Advanced Networking Devices

Question 1

VPN

Answer 1

Virtual Private Network

- encrypted tunnel between a computer or a remote network and a private network through the internet

Question 2

Tunnel Endpoints

Answer 2

the ends of a tunnel where the data is encrypted and decrypted

Question 3

VPN Tunnel

Answer 3

VPN creates virtual NIC on client (endpoint 1), creates a virtual cable (vpn tunnel) to the server (endpoint 2)

Question 4

PPTP VPN

Answer 4

Point-to-Point Tunneling Protocol

• advanced version of PPP
• server endpoint is a program on Windows server called RRAS (Routing and Remote Access Service)
• every OS comes with some built in client that supports PPTP
• commonly called “Host-to-Site Connection”

Question 5

L2TP VPN

Answer 5

Layer 2 Tunneling Protocol

• VPN Concentrator (can run on almost any connection)
• no auth or encryption (uses IPSec)
• supported by every OS VPN client

Question 6

host-to-site or client-to-site connection

Answer 6

Single connection between user and network

Question 7

site-to-site connection

Answer 7

Using two VPN concentrators to connect two networks

- slow but inexpensive

Question 8

SSL VPN

Answer 8

• do not require any special software
• connects using web browser
• secured using TSL

Question 9

DTLS VPN

Answer 9

Datagram TLS

- uses UDP instead of TCP

Question 10

DMVPN

Answer 10

Dynamic Multipoint VPN

• enables direct VPN connection between multiple locations directly
• uses IPSec

Question 11

default gateway on a switch

Answer 11

ip address of the router

Question 12

in-band and out-of-band management

Answer 12

in-band - can access switch over network

out-of-band - only a port can be used to access switch

Question 13

console router

Answer 13

a router with out-of-band management capabilities

Question 14

VLAN

Answer 14

Virtual LAN

• can take a single broadcast domain and chop it up into multiple broadcast domains
• done by assigning each port a specific VLAN

Question 15

Trunking

Answer 15

process of transferring traffic between one or more switches

Question 16

trunk port

Answer 16

a switch port configured to carry all traffic, regardless of VLAN, between all switches on a LAN

Question 17

native VLAN

Answer 17

the VLAN designation for a trunk port

Question 18

standard that enables you to connect switches from different manufacturers?

Answer 18

IEEE 802.1Q

Question 19

VLAN Assignment

Answer 19

the process of assigning ports to VLANs

Question 20

static vs dynamic VLANs

Answer 20

static - based on port

dynamic - based on MAC address

Question 21

access ports

Answer 21

opposite of trunk ports… connect workstations

Question 22

Why would you want to change a native VLAN

Answer 22

to mitigate against double-tagging attacks

Question 23

VTP

Answer 23

VLAN Trunking Protocol

• automates updating of multiple VLAN switches
• put switch in one of three states: server, client or tranparent

Question 24

VTP Pruning

Answer 24

miniminzing broadcast traffic

useful for larger-scale networks

Question 25

VTP state transparent

Answer 25

tells the switch not to update, but to hold its manual settings

Question 26

interVLAN Routing

Answer 26

process of making a router work between two VLANs

Question 27

Relay Agent

Answer 27

- also called DHCP relay - router will pass DHCP messages across the router interfaces - single DHCP server to server addresses to multiple networks or subnetworks

Question 28

troubleshooting VLANs

Answer 28

all about assingment - if you give an incorrect VLAN assignement to a device, you wont be able to see it or the device won't access resources - fix: change VLAN assignemnt

Question 29

Difference between layer 2 and 3 switches

Answer 29

2 - forwards traffic based on MAC addresses | 3 - forwards traffic based on IP addresses

Question 30

load balancing

Answer 30

making a bunch of servers look like a single server, creating a server cluster

Question 31

DNS Load Balancing

Answer 31

DNS server for domain has multiple "A" records for the same FQDN - DNS server cycles around records

Question 32

content switch

Answer 32

works at layer 7 - designed to work with web servers - can read incoming http and https requests - also called content filter

Question 33

QoS

Answer 33

Quality of Service | - prioritize traffic based on certain rules

Question 34

traffic shaping

Answer 34

control the flow of packets into or out of the network based on type of packet or other rules

Question 35

shapers

Answer 35

routers and switches that can impletment traffic shaping

Question 36

IDS

Answer 36

Intrusion detection system - inspects packets looking for intrusions - cant stop attack, but can request assistance from other devices, like a firewall

Question 37

IPS

Answer 37

Intrustion prevention system - sits directly in the flow of network traffic - can stop an attack - creates latency - if IPS goes down, link can go down - can block packets based on IP address, port number or application type - might even fix packets on-the-fly

Question 38

signatures

Answer 38

detectable patterns

Question 39

definition files

Answer 39

collection of signatures for known malware

Question 40

HIDS

Answer 40

Host-based IDS - runs on individual systems - monitors for events like system file modification or registry changes

Question 41

NIDS

Answer 41

Network-based IDS

Question 42

HIPS

Answer 42

Host-based IPS

Question 43

NIPS

Answer 43

Network-based IPS

Question 44

port mirroring

Answer 44

copy data from any or all physical ports on a switch to a single physical port local - ports on same switch remote - send data anywhere

Question 45

proxy server

Answer 45

sits in between clients and external servers - handles all requests for client - keeps server from knowing where client is - using caching for resources to speed up later requests

Question 46

forward proxy server

Answer 46

a proxy server working for clients

Question 47

reverse proxy server

Answer 47

a proxy server working for hosts