Domain 4.1: Communication and Network Security Flashcards

Question

# Define: Infrastructure Mode

Answer 1

A wireless networking mode where access points connect devices to wired networks and provide wireless access. ## Footnote A wireless networking mode where a wireless access point (AP) connects to a wired network and provides wireless access to devices. It is used in organizations to extend the reach of a wired network and provide wireless connectivity to devices. Examples - a wireless AP connected to a local area network, a wireless AP connected to a wide area network, and a wireless AP connected to a virtual private network. *For more information, view this lecture on [WiFi - Part 2](https://courses.thorteaches.com/courses/take/cissp/lessons/29948642-wifi-part-2). Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/Wireless_network_interface_controller#Modes_of_operation).*

Answer 2

Incoming traffic to a network or system, managed to ensure security and compliance with network policies. ## Footnote The act of entering or approaching a network, system, or device. It is used in network security to refer to the incoming traffic to a network or system. Examples -an employee connecting to a company network, a user accessing a web server, and a hacker attempting to gain access to a database. *For more information, view this lecture on [Network Performance and Traffic Management](https://courses.thorteaches.com/courses/take/cissp/lessons/54399148-new-2024-network-performance-and-traffic-management).*

Answer 3

A network measure that examines incoming traffic and permits only authorized packets, enhancing security. ## Footnote A network security measure that filters incoming traffic to a network, allowing only authorized packets to enter. Ingress filtering helps protect against malicious traffic, such as denial of service (DoS) attacks or unauthorized access attempts. *For more information, view this lecture on [Network Performance and Traffic Management](https://courses.thorteaches.com/courses/take/cissp/lessons/54399148-new-2024-network-performance-and-traffic-management). Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/Ingress_filtering).*

Answer 4

Communication via text messages transmitted over the internet in real-time, often with additional features like file sharing. ## Footnote A form of real-time communication through text transmitted over the internet. IM allows users to exchange messages quickly and is often equipped with additional features, including file transfer, video chat, and presence awareness. *For more information, view this lecture on [Secure Communications - Part 3](https://courses.thorteaches.com/courses/take/cissp/lessons/29462733-secure-communications-part-3). Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/Instant_messaging).*

Answer 5

A set of standards for digital transmission over telephone lines, now largely superseded. ## Footnote Integrated Services Digital Network (ISDN) is a set of communication standards for digital transmission over traditional telephone copper wire as well as over other media. ISDN enables the simultaneous digital transmission of voice, video, data, and other network services. Though once widely used, ISDN has largely been superseded by newer high-speed broadband technologies. *For more information, view this lecture on [Secure Communications - Part 1](https://courses.thorteaches.com/courses/take/cissp/lessons/19178318-secure-communications-part-1). Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/Integrated_Services_Digital_Network).*

Answer 6

A point where different systems or software applications interact and exchange data. ## Footnote The point of interaction between different systems, devices, or software applications. Interfaces allow for communication and data exchange, providing a way for users to interact with computers and systems to perform various tasks. *For more information, view this lecture on [Software testing - Part 2.](https://courses.thorteaches.com/courses/take/cissp/lessons/33748175-software-testing-part-2). Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/Interface_(computing)).*

Answer 7

Protocol used for exchanging routing information within an Autonomous System. ## Footnote Internal Border Gateway Protocol (iBGP) is a version of BGP used for exchanging routing information within a single Autonomous System (AS). Unlike eBGP, which handles routing between different ASes, iBGP manages routing internally to maintain consistent routing information across all routers in the network without advertising internal routes to external neighbors. *For more information, view this lecture on [Layer 1 to 3 networking devices.](https://courses.thorteaches.com/courses/take/cissp/lessons/19178219-layer-1-to-3-networking-devices). Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/Border_Gateway_Protocol).*

Answer 8

The global network providing data exchange and communication services to billions of users worldwide. ## Footnote A global network of interconnected computers and devices that allows for the exchange of information and data. It is used by millions of people around the world for communication, entertainment, education, and business. Examples of internet usage include browsing websites, sending emails, and streaming video content. *For more information, view this lecture on [Networking basics and definitions.](https://courses.thorteaches.com/courses/take/cissp/lessons/19177258-networking-basics-and-definitions). Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/Internet).*

Answer 9

A department of ICANN coordinating IP addresses, domain names, and protocol parameters. ## Footnote A department of the Internet Corporation for Assigned Names and Numbers (ICANN) that is responsible for coordinating the assignment of unique Internet protocol (IP) addresses, domain names, and protocol parameters. IANA plays a critical role in ensuring the smooth functioning of the Internet by managing the allocation of these resources. Examples of IANA's role include assigning IP addresses to internet service providers and registering top-level domain names. *For more information, view this lecture on [IP addresses, MAC addresses, and port numbers- Part 2.](https://courses.thorteaches.com/courses/take/cissp/lessons/19177405-ip-addresses-mac-addresses-and-port-numbers-part-2). Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/Internet_Assigned_Numbers_Authority).*

Answer 10

Part of the IP suite used by network devices to communicate error messages and operational information. ## Footnote An integral part of IP, used by network devices, like routers, to send error messages indicating that a requested service is not available or that a host or router could not be reached. ICMP creates and sends messages to the source IP address indicating that a gateway to the Internet that a host was previously connected to is no longer connected. This allows the network itself to self-report errors and provides a mechanism to troubleshoot these errors. *For more information, view this lecture on [IP support protocols - Part 1.](https://courses.thorteaches.com/courses/take/cissp/lessons/19177457-ip-support-protocols-part-1). Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/Internet_Control_Message_Protocol).*

Answer 11

A type of DDoS attack utilizing ICMP echo request packets to overwhelm a target. ## Footnote An Internet Control Message Protocol (ICMP) attack, such as a ping flood, is a type of Denial-of-Service (DoS) or Distributed Denial-of-Service (DDoS) attack. It involves an attacker flooding a target's network with ICMP echo request packets, commonly known as "pings," to overwhelm and incapacitate the network, causing legitimate requests to be denied service. This can lead to disruptions in both network connectivity and service availability. *For more information, view this lecture on [IP support protocols - Part 1.](https://courses.thorteaches.com/courses/take/cissp/lessons/19177457-ip-support-protocols-part-1). Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/Internet_Control_Message_Protocol).*

Answer 12

The entity responsible for maintaining and coordinating internet databases. ## Footnote A non-profit organization responsible for coordinating the maintenance and procedures of several databases related to the namespaces and numerical spaces of the Internet. These responsibilities include IP address space allocation, protocol identifier assignment, generic (gTLD) and country code (ccTLD), Top-Level Domain name system management, and root server system management. ICANN's role ensures the network's stable and secure operation. *For more information, view this lecture on [IP addresses, MAC addresses, and port numbers- Part 2.](https://courses.thorteaches.com/courses/take/cissp/lessons/19177405-ip-addresses-mac-addresses-and-port-numbers-part-2). Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/ICANN).*

Answer 13

An organization developing voluntary internet standards focusing on network technologies. ## Footnote An open standards organization that develops and promotes voluntary Internet standards. It focuses on the technical and practical aspects of Internet technologies, conducting its work through numerous working groups organized by topic area (such as routing, transport, and security). Each group works to develop standards for its specific area, following a well-defined process that includes extensive peer review. *Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/Internet_Engineering_Task_Force).*

Answer 14

A protocol used by hosts and routers to establish multicast group memberships. ## Footnote A communications protocol used by hosts and adjacent routers to establish multicast group memberships. It is an integral part of IP multicast and allows a host to advertise its multicast group membership to any neighboring multicast routers. IGMP ensures efficient use of resources when supporting these types of multicast applications, as network devices can filter out irrelevant multicast traffic and better control the flow of relevant multicast traffic. *Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/Internet_Group_Management_Protocol).*

Answer 15

A protocol facilitating communication between distributed programs in different programming languages. ## Footnote The Internet Inter-ORB Protocol (IIOP) is a protocol that enables distributed programs written in different programming languages to communicate over the Internet. It's part of the Common Object Request Broker Architecture (CORBA) standard defined by the Object Management Group (OMG), which allows software components to communicate seamlessly. *Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/Internet_Inter-ORB_Protocol).*

Answer 16

A protocol setting up a security association in the IPsec suite for secure IP communications. ## Footnote A protocol used to set up a security association (SA) in the IPsec (Internet Protocol Security) suite, which is widely employed to secure IP communications over networks. IKE simplifies the process of configuring IPsec connections and ensures security during the process of establishing these connections. It helps negotiate the cryptographic keys used in a security association, providing a reliable framework for exchanging encryption keys and authenticating users. *For more information, view this lecture on [IPSec and PGP.](https://courses.thorteaches.com/courses/take/cissp/lessons/19149746-ipsec-and-pgp). Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/Internet_Key_Exchange).*

Answer 17

A layer in the TCP/IP model handling packet routing for scalable and resilient internet networking. ## Footnote The Internet Layer is a concept from the TCP/IP model that correlates to the OSI model's Network Layer. It is responsible for packet forwarding, including routing through intermediate routers, and it defines protocols to achieve scalable and fault-tolerant routing across the complex inter-networks of the global Internet. *For more information, view this lecture on [The TCP-IP model.](https://courses.thorteaches.com/courses/take/cissp/lessons/19177306-the-tcp-ip-model). Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/Internet_layer).*

Answer 18

A protocol allowing retrieval and management of emails on a remote server. ## Footnote A protocol used for accessing and managing email messages on a remote server. It is commonly used in email clients to allow users to access their email from multiple devices. Examples of IMAP in use include users checking their email on their phone and laptop or a user organizing their email messages into folders. *For more information, view this lecture on [IP addresses, MAC addresses, and port numbers- Part 1.](https://courses.thorteaches.com/courses/take/cissp/lessons/19177398-ip-addresses-mac-addresses-and-port-numbers-part-1). Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/Internet_Message_Access_Protocol).*

