which the destination is located

Question 17

What does a switch do when it can’t figure out the frame’s final destination?

Answer 17

It will flood the frame out every port except the one on which the frame port was received

Question 18

What do unmanaged switches do? What can’t they do?

Answer 18

They perform the basic switching process and do not allow you to configure more advanced features like adding an IP address for telenetting to the device

Question 19

What is a router?

Answer 19

A router is a network device used to connect many, sometimes disparate, network segments together, combining them into and INTERnetwork

Question 20

What can a well-configured router do? How does it do it?

Answer 20

It can make intelligent decisions about the best way to get network data to its destination
It gathers the necessary information based on the network performance data

Question 21

What layer are they on?

Answer 21

As routers use IP addresses to make forwarding decisions, they are Layer 3 devices

Question 22

How are routers analogous to computers?

Answer 22

They have their own complex operating systems - you can even think of them as CPUs that are totally dedicated to the process of packet routing.

Due to their complexity, you can configure them to perform the functions of other types of networking devices s.a. firewalls by simply implementing a specific feature within router’s software

Question 23

What’s the major difference between a router interface and a switch interface?

Answer 23

On a switch, you don’t add an IP address since they only read to layer 2, and most of the time, you never even need to configure the switch interface

A router expects an IP address on the interface - it does not have one by default - and a good Layer 3 network design must be considered before installing a router

Question 24

What is one configuration set on switch ports by default?

Answer 24

duplex auto. Don’t touch it

Question 25

What is the switch configuration that you can and probably should adjust?

Answer 25

Speed!

Question 26

What is the purpose of a router interface?

Answer 26

To create and maintain broadcast domains and connectivity of WAN services
Before routers can work, their interfaces must be configured and enabled!

Question 27

What is a firewall?

Answer 27

A firewall is a standalone blackbox or a software implementation (placed on a server or a router) that protects LAN resources from invaders that prowl the internet for unprotected networks while simultaneously preventing all or some of your LAN’s computers from accessing certain devices on the internet

Question 28

Which OSI layers do firewalls operate on?

Answer 28

Multiple kinds! Some can operate up to the application level

Question 29

What connections do the firewalls have?

Answer 29

One to the internet and one to the network

Question 30

What’s the point of the second firewall and what is it called?

Answer 30

Demilitarized zone DMZ is used to connect servers and equipment that can be considered both public and private (s.a. email and web servers)

Question 31

What are IDS/IPS?

Answer 31

Intrusion detection systems are network security appliances that monitor networks and packets for malicious activities

Question 32

What’s the difference between an IDS and an IPS?

Answer 32

IDS: monitor mode - simply just records problems

IPS - can work in real time to stop problems as they occur

Question 33

What is a HIDS? Where is it typically implemented?

Answer 33

Host-based intrusion detection system implemented on a server

Question 34

What is an access point?

Answer 34

An AP is a hub that accepts wireless clients via an analog wireless signal (which was generated from a digital signal sent by the wireless client)

Question 35

On which layer do access points operate?

Answer 35

They operate on layer 2

Question 36

What is an extender?

Answer 36

It’s a radio and antenna that operates in the same frequency or channel and receives the signal as a station would and then transmits it in the desired direction to clients that are out of reach on the original AP

Question 37

What is a contention method?

Answer 37

A method used by wired and wireless environments to arbitrate access to the medium to help prevent collisions or at least recover them from where they occur

Question 38

Describe the CSMA/CA Operation

Answer 38

1. Laptop A has a frame to send to laptop B. Before sending, laptop A must check for traffic in two ways. First, it performs carrier sense, which means it listens to see whether any radio waves are being received on its transmitter.
2. If the channel is not clear (traffic is being transmitted), laptop A will decrement an internal countdown mechanism called the random back-off algorithm. This counter will have started counting down after the last time this station was allowed to transmit. All stations will be counting down their own individual timers. When a station’s timer expires, it is allowed to send.
3. If laptop A checks for carrier sense and there is no traffic and its timer hits zero, it will send the frame.
4. The frame goes to the AP.
5. The AP sends an acknowledgment back to laptop A. Until that acknowledgment is received by laptop A, all other stations must remain silent. The AP will cache the frame, where it already may have other cached frames that need to be relayed to other stations.
6. Each frame that the AP needs to relay must wait its turn to send the frame using the same mechanism as the stations. When the frame’s turn comes up in the cache queue, the frame from laptop A will be relayed to laptop B.
7. Laptop B sends an acknowledgment back to the AP. Until that acknowledgment is received by the AP, all other stations must remain silent.

Question 39

Describe the CSMA/CD operation.

Answer 39

1. When a device needs to transmit, it checks the wire. If a transmission is already under way, the device can tell. This is called carrier sense
2. If the wire is clear, the device will transmit. Even as it is transmitting, it is performing carrier sense.
3. If another host is sending simultaneously, there will be a collision. The collision is detected by both devices through carrier sense.
4. Both devices will issue a jam signal to all the other devices, which indicates to them to not transmit.
5. Then both devices will increment a retransmission counter. This is a cumulative total of the number of times this frame has been transmitted and a collision has occurred. There is a maximum number at which the device aborts the transmission of the frame.
6. Both devices will calculate a random amount of time and will wait that amount of time before transmitting again. This calculation is called a random back-off .
7. In most cases, because both devices choose random amounts of time to wait, another collision will not occur.

Question 40

What does DHCP stand for?

Answer 40

Dynamic Host Configuration Protocol Server

Question 41

What do DHCP servers do?

Answer 41

They assign IP addresses to hosts.

Question 42

How do DHCP servers assign IPs to hosts?

What happens if the DHCP server isn’t on the same segment as the DHCP client?

