Dion Network+ Flashcards

Question

HTTPS uses which tunnels

Answer 1

SSL or TLS

Answer 2

Secure version 587

Answer 3

20 - actual data transfer 21 - sending control command

Answer 4

SSH connection

Answer 5

5060 / 5061

Answer 6

67\68 and UDP

Answer 7

53 and TCP

Answer 8

controlling network devices

Answer 9

100 (for all)

Answer 10

1000Mbps/1 Gbps (*10)

Answer 11

1Gbps 10Gbps if 55 meters or less

Answer 12

10Gbps for 100meters

Answer 13

40Gbps for 30 meters

Answer 14

cable modem

Answer 15

1Gbps for 300 meters

Answer 16

active 100 Gbps at 15 meters passive 100 Gbps at 7 meters

Answer 17

SFP+ and QSFP between routers or switches

Answer 18

10G for 100m 100G for 7m

Answer 19

CAT 5 (100Mbps), CAT 5e (1Gbps), CAT 6 (same but 10Gbps at 55m) CAT 6a (10Gbps at 100m), CAT 8

Answer 20

eg switch to computer

Answer 21

a crossover cabel

Answer 22

don't assume

Answer 23

We Only Order Great Burgers While Guests Bring Beer

Answer 24

White-Orange, Orange, White-Green, Blue, White-Blue, Green, White-Brown, Brown

Answer 25

Aqua blue or orange

Answer 26

Stick and click (square shape)

Answer 27

Love connector

Answer 28

stick and twist like BNC

Answer 29

Dynamic Frequency Selection (DFS) - looks for radar signals Transmit Power Control (TPC) - minimum power consumption

Answer 30

5GHz speed 54Mbps range 35m

Answer 31

2.4GHz speed 11 Mbps range 140m

Answer 32

2.4 GHz speed 54 Mbps range 140m

Answer 33

5GHz speed 600 Mbps range 35m

Answer 34

2.4 and 5GHz speeds 1.3 Gbps

Answer 35

2.4, 5, and 6 GHz speed 9.6Gbps

Answer 36

b, g, n, ax

Answer 37

a, n, ac, ax

Answer 38

different user logins

Answer 39

TKIP very wea

Answer 40

InitializationVector (IV)

Answer 41

TKIP and RC4

Answer 42

CCMP and AES

Answer 43

Multiple copies of frames being forwarded back and forth which then consumes the network

Answer 44

method for increasing the security of a given network by inspecting devices trying to connect to a network.

Answer 45

authentication framework for metworks and ensures only authenticated users can access network services

Answer 46

Authentication

Answer 47

10.0.0.0 -10.255.255.255

Answer 48

172.16.0.0 - 172.31.255.255

Answer 49

192.168.0.0 - 192.168.255.255

Answer 50

169.254.0.0 - 169.254.255.255

Answer 51

Discover Offer Request Acknowledge

Answer 52

IP Address Subnet mask Default gateway DNS/WINS server

Answer 53

1812 and 1813

Answer 54

Mean Time to Repair

Answer 55

Recovery time objective

Answer 56

Recovery Point objective

Answer 57

Mean Time between failures

Answer 58

same device together

Answer 59

Core Distribution Access

Answer 60

E ACE WN ID

Answer 61

Emergency Alert Critical Error Warning Notice Information Debugging

Answer 62

VTP Transport mode does not synchronize VLAN configuration information with other switches. VTP advertisements when received are not applied to the VLAN database. This mode is used when you want to make the switch independent from current vlan structure. This mode has lowest impact when adding new switch to your switching topology.

Answer 63

Maps an IP address to a hostname

Answer 64

Application

Answer 65

Network functions virtualization, Network Security Group, Network Security Lists

Answer 66

IP4 and IP6 at the same time.

Answer 67

Infrastructure components eg load balancers

Answer 68

Transport Layer Security and Secure sockets layer

Answer 69

reserve client, class, scope, server

Answer 70

domain names to IP addresses

Answer 71

Fully Qualified Domain Name

Answer 72

Hostname, Domain Name, Top-Level Domain (TLD)

Answer 73

to terminate the VPN tunnels

Answer 74

centralized remote user authentication and accounting and also supports 802.1x port-based authentication

Answer 75

able to share a single IP address amoung multiple computers

Answer 76

Automation

Answer 77

Source control

Answer 78

IP addresses back to hostnames

Answer 79

domain names into IP addresses

Answer 80

integration of DNS and DHCP so that each is aware of changes in the other.