Answer 19

The protocol used for routing data across networks, it defines how data packets are delivered to their destinations. ## Footnote A protocol used for routing and delivering data packets over a network. It is the primary protocol used on the internet and is responsible for addressing and routing data to its destination. Examples of IP in use include a user accessing a website or a user sending a message over instant messaging. *For more information, view this lecture on [IP addresses, MAC addresses, and port numbers- Part 1.](https://courses.thorteaches.com/courses/take/cissp/lessons/19177398-ip-addresses-mac-addresses-and-port-numbers-part-1). Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/Internet_Protocol).*

Answer 20

Manipulating the source address in IP packets to conceal the origin, often used in cyber-attacks to obfuscate the attacker's identity and hinder traceability. ## Footnote The practice of altering the source address of a data packet in order to disguise its origin. It is commonly used in cyber-attacks to mask the attacker's identity and make it more difficult to trace the attack. Examples of IP packet spoofing in use include a hacker sending a malicious email from a spoofed address or a malware infection spreading from a spoofed IP address. *For more information, view this lecture on [Secure design principles.](https://courses.thorteaches.com/courses/take/cissp/lessons/25340659-secure-design-principles). Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/IP_spoofing).*

Answer 21

A set of protocols offering secure IP communications by authenticating and encrypting data packets in transit. ## Footnote A set of protocols developed to ensure the integrity, confidentiality, and authentication of data communications over an IP network. It uses cryptographic security services to protect communications between net-operable devices. IPSec provides a necessary framework for negotiating, establishing, maintaining, and managing secure IP connections. *For more information, view this lecture on [IPSec and PGP.](https://courses.thorteaches.com/courses/take/cissp/lessons/19149746-ipsec-and-pgp). Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/IPsec).*

Answer 22

The fourth revision of IP, it uses 32-bit addresses to identify devices on a network. ## Footnote The fourth version of the Internet Protocol (IP), which identifies devices on a network via an addressing system. It uses 32-bit addresses, which limits the address space to 4.3 billion addresses. Despite the development of a newer protocol, IPv6, IPv4 remains widely deployed and used, making the understanding and management of its features and limitations essential in maintaining and securing internet and network operations. *For more information, view this lecture on [IP addresses, MAC addresses, and port numbers- Part 3.](https://courses.thorteaches.com/courses/take/cissp/lessons/22874065-ip-addresses-mac-addresses-and-port-numbers-part-3). Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/IPv4).*

Answer 23

The latest IP version, providing an expanded address space and improved internet routing and configuration. ## Footnote The most recent version of the Internet Protocol, which provides an identification and location system for computers on networks and routes traffic across the internet. IPv6 was developed to deal with the long-anticipated problem of IPv4 address exhaustion, as it uses 128-bit addresses, allowing for a vastly increased number of unique addresses compared to IPv4. *For more information, view this lecture on [IP addresses, MAC addresses, and port numbers- Part 4.](https://courses.thorteaches.com/courses/take/cissp/lessons/22874071-ip-addresses-mac-addresses-and-port-numbers-part-4). Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/IPv6).*

Answer 24

It negotiates and manages security associations for secure IP connections. ## Footnote A protocol used for securely negotiating, establishing, and managing security associations (SAs) between devices. It is commonly used in VPNs and other secure communication systems to establish a secure connection. Examples of ISAKMP in use include a remote worker connecting to their company's VPN or a user setting up a secure connection to a home security system. *For more information, view this lecture on [Secure Communications - Part 1](https://courses.thorteaches.com/courses/take/cissp/lessons/19178318-secure-communications-part-1). Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/Internet_Security_Association_and_Key_Management_Protocol).*

Answer 25

A company that provides internet connectivity to consumers and businesses. ## Footnote A company that provides internet access to customers by providing a connection to the internet. It is used by individuals and businesses to connect to the internet and access online resources. Examples include Comcast, Verizon, and AT&T. *Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/Internet_service_provider).*

Answer 26

A protocol that allows SCSI commands to be sent over IP networks for shared storage access. ## Footnote iSCSI is an Internet Protocol-based storage networking standard for linking data storage facilities. It enables the SCSI command to be sent over IP networks and facilitates data transfers over local area networks (LANs), wide area networks (WANs), or the internet. This allows organizations to consolidate storage into data center storage arrays while providing hosts with the illusion of locally attached disks. *For more information, view this lecture on [SAN and VoIP protocols.](https://courses.thorteaches.com/courses/take/cissp/lessons/19177558-san-and-voip-protocols). Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/ISCSI).*

Answer 27

A former networking protocol used for data transmission within networks running NetWare operating systems. ## Footnote Internetwork Packet Exchange (IPX) is a network layer protocol formerly used primarily on networks using the Novell NetWare operating systems. IPX is no longer commonly used, having been largely replaced by the TCP/IP protocol suite. In its time, IPX was utilized for various network services, including file and print sharing. *Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/Internetwork_Packet_Exchange).*

Answer 28

A suite of networking protocols used for communication on NetWare networks, now obsolete. ## Footnote Internetwork Packet Exchange/Sequenced Packet Exchange (IPX/SPX) was a suite of networking protocols used predominantly on networks running Novell NetWare operating systems. While it played a significant role in early network architecture, offering services like file and printer sharing, it has been largely supplanted by the TCP/IP protocol due to the growth of the internet. *Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/IPX/SPX).*

Answer 29

A private network within an organization for sharing information and resources among employees or members securely. ## Footnote A private network that uses internet technologies and protocols to provide access to information and resources within an organization. It is used by businesses and other organizations to share information and resources among employees or members. Examples of intranet use include internal company websites, databases, and file-sharing systems. *For more information, view this lecture on [Networking basics and definitions.](https://courses.thorteaches.com/courses/take/cissp/lessons/19177258-networking-basics-and-definitions). Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/Intranet).*

Answer 30

A unique identifier for devices on an IP network, essential for routing data to the correct destination. ## Footnote An IP address is a numerical identifier assigned to every device connected to an IP network. It serves two primary functions - host or network interface identification and location addressing. IP addresses are essential for routing and delivering packets of data across networks, ensuring that information reaches its correct destination. *For more information, view this lecture on [IP addresses, MAC addresses, and port numbers- Part 1.](https://courses.thorteaches.com/courses/take/cissp/lessons/19177398-ip-addresses-mac-addresses-and-port-numbers-part-1). Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/IP_address).*

Answer 31

Methods used to distribute data to multiple recipients on a network using IP broadcasting. ## Footnote IP broadcast methods are used to send a message to all potential recipients on a network segment. Types of IP broadcast methods include network broadcast, sending to a subnet's broadcast address, and limited broadcast, sending to the special address 255.255.255.255, which targets all devices on the local network. *For more information, view this lecture on [IP addresses, MAC addresses, and port numbers- Part 2.](https://courses.thorteaches.com/courses/take/cissp/lessons/19177405-ip-addresses-mac-addresses-and-port-numbers-part-2). Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/Broadcast_address).*

Answer 32

Sending packets to an IP address to determine if a device is active and gather information about it. ## Footnote The process of sending small packets of data to a specific IP address to determine if a device is active on a network and to gather information about the device. It is used in network security to identify potential vulnerabilities. Examples include ping and traceroute. *Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/Address_Resolution_Protocol#ARP_probe).*

Answer 33

Faking an IP address to hide the origin of network traffic or impersonate another device. ## Footnote The practice of disguising a device's IP address to gain unauthorized access to a network or to hide the device's identity. It is used in cyber-attacks to bypass security measures. Examples include using a fake IP address or using a legitimate IP address without permission. *For more information, view this lecture on [Secure design principles.](https://courses.thorteaches.com/courses/take/cissp/lessons/25340659-secure-design-principles). Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/IP_spoofing).*

Answer 34

Utilizing IPv6 for devices at the network's edge, often for internet connectivity or inter-network communication. ## Footnote The use of the IPv6 protocol at the edge of a network, typically to connect devices to the internet or to connect two networks together. It is commonly used to allow for more devices to be connected to the internet and to allow for more efficient routing of data. Examples include using IPv6 at the edge to connect devices to the internet or to connect two networks together using IPv6.