Answer 42

A DHCP server receives a request for IP information from a DHCP client using a broadcast
If the DHCP server isn’t on the same segment as the DHCP client, the broadcast won’t be received by the server because by default, routers won’t forward broadcasts

Question 43

What does a DHCP client ask for? What does a DHCP server provide?

Answer 43

Scope options comprise the informational elements that DHCP servers provide to DHCP clients and include

• TTL
• DNS server
• TFTP server

Question 44

What is one parameter in DHCP server response that’s hugely important in figuring out if you have a DHCP problem?

Answer 44

The lease time

Question 45

How is a DHCP server configured to ensure that a host always receives the same IP address?

Answer 45

Using a reservation list, made based on the router interface MAC address

Question 46

On what layer does the DHCP protocol operate?

Answer 46

It’s an application layer protocol

Question 47

What is a DHCP relay?

Answer 47

A feature of DHCP servers that helps to provide addresses from a DHCP server to hosts that aren’t on the same LAN as the DHCP server

• When this feature is up, a router interface relays the DHCP client requests;
• Otherwise, the router would receive a DHCP client broadcast and promptly discard it, as a result of which the remote host would never receive an address … unless we add a DHCP server on every broadcast domain

Question 48

What is IPAM?

Answer 48

IP address management tools are software products that integrate the management of DHCP and DNS. It is used to plan, track, and manage IP addresses

Question 49

What is a multilayer switch?

Answer 49

MLS is a computer networking device that switches on Open Systems Interconnection OSI Layer 2 like an ordinary network switch - that provides routing

Question 50

On which layer does an MLS operate?

Answer 50

It operates on layer 3 while still providing 24 collision domains

Question 51

What is another name for the host in all things DNS records?

Answer 51

A host is otherwise called an A record

Question 52

What does a host do in DNS?

Answer 52

A host resolves hostnames to IP addresses

Question 53

What kind of DNS record resolves IP addresses to hostnames?

Answer 53

It’s a pointer record, or PTR. PTRs reside in a reverse lookup zone in the server.

Question 54

What does the MX DNS record stand for and what does it do?

Answer 54

MX = mail exchanger; in DNS, it translates mail records. The MX record points to the mail exchanger for a particular host

Question 55

What does the CNAME DNS record stand for and do?

Answer 55

A CNAME stands for canonical name - it’s more commonly known as an alias record and allows hosts to have more than one name

Question 56

How does DNS work with DHCP?

Answer 56

Host registers their names with the DNS server as they receive their IP address configuration from the DHCP server

Question 57

Where can DNS be located?

Answer 57

DNS can be located in the DMZ or inside the intranet

Question 58

What does the DNS contain when placed inside the DMZ?

Answer 58

In that case the DNS will only contain the records of the devices placed inside the DMZ

Question 59

What is a proxy server?

Answer 59

A proxy server is a type of server that handles its client-machine requests by forwarding them on to other servers while allowing granular control over the traffic between the local LAN and the Internet

Question 60

What happens when a proxy server receives a request?

Answer 60

It connects to the specific server that can fulfil the request for the client that wants it

Question 61

On what level does a proxy server operate on?

Answer 61

Application layer

Question 62

What does the proxy server cache and what’s the point?

Answer 62

Sometimes, when the proxy modifies client’s request or a server’s response to it, it will cache the specific server that would have normally been contacted for the request in case it’s needed another time. This behavior speeds up network’s function, thereby optimizing its performance/

Question 63

Name the two main kinds of proxy servers

Answer 63

Web Proxy Server and Caching Proxy Server

Question 64

Web Proxy Server - what is it for?

Answer 64

It is a server used to create a web cache - stuff that happens when a website “remembers” you

Question 65

What does a Caching Proxy Server do?

Answer 65

A caching proxy server recovers information from a client’s earlier request.

Question 66

What is a Caching Proxy Server good for?

Answer 66

They minimize the upstream use of bandwidth and greatly optimize the network performance

Question 67

What are the key advantages of using encryption devices?

Answer 67

These devices typically provide more choice of encryption methods and stronger encryption options.
They also offload the respective processes from routers and servers, so that routers and servers could focus on their own thing!

Question 68

What is the benefit of dedicating a device to content filtering?

Answer 68

It offloads the same kind of work from routers and servers …

Question 69

What does a modem do?

Answer 69

A modem (modulator - demodulator) is a device that modulates an analog carrier signal to encode digital information and demodulates the signal to decode this transmitted information

Question 70

What’s a packet shaper?

Answer 70

It’s a device that delays some or all packets to bring them into compliance with your or your company’s traffic profile

Question 71

What does a VPN concentrator do?

Answer 71

A VPN concentrator is a device that accepts multiple VPN connections from remote locations.

Question 72

What is a VoIP PBX?

Answer 72

• It’s a device that switches between Voice Over IP (Internet Protocol) users on local lines while allowing all users to share a certain number of external phone lines
• PBX stands for private branch exchange and this is a private telephone switch that resides on the customer premises - it has a direct connection to the telecommunication provider’s switch. It performs call routing within the internal phone system.

Question 73

What is a VoIP endpoint?

Answer 73

It’s a desktop phone system or wireless phone system that is part of the converged network where data and voice traffic is combined

Question 74

How are NGFWs (Next-gen firewalls) different from the traditional firewalls?

Answer 74

1) Next-gen firewalls are application-aware, meaning that they can distinguish between specific applications instead of allowing all traffic coming in via typical web ports.
2) They examine packets only once, during the deep packet inspection phase, which is required to detect malware and anomalies

Question 75

What is a VoIP gateway? What ports do they have?

Answer 75

It’s a kind of network device that helps to convert voice and fax calls between an IP network and Public Switched telephone network in real time. They typically have at least one Ethernet and telephone port.