C172 Network and Security Flashcards Preview

WGU > C172 Network and Security > Flashcards

Flashcards in C172 Network and Security Deck (148):


The set of rules established for users to exchange information.



The network architecture used to interconnect the networking equipment.


Deterministic Network

Access to the network is provided at fixed time intervals.


Token Ring Topology

A network topology configured in a logical ring that complements the token passing protocol.


Bus Topology

The computers share the media (coaxial cable) for data transmission.


Star Topology

The most common networking topology in today's LANs where all networking devices connect to a central switch or hub.


Multiport Repeater

Another name for a hub, a device that broadcasts messages to all devices connected to its ports, not just the intended one.



Forwards a frame of data to the port associated with the destination address instead of sending it to every port.


Mesh Topology

All networking devices are directly connected to each other.


OSI Model

Open Systems Interconnect. Developed in 1984 by the International Organization for Standardization. It represents the seven layers describing network functions. Application, Presentation, Session, Transport, Network, Data Link, and Physical.


Physical Layer

1. Provides the electrical and mechanical connection to the network. NIC Card, Fiber Cable, Twister Pair Cable.


Data Link Layer

2. Handles error recovery, flow control (synchronization), and sequencing (which terminals are sending and which are receiving). This is where the MAC (media access control) Addressing is defined. The Ethernet 802.3 standard is defined in this area. MAC Addresses.


Network Layer

3. Accepts outgoing messages and combines messages or segments into packets, adding a header that includes routing information. It acts as the network controller. IP (Internet Protocol) and IPC (Internetwork Packet Exchange).


Transport Layer

4. Is concerned with message integrity between source and destination. Segments/Reassembles the packets and handles flow control. TCP (Transmission Control Protocol) and UDP (User Datagram Protocol).


Session Layer

5. Provides the control functions necessary to establish, manage, and terminate the connections as required to satisfy the user request. NFS (Network File System) and SQL (Structured Query Language).


Presentation Layer

6. Accepts and structures the messages for the application. It translates the message from one code to another if necessary. This layer is responsible for data compression and encryption. ASCII(American Standard code for Information Exchange) and JPEG (Joing Photographic Experts Group).


Application Layer

7. Interacts with application programs that incorporate a communication component such as your internet browser and email. This layer is responsible for logging the message in, interpreting the request, and determining what information is needed to support the request. HTTP (Hypertext Transfer Protocol), FTP (File Transfer Protocol), and SMTP (Simple Mail Transfer Protocol).


Three basic steps in isolating a network problem

Is the connection to the machine down? (Layer 1)
Is the network down? (Layer 3)
Is a service on the specific machine down? (Layer 7)



The Ethernet LAN media-access method, carrier sense multiple access with collision detection.



The most common networking protocol used in modern computer networks. Basically, for a computer to "talk" on the Ethernet network, it first "listens" to see whether there is any data traffic (carrier sense). This means that any computer connected to the LAN can be "listening" for data traffic, and any of the computers on the LAN can access the network (multiple access). There is a chance that two or more computers will attempt to broadcast a message at the same time; therefore, Ethernet systems must have the capability to detect data collisions (collision detection).



A piece of information being transmitted that includes the header, data, and, trailer. Minimum length is 64 bytes from the destination MAC address through the frame check sequence. Maximum length is 1,518 bytes; 6 bytes for the destination MAC, 6 for source MAC 2 for length/type; 1,500 for data, and 4 for CRC.


Frame Header

Consists of the preamble (alternating pattern of 1s and 0s used for synchronization), start frame delimiter (a binary sequence of 10101011 that indicates the start of a frame), destination, and source address (MAC addresses), and length/type field (An indication of the number of bytes in the data field if this value is less than 1500. If this number is greater than 1500 it indicates the type of data format for example IP or IPX..


Frame Data

Actual Data being transmitted followed by the pad used to bring the number of bytes up to the minimum of 46.


Frame Trailer

4 byte CRC (cyclic redundancy check) value used for error checking.


MAC Address

Media Access Control. 6 Bytes (48 bits) displayed in 12 hexadecimal digits. The first 6 indicate the vendor of the interface, the last 6 form a unique value for each device assigned by the vendor. Also called the Ethernet, physical, hardware, or adapter address.



Internet Assigned Numbers Authority, the agency that assigns IP Addresses to computer networks and makes sure no two different networks are assigned the same IP network address.


Class A

44.x.x.x. Max number of hosts 16,777,214 Range


Class B

128.123.x.x. Max number of hosts 65,534. Range


Class C

192.168.1.x. Max number of hosts 254. Range


Class D

224.x.x.x Reserved for multicast groups. Range


Network Number

The portion of the IP Address that defines which network the IP packet is originating from or being delivered to. If the address is class A 44.x.x.x the 44 is the network number.