Answer 35

Variability in packet delay across a network that affects communication quality. ## Footnote Jitter refers to the inconsistency in the latency of data packet delivery within a network, which can cause disruptions in real-time communications such as VoIP or video conferencing. High jitter results in inconsistent data flow, leading to audio distortions or video glitches. Reducing jitter is crucial for maintaining the performance and reliability of time-sensitive network applications. *For more information, view this lecture on [Network Performance and Traffic Management](https://courses.thorteaches.com/courses/take/cissp/lessons/54399148-new-2024-network-performance-and-traffic-management). Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/Jitter).*

Answer 36

Intermediate systems helping to securely connect users to remote networks, also known as bastion hosts. ## Footnote A computer or server that acts as an intermediary between a user's device and the target system they are trying to access. It is used to securely connect to remote networks and improve the security of remote access. Examples of jump hosts include VPN servers and bastion hosts. *Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/Jump_server).*

Answer 37

Jump servers (or jump boxes) are secure, hardened machines that act as a controlled gateway between an external user and internal network resources, reducing direct exposure of critical systems. ## Footnote Administrators first log into the jump server, which then provides restricted access to production environments, often via SSH or RDP. This setup limits the attack surface, forces consistent auditing, and allows monitoring user activity in sensitive areas. Proper configuration, patching, and two-factor authentication on jump servers enhance security and compliance across large, segmented IT infrastructures. *Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/Jump_box).*

Answer 38

A DoS attack sending a packet with the same source and destination, causing network disruption. ## Footnote A type of denial of service (DoS) attack that involves sending a forged packet to a device with the same source and destination IP address and port number. As the device tries to respond to this unusual packet, it enters a loop of repeated actions that can cause the system to slow down or crash. These attacks exploit vulnerabilities in certain types of network software and can disrupt the availability of services. *Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/LAND).*

Answer 39

The time delay between data transmission and receipt, important for measuring network efficiency and speed. ## Footnote The delay between the transmission and receipt of data measured in milliseconds (MS). It is used in networking to measure the speed and efficiency of data transfer. Examples -a high latency internet connection may cause slow loading times on websites, latency in a gaming server can cause lag or delay in gameplay, and latency in a financial trading system can cause delays in trade executions. *For more information, view this lecture on [Networking basics and definitions.](https://courses.thorteaches.com/courses/take/cissp/lessons/19177258-networking-basics-and-definitions) Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/Latency_(engineering)).*

Answer 40

Networking devices operating at the data link layer, managing data forwarding based on MAC addresses. ## Footnote Network devices that operate at the data link layer (Layer 2) of the Open Systems Interconnection (OSI) model. They are responsible for forwarding data frames between devices on a local network based on the device's MAC addresses. Layer 2 switches are central to local network operation and performance, but they must be properly configured and managed to prevent potential security issues such as MAC flooding or spoofing attacks. *For more information, view this lecture on [The OSI model- Part 1.](https://courses.thorteaches.com/courses/take/cissp/lessons/19177264-the-osi-model-part-1) Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/Network_switch).*

Answer 41

A protocol supporting VPNs, providing a secure path for data on public networks. ## Footnote A protocol used to support virtual private networks (VPNs), which provides a private, secure path for data transmission across a public network such as the internet. L2TP creates a tunnel between two L2TP connection points and encapsulates data sent between them. While L2TP itself doesn't provide encryption, it's often used in conjunction with the IPsec protocol, which does provide encryption, to create a more secure VPN. *For more information, view this lecture on [Network authentication protocols.](https://courses.thorteaches.com/courses/take/cissp/lessons/19178311-network-authentication-protocols) Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/Layer_2_Tunneling_Protocol).*

Answer 42

Devices operating at the network and transport layers, providing routing and traffic management based on IP and port numbers. ## Footnote Devices that operate at both the network (Layer 3) and transport (Layer 4) layers of the OSI model. They combine the fast-switching capabilities of a Layer 2 switch with the routing capabilities of a router (Layer 3) and can also make forwarding decisions based on transport layer information (Layer 4), such as TCP or UDP port numbers. This allows for more granular control of network traffic, which can be beneficial for both network performance and security. For example, Layer 4 switching can be used to help mitigate DoS attacks by limiting traffic to certain ports. *For more information, view this lecture on [Layer 1 to 3 networking devices.](https://courses.thorteaches.com/courses/take/cissp/lessons/19178219-layer-1-to-3-networking-devices) Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/Multilayer_switch).*

Answer 43

Advanced network devices managing traffic based on transport and application layer data, useful for performance and security. ## Footnote Also known as content switches, these devices operate at the transport layer (Layer 4) and higher layers (up to Layer 7 – the application layer) of the OSI model. They not only manage network traffic based on IP addresses and port numbers but also on the basis of data content. This enables more complex and flexible network management, including load balancing and quality of service features, as well as advanced security features, such as protection against application-specific attacks. *For more information, view this lecture on [Layer 1 to 3 networking devices.](https://courses.thorteaches.com/courses/take/cissp/lessons/19178219-layer-1-to-3-networking-devices) Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/Multilayer_switch).*

Answer 44

A dedicated communication line for exclusive use, offering consistent bandwidth and reliability for secure connections. ## Footnote A telecommunications line leased for exclusive use from a communication service provider, typically used to connect geographically distant offices. Offering consistent bandwidth and higher reliability than standard connections, leased lines are ideal for businesses requiring secure, dedicated, and uninterrupted communication channels. *For more information, view this lecture on [WAN protocols.](https://courses.thorteaches.com/courses/take/cissp/lessons/19177534-wan-protocols) Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/Leased_line).*

Answer 45

A wireless communication technology using light to transmit data, offering high-speed connectivity and enhanced security. ## Footnote Li-Fi (Light Fidelity) is a technology for wireless communication that uses light to transmit data at high speeds. Unlike Wi-Fi, which uses radio frequencies, Li-Fi operates through visible light, infrared, or ultraviolet spectrums, providing an additional layer of security as light cannot pass through opaque structures. This makes it useful for high-security environments and areas with electromagnetic interference. *For more information, view this lecture on [Wireless Networks](https://courses.thorteaches.com/courses/take/cissp/lessons/29462523-wireless-networks) Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/Li-Fi).*

Answer 46

A protocol facilitating the management and access of directory information services over IP networks. ## Footnote A networking protocol used to access and manage directory information services over a network. It is used in identity and access management systems to store and manage user and application credentials. Examples include Active Directory and OpenLDAP. *For more information, view this lecture on [Authentication protocols - Part 2](https://courses.thorteaches.com/courses/take/cissp/lessons/33652414-authentication-protocols-part-2) Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/Lightweight_Directory_Access_Protocol).*

Answer 47

A device amplifying a digital signal for extended transmission, often employed in long-distance communication links. ## Footnote A line driver is an electronic device that amplifies a digital signal, extending its transmission distance along communication lines. It is commonly used in settings where signals must travel long distances, such as telecommunications and network links. From a security standpoint, line drivers must be secured to ensure the integrity and confidentiality of the transmitted signals. *Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/Line_driver).*

Answer 48

A network layout where all devices connect to a single cable or central channel, simple but with limited scalability. ## Footnote A network configuration where all devices are connected to a single central cable or bus, forming a straight line. It is used in small networks where simplicity and low cost are the main priorities. Examples include home networks and small office networks. *For more information, view this lecture on [LAN topologies.](https://courses.thorteaches.com/courses/take/cissp/lessons/19177530-lan-topologies) Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/Bus_network).*

Answer 49

The TCP/IP model layer responsible for moving data on and off the network interface card. ## Footnote The third layer of the TCP/IP model is responsible for transmitting data between devices on the same network. It defines the protocols and standards for accessing the physical network, such as Ethernet, Wi-Fi, and Bluetooth. It is used in various networking applications to enable communication between devices. *For more information, view this lecture on [The TCP-IP model.](https://courses.thorteaches.com/courses/take/cissp/lessons/19177306-the-tcp-ip-model) Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/Internet_protocol_suite#Network_access_layer).*

Answer 50

A network protocol using information about network paths to choose the most efficient routes. ## Footnote A type of networking protocol that uses a link-state database to maintain information about the network topology and routes between nodes. It is used in computer networks to enable efficient routing of data between nodes. Examples include OSPF and IS-IS. *For more information, view this lecture on [Layer 3 routing protocols.](https://courses.thorteaches.com/courses/take/cissp/lessons/19178251-layer-3-routing-protocols) Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/Link-state_routing_protocol).*

Answer 51

A network that connects devices in a close geographic area, facilitating resource sharing and communication. ## Footnote A computer network that connects devices in a small geographic area, such as a home, office, or building. It is used to provide communication and sharing of resources among devices within the network. Examples include home networks and office networks. *For more information, view this lecture on [Networking basics and definitions.](https://courses.thorteaches.com/courses/take/cissp/lessons/19177258-networking-basics-and-definitions) Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/Local_area_network).*

Answer 52

Addresses assigned to network devices for communication within a network, not tied to hardware. ## Footnote Logical addresses refer to the network addresses assigned to devices for communication within a network and are not permanently tied to the hardware. Unlike physical addresses (MAC addresses), logical addresses (such as IP addresses) can change based on network topology and are used by the network layer to route data to the correct destination. *For more information, view this lecture on [IP addresses, MAC addresses, and port numbers- Part 3.](https://courses.thorteaches.com/courses/take/cissp/lessons/22874065-ip-addresses-mac-addresses-and-port-numbers-part-3) Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/Logical_address).*

Answer 53

A data link protocol managing device connections and communication in networks. ## Footnote A protocol in the link layer of the OSI model responsible for managing communication between two devices on the same network. It defines the rules and standards for establishing, maintaining, and terminating a connection between devices. It is used in various networking applications to enable communication between devices. *For more information, view this lecture on [The OSI model- Part 1.](https://courses.thorteaches.com/courses/take/cissp/lessons/19177264-the-osi-model-part-1) Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/Logical_Link_Control).*

Answer 54

Security measures preventing looping paths in networks, ensuring data flow integrity. ## Footnote A network configuration setting designed to prevent the creation of loops in data transmission pathways. In networking, loops can cause a variety of issues, including system instability, broadcast storms, and the overloading of network devices. Loop protection mechanisms, like the Spanning Tree Protocol (STP), work by identifying and disabling potential looping paths, ensuring smooth and secure data flow across the network. *For more information, view this lecture on [IP addresses, MAC addresses, and port numbers- Part 3.](https://courses.thorteaches.com/courses/take/cissp/lessons/22874065-ip-addresses-mac-addresses-and-port-numbers-part-3) Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/Spanning_Tree_Protocol).*

Answer 55

A unique identifier for network hardware, essential for device communication. ## Footnote A unique identifier that is assigned to a network interface on a device. It is used to identify and communicate with devices on a network. Examples include the MAC address of a network card, a wireless adapter, or a Bluetooth device. *For more information, view this lecture on [The OSI model- Part 1.](https://courses.thorteaches.com/courses/take/cissp/lessons/19177264-the-osi-model-part-1) Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/MAC_address).*