Answer 81

STP (Spanning tree protocol) uses BPDU

Answer 82

network authentication protocol

Answer 83

Key management protocol

Answer 84

Remember S is not single

Answer 85

LACP (Link Aggregation Control Protocol)

Answer 86

MIMO uses multiple antennas for transmission and reception,

Answer 87

orange to green

Answer 88

RIP (Routing Information Protocol) and EIGRP (Enhanced Interior Gateway Routing Protocol).

Answer 89

Broadcasting internet datagrams

Answer 90

Acceptable use policy

Answer 91

RIP (Routing Information Protocol) is primarily used within a single autonomous system and is less suitable for inter-domain routing. EIGRP (Enhanced Interior Gateway Routing Protocol) is an interior gateway protocol designed for use within a single autonomous system. OSPF (Open Shortest Path First) is an interior gateway protocol used within a single autonomous system, not for inter-domain routing. BGP (Border Gateway Protocol) is designed for inter-domain routing between different autonomous systems, making it suitable for large-scale enterprise networks with diverse routing domains.

Answer 92

RADIUS for authentication.

Answer 93

Virtual Router Redundancy Protocol (VRRP) allows for automaƟc assignment of available routers to participating hosts, ensuring conƟnuous network availability even if one router fail. First Hop Redundancy Protocol (FHRP) is a general term for protocols like VRRP that provide the ability to automaƟcally failover to a backup router in case of the primary router failure, minimizing downtime and maintaining network resilience.

Answer 94

LLDP: A vendor-neutral protocol used to discover and share information between network devices, such as identity, capabilities, and neighbors.  Usage: Helps in identifying network topology, troubleshooting connectivity issues, and ensuring proper network configuration.

Answer 95

CDP: A Cisco-proprietary protocol similar to LLDP, specifically used in Cisco networks to share information about directly connected Cisco devices.

Answer 96

one to many (subscriber)

Answer 97

one to one

Answer 98

One to all

Answer 99

sent to nearest receiver on same IP

Answer 100

operating system detail of the target server.

Answer 101

This command provides comprehensive details about the operational state of the interface, including its bandwidth, duplex mode, MAC address, IP address, input/output errors, and drops.

Answer 102

to provide strong mutual authentication for client/server applications using secret-key cryptography developed by MIT.

Answer 103

initiates a TCP connect scan.

Answer 104

Allows for active router and standby router

Answer 105

one to many

Answer 106

many to many

Answer 107

many to one

Answer 108

IPv6-only devices to access IPv4 resources

Answer 109

Jumbo frame

Answer 110

an HTTP redirect, an ICMP redirect, or a DNS redirect

Answer 111

Link Aggregation Control Protocol

Answer 112

scans the post and the computer listed eg 20, 80, 445 10.245.20.1

Answer 113

the Dijkstra algorithm,

Answer 114

to achieve rapid convergence and ensure that routing is loop-free and reliable.

Answer 115

protocol used for dynamically discovering and advertising capabilities of network devices on a local area network.

Answer 116

host-based intrusion detection system

Answer 117

The management information base (MIB) is a translation file that is used to describe the structure of the management data of a device subsystem using a hierarchical namespace containing object identifiers (OID).

Answer 118

in version control systems allows developers to work on different features or fixes in isolation

Answer 119

focuses on the communication resource requests or information about the network

Answer 120

is used to monitor traffic conditions, the status of the network, and allows network administrators to oversee the network and gain insight into its operations.

Answer 121

uses the information from applications to decide how to route a data packet on the network and to make decisions about how traffic should be prioritized, how it should be secured, and where it should be forwarded to.

Answer 122

contains the physical networking devices that receive information from the control layer about where to move the data and then perform those movements.

Answer 123

point-to-point links.

Answer 124

additional encryption to secure them during the authentication process.

Answer 125

frames or IP packets.

Answer 126

a cryptographic hash on the whole packet, including the IP header, plus a shared secret key, and adds this secret in its header as an Integrity check value (ICV).

Answer 127

(it attaches fields) confidentiality and/or authentication and integrity. It can be used to encrypt the packet rather than simply calculating a hash.

Answer 128

IPv4 and/or IPv6 communications on local networks and as a remote access protocol.

Answer 129

of encapsulated frames or packets from different types of network protocol over an IPv4 network.