Host Number

The porting of the IP address that defines the address of the networking device connected to the network. If the address is class C 192.168.1.x the x is the host number.



Organizationally Unique Identifier. First 6 bytes of a MAC address, identifies the vendor of the device.


Wi-Fi Standards

802.11a (Wireless-A): This standard can provide data transfer rates up to 54Mbps and an operating range up to 75 feet. It operates at 5GHz.
802.11b (Wireless-B): This standard can provide data transfer rates up to 11Mbps with ranges of 100-150 feet. It operates at 2.4GHz.
802.11g (Wireless-G): This standard can provide data transfer rates up to 54Mbps up to 150 feet. It operates at 2.4GHz.
802.11n (Wireless-N): This standard provides data transfer rates up to 4 x 802.11g speeds (200+Mbps). It operates either at 2.4GHz or 5GHz.
802.11ac (Wireless-AC): This is the latest wireless standard. It provides single-station data transfer rates of 500Mbps and operates in the 5GHz frequency band.



Where NAT translates the home network's private IP addresses to a single public IP address.



Port Address Translation. A port number is tracked with the client computer's private address when translating to a public address.



10Base2 10Mbps over coaxial cable up to 185 m, also called ThinNet (seldom used anymore)
10Base5 10Mbps over coaxial cable up to 500 m, also called ThickNet (seldom used anymore)
10BaseT 10Mbps over twisted-pair
10BaseF 10Mbps over multimode fiber-optic cable
10BaseFL 10Mbps over 850 nm multimode fiber-optic cable
100BaseT 100Mbps over twisted-pair (also called Fast Ethernet)
100BaseFX 100Mbps over fiber
1000BaseT 1000Mbps over twisted-pair
1000BaseFX 1000Mbps over fiber
10GE 10GB Ethernet



Transmit and receive signal pairs are crossed properly to properly align the transmit signal on one device with the receive signal on the other device.



Transmit and receive signal pairs are aligned end-to-end. Uplink Port for connecting switches to other switches.


EIA/TIA 568-A Addendum 5.

Published in 1999, this addendum defined the transmission performance specifications for 4-pair 100 ohm category 5e twisted-pair cabling. TIA/EIA adopted new category 6 (CAT6) cable specifications in June 2002. This is the type of cabling recommended for use in today's computer networks,


Campus Network

Interconnected LANs within a limited geographic area.



Published in 2000. The three parts of the EIA/TIA 568-B are as follows:
EIA/TIA-568-B.1: Commercial Cabling Standard, Master Document
IA/TIA-568-B.2: Twisted-pair Media
EIA/TIA-568-B.3: Optical Fiber Cabling Standard


Building Entrance

The point where the external cabling and wireless services interconnect with the internal building cabling. Also called the Entrance Facilities.


Equipment Room (ER)

A room set aside for complex electronic equipment such as the network servers and telephone equipment.


Telecommunications Closet

The location of the cabling termination points that includes the mechanical terminations and the distribution frames


Backbone Cabling

Equipment Room. Cabling that interconnects telecommunication closets in the same building and between buildings


Horizontal Cabling

Cabling that extends out from the telecommunications closet into the LAN work area


Work Area

The location of the computers and printers, patch cables, jacks, computer adapter cables, and fiber jumpers.


MC (Main Cross-Connect)

Usually connects two or more buildings and is typically the central telecommunications connection point for a campus or building. It is also called the main distribution frame (MDF) or main equipment room. The MC connects to Telco, an IS P, and so on. Another term for the MC is the campus distributor (CD).


IC (Intermediate Cross-Connect)

Also called the building distributor (BD), this is the building's connection point to the campus backbone. The IC links the MC to the horizontal cross-connect (HC).


HC (Horizontal Cross-Connect)

The connection between the building distributors and the horizontal cabling to the work area or workstation outlet—another term used for the HC is the floor distributors (FD).



Or Work Area Outlet (WO). Also called the TO (telecommunications outlet), it's used to connect devices to the cable plant. The cable type typically used is CAT3, CAT5, CAT5e, CAT6, CAT6A, and various coaxial cables. Devices typically connected to these outlets are PCs, printers, servers, phones, televisions, and wireless access points.



The proper term for the RJ-45 modular plug used in computer systems is actually 8P8C for both male and female connectors. 8P8C stands for 8-pin 8-conductors and is defined by ANSI/TIA-968-A and B but is commonly called RJ-45 by both professionals and end users.



Unshielded twisted-pair (UTP) cable plays an important role in computer networking. The most common twisted-pair standards used for computer networking today are category 6 (CAT6), category 6a (CAT6a), and category 5e (CAT5e). CAT6 cable is tested to provide the transmission of data rates up to 1000Mbps for a maximum length of 100 meters. CAT6a is an improved version of CAT6 and will support 10GB Ethernet.