Answer 56

A switch configuration that binds a port to a device's MAC address to enhance security. ## Footnote MAC address sticky is a security feature on network switches that permanently associates the first MAC address detected on a port with that port. This binding prevents unauthorized devices from connecting and reduces the risk of MAC spoofing. By limiting port access to known devices, sticky MAC address configurations contribute to a more secure and controlled network environment. *For more information, view this lecture on [WiFi - Part 1](https://courses.thorteaches.com/courses/take/cissp/lessons/19178193-wifi-part-1).*

Answer 57

A network control method that allows connections only from approved devices. ## Footnote MAC filtering, also known as MAC address filtering or MAC limiting, is a network access control technique where a network device, typically a router or switch, uses a list of allowed MAC addresses to determine which devices can connect to the network. Unauthorized devices with MAC addresses not on the list are blocked. This method can improve network security but should be combined with other security practices, as MAC addresses can be spoofed by knowledgeable attackers. *For more information, view this lecture on [WiFi - Part 2](https://courses.thorteaches.com/courses/take/cissp/lessons/29948642-wifi-part-2) Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/MAC_filtering).*

Answer 58

Information in a data packet that identifies the sender, recipient, and data type for routing. ## Footnote A section of a data packet that contains information about the sender and recipient of the packet, as well as the type of data contained in the packet. It is used in networking to allow devices to communicate with each other and route data packets properly. Examples include Ethernet MAC addresses and Wi-Fi MAC addresses. *For more information, view this lecture on [WiFi - Part 2](https://courses.thorteaches.com/courses/take/cissp/lessons/29948642-wifi-part-2).*

Answer 59

A server that routes email from one server to another, part of the email delivery process. ## Footnote A computer that acts as an intermediary between a sender's mail server and a recipient's mail server. It is used in email systems to route messages and ensure delivery to the correct recipients. Examples include Google's Gmail server and Microsoft's Exchange server. *Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/Mail_relay).*

Answer 60

A sublayer managing how devices access and transmit data over a network, using MAC addresses for identification. ## Footnote Media Access Control (MAC) refers to the sublayer of the data link layer in the OSI model that is responsible for controlling how devices in a network gain access to the medium and permission to transmit data. A MAC address is a hardware identifier that uniquely identifies each device on a network. MAC addresses are typically 48 bits in length, expressed in hexadecimal format. In some cases, MAC addresses can also be 64 bits, particularly with modifications for use in IPv6 networking environments. *For more information, view this lecture on [The OSI model- Part 1.](https://courses.thorteaches.com/courses/take/cissp/lessons/19177264-the-osi-model-part-1). Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/Media_access_control).*

Answer 61

A network structure where each node connects directly to multiple others, enhancing data routing reliability. ## Footnote A network setup where each node (a device like a computer or a router) is connected directly to several other nodes. It's a self-healing and robust way of structuring a network, as it provides multiple paths for data transmission, ensuring data can still be sent even if a particular path becomes unavailable. *For more information, view this lecture on [The OSI model- Part 1.](https://courses.thorteaches.com/courses/take/cissp/lessons/19177264-the-osi-model-part-1). Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/Mesh_networking).*

Answer 62

A network spanning a city or similar sized area, connecting multiple local networks. ## Footnote A computer network that covers a large geographic area, such as a city or town. It is used to connect multiple local area networks (LANs) within a metropolitan area. Examples include campus networks, city-wide networks, and regional networks. *For more information, view this lecture on [Networking basics and definitions.](https://courses.thorteaches.com/courses/take/cissp/lessons/19177258-networking-basics-and-definitions). Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/Metropolitan_area_network).*

Answer 63

A security technique that applies fine-grained security policies at the workload level to protect against lateral threats inside a network. ## Footnote A security technique that enables fine-grained security policies to be assigned to data center applications down to the workload level. This approach enables security controls to be more precisely applied to protect against lateral threats inside a network, and it reduces the network attack surface. If a system component is compromised, the potential for lateral movement of threats is minimized, as each segment is isolated from the others. *For more information, view this lecture on [Network Performance and Traffic Management](https://courses.thorteaches.com/courses/take/cissp/lessons/54399148-new-2024-network-performance-and-traffic-management). Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/Microsegmentation_(network_security)).*

Answer 64

A wireless technology employing high-frequency radio waves for data transfer, often used for point-to-point communication links. ## Footnote Microwave transmission is a wireless communication technology that uses high-frequency radio waves to transmit data over short distances. It is commonly used for point-to-point communication links, such as connecting two buildings within a campus or providing a backbone for cellular networks. Due to the line-of-sight nature of microwave signals, security measures must be in place to prevent signal interception or interference. *Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/Microwave_transmission).*

Answer 65

An attack involving the use of small, fragmented packets to evade detection by network security systems. ## Footnote A miniature fragment attack is a network-based attack where small fragments of a malicious packet are sent across the network to evade detection by intrusion detection and prevention systems that may not properly reassemble fragmented traffic. This technique can allow attackers to slip past security measures that do not scrutinize small packet fragments. Ensuring security devices correctly reassemble and inspect packet fragments is crucial to defend against miniature fragment attacks.

Answer 66

Technology enabling data and voice transmission via portable devices, necessitating robust security measures. ## Footnote A technology that allows transmission of data, voice, and video via any portable device, like smartphones or laptops, over a network. The portable devices have the capacity to access and process data in real-time, without being connected to a fixed physical link. While mobile computing has revolutionized communication and information access, it also presents challenges related to data privacy, security, and integrity. *Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/Mobile_computing).*

Answer 67

A device that facilitates data transmission over communication lines, converting between digital and analog signals. ## Footnote A hardware device that enables computers to transmit data over communication lines or wireless signals. This process involves converting digital signals into analog signals (modulation) for transmission and then back into digital signals (demodulation) upon receipt. By facilitating data transmission, modems play a vital role in internet connectivity and the network's overall integrity and performance. *For more information, view this lecture on [Modems.](https://courses.thorteaches.com/courses/take/cissp/lessons/19178293-modems). Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/Modem).*

Answer 68

Varying a wave's properties to encode information for data transmission, crucial for secure communication. ## Footnote The process of varying one or more properties of a periodic waveform, called the carrier signal, with a separate signal that contains the information to be transmitted. This technique is used in telecommunication, radio, and data communication systems to transfer information effectively. Types of modulation include amplitude modulation (AM), frequency modulation (FM), and phase modulation (PM), each having unique properties that make them suitable for different types of data transmission. *For more information, view this lecture on [Modems.](https://courses.thorteaches.com/courses/take/cissp/lessons/19178293-modems). Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/Modulation).*

Answer 69

The largest size a data packet can be transmitted without needing fragmentation. ## Footnote MTU defines the upper limit for the size of a data packet that can be sent over a network without being fragmented. Proper MTU configuration is crucial for maximizing transmission efficiency and reducing potential packet loss. Adjusting the MTU to match network characteristics can prevent fragmentation-induced delays, ensuring smoother data transfer and maintaining overall network performance. *For more information, view this lecture on [IP addresses, MAC addresses, and port numbers- Part 3.](https://courses.thorteaches.com/courses/take/cissp/lessons/22874065-ip-addresses-mac-addresses-and-port-numbers-part-3). Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/Maximum_transmission_unit).*

Answer 70

A method of sending data to multiple specific recipients simultaneously over a network. ## Footnote Multicast is a communication strategy in which data packets are transmitted to a designated group of recipients simultaneously, rather than broadcasting to all nodes. This method conserves bandwidth and enhances efficiency for applications like streaming media and conferencing. Multicast requires specialized protocols to manage group memberships and ensure that data reaches only the intended devices, optimizing overall network performance. *For more information, view this lecture on [IP addresses, MAC addresses, and port numbers- Part 2.](https://courses.thorteaches.com/courses/take/cissp/lessons/19177405-ip-addresses-mac-addresses-and-port-numbers-part-2). Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/Multicast).*

Answer 71

A device with multiple network interfaces, enhancing redundancy and traffic management for security. ## Footnote A device that has multiple network interfaces, each connected to a different network. This is commonly used for redundancy and load balancing, ensuring that even if one network goes down, the device can continue to function. It also provides a means to manage and segregate traffic, enhancing control and potentially improving security by preventing potential threats from crossing between networks. *For more information, view this lecture on [Firewalls Part 2](https://courses.thorteaches.com/courses/take/cissp/lessons/33182521-firewalls-part-2). Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/Multihoming).*

Answer 72

Protocols structuring network communications into layers, enabling flexibility and security at various levels. ## Footnote Multilayer protocols involve structuring network communications into separate logical layers, each with a specific function, facilitating both flexibility in network operations and enhanced security. This layered approach, exemplified by the OSI model and TCP/IP suite, allows for better abstraction, ease of troubleshooting, and the ability to apply security controls at different levels of the network. *Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/Protocol_layer).*

Answer 73

A device combining multiple signals into one output, improving network efficiency and requiring secure handling. ## Footnote A device that combines multiple analog or digital input signals into one output line. The selection of specific input is controlled by a set of selection lines. In networks, multiplexers are used to reduce the number of required transmission channels, thus improving efficiency by enabling data from different sources to travel along the same pathway. *For more information, view this lecture on [Networking basics and definitions.](https://courses.thorteaches.com/courses/take/cissp/lessons/19177258-networking-basics-and-definitions). Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/Multiplexer).*