Answer 130

Carrier Sense Multiple Access with Collision Avoidance

Answer 131

CSMA with Collision Detection

Answer 132

LC small connector

Answer 133

Quad small form-factor pluggable

Answer 134

300m, 300m, 2km, 5km

Answer 135

5-10m, 10km, 100m

Answer 136

the initiator the target the Fibre Channel switch. The initiator is the client device of the SAN. The target is the network port for a storage device. The Fibre Channel switch, sometimes referred to as a director, provides the connections between the initiator and the target.

Answer 137

Angled physical contact

Answer 138

that the cable and connector are polished to the highest standard (a higher standard than with PC).

Answer 139

10, 172, 192, 169

Answer 140

the next hop router to reach a given network or subnet (vector)

Answer 141

bandwidth and delay.

Answer 142

redundant paths between networks.

Answer 143

paths to remote networks and uses a metric composed of administrator-weighted elements.

Answer 144

address that is used by clients to access the service provided by the cluster.

Answer 145

MAC and IP address, but they share a common virtual IP address.

Answer 146

autonomous system (AS)

Answer 147

redundant paths between networks.

Answer 148

to reach a given network or subnet (vector).

Answer 149

relies on neighboring routers to report paths to remote networks and uses a metric composed of administrator-weighted elements.

Answer 150

domains in a mesh internetwork.

Answer 151

physical interface on a router and allocated a VLAN ID

Answer 152

distribution switches and server nodes.

Answer 153

bonded link between the switch ports and the end system, detects configuration errors and recovers from the failure of one of the physical links.

Answer 154

switches on large networks. A sysadmin will configure each switch as a trunk port for this purpose.

Answer 155

NIC teaming.

Answer 156

The tag is stripped, and the frame is forwarded to the host

Answer 157

14Kbps 3.1Mbps 150Mbps 50-300Mbps

Answer 158

unidirectional and outdoors

Answer 159

unidirectional and indoors

Answer 160

Management Information Base (MIB)

Answer 161

object Identifier (OID). A tree structure stores the OIDs.

Answer 162

MAC address of end systems that connect to a switch port.

Answer 163

server error

Answer 164

redirection

Answer 165

dictionary of vulnerabilities in published operating systems

Answer 166

redundancy and fault tolerance for critical applications.

Answer 167

network service or protocol.

Answer 168

internet clients must be able to access.

Answer 169

external DNS servers.

Answer 170

IP address and DNS servers and may use a proxy.

Answer 171

IP configuration and DNS servers.

Answer 172

desktop gateway that facilitates access to virtual desktops or individual apps running on the network servers.

Answer 173

unsecure network.

Answer 174

corporate network. This setup alters the client's IP address and DNS servers and may use a proxy, offering better security by ensuring all data is encrypted and monitored.

Answer 175

using ISP-managed configurations, not full tunnel.

Answer 176

broadcasting unsolicited gratuitous ARP reply packets with a spoofed source address.

Answer 177

reviewing the returned Media Access Control (MAC) address.

Answer 178

-s allows administrators to add an entry to the ARP cache. The administrator would add the MAC behind the IP.

Answer 179

-a reviewing the returned Media Access Control (MAC) address. -s allows administrators to add an entry to the ARP cache. The administrator would add the MAC behind the IP. -d will delete the entry for the IP address

Answer 180

detect wireless networks and then connect or try to break into them.

Answer 181

triple homed setup.

Answer 182

Ports may change their status from forwarding to blocked or vice versa.

Answer 183

edit the rules enforced by the Linux kernel firewall. It can change INPUT, OUTPUT and FORWARD chains that are firewall rulesets.

Answer 184

configure and manage the routing table on a Windows or Linux host.

Answer 185

(displays concise summary information)

Answer 186

(displays extended information)

Answer 187

command displays interface statistics.

Answer 188

the NetFlow accounting statistics.

Answer 189

generate TCP and UDP traffic to test bandwidth, latency, and packet loss.

Answer 190

NetFlow IP entries.

Answer 191

Domain Name System (DNS) server and return information about a particular domain name.

Answer 192

ports on a local host

Answer 193

-a reviewing the returned Media Access Control (MAC) address. -s allows administrators to add an entry to the ARP cache. The administrator would add the MAC behind the IP. -d will delete the entry for the IP address

Answer 194

change INPUT, OUTPUT and FORWARD chains that are firewall rulesets.

Answer 195

an agreement between the different systems on the same network segment on how to communicate.

Answer 196

handles logical addressing and routing

Answer 197

end-to-end communication between running applications on different hosts. eg TCP and UPD

Answer 198

is responsible for establishing, maintaining, and synchronising communication between applications running on different hosts

Answer 199

data encoding, compression, and encryption.