CAT5e cable is an enhanced version of CAT5 and provides improved performance requirements of the cable. CAT6 provides improved performance and a bandwidth of 250MHz. CAT5/5e twisted-pair cable contains four color-coded pairs of 24-gauge wires terminated with an RJ-45 (8P8C) connector. CAT6 twisted-pair cable also contains four color-coded wires, but the wire gauge is 23AWG. CAT6 cable has a stiffer feel compared to CAT5e.

The precise manner in which the twist of CAT6/5e/5 cable is maintained, even at the terminations, provides a significant increase in signal transmission performance. CAT5/5e standards allow 0.5 inches of untwisted cable pair at the termination. CAT6 has an even tighter requirement that allows for only 3/8-inch of untwisted cable at the termination. The termination is the point where the cable is connected to terminals in a modular plug, jack, or patch panel.

CAT6/5e/5 twisted-pair cable contains four twisted wire pairs for a total of eight wires. In twisted-pair cable, none of the wires in the wire pairs are connected to ground. The signals on the wires are set up for a high (+) and low (-) signal line. The (+) indicates that the phase relationship of the signal on the wire is positive, and the (-) indicates that the phase of the signal on the wire is negative; both signals are relative to a virtual ground. This is called a balanced mode of operation—the balance of the two wire pairs helps maintain the required level of performance in terms of crosstalk and noise rejection.


UTP Categories

Category 3 (CAT3) Telephone installations Class C Up to 16Mbps
Category 5 (CAT5) Computer networks Class D Up to 100MHz/100Mbps 100-m length
Enhanced CAT5 (CAT5e) Computer networks 100MHz/1000Mbps applications with improved noise performance in a full duplex mode
Category 6 (CAT6) Higher-speed computer Up to 250MHz networks Class E/1000Mbps
CAT6 supports 10Gbps but at distances fewer than 100 meters
Category 6a (CAT6a) Increased bandwidth Up to 500MHz networks Class Ea/10Gbps
Category 7 (CAT7) International Organization for Standardization (ISO ) standard, not an EIA/TIA standard Up to 600MHz speed computer networks Class F/10Gbps
Category 7a (CAT7a) ISO standard, not an EIA/TIA standard Up to 1000MHz speed computer networks Class FA/10Gbps


Full Duplex

Computer system can transmit and receive at the same time



In some applications, a wire screen or metal foil shield is placed around the twisted-pair cable. Cable with the addition of a shield is called STP cable. The addition of this shield reduces the potential for electromagnetic interference (EMI) as long as the shield is grounded. EMI originates from devices such as motors and power lines and from some lighting devices such as fluorescent lights.


T568A and T568B Color Map

Pin # 568A Wire Color 568B Wire Color
1 White-Green White-Orange
2 Green Orange
3 White-Orange White-Green
4 Blue Blue
5 White-Blue White-Blue
6 Orange Green
7 White-Brown White-Brown
8 Brown Brown



Point from one cable termination to another


Full Channel

Consists of all the link elements from the wall plate to the hub or switch


Copper Attenuation (Insertion Loss)

This parameter defines the amount of loss in signal strength as it propagates down the wire. This is caused by the resistance of the twisted-pair cable, the connectors, and leakage of the electrical signal through the cable insulation. Attenuation also will increase with an increase in frequencies due to the inductance and capacitance of the cable. The cable test results will report a margin. Margin for attenuation (insertion loss) is defined as the difference between the measured value and the limit for the test. If the margin shows a negative value, the test has failed. A negative value is produced when the measured value is less than the limit. The limit for attenuation (insertion loss) for CAT6 is 21.3 dB, CAT6A is 20.9, CAT7 is 20.8, and CAT7a is 20.3. It is also important to note that UTP cables have a limit on how much the cable can be bent (bend radius). The limit on the bend radius is four times the outer jacket diameter. The reason for this is bends exceeding the limit can introduce attenuation loss.


Near-End Crosstalk (NEXT)

When current travels in a wire, an electromagnetic field is created. This field can induce a voltage in adjacent wires resulting in crosstalk. Crosstalk is what you occasionally hear on the telephone when you can faintly hear another conversation. Near-end crosstalk, or NEXT, is a measure of the level of crosstalk, or signal coupling within the cable. The measurement is called near-end testing because the receiver is more likely to pick up the crosstalk from the transmit to the receiver wire pairs at the ends. The transmit signal levels at each end are strong, and the cable is more susceptible to crosstalk at this point. Additionally, the receive signal levels have been attenuated due to normal cable path loss and are significantly weaker than the transmit signal. A high NEXT (dB) value is desirable.



The enhanced twisted-pair cable must meet four-pair NEXT requirements, called PSNEXT testing. Basically, power sum testing measures the total crosstalk of all cable pairs. This test ensures that the cable can carry data traffic on all four pairs at the same time with minimal interference. A higher PSNEXT value is desirable because it indicates better cable performance.