Answer 74

Combining multiple data streams onto one communications channel, enhancing data transfer and network use. ## Footnote A technique used in data communication for combining multiple signals or streams of information onto a single transmission path. The objective is to facilitate efficient data transmission and reduce the need for multiple channels. Techniques like Frequency Division Multiplexing (FDM), Time Division Multiplexing (TDM), or Code Division Multiplexing (CDM) are used depending on the nature of the data and communication system. This process plays a significant role in enhancing the capacity and managing the complexity of data transmissions. *For more information, view this lecture on [Networking basics and definitions.](https://courses.thorteaches.com/courses/take/cissp/lessons/19177258-networking-basics-and-definitions). Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/Multiplexing).*

Answer 75

A method for high-speed data transport across networks via labeled paths. ## Footnote A data-carrying technique that directs data from one network node to the next based on short path labels rather than long network addresses. The labels identify virtual links (paths) between distant nodes rather than endpoints, allowing for high-speed and flexible data transmission. *For more information, view this lecture on [WAN protocols.](https://courses.thorteaches.com/courses/take/cissp/lessons/19177534-wan-protocols). Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/Multiprotocol_Label_Switching).*

Answer 76

A standard extending email to support various content types beyond text. ## Footnote An internet standard that extends the format of email to support text in character sets other than ASCII, as well as attachments such as multimedia files. It's used to encode non-text content, enabling emails to carry audio, video, images, and application programs, thereby enhancing the scope of traditional email communication. *For more information, view this lecture on [IPSec and PGP.](https://courses.thorteaches.com/courses/take/cissp/lessons/19149746-ipsec-and-pgp). Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/MIME).*

Answer 77

Headers describing the content type and format in emails and documents. ## Footnote Multipurpose Internet Mail Extensions (MIME) headers are part of the metadata in emails and web documents that describe the type of content included within the message. These headers specify the media type and character encoding, which enable the transmission and correct interpretation of various content formats like images, audio, and text in different character sets. *For more information, view this lecture on [IPSec and PGP.](https://courses.thorteaches.com/courses/take/cissp/lessons/19149746-ipsec-and-pgp). Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/MIME).*

Answer 78

A cloud service model providing on-demand networking capabilities to organizations. ## Footnote A cloud computing model where networking services are provided on-demand over the internet. This allows organizations to quickly and easily access networking services without having to invest in on-premises infrastructure. Examples include virtual private network (VPN) services and cloud-based firewalls. *Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/Network_as_a_service).*

Answer 79

Using IPv6 exclusively for communication, leveraging its features without relying on IPv4 components or translation. ## Footnote Native IPv6 refers to network infrastructures and services that use IPv6 exclusively for communication, without relying on any IPv4 components or translation mechanisms. This allows for end-to-end communication using the IPv6 protocol, taking full advantage of its features, such as a larger address space, improved routing, and built-in security enhancements. *Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/IPv6).*

Answer 80

A short-range wireless technology enabling contactless data exchange and transactions between devices. ## Footnote A short-range wireless communication technology that allows devices to exchange data over distances of less than 4 inches. It is used in mobile devices and other smart devices to enable contactless transactions, data sharing, and access control. Examples of NFC applications include mobile payments, public transit systems, and access control for buildings and vehicles. *Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/Near-field_communication).*

Answer 81

A protocol for collecting and analyzing network traffic flow information. ## Footnote Netflow, developed by Cisco, is a network monitoring technology that captures IP traffic flows and analyzes data patterns. It provides insights into bandwidth usage, traffic anomalies, and network performance by summarizing traffic data from routers and switches. This information assists administrators in capacity planning, troubleshooting, and enhancing overall network security and efficiency. *For more information, view this lecture on [Network Performance and Traffic Management](https://courses.thorteaches.com/courses/take/cissp/lessons/54399148-new-2024-network-performance-and-traffic-management). Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/NetFlow).*

Answer 82

A connected group of computers and devices that share data and resources. ## Footnote A group of interconnected devices that can communicate and exchange data with each other. Used in computer systems, telecommunications, and other industries to facilitate communication and sharing of resources. Examples include local area networks (LANs), wide area networks (WANs), and virtual private networks (VPNs). *For more information, view this lecture on [Networking basics and definitions.](https://courses.thorteaches.com/courses/take/cissp/lessons/19177258-networking-basics-and-definitions). Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/Computer_network).*

Answer 83

A method restricting network access to devices meeting specific security policies, ensuring system safety and compliance. ## Footnote A method of bolstering the security of a proprietary network by restricting the availability of network resources to endpoint devices that comply with a defined security policy. This includes laptops, smartphones, tablets, and other devices. It functions by carrying out a series of checks on each device as it connects to the network, determining its security posture and compliance status before granting it the appropriate level of access. *For more information, view this lecture on [Secure Communications - Part 3](https://courses.thorteaches.com/courses/take/cissp/lessons/29462733-secure-communications-part-3). Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/Network_Access_Control).*

Answer 84

A technique allowing multiple devices on a private network to share a single public IP address for Internet access. ## Footnote A methodology that helps mitigate IP address limitations by allowing multiple devices on a private network to share a single public IP address. It plays a key role in network security as it serves as a natural firewall by keeping private IP addresses hidden from external networks, thus preventing unauthorized access from external entities. *For more information, view this lecture on [IP addresses, MAC addresses, and port numbers- Part 3.](https://courses.thorteaches.com/courses/take/cissp/lessons/22874065-ip-addresses-mac-addresses-and-port-numbers-part-3). Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/Network_address_translation).*

Answer 85

Hostile actions targeting a network's infrastructure to compromise security, data integrity, or service availability. ## Footnote Malicious activities employed by individuals or entities intending to compromise the integrity, confidentiality, or availability of a network and its data. These attacks can take numerous forms, such as Distributed Denial of Service (DDoS) attacks, Man-in-the-Middle (MitM) attacks, or password-based attacks, each with the intent to exploit vulnerabilities in a network's infrastructure. *For more information, view this lecture on [Networking basics and definitions.](https://courses.thorteaches.com/courses/take/cissp/lessons/19177258-networking-basics-and-definitions).*

Answer 86

An API that enables applications on different computers to communicate within a LAN, now less common. ## Footnote The Network Basic Input Output System (NetBIOS) is an API that allows applications on different computers to communicate within a local area network (LAN). Historically used in early Windows networks for tasks like file sharing and print services, NetBIOS is not a networking protocol but an interface that applications use to establish sessions and send data. Due to its design, it can be vulnerable to security exploits and is generally used less often in modern networks. *For more information, view this lecture on [Hardware architecture- Part 2](https://courses.thorteaches.com/courses/take/cissp/lessons/45831595-hardware-architecture-part-2). Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/NetBIOS).*

Answer 87

NBAD monitors network traffic patterns in real time, identifying unusual behavior that may indicate cyber threats, malware infections, or policy violations. ## Footnote Unlike signature-based intrusion detection, NBAD learns baseline network activities—like bandwidth usage, connection frequencies, and protocol mixes—and flags deviations. For example, a spike in outbound traffic from a specific host could signal data exfiltration. Analysts or automated systems then investigate alerts to confirm malicious activity. By focusing on behavioral changes, NBAD can detect zero-day exploits or stealthy attacks that bypass traditional defenses, strengthening overall security posture. *For more information, visit this [Wikipedia page](https://en.wikipedia.org/wiki/Network_behavior_anomaly_detection).*

Answer 88

Physical infrastructure enabling device communication in a network, including cables and connectors like Ethernet cables. ## Footnote The physical infrastructure of a network, consisting of cables and connectors that connect devices and allow them to communicate with each other. Network cabling is used in homes, businesses, and large organizations to create a network that enables data transfer and communication between devices. Examples include Ethernet cables, fiber optic cables, and coaxial cables. *For more information, view this lecture on [Cable types.](https://courses.thorteaches.com/courses/take/cissp/lessons/19177465-cable-types). Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/Networking_cables).*

Answer 89

The merging of various network technologies into a unified infrastructure, supporting seamless communication across platforms. ## Footnote The integration of different network technologies and protocols into a single network infrastructure. Used in modern networks to enable seamless communication and data sharing across different devices and platforms. Examples of network convergence include voice over IP (VoIP), wireless networking, and the Internet of Things (IoT). *For more information, view this lecture on [Layer 3 routing protocols.](https://courses.thorteaches.com/courses/take/cissp/lessons/19178251-layer-3-routing-protocols). Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/Converged_network).*

Answer 90

A protocol allowing users to access files over a network, providing shared file system functionality. ## Footnote A protocol that allows users on client computers to access files over a network in a manner similar to how local storage is accessed. NFS provides a simple way for users to share and access files and directories residing on different machines on a network as if they were on their local machine. This process facilitates data sharing between systems by offering an environment that consolidates resources onto centralized servers, improving efficiency and collaboration. *For more information, visit this [Wikipedia page](https://en.wikipedia.org/wiki/Network_File_System).*

Answer 91

The user-facing part of a network that receives input and forwards requests to the back-end services. ## Footnote The part of a network that interfaces directly with the user or client. It is responsible for accepting user input and forwarding requests to the back-end. The front-end components of a network, which can include web servers, load balancers, firewalls, and other user-facing interfaces, are crucial in ensuring smooth interaction between users and the network services.

