Advanced Networking Devices

Question 1

PPTP VPNs

Answer 1

Point to Point Tunneling protocol

Question 2

RRAS

Answer 2

Routing and Remote Access Service that Microsoft builds into Windows Server that uses PPTP

Question 3

L2TP VPN

Answer 3

Layer 2 Tunneling Protocol; took all the good feature of PPTP and L2F and added support to run on almost any type of connection.

Question 4

VPN Concentrator

Answer 4

Used by L2TP vpn that uses a VPN capable router instead of a server program

Question 5

Difference Between L2TP and PPTP

Answer 5

L2TP requires no auth or encryption; and uses IPsec for all security needs.

Question 6

SSL VPNs

Answer 6

Offers advantages over Data link or network Based VPNs because they don’t require any special client software. Clients connect to vpn over standard web browser with the traffic secured using TLS.

Question 7

Two types of SSL VPNs

Answer 7

1. SSL portal VPNs

2. SSL Tunnel VPNs

Question 8

SSL Portal VPN

Answer 8

Client accesses VPN and is presented with a secure web page where they can access anything linked to that page.

Question 9

SSL Tunnel VPN

Answer 9

Client web browser runs some kind of active control such as Java and gains more access to the VPN connected network.

Question 10

DTLS VPNs

Answer 10

Datagram TLS VPNs optimize connections for delay sensitive application such as voice and video over a vpn. Uses UDP rather than TCP segments for communications.

Question 11

DMVPN

Answer 11

Dynamic Multipoint VPN enables direct VPN connections between multipole locations directly. No need to travel through the main VPN point.

Question 12

GRE

Answer 12

Generic Routing Encapsulation paired with IPsec for encryption.

Question 13

VLAN

Answer 13

Virtual Local Area Network; allows you to segment a physical network into multiple discreet networks without having to add additional hardware.

Question 14

Trunking

Answer 14

The process of transferring VLAN traffic between two or more switches

Question 15

Trunk port

Answer 15

A port on a switch configured to carry all traffic, regardless of VLAN number bweteen all switches in a LAN.

Question 16

Tagging

Answer 16

Access ports that are configured to do the work of tagging traffic with the appropriate VLAN when frames enter the switch

Question 17

VTP

Answer 17

VLAN trunking protocol; allows automation of multiple VLAN switches

Question 18

3 types of switch in VTP

Answer 18

1. Server
2. Client
3. Transparent

When you change vlan config on server switch, all connected client switches update their configs within minutes.

Question 19

VTP Pruning

Answer 19

a Tool for minimizing broadcast traffic.

Question 20

InterVLAN routing

Answer 20

The process of making a router work between two VLANS

Question 21

Relay Agent/DHCP Relay

Answer 21

Enabled within a router to pass DHCP messages across the router interfaces.

Question 22

Load Balancing

Answer 22

Means making a bunch of servers look like a single server, creating a server cluster.

Question 23

DNS Load Balancing

Answer 23

Each DNS server gets its own public IP address but has multiple A DNS records each with an FQDN. The DNS server then cycles around those records so the same domain name resolved to different IP addresses.

Question 24

Conent Switch

Answer 24

Can read incoming HTTP and HTTPS requests and can perform such actions as handling SSL certs and cookies or removing workload from the web servers.

Question 25

QoS and traffic Shaping

Answer 25

Quality of Service policies to prioritize traffic based on certain rules. Controlls how much bandwidth a protocol, pc, VLAN or IP can use.

Question 26

Port Bonding (link aggregation, NIC Bonding, NIC teaming, port aggregation)

Answer 26

Connecting two or more ports together and are treated as a single connection allowing the throughput to be multiplied by the number of linked connectors.

Question 27

PAgP

Answer 27

Port Aggregation Protocol; Ciscos version of Port bonding

Question 28

LACP

Answer 28

Link Aggregation Control Protocol

Question 29

LACP IEEE designation

Answer 29

IEEE 802.1AX-2014.

Question 30

Network Protection has 4 areas, what are they?

Answer 30

1. Intrusion protection/intrusion prevention 2. Port Mirroring 3. Proxy Serving 4. AAA

Question 31

Intrusion Detection/intrustion prevention

Answer 31

detect that something has intruded into a network and then do something about it.

Question 32

IDS

Answer 32

Intrusion Detection System; is an application that inspects packets, looking for active intrusions. Inspects traffic inside a network and can discover internal threats.

Question 33

Network Based IDS

Answer 33

consists of multiple sensors placed around a network often on one or both sides of the gateway router. These sensors report to a central application that reads a signature file to detect anything out of the ordinary.

Question 34

Host Based IDS

Answer 34

software running on individual systems that monitors for events such as system file modification or registry changes.

Question 35

IPS

Answer 35

Intrusion Prevention System; sits directly in the flow of network traffic. Can stop an attack while its happening. Network and bandwidth take a hit, and if it goes down the network might go down.

Question 36

HIPS

Answer 36

Host based intrusion prevention system is located on the host.

Question 37

NIPS

Answer 37

Network Intrusion prevention system.

Question 38

Port Mirroring

Answer 38

Managed Switches capability to copy data from any or all physical ports on a switch to a single physical port. Used where admin needs to inspect packets coming to or from certain computers.

Question 39

Proxy Serving

Answer 39

Sits between clients and external servers, pocketing the requests from the clients for server resources and making those requests itself.