Equal Level FEXT (ELFEXT)

This measurement differs from NEXT in that the measurement is for the far end of the cable. Additionally, the ELFEXT measurement does not depend on the length of the cable. This is because ELFEXT is obtained by subtracting the attenuation value from the far-end crosstalk (FEXT) loss. Higher ELFEXT values (dB) indicate the signals at the far end of the cable are larger than the cross-talk measured at the far end. A larger ELFEXT (dB) value is desirable. A poor ELFEXT can result in data loss.



Power sum ELFEXT that uses all four wire pairs to obtain a combined ELFEXT performance measurement. This value is the difference between the test signal level and the cross-talk measured at the far end of the cable. A higher PSELFEXT value indicates better cable performance.



This measurement compares the signal level from a transmitter at the far end to the crosstalk measured at the near end. A larger ACR indicates that the cable has a greater data capacity and also indicates the cable's ability to handle a greater bandwidth. Essentially, it is a combined measurement of the quality of the cable. A higher ACR value (dB) is desirable.



Power sum ACR uses all four wire pairs to obtain the measure of the attenuation-crosstalk ratio. This is a measurement of the difference between PSNEXT and attenuation (insertion loss). The difference is measured in dB, and higher PSACR dB values indicate better cable performance.


Return Loss

An equally important twisted-pair cable measurement is return loss. This measurement provides a measure of the ratio of power transmitted into a cable to the amount of power returned or reflected. The signal reflection is due to impedance changes in the cable link and the impedance changes contributing to cable loss. Cables are not perfect, so there will always be some reflection. Examples of the causes for impedance changes are non-uniformity in impedance throughout the cable, the diameter of the copper, cable handling, and dielectric differences. A low return loss value (dB) is desirable.


Propagation Delay

This is a measure of the amount of time it takes for a signal to propagate from one end of the cable to the other. The delay of the signal is affected by the nominal velocity of propagation (NVP) of the cable. NVP is some percentage of the velocity of light and is dependent on the type of cable being tested. The typical delay value for CAT5/5e UTP cable is about 5.7 nsec per meter. The EIA/TIA specification allows for 548 nsec for the maximum 100-meter run for CAT5e, CAT6, CAT6a, CAT7, and CAT7A


Delay Skew

This is a measure of the difference in arrival time between the fastest and the slowest signal in a UTP wire pair. It is critical in high-speed data transmission that the data on the wire pair arrive at the other end at the same time. If the wire lengths of different wire pairs are significantly different, then the data on one wire will take longer to propagate along the wire, hence arriving at the receiver at a different time and potentially creating distortion of the data and data packet loss. The wire pair with the shortest length will typically have the least delay skew.


Alien Crosstalk (AXT)

Unwanted signal coupling from one permanent link to another


Multilevel Encoding

Technique used to reduce in the required bandwidth required to transport the data


Refractive Index

Ratio of the speed of light in free space to its speed in a given material.


Infrared Light

Light extending from 680 nm up to the wavelengths of the microwaves


Optical Spectrum

Light frequencies from the infrared on up


Most Commonly Used Wavelengths in Fiber-Optic Systems

Multimode fiber: (850 and 1310) nm
Single mode fiber: (1310 and 1550) nm
Fiber to the home/business: 1600-1625 nm


Typical construction of a fiber-optic cable

The core is the portion of the fiber strand that carries the transmitted light. The cladding is the material surrounding the core. It is almost always glass, although plastic cladding of a glass fiber is available but rarely used. In any event, the refractive index for the core and the cladding are different. The cladding must have a lower index of refraction to keep the light in the core. A plastic coating surrounds the cladding to provide protection.


Numerical Apeture

The numerical aperture is a basic specification provided by the manufacturer that indicates the fiber's ability to accept light and shows how much light can be off-axis and still propagate.


Multimode Fibers

The difficulty of coupling significant light into such a small fiber led to development of fibers with cores of about 20 to 100 µm. These fibers support many waveguide modes and are called multimode fibers. The first commercial fiber-optic systems used multimode fibers with light at 800–900 nm wavelengths. A variation of the multimode fiber was subsequently developed, termed graded-index fiber. This afforded greater bandwidth capability.


Pulse Dispersion

Stretching of received pulse width because of multiple paths taken by the light. Limits the maximum distance and rate at which data (pulses of light) can be practically transmitted. You will also note that the output pulse has reduced amplitude as well as increased width. The greater the fiber length, the worse this effect will be. As a result, manufacturers rate their fiber in bandwidth per length, such as 400MHz/km. This means the fiber can successfully transmit pulses at the rate of 400MHz for 1 km, 200MHz for 2 km, and so on. In fact, current networking standards limit multimode fiber distances to 2 km.