Answer 92

Physical devices that form a network's infrastructure, enabling data transfer and communication. ## Footnote The physical devices that make up a network, including routers, switches, hubs, and other devices that enable data transfer and communication between devices on the network. Network hardware is used to create a network infrastructure and support the functions of the network. Examples include routers, switches, hubs, and access points. *For more information, view this lecture on [Layer 1 to 3 networking devices.](https://courses.thorteaches.com/courses/take/cissp/lessons/19178219-layer-1-to-3-networking-devices). Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/Networking_hardware).*

Answer 93

A transitional point in a data packet's journey across network devices toward its destination. ## Footnote A network hop occurs when a packet is forwarded from one network device, such as a router or gateway, to another device along the path from its source to its destination. Each hop represents one portion of the path that a data packet takes as it traverses a network. The number of hops can affect the latency and speed of data transmission. *For more information, view this lecture on [IP support protocols - Part 1.](https://courses.thorteaches.com/courses/take/cissp/lessons/19177457-ip-support-protocols-part-1). Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/Hop_(networking)).*

Answer 94

Hardware enabling a computer to connect and communicate over a network. ## Footnote A hardware component, usually in the form of a card or chip, which enables a computer to connect to a network. It provides a dedicated channel for data exchange between devices within a network, translating the data into a format that can be transmitted over the local network or the Internet. *For more information, view this lecture on [Layer 1 to 3 networking devices.](https://courses.thorteaches.com/courses/take/cissp/lessons/19178219-layer-1-to-3-networking-devices). Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/Network_interface_controller).*

Answer 95

Responsible for physical data transmission over network hardware in the TCP/IP model. ## Footnote The Network Interface Layer, in the context of the TCP/IP model, is responsible for the physical transmission of data over network hardware and media. It corresponds to the combination of the Physical Layer and the Data-Link Layer of the OSI model and handles aspects such as framing, addressing, and the physical network topology. *For more information, view this lecture on [The TCP-IP model.](https://courses.thorteaches.com/courses/take/cissp/lessons/19177306-the-tcp-ip-model). Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/Internet_protocol_suite#Link_layer).*

Answer 96

The OSI model layer that manages data routing and packet forwarding across interconnected networks. ## Footnote The third level of the Open Systems Interconnection (OSI) Model, tasked with managing data routing, packet forwarding, and addressing across a network. This layer ensures data gets from its source to its destination efficiently and accurately, even when that requires moving across multiple networks or network segments. *For more information, view this lecture on [The OSI model- Part 2.](https://courses.thorteaches.com/courses/take/cissp/lessons/22712043-the-osi-model-part-2). Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/Network_layer).*

Answer 97

A protocol for the distribution and retrieval of Usenet newsgroup articles over the Internet. ## Footnote A protocol designed for the distribution, inquiry, retrieval, and posting of news articles or Usenet newsgroups using a TCP/IP network. Primarily used in Internet discussion forums, NNTP provides rules for efficient distribution and updating of articles across a wide network of servers, reducing redundancy and ensuring users have access to the discussions relevant to them. *Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/Network_News_Transfer_Protocol).*

Answer 98

Protective measures for safeguarding a network and data from unauthorized access and cyber threats. ## Footnote The set of measures and practices designed to protect a network and the data it carries from unauthorized access, misuse, and destruction. Network security is used to prevent network attacks and protect sensitive information from being stolen or compromised. Examples include firewalls, antivirus software, and encryption. *Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/Network_security).*

Answer 99

Dividing a larger network into smaller, isolated segments to enhance security and performance. ## Footnote Network segmentation involves dividing a larger network into smaller, isolated subnetworks to enhance security, performance, and manageability. By controlling the flow of traffic between segments, organizations can better contain security breaches and reduce the scope of potential attacks. Techniques for network segmentation include the use of VLANs, firewalls, and network access control lists. *For more information, view this lecture on [IP addresses, MAC addresses, and port numbers- Part 2.](https://courses.thorteaches.com/courses/take/cissp/lessons/19177405-ip-addresses-mac-addresses-and-port-numbers-part-2) Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/Network_segment).*

Answer 100

A tool for capturing and analyzing network traffic, used for diagnostics or, maliciously, for eavesdropping. ## Footnote A diagnostic tool that captures, analyzes, and records network traffic, network sniffers can be legitimate tools for network management or malicious means for eavesdropping. By examining data packets, network administrators can identify issues and optimize performance, while malicious actors can potentially capture sensitive information. *For more information, view this lecture on [Emanations and Covert Channels](https://courses.thorteaches.com/courses/take/cissp/lessons/18591390-emanations-and-covert-channels). Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/Packet_analyzer).*

Answer 101

Devices capturing a copy of network traffic for analysis without disrupting the data flow. ## Footnote Specialized hardware or software tools used in IT to create a mirror image of network traffic for monitoring and analysis purposes. By capturing this data, network administrators and security professionals can observe network performance and investigate potential security incidents without disrupting the flow of traffic. *Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/Network_tap).*

Answer 102

The physical or logical layout of network devices and their interconnections. ## Footnote The arrangement and layout of the various devices on a network, including the way in which they are connected and the logical relationship between them. Network topologies are used to determine the most efficient and effective way to connect devices on a network. Examples include star, bus, and ring topologies. *For more information, view this lecture on [LAN topologies.](https://courses.thorteaches.com/courses/take/cissp/lessons/19177530-lan-topologies) Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/Network_topology).*

Answer 103

Capturing and reviewing network traffic to understand data flow and detect potential security incidents. ## Footnote The process of capturing and reviewing network traffic in order to understand the nature of the traffic, optimize network performance, and detect any unusual or malicious activity. Network traffic analysis can help identify bottlenecks, threats like malware or unauthorized data exfiltration, and ensure efficient network operations. *For more information, view this lecture on [Network Performance and Traffic Management](https://courses.thorteaches.com/courses/take/cissp/lessons/54399148-new-2024-network-performance-and-traffic-management). Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/Traffic_analysis).*

Answer 104

Software for monitoring and analyzing network traffic to optimize performance and detect threats. ## Footnote Software programs that monitor and analyze the flow of data on a network, providing detailed information about network usage and performance. Network traffic analysis tools are used to identify potential security threats, optimize network performance, and diagnose problems on the network. Examples include Wireshark, NetFlow, and ntop. *For more information, view this lecture on [Network Performance and Traffic Management](https://courses.thorteaches.com/courses/take/cissp/lessons/54399148-new-2024-network-performance-and-traffic-management). Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/Traffic_analysis).*

Answer 105

A third-generation firewall incorporating traditional firewalling with advanced functionality for enhanced security. ## Footnote A part of the third generation of firewall technology, combining a traditional firewall with other network device filtering functionalities, such as an application firewall using in-line deep packet inspection (DPI) and intrusion prevention system (IPS). NGFWs include features like encrypted traffic inspection, intrusion prevention, web filtering, and antivirus protection, delivering more enhanced visibility and control to secure networks against modern threats. *For more information, view this lecture on [Firewalls Part 1](https://courses.thorteaches.com/courses/take/cissp/lessons/19178275-firewalls-part-1). Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/Next-generation_firewall).*

Answer 106

A point in a network that can send, receive, or forward information, like computers or network devices. ## Footnote Any device that can send, receive, or forward information over the network. This could include computers, printers, switches, or any other device connected to the network. Nodes play an essential role in network infrastructure and the distribution of data, where each one serves as a connection point within the network. *For more information, view this lecture on [Networking basics and definitions.](https://courses.thorteaches.com/courses/take/cissp/lessons/19177258-networking-basics-and-definitions) Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/Node_(networking)).*

Answer 107

Irrelevant or extraneous information that can interfere with data transmission in IT and cybersecurity. ## Footnote In the context of IT and cybersecurity, noise refers to irrelevant or extraneous information or signals that can obscure or interfere with the transmission and processing of data. Digital noise can be caused by electrical interference, signal crosstalk, or data corruption and may result in degraded system performance or errors in data communication. *Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/Noise_(signal_processing)).*

Answer 108

An antenna that radiates signals evenly across the horizontal plane. ## Footnote A wireless transmitting or receiving antenna that radiates or intercepts radio-frequency signals in all directions horizontally. These antennas are often used when broad coverage is required, such as in wireless networks where the position of the receiving device is not fixed or when a signal needs to be broadcast to multiple other points from one central location. *Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/Omnidirectional_antenna).*

Answer 109

A routing protocol for IP networks, finding the shortest route for data packets across a network. ## Footnote A routing protocol used in internet protocol networks to find the shortest path between devices. It is used in large enterprise networks to improve routing efficiency and fault tolerance. Examples include Cisco routers, Juniper routers, and Microsoft Azure virtual networks. *For more information, view this lecture on [Layer 1 to 3 networking devices.](https://courses.thorteaches.com/courses/take/cissp/lessons/19178219-layer-1-to-3-networking-devices) Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/Open_Shortest_Path_First).*

Answer 110

A model detailing the functions of a communication system across seven layers, from physical transmission to application-specific functions. ## Footnote A conceptual structure that standardizes the functions of a communication system into seven distinct categories known as layers. These layers, from highest to lowest, include the application, presentation, session, transport, network, data link, and physical layers. Each layer provides specific services that contribute to overall network communication, fostering interoperability between various hardware and software systems. *For more information, view this lecture on [The OSI model- Part 1.](https://courses.thorteaches.com/courses/take/cissp/lessons/19177264-the-osi-model-part-1) Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/OSI_model).*

Answer 111

An open-source cryptography toolkit implementing SSL/TLS protocols for secure communications. ## Footnote OpenSSL is a widely adopted cryptographic library that supports secure communications over networks using SSL/TLS protocols. It provides tools for encryption, decryption, certificate creation, and digital signatures, making it essential for developers and system administrators to implement robust security measures in web servers, applications, and network devices. *Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/OpenSSL).*

Answer 112

A framework for network protocol design, describing seven layers of functions from physical data transmission to application-level services. ## Footnote An abstract description for layered network protocol design. It consists of seven separate but related layers, each defining a part of the process of moving information across a network. This layering concept allows for the separation of concerns, facilitating interoperability and standardization of network protocols within their respective layers. *For more information, view this lecture on [The OSI model- Part 1.](https://courses.thorteaches.com/courses/take/cissp/lessons/19177264-the-osi-model-part-1) Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/OSI_model).*

Answer 113

Using a secondary channel for communication, separate from the primary data channel, often enhancing security in network operations and management. ## Footnote A method of transmitting information using a separate communication channel from the primary data channel. It is commonly used in networking and cybersecurity to provide alternative access to systems and networks in case of failures or other emergency situations. Examples of OOB communication include dial-up modems and satellite links.