Answer 200

both the header and payload

Answer 201

the payload of each packet but leaves the header

Answer 202

responsible for packets forwarding

Answer 203

manages network traffic and policies

Answer 204

single mode

Answer 205

single and multimode

Answer 206

single and multimode

Answer 207

single and multimode

Answer 208

single and multimode

Answer 209

inside data packets, the characteristics of the data, and its channels of communication.

Answer 210

DNS over TLS (DoT) encrypts DNS queries and responses, providing protection against eavesdropping by external attackers.

Answer 211

DNS over HTTPS (DoH), DoT operates on the traditional DNS port (port 53), which makes it suitable for organizations looking to secure their DNS traffic without altering standard DNS traffic flow.

Answer 212

enable a single DHCP server to provide DHCP IP addresses to every PC on the network

Answer 213

the root switch

Answer 214

1. Identify the problem 2. Establish a theory of probable cause 3. Test the theory to determine the cause 4. Establish a plan of action to resolve the problem and identify potential effects 5. Implement the solution or escalate as necessary. 6. Verify full system functionality amd implement preventive measures if applicable 7. Document finding, action, outcomes and lessons learned throughout the process.

Answer 215

Data Loss Prevention

Answer 216

Feasible sucessor

Answer 217

Public Key Infrastructure

Answer 218

IP address

Answer 219

authentication framework that allows for the use of different authentication methods for secure network access technologies.

Answer 220

all active network connections

Answer 221

IP to MAC address translations

Answer 222

Access Control List: A set of rules used to control network traƯic and access to resource

Answer 223

Authentication Header: A protocol used to provide connectionless integrity and data origin authentication

Answer 224

Address Resolution Protocol: A protocol used to map IP addresses to MAC addresses.

Answer 225

Content-addressable Memory: A type of memory used in networking devices for fast data lookup

Answer 226

Cisco Discovery Protocol: A proprietary protocol used by Cisco devices to share information with directly connected devices

Answer 227

Confidentiality, Integrity, and Availability

Answer 228

Command line interface

Answer 229

Direct Attached Copper

Answer 230

Direct attached storage

Answer 231

Disaster Recovery

Answer 232

Extensible Authentication Protocol over LAN: A network port authentication protocol used in wired and wireless networks.

Answer 233

ESP - Encapsulating Security Payload: A protocol used in IPSec to provide confidentiality, integrity, and authenticity of data packets.

Answer 234

General Data Protection Regulation: A regulation in the EU governing data protection and privacy.

Answer 235

GRE - Generic Routing Encapsulation: A tunneling protocol used to encapsulate a wide variety of network layer protocols.

Answer 236

IAM - Identity and Access Management: A framework of policies and technologies for ensuring that the right users have the appropriate access to technology resources.

Answer 237

Industrial Control System: Systems used to control industrial processes, including SCADA, DCS, and PLCs.

Answer 238

IIoT - Industrial Internet of Things: The use of IoT technology in industrial sectors and applications.

Answer 239

Internet Key Exchange: A protocol used to set up a secure, authenticated communication channel in IPSec.

Answer 240

IPAM - Internet Protocol Address Management: Tools and processes for planning, tracking, and managing IP address space.

Answer 241

Internet Protocol Security: A suite of protocols used to secure Internet Protocol (IP) communications by authenticating and encrypting each IP packet.

Answer 242

IS-IS - Intermediate System to Intermediate System: A routing protocol used to move information eficiently within a computer network, a variant of the link-state routing protocol.

Answer 243

Link Aggregation Control Protocol

Answer 244

Lightweight Directory Access Protocol

Answer 245

Link Layer Discovery Protocol: A protocol used by network devices to advertise their identity and capabilities to neighbors on the same local network.

Answer 246

Medium Dependent Interface Crossover: A network interface that automatically crosses over the transmit and receive pairs of a cable

Answer 247

Network Access Control: A security solution that controls access to a network based on policies, including authentication and compliance checks.

Answer 248

OT - Operational Technology: Hardware and software that detects or causes changes through direct monitoring and control of physical devices, processes, and events.

Answer 249

PSK - Pre-shared Key: A shared secret used for securing wireless networks, typically used in WPA or WPA2.

Answer 250

RJ - Registered Jack: A standardized physical network interface for connecting telecommunications or networking equipment.

Answer 251

SAML - Security Assertion Markup Language: An XML-based standard for exchanging authentication and authorization data between parties, particularly between an identity provider and a service provider.