Graded-Index Fiber

The index of refraction is gradually varied with a parabolic profile. This results in low-order modes traveling through the constant-density material in the center. High-order modes see a lower index of refraction material farther from the core, and thus the velocity of propagation increases away from the center. Therefore, all modes, even though they take various paths and travel different distances, tend to traverse the fiber length in about the same amount of time. These fibers can therefore handle higher bandwidths and/or provide longer lengths of transmission before pulse dispersion effects destroy intelligibility and introduce bit errors.


Single-Mode Fiber

Fiber cables with core diameters of about 7-10 µm; light follows a single path. Single-mode fibers are widely used in long-haul and wide area network (WAN) applications. They permit transmission of about 10Gbps and a repeater spacing of up to 80 km. These bandwidth and repeater spacing capabilities are constantly being upgraded by new developments.


Mode Field Diameter

Mode field diameter is the actual guided optical power distribution diameter. In a typical single-mode fiber, the mode field diameter is 1 µm or so larger than the core diameter. The actual value depends on the wavelength being transmitted. In fiber specification sheets, the core diameter is stated for multimode fibers, but the mode field diameter is typically stated for single-mode fibers.


Fiber Attenuation

The loss of power introduced by the fiber. This loss accumulates as the light is propagated through the fiber strand. The loss is expressed in dB/km (decibels per kilometer) of length. The loss, or attenuation, of the signal is due to the combination of four factors: scattering, absorption, macrobending, and microbending. Two other terms for attenuation are intrinsic and extrinsic.



Scattering is the primary loss factor over the three wavelength ranges. Scattering in telecommunication systems accounts for 96 percent of the loss and is the basis of the attenuation curves and values.



Absorption is the second loss factor, a composite of light interaction with the atomic structure of the glass. It involves the conversion of optical power to heat. One portion of the absorption loss is due to the presence of OH hydroxol ions dissolved in the glass during manufacture.



Macrobending is the loss caused by the light mode breaking up and escaping into the cladding when the fiber bend becomes too tight. As the wavelength increases, the loss in a bend increases. Although losses are in fractions of dB, the bend radius in small splicing trays and patching enclosures should be minimal.



Microbending is a type of loss caused by mechanical stress placed on the fiber strand, usually in terms of deformation resulting from too much pressure being applied to the cable. For example, excessively tight tie wraps or clamps will contribute to this loss. This loss is noted in fractions of a dB.



Dispersion, or pulse broadening, is the second of the two key distance-limiting parameters in a fiber-optic transmission system. It is a phenomenon in which the light pulse spreads out in time as it propagates along the fiber strand. This results in a broadening of the pulse. If the pulse broadens excessively, it can blend into the adjacent digital time slots and cause bit errors.


Diode Laser

The diode laser is a preferred source for moderate-band to wideband systems. It offers a fast response time (typically less than 1 ns) and can couple high levels of useful optical power (usually several mW) into an optical fiber with a small core and a small numerical aperture. The DL is usually used as the source for single-mode fiber because LEDs have a low input coupling efficiency.


High Radiance LED

Some systems operate at a slower bit rate and require more modest levels of fiber-coupled optical power (50-250 W). These applications allow the use of high-radiance LEDs. The LED is cheaper, requires less complex driving circuitry than a DL, and needs no thermal or optical stabilizations.



An isolator is an inline passive device that allows optical power to flow in one direction only.



Attenuators are used to reduce the received signal level (RSL). They are available in fixed and variable configurations.


Branching Devices

Branching devices are used in simplex systems where a single optical signal is divided and sent to several receivers, such as point-to-multipoint data or a CATV distribution system.



Splitters are used to split, or divide, the optical signal for distribution to any number of places.


Wavelength Division Multiplexer

Wavelength division multiplexers combine or divide two or more optical signals, each having a different wavelength. They are sometimes called optical beam splitters.


Optical Line Amplifiers

Optical-line amplifiers are analog amplifiers. Placement can be at the optical transmitter output, midspan, or near the optical receiver.


Fusion Splicing

A long-term method where two fibers are fused or welded together


Mechanical Splicing

Two fibers joined together with an air gap, thereby requiring an index-matching gel to provide a good splice



Synchronous optical network; protocol standard for optical transmission in long-haul communication/synchronous digital hierarchy.



Convert optical to electrical. Gigabit Interface Converter and Small Form factor Pluggable.


Logical Fiber Map

Shows how the fiber is interconnected and data is distributed throughout a campus


Physical Fiber Map

Shows the routing of the fiber but also shows detail about the terrain, underground conduit, and entries into buildings



Carrier sense multiple access/collision avoidance for wireless networks.



Beamforming is a technique that is used to direct transmission of the radio signal to a specific device. The benefit of this is increasing data throughput while reducing power consumption. 802.11n used beamforming, but it was not standardized. The transmit range for 802.11ac is similar to or better than 802.11n.