Answer 114

Oversubscription happens when service providers allocate resource capacity greater than what they can physically support, assuming not all customers use peak resources simultaneously. ## Footnote Commonly seen in network bandwidth or cloud hosting, oversubscription lowers costs by pooling unused capacity. If many customers suddenly need maximum resources, performance may degrade. Balancing oversubscription requires accurate forecasting, traffic shaping, and quality-of-service guarantees. Providers monitor consumption, adding resources as needed. While economically efficient, oversubscription risks spikes in latency or downtime if demand surges beyond planned thresholds. *For more information, view this lecture on [Networking basics and definitions.](https://courses.thorteaches.com/courses/take/cissp/lessons/19177258-networking-basics-and-definitions)*

Answer 115

A unit of data sent across a network, containing both the payload and control information for routing. ## Footnote A unit of data routed between an origin and a destination in a network. Packets are the basic units that carry data in network communications, enabling information to be segmented, transmitted, routed, and received across diverse systems and devices. The security of packet transmission can be enhanced with various mechanisms like encryption to protect the data from interception or tampering during transit. *For more information, view this lecture on [Networking basics and definitions.](https://courses.thorteaches.com/courses/take/cissp/lessons/19177258-networking-basics-and-definitions) Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/Network_packet).*

Answer 116

The process of capturing and studying data packets on a network, used for diagnostics and security monitoring. ## Footnote The process of capturing data packets transmitted over a network for analysis. This is a critical method for diagnosing network performance issues and identifying potential security incidents. Tools for packet capture allow inspection of individual packets and their content, which can help in troubleshooting and diagnosing network problems, as well as investigating suspicious activities. *Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/Packet_analyzer).*

Answer 117

Examining and controlling data packets based on predefined criteria, used to regulate network traffic for security purposes. ## Footnote A technique where packets of data are analyzed while they are traversing a network interface. Depending on predefined criteria such as IP addresses, protocols, port numbers, or other packet attributes, the packet filter can block or allow packets to pass through. This is commonly used in firewalls and routers as a basic method to control incoming and outgoing network traffic, providing a first line of defense against malicious activities. *For more information, view this lecture on [Firewalls Part 1](https://courses.thorteaches.com/courses/take/cissp/lessons/19178275-firewalls-part-1). Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/Packet_filtering).*

Answer 118

A diagnostic tool testing the reachability of network hosts and measuring data travel times. ## Footnote A utility used to test the reachability and round-trip time of a network host. PING is commonly used by IT professionals to diagnose network connectivity issues and monitor the performance of a network. For example, a user may use PING to check if a website is online, measure the response time of a server, or verify that a remote device is reachable. *Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/Ping_(networking_utility)).*

Answer 119

The failure of data packets to reach their intended destination in a network. ## Footnote Packet Loss occurs when one or more data packets transmitted over a network fail to arrive at their target due to congestion, errors, or faulty equipment. This phenomenon degrades communication quality and can lead to retransmissions, reduced throughput, and overall decreased network performance. Minimizing packet loss is essential for ensuring smooth, reliable data transfers, especially in high-performance and real-time applications. *For more information, view this lecture on [Network Performance and Traffic Management](https://courses.thorteaches.com/courses/take/cissp/lessons/54399148-new-2024-network-performance-and-traffic-management). Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/Packet_loss).*

Answer 120

Monitoring network traffic to capture and analyze data packets, often for security or diagnostic purposes. ## Footnote The process of monitoring and capturing all data packets passing through a given network using a software tool known as a packet sniffer. It is commonly used for troubleshooting network issues and detecting security threats. Packet sniffing can reveal valuable information, such as usernames and passwords, which is why it's crucial to employ encryption measures when transmitting sensitive information. *For more information, view this lecture on [The OSI model- Part 1.](https://courses.thorteaches.com/courses/take/cissp/lessons/19177264-the-osi-model-part-1) Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/Packet_analyzer).*

Answer 121

A method of data transmission where messages are broken into packets, each taking the best available route to the destination. ## Footnote A mode of data transmission where a message is broken into several packets. Each packet is then sent individually, possibly via different routes, and reassembled at the destination. This method is efficient and robust, allowing for rerouting of packets if a connection is lost or if there is a more efficient route. In contrast to circuit-switching, which requires a dedicated connection, packet switching allows networks to handle more traffic with the same resources. *For more information, view this lecture on [Networking basics and definitions.](https://courses.thorteaches.com/courses/take/cissp/lessons/19177258-networking-basics-and-definitions). Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/Packet_switching).*

Answer 122

A protocol that transports authentication information over IP networks for access control. ## Footnote PANA is a network protocol designed to facilitate the exchange of authentication data between devices and network access servers. It decouples the authentication process from specific link-layer protocols, providing flexibility and scalability in diverse network environments. By standardizing the authentication exchange over IP, PANA enhances security and interoperability across various access control systems. *For more information, view this lecture on [Network authentication protocols.](https://courses.thorteaches.com/courses/take/cissp/lessons/19178311-network-authentication-protocols). Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/PANA).*

Answer 123

A decentralized network model where each participant has equal capabilities and can directly interact with others. ## Footnote A type of network structure where each computer has the same capabilities and functions, allowing it to act as both a client and a server. It is used in networking to allow for decentralized communication and data sharing. Examples include BitTorrent and Skype. *For more information, view this lecture on [Virtualization, Cloud, and Distributed Computing - Part 4](https://courses.thorteaches.com/courses/take/cissp/lessons/18591381-virtualization-cloud-and-distributed-computing-part-4). Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/Peer-to-peer).*

Answer 124

PEM is an early standard for securing email communications using cryptographic privacy and authentication, often associated with a Base64-encoded certificate file format. ## Footnote Though largely superseded by newer protocols like S/MIME or PGP for email encryption, PEM remains relevant in the broader context of certificates and key exchange. The .pem file extension commonly stores public/private keys, root certificates, or entire certificate chains. By providing a consistently encoded format, PEM preserves compatibility across diverse TLS implementations, ensuring secure data exchange. *For more information, visit this [Wikipedia page](https://en.wikipedia.org/wiki/Privacy_Enhanced_Mail).*

Answer 125

A network for interconnecting devices in an individual's immediate vicinity, like Bluetooth. ## Footnote A network arrangement that interconnects devices within the reach of an individual person, typically within a range of 10 meters. This could include devices such as smartphones, laptops, wearable devices, or smart home devices. The security considerations for a PAN involve ensuring secure communications between devices, controlling access to devices, and protecting the data stored or transmitted within the network. *For more information, view this lecture on [Networking basics and definitions.](https://courses.thorteaches.com/courses/take/cissp/lessons/19177258-networking-basics-and-definitions). Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/Personal_area_network).*

Answer 126

PFX is a Microsoft binary format, also known as PKCS #12, bundling private keys, certificates, and any associated trust chain securely in one file. ## Footnote Commonly used for importing and exporting credentials, PFX files are password-protected to safeguard sensitive private keys. They facilitate certificate management and deployment across servers or user devices, ensuring the correct trust relationships are maintained. PFX usage demands careful handling and strong passphrases. Properly stored and managed PFX files underpin secure authentication, digital signing, and encryption infrastructures.

Answer 127

Assigning unique identifiers to network devices for communication, like MAC or IP addresses. ## Footnote The process of assigning a unique identifier to each device on a network, such as a MAC address or IP address. This allows devices to communicate with each other by sending and receiving data over the network. Physical addressing is used to identify and locate devices on a network and to enable communication between them. For example, a computer may use its physical address to send a request for data to a server, and the server will use its physical address to respond to the requested data. *For more information, view this lecture on [IP support protocols - Part 1.](https://courses.thorteaches.com/courses/take/cissp/lessons/19177457-ip-support-protocols-part-1). Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/MAC_address).*

Answer 128

The OSI model's layer defining physical network characteristics like transmission media and signaling. ## Footnote The lowest layer of the OSI model, which defines the physical characteristics of a network, such as the transmission media, connectors, and signaling methods. It is used in the field of information technology to ensure the reliable and efficient transmission of data across a network. 3 examples of physical layer components are network cables, network switches, and network adapters. *For more information, view this lecture on [The OSI model- Part 1.](https://courses.thorteaches.com/courses/take/cissp/lessons/19177264-the-osi-model-part-1). Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/Physical_layer).*

Answer 129

A network utility to test connectivity, measuring response time between two devices. ## Footnote A network utility used to test the connectivity and responsiveness of a networked device or server. It works by sending a small packet of data to the target device and measuring the time it takes for the device to respond. It is used in the field of information technology to diagnose and troubleshoot network connectivity issues. 3 examples of using ping are checking the connectivity of a website, verifying the availability of a network server, and troubleshooting network latency issues. *For more information, view this lecture on [IP support protocols - Part 1.](https://courses.thorteaches.com/courses/take/cissp/lessons/19177457-ip-support-protocols-part-1). Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/Ping_(networking_utility)).*

Answer 130

A cyber-attack using excessive ping requests to overwhelm a server and cause a denial of service. ## Footnote A type of cyber-attack that involves sending a large number of ping requests to a server or network in an attempt to overwhelm it and cause a denial of service. It is used in network security to identify vulnerabilities and test the resilience of systems. Examples include sending excessive ping requests to a server to overwhelm its resources and cause it to crash or using a ping flood to disrupt a network's communication and prevent access to important services. *For more information, view this lecture on [The OSI model- Part 2.](https://courses.thorteaches.com/courses/take/cissp/lessons/22712043-the-osi-model-part-2). Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/Denial-of-service_attack#ICMP_flood).*