Answer 252

SASE - Secure Access Service Edge: A network architecture model that combines network security functions with WAN capabilities to support the secure access needs of organizations.

Answer 253

SCADA - Supervisory Control and Data Acquisition: A system used for remote monitoring and control of industrial processes.

Answer 254

SDN - Software-defined Network: An approach to networking that uses software-based controllers to manage network resources and services.

Answer 255

SIP - Session Initiation Protocol: A protocol used to initiate, maintain, and terminate real-time sessions in IP networks, such as voice and video calls.

Answer 256

SIEM - Security Information and Event Management: A solution that provides real-time analysis of security alerts generated by network hardware and applications.

Answer 257

SMB - Server Message Block: A network protocol used for providing shared access to files, printers, and serial ports between nodes on a network.

Answer 258

SOA - Start of Authority: A DNS record that provides information about the DNS zone and the authoritative server for that zone.

Answer 259

SSE - Security Service Edge: A framework that combines multiple security services, such as SWG, CASB, and ZTNA, to protect users and data in the cloud.

Answer 260

- Switch Virtual Interface: A virtual interface used to manage a switch and allow communication between VLANs.

Answer 261

UTM - Unified Threat Management: A security solution that integrates multiple security features, such as firewall, antivirus, and intrusion detection, into a single device.

Answer 262

VLSM - Variable Length Subnet Mask: A technique that allows for more eƯicient allocation of IP addresses by using diƯerent subnet masks within the same network

Answer 263

ZTA - Zero Trust Architecture: A security model that assumes no implicit trust, requiring verification of every access attempt regardless of its origin.

Answer 264

Root Designated Alternaive Back up Disabled

Answer 265

is commonly used in metropolitan area networks (MANs) and in situations where operators want to maximize the capacity of their existing fiber infrastructure without the necessity of installing additional fibers.

Answer 266

more cost-effective

Answer 267

used in long-haul telecommunications

Answer 268

Integrity Value Check

Answer 269

where to go for th name.

Answer 270

BGP, EIGRP, OSPF, RIP

Answer 271

SNMP and encryption of TLS/STARTTLS

Answer 272

POP or IMAP and encryption of SSL/TLS

Answer 273

TLS/STARTTLS

Answer 274

67/68 DHCP, 69 TFTP, 123 NTP, 161/162 SNMP, 514 SYSLOG

Answer 275

Link state

Answer 276

Link state

Answer 277

Neither it is s hybrid of both

Answer 278

fe80::/10 fe80

Answer 279

ff00::/8 ff

Answer 280

::/128 0::0

Answer 281

::1/128 ::1

Answer 282

WCDMA, HSPA, HSPA+

Answer 283

LTE, LTE-A

Answer 284

GSM amd CDMA

Answer 285

payload nad optional authentication

Answer 286

unencrypted over plain text

Answer 287

PKI & TLS encryption and certificates but hard to impliment

Answer 288

three way handshake weaker than EAP-TLS, hash based encryption

Answer 289

dictionary attack

Answer 290

traffic flow between subnets, VMs, or external sources.

Answer 291

manage user identities, roles, and permissions for cloud resources.

Answer 292

Authentication: Who can access cloud resources (users, groups, service accounts). Authorization: What actions they can perform (read, write, delete, manage). Enforces role-based access control (RBAC). Supports MFA (Multi-Factor Authentication) for security.

Answer 293

local, root, tdl, authorative

Answer 294

Host name and port number

Answer 295

entire IP packet

Answer 296

only the payload

Answer 297

is blocked by the spanning tree algorithm, which is a network protocol that ensures a loop-free topology for any bridged Ethernet local area network.

Answer 298

indicates that the link is operating normally with traffic.

Answer 299

a fault such as a duplex mismatch.

Answer 300

that the link is connected but there is no traffic passing through.

Answer 301

Connects end devices only one VLAN and untagged

Answer 302

Connects switches or other VLAN-aware devices and carries traffic for multiple VLANs, tagged

Answer 303

Can operate as either an access or trunk port, depending on the connected device.

Answer 304

display a warning and disable IP traffic.

Answer 305

Preamble, SDF, Destination MAC, source MAc and ether type Error checking at the end FSC or CRC

Answer 306

IPv4 packet

Answer 307

are private IP addresses

Answer 308

translation table

Answer 309

Remote Authentication Dial-In User Service

Answer 310

Terminal Access Controller Access-Control System Plus

Answer 311

Autonomous systems

Dion Network+ Flashcards

(431 cards)