Bluetooth Connection Procedure

If a Bluetooth device is discovered, it sends an inquiry reply back to the Bluetooth device initiating the inquiry. Next, the Bluetooth devices enter the paging procedure. The paging procedure is used to establish and synchronize a connection between two Bluetooth devices. When the procedure for establishing the connection has been completed, the Bluetooth devices will have established a piconet. A piconet is an ad hoc network of up to eight Bluetooth devices such as a computer, mouse, headset, earpiece, and so on. In a piconet, one Bluetooth device (the master) is responsible for providing the synchronization clock reference. All other Bluetooth devices are called slaves.



(Worldwide Interoperability for Microwave Access) is a broadband wireless system that has been developed for use as broadband wireless access (BWA) for fixed and mobile stations and can provide a wireless alternative for last mile broadband access in the 2GHz-66GHz frequency range. BWA access for fixed stations can be up to 30 miles, whereas mobile BWA access is 3-10 miles. Internationally, the WiMAX frequency standard is 3.5GHz, while the United States uses both the unlicensed 5.8GHz and the licensed 2.5GHz spectrum. There are also investigations with adapting WiMAX for use in the 700MHz frequency range. Information transmitted at this frequency is less susceptible to signal blockage due to trees. The disadvantage of the lower frequency range is the reduction in the bandwidth.



Radio frequency identification (RFID) is a technique that uses radio waves to track and identify people, animal, objects, and shipments. This is done by the principle of modulated backscatter. The term "backscatter" is referring to the reflection of the radio waves striking the RFID tag and reflecting back to the transmitter source with its stored unique identification information.


Slotted Aloha

A wireless network communications protocol technique similar to the Ethernet protocol. Used in RFID


War Driving

Using wireless equipment to detect wireless management packets



Extensible Authentication Protocol and is used in both WPA and WPA2 by the client computer and the access point. Before a computer is authorized to a wireless network EAP messages are used to communicate between the computer and access point.


RADIUS Service

A Remote Authentication Dial-In User Service (RADIUS) service is sometimes used to provide authentication. This type of authentication helps prevent unauthorized users from connecting to the network. Additionally, this authentication helps to keep authorized users from connecting to rogue or unauthorized access points.



The bridge is a layer 2 device in the OSI model, meaning that it uses the MAC address information to make decisions regarding forwarding data packets. Only the data that needs to be sent across the bridge to the adjacent network segment is forwarded. This makes it possible to isolate or segment the network data traffic.
The bridge forwards the data traffic to all computers connected to its port.



Indicates that the destination address is for a networking device connected to one of the ports on the bridge


Layer 2 Switch

The layer 2 switch is an improved network technology that addresses the issue of providing direct data connections, minimizing data collisions, and maximizing the use of a LAN's bandwidth; in other words, that improves the efficiency of the data transfer in the network. The switch operates at layer 2 of the OSI model and therefore uses the MAC or Ethernet address for making decisions for forwarding data packets. The switch monitors data traffic on its ports and collects MAC address information in the same way the bridge does to build a table of MAC addresses for the devices connected to its ports.


Managed Switch

Allows the network administrator to monitor, configure, and manage select network features


Aging Time

The length of time a MAC address remains assigned to a port


Content Adressable Memory (CAM)

A table of MAC addresses and port mapping used by the switch to identify connected networking devices



The term used to describe what happens when a switch doesn't have the destination MAC address stored in CAM.



In this mode, the entire frame of data is received before any decision is made regarding forwarding the data packet to its destination. There is switch latency in this mode because the destination and source MAC addresses must be extracted from the packet, and the entire packet must be received before it is sent to the destination. The term switch latency is the length of time a data packet takes from the time it enters a switch until it exits. An advantage of the store-and-forward mode is that the switch checks the data packet for errors before it is sent on to the destination. A disadvantage is lengthy data packets will take a longer time before they exit the switch and are sent to the destination.



In this mode, the data packet is forwarded to the destination as soon as the destination MAC address has been read. This minimizes the switch latency; however, no error detection is provided by the switch. There are two forms of cut-through switching—Fast-Forward and Fragment Free.
Fast-Forward: This mode offers the minimum switch latency. The received data packet is sent to the destination as soon as the destination MAC address is extracted.
Fragment-Free: In this mode, fragment collisions are filtered out by the switch. Fragment-collisions are collisions that occur within the first 64 bytes of the data packet. Recall from Lesson 1, "Introduction to Computer Networks," Table 1-1 that the minimum Ethernet data packet size is 64 bytes. The collisions create packets smaller than 64 bytes, which are discarded. Latency is measured from the time the first bit is received until it is transmitted.