Answer 131

An outdated attack using oversized ping packets to crash older, vulnerable systems. ## Footnote The Ping of Death (PoD) attack is an older network attack method that involves sending malformed or oversized ping packets that exceed the maximum packet size allowed by the IP protocol. By exploiting this vulnerability, an attacker could potentially cause the target system to freeze, crash, or reboot. However, modern systems and network equipment are largely immune to this type of attack due to improved standards and security measures. *For more information, view this lecture on [The OSI model- Part 2.](https://courses.thorteaches.com/courses/take/cissp/lessons/22712043-the-osi-model-part-2). Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/Ping_of_death).*

Answer 132

Traditional analog telephone service using copper wires for voice communication. ## Footnote A traditional analog telephone system that uses copper wire to transmit voice signals over long distances. It is used in telecommunications to provide basic voice services to customers. Examples include landline phone systems in homes and businesses, payphones, and emergency telephone systems. *For more information, visit this [Wikipedia page](https://en.wikipedia.org/wiki/Plain_old_telephone_service).*

Answer 133

The boundary where responsibility for network services is divided between entities. ## Footnote A Point of Demarcation is a defined physical or logical boundary that separates the responsibilities of different network providers, such as between a customer and an Internet Service Provider. It marks the point of handoff for equipment, maintenance, and security management. Establishing a clear demarcation is critical for troubleshooting, enforcing service level agreements, and managing network responsibilities effectively. *For more information, view this lecture on [Site selection- Part 1.](https://courses.thorteaches.com/courses/take/cissp/lessons/19149825-site-selection-part-1). Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/Demarcation_point).*

Answer 134

A physical location that connects users to a network service provider. ## Footnote A Point of Presence (PoP) is a physical site where a network service provider maintains equipment to facilitate connectivity and data exchange with end users. PoPs help reduce latency, manage traffic, and provide regional access to services such as internet connectivity, content distribution, and telecommunication networks. *For more information, view this lecture on [Secure Access Service Edge](https://courses.thorteaches.com/courses/take/cissp/lessons/54398562-new-2024-sase-secure-access-service-edge). Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/Point_of_presence).*

Answer 135

A direct communication link between two specific devices for exclusive data transfer. ## Footnote A communication link established between two specific devices to facilitate exclusive data transfer between them. This mode of communication is widely employed in networks to ensure that data can travel from one fixed location to another without being interrupted or accessed by unauthorized entities. It is often used in telecommunications and computing, often forming the basis for more complex network topologies. *For more information, view this lecture on [Network authentication protocols.](https://courses.thorteaches.com/courses/take/cissp/lessons/19178311-network-authentication-protocols). Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/Point-to-point_(telecommunications)).*

Answer 136

A data link protocol for direct communication between two network nodes. ## Footnote A data link layer communication protocol primarily used to establish a direct connection between two nodes in a network. It provides authentication, encryption, and compression features to make the data transmission secure and efficient. PPP was commonly used in dial-up internet connections, and it is still a foundational protocol in several forms of network connection, including DSL and VPNs, facilitating robust and secure communication. *For more information, view this lecture on [Network authentication protocols.](https://courses.thorteaches.com/courses/take/cissp/lessons/19178311-network-authentication-protocols). Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/Point-to-Point_Protocol).*

Answer 137

An older VPN protocol encapsulating PPP packets for secure transmission. ## Footnote Point-to-Point Tunneling Protocol (PPTP) is an older VPN protocol used to implement virtual private networks, offering encapsulation of PPP packets over IP for the creation of a VPN over a TCP/IP-based network. While it has been widely deployed, it's considered less secure than other VPN protocols due to known vulnerabilities and is, therefore, less recommended for use in sensitive communications. *For more information, view this lecture on [Network authentication protocols.](https://courses.thorteaches.com/courses/take/cissp/lessons/19178311-network-authentication-protocols). Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/Point-to-Point_Tunneling_Protocol).*

Answer 138

A logical connection point for data exchange in network communications, identified by a number and protocol. ## Footnote A specific virtual point where data is exchanged between a device and the network. Each port corresponds to a unique number and specific protocol, serving as a communication endpoint for applications to exchange data using protocols like TCP or UDP. Ports enable the host device to manage multiple connections simultaneously, with each application or service using a distinct port number to avoid data mix-up. *For more information, view this lecture on [IP addresses, MAC addresses, and port numbers- Part 1.](https://courses.thorteaches.com/courses/take/cissp/lessons/19177398-ip-addresses-mac-addresses-and-port-numbers-part-1). Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/Port_(computer_networking)).*

Answer 139

A technique allowing multiple devices on a network to share a single public IP address. ## Footnote A technique used in networking to enable multiple devices on a private network to share a single public IP address. It is commonly used in home and small business networks to conserve IP addresses and improve network efficiency. For example, a router using PAT can allow multiple devices on a home network to access the Internet using a single public IP address. *For more information, view this lecture on [IP addresses, MAC addresses, and port numbers- Part 3.](https://courses.thorteaches.com/courses/take/cissp/lessons/22874065-ip-addresses-mac-addresses-and-port-numbers-part-3). Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/Network_address_translation#One-to-many_NAT).*

Answer 140

A security technique involving a sequence of connection attempts used to validate access to a network service. ## Footnote Port knocking is a security technique that involves a series of connection attempts to a sequence of closed ports. If the correct sequence is received, the system will open a specific port or initiate some other predefined action. This "knock" acts like a secret handshake to authorize access, and because the ports are usually closed, the protected service remains invisible to port scans. *For more information, visit this [Wikipedia page](https://en.wikipedia.org/wiki/Port_knocking).*

Answer 141

Controls on a network switch port that restrict connections and limit MAC addresses to secure the network. ## Footnote A set of rules and parameters applied on a network switch port to secure the network by controlling who can connect to it and limiting the number of MAC addresses allowed on a single port. This feature can prevent unauthorized access by disabling the port or sending an alert if an unexpected device is detected. It helps protect the network from threats like MAC flooding, which can lead to a denial of service. *For more information, view this lecture on [WiFi - Part 1](https://courses.thorteaches.com/courses/take/cissp/lessons/19178193-wifi-part-1). Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/MAC_filtering#Port_security).*

Answer 142

A protocol for retrieving emails from a server to a local device for offline access. ## Footnote A protocol used for receiving email. It is commonly used by email clients to retrieve messages from a server for local storage and access. For example, a user may configure their email client to use POP to retrieve messages from their email account, allowing them to access their email even when offline. *For more information, view this lecture on [IP support protocols - Part 2.](https://courses.thorteaches.com/courses/take/cissp/lessons/23142530-ip-support-protocols-part-2) Or view this lecture on [IP addresses, MAC addresses, and port numbers- Part 1.](https://courses.thorteaches.com/courses/take/cissp/lessons/19177398-ip-addresses-mac-addresses-and-port-numbers-part-1). Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/Post_Office_Protocol).*

Answer 143

A protocol encapsulating PPP frames within Ethernet frames for secure internet connections. ## Footnote A network protocol that encapsulates PPP frames inside Ethernet frames. It combines the point-to-point and Ethernet network technologies, enabling a single, direct connection between users and the internet service provider. With built-in security and error detection features, PPPoE is often used in both home and corporate internet connections. *For more information, visit this [Wikipedia page](https://en.wikipedia.org/wiki/Point-to-Point_Protocol_over_Ethernet).*

Answer 144

An IP addressing scheme indicating the network portion of an address, defining routing paths. ## Footnote An IP addressing scheme that indicates the network portion of the address. It determines how many of the leading bits will represent the network address, and the remaining bits will represent the host. In an IPv6 address, for example, a /64 prefix indicates that the first 64 bits of the address are the network part, with the remaining bits identifying the specific host. This structure aids in routing data packets correctly across networks. *For more information, view this lecture on [IP addresses, MAC addresses, and port numbers- Part 3.](https://courses.thorteaches.com/courses/take/cissp/lessons/22874065-ip-addresses-mac-addresses-and-port-numbers-part-3)*

Answer 145

The OSI model layer standardizing data formats for application-level understanding and communication. ## Footnote The sixth level in the seven-layer Open Systems Interconnection (OSI) model, which standardizes functionalities of networking or telecommunication systems. This layer ensures that the data transmitted between systems is in a usable format and is responsible for tasks such as data compression, encryption, and translation of network data into a format that can be understood by application layer protocols. This plays a significant role in maintaining data integrity and privacy. *For more information, view this lecture on [The OSI model- Part 2.](https://courses.thorteaches.com/courses/take/cissp/lessons/22712043-the-osi-model-part-2) Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/Presentation_layer).*

Answer 146

A secret key distributed between parties prior to encryption or authentication processes. ## Footnote A cryptographic key that is shared between parties before it is used for encryption or authentication purposes. PSKs are commonly used in various forms of secure communication methods, such as wireless networks (like WPA-PSK in Wi-Fi networks) or in VPN connections, to establish a secure channel over an otherwise insecure medium. Despite its simplicity and efficiency, PSK should be used with caution due to potential security risks if the key is compromised. *For more information, view this lecture on [Authentication protocols - Part 1](https://courses.thorteaches.com/courses/take/cissp/lessons/19179828-authentication-protocols-part-1) Or visit this [Wikipedia page](https://en.wikipedia.org/wiki/Pre-shared_key).*

Domain 4.1: Communication and Network Security Flashcards

Understand key network and communication security terms, protocols, and architectures.