Multilayer Switch (MLS)

An example is a layer 3 switch. Layer 3 switches still work at layer 2 but additionally work at the network layer (layer 3) of the OSI model and use IP addressing for making decisions to route a data packet in the best direction. The major difference is that the packet switching in basic routers is handled by a programmed microprocessor. The layer 3 switch uses application-specific integrated circuits (ASICs) hardware to handle the packet switching. The advantage of using hardware to handle the packet switching is a significant reduction in processing time (software versus hardware). In fact, the processing time of layer 3 switches can be as fast as the input data rate. This is called wire speed routing, where the data packets are processed as fast as they are arriving. Multilayer switches can also work at the upper layers of the OSI model. An example is a layer 4 switch that processes data packets at the transport layer of the OSI model.



The router is a layer 3 device in the OSI model, which means the router uses the network address (layer 3 addressing) to make routing decisions regarding forwarding data packets. Remember from Lesson 1, section 3, that the OSI model separates network responsibilities into different layers. In the OSI model, the layer 3 or network layer responsibilities include handling of the network address. The network address is also called a logical address, rather than being a physical address such as the MAC address. The physical address is the hardware or MAC address embedded into the network interface card. The logical address describes the IP address location of the network and the address location of the host in the network.


Enterprise Network

The term used to describe the network used by a large company.


TCP/IP Model

Transmission Control Protocol/Internet Protocol. Has four layers Application, Transport, Internet, and Network Interface.


TCP/IP Application Layer

The top level of the TCP/IP stack is the application layer. This layer is used to process requests from hosts and to ensure a connection is made to an appropriate port. A port is basically an address used to direct data to the proper destination application.

There are 65,536 possible TCP/UDP ports. Ports 1-1023 are called well-known ports or reserved ports. These ports are reserved by Internet Corporation for Assigned Names and Numbers (ICANN). Ports 1024-49151 are called registered ports and are registered with ICANN. Ports 49152-65535 are called dynamic or private ports.


TCP/IP Transport Layer

The transport layer protocols in TCP/IP are very important in establishing a network connection, managing the delivery of data between a source and destination host, and terminating the data connection. There are two transport protocols within the TCP/IP transport layer, TCP and UDP. TCP, the Transmission Control Protocol, is a connection-oriented protocol, which means it establishes the network connection, manages the data transfer, and terminates the connection. The TCP protocol establishes a set of rules or guidelines for establishing the connection. TCP verifies the delivery of the data packets through the network and includes support for error checking and recovering lost data. TCP then specifies a procedure for terminating the network connection.

A unique sequence of three data packets is exchanged at the beginning of a TCP connection between two hosts, This is a virtual connection that is made over the network. This sequence is as follows:
The SYN (Synchronizing) packet
The SYN ACK (Synchronizing Acknowledgement) packet
The ACK (Acknowledgement) packet



the User Datagram Protocol, is a connectionless protocol. This means UDP packets are transported over the network without a connection being established and without any acknowledgement that the data packets arrived at the destination. UDP is useful in applications such as videoconferencing and audio feeds, where such acknowledgements are not necessary.


TCP/IP Internet Layer

The TCP/IP Internet layer defines the protocols used for addressing and routing the data packets. Protocols that are part of the TCP/IP Internet layer include IP, ARP, ICMP, and IGMP.



The IP (Internet Protocol) defines the addressing used to identify the source and destination addresses of data packets being delivered over an IP network. The IP address is a logical address that consists of a network and a host address portion. The network portion is used to direct the data to the proper network. The host address identifies the address locally assigned to the host. The network portion of the address is similar to the area code for a telephone number. The host address is similar to the local exchange number. The network and host portions of the IP address are then used to route the data packets to the destination.



Address Resolution Protocol (ARP) is used to resolve an IP address to a hardware address for final delivery of data packets to the destination. ARP issues a query in a network called an ARP request, asking which network interface has this IP address. The host assigned the IP address replies with an ARP reply, the protocol that contains the hardware address for the destination host.



The Internet Control Message Protocol (ICMP) is used to control the flow of data in the network, to report errors, and to perform diagnostics. A networking device, such as a router, sends an ICMP source-quench packet to a host that requests a slowdown in the data transfer.

An important troubleshooting tool within the ICMP protocol is ping, the packet Internet groper. The ping command is used to verify connectivity with another host in the network. The destination host could be in a LAN, in a campus LAN, or on the Internet.



IGMP is the Internet Group Management Protocol. It is used when one host needs to send data to many destination hosts. This is called multicasting. The addresses used to send a multicast data packet are called multicast addresses and are reserved addresses not assigned to hosts in a network. An example of an application that uses IGMP packets is when a router uses multicasting to share routing tables.

Another application of IGMP packets is when a host wants to stream data to multiple hosts. Streaming means the data is sent without waiting for any acknowledgement that the data packets were delivered. In fact, in the IGMP protocol, the source doesn't care whether the destination receives a packet. Streaming is an important application in the transfer of audio and video files over the Internet. Another feature of IGMP is that the data is handed off to the application layer as it arrives. This enables the appropriate application to begin processing the data for playback.


TCP/IP Network Interface Layer

The network interface layer of the TCP/IP model defines how the host connects to the network. Recall that the host can be a computer or a networking device such as a router. The type of network to which the host connects is not dictated by the TCP/IP protocol. The host could be a computer connected to an Ethernet or token-ring network or a router connected to a frame relay wide area network. TCP/IP is not dependent on a specific networking technology; therefore, TCP/IP can be adapted to run on newer networking technologies such as asynchronous transfer mode (ATM). In the network interface layer every TCP/IP data packet must have a destination and a source MAC address in the TCP/IP header. The MAC or hardware address is found on the host's network interface card or connection and is 12 hexadecimal characters in length.


Private IP Addresses

Address ranges in class A, B, and C have been set aside for private use. These addresses, called private addresses, are not used for Internet data traffic but are intended to be used specifically on internal networks called intranets.


Subnet Mask

Identifies the network/subnet portion of an IP address. Subnets are created by borrowing bits from the host portion of the IP address. Assume that the network has an IP address of The 2 bits are borrowed from the host portion of the IP address to create the 4 subnets. The class C network has 24 network bits and 8 host bits. Then 2 bits are borrowed from the host address to create the 4 subnets. The network plus subnet portion of the IP address is now 24 + 2, or 26 bits in length, and the host portion is now 6 bits.


Subnet Math

Breaking down the network into four subnets requires borrowing two host bits. Therefore, x = 2, and because this is a class C network, y = 8.
x = 2 (the number of bits used from the host)
y = 8 (number of bits for a class C network)

Applying these values yields
The number of subnets created = 2^x = 2^(2) = 4
The number of hosts/subnet = 2^(y - x) = 2^(8 - 2) = 64

When creating subnets, it is important to note that each subnet will have both a network and a broadcast address. Taking this into consideration, the equations for calculating the number of hosts/subnet are modified to account for the number of usable hosts/subnet.

The modified equations are as follows:
The number of usable hosts/subnet = 2^(y - x) - 2


Classful Network

IP addresses and subnets are within the same network.



Allows multiple networks to be specified by one subnet mask.



Supernetting required a simpler way to indicate the subnet mask. The technique developed is called classless interdomain routing (CIDR). CIDR (pronounced "cider") notation specifies the number of bits set to a 1 that make up the subnet mask. For example, the Class C size subnet mask is listed in CIDR notation as /24. This indicates the 24 bits are set to a 1. A Class B size subnet is written as /16, and a Class A subnet is written as /8. CIDR can also be used to represent subnets that identify only part of the octet bits in an IP address.


Prefix Length Notation

another shorthand technique for writing the subnet mask. For example, the subnet mask is written as /26. This notation shows the number of network and host bits being used to create the subnet mask. In the case of a /26 subnet mask, 24 network bits and 2 host bits are being used. Yes, this is basically the same as the CIDR except class boundaries are not being crossed and network bits are not being borrowed.


CIDR Block

The group of networks defined by CIDR notation is called a CIDR block. When you group two or more classful networks together, they are called supernets. This term is synonymous with CIDR blocks. The group of four IP addresses from to with a CIDR of /22 is a supernet. The supernet uses a CIDR subnet mask (/22) that is shorter than the number of network bits for Class C network (/24). Another example of a supernet is is a Class B address, and the CIDR subnet mask (/12) is less than the 16 bits for the network portion of a Class B address.



IPv6 uses a 128-bit address technique
IPv6 uses seven colons (:) as separators to group the 32 hex characters into eight groups of four. Some IPv6 numbers will have a 0 within the address. In this case, IPv6 allows the number to be compressed to make it easier to write the number. For example, assume that an IPv6 number is as follows:
Consecutive 0s can be dropped and a double-colon notation can be used:


IPV6 Unicast Address

Used to identify a single network interface address, and data packets are sent directly to the computer with the specified IPv6 address


IPV6 Multicast Address

Data packets sent to a multicast address are sent to the entire group of networking devices, such as a group of routers running the same routing protocol. Multicast addresses all start with the prefix FF00::/8 The next group of characters in the IPv6 multicast address (the second octet) are called the scope. The scope bits are used to identify which ISP should carry the data traffic.


IPV6 Anycast Address

Is obtained from a list of addresses, but is only delivered to the nearest node


6to4 Prefix

A technique that enables IPv6 hosts to communicate over the IPv4 Internet


Stateless Address Autoconfiguration (SLAAC)

another important feature of IPv6. This feature allows for a server-less basic network configuration of the IPv6 computers. With IPv4, a computer generally obtains its network settings from a DHCP server. With IPv6, a computer can automatically configure its network settings without a DHCP server by sending a solicitation message to its IPv6 router. The router then sends back its advertisement message, which contains the prefix information that the computer can use to create its own IPv6 address. This feature significantly helps simplify the deployment of the IPv6 devices, especially in transient environments such as airports, train stations, stadiums, hotspots, and so on.