Network+ Flashcards
(170 cards)
1
Q
OSI model layers
A
- Physical
- Data Link
- Network
- Transport
- Session
- Presentation
- Application
2
Q
which OSI layer handles IP addresses?
A
Layer 3 - Network
3
Q
Which OSI layer deals with MAC addresses?
A
Layer 2 - Data Link
4
Q
Which OSI layer assembles and disassembles packets?
A
Layer 4 - Transport
5
Q
Which OSI layer uses port numbers?
A
Layer 5 - Session
6
Q
length of a frame
A
up to 1500 bytes
7
Q
where is a game generated and eaten up?
A
NIC
8
Q
device that connects host to a central location where they share bandwidth
A
hub
9
Q
command to display MAC addresses
A
ipconfig /a
10
Q
length of a MAC address
A
48 bits
11
Q
device that connects multiple LANs
A
router
12
Q
device that connects multiple hosts within the same network
A
switch
13
Q
what is the current standard for coaxial cabling?
A
RG-6
14
Q
what is the resistance of RG-6?
A
75 Ohms
15
Q
most common RG-6 connector
A
F-type
16
Q
type of cable where two inner conductors share an outer conductor
A
twinaxial/twinax cable
17
Q
advantages of coaxial cable
A
resistant to EMI
resistant to physical damage
18
Q
disadvantages of coaxial cable
A
inflexible
expensive
19
Q
max distance of UTP
A
100 meters
20
Q
difference between multimode and single mode fiber optic cabling
A
multimode uses LED signals, single mode uses lasers
21
Q
standard that defines ethernet
A
IEEE 802.3
22
Q
components of an ethernet frame
A
preamble, destination MAC, source MAC, data type, data, pad, FSC (frame check sequence)
23
Q
ITA/EIA-568A wire order
A
Brown, Brown/White, Orange, Blue/White, Blue, Orange/White, Green, Green/white
24
Q
TIA/EIA-568B color order
A
Brown, Brown/White, Green, Blue/White, Blue/Green/White. Orange, Orange/White
25
type of port on a switch that allows you to use a straight through cable instead of a crossover cable
uplink port
26
protocol that delegates one switch to be in charge and prevent switching loops
spanning tree protocol (STP)
27
netstat -n
presents results numerically
28
netstat -b
shows executable for every connection
29
netstat -o
shows executable and process ID for every connection
30
netstat -a
shows all active ports
31
netstat -r
shows the local routing table (identical to route print)
32
tool that lists all open ports and network connections on your computer
netstat
33
what are the two most popular web server softwares?
Microsoft IIS and Apache (open source)
34
protocol analyzer that's integrated with a frame capture tool
wireshark
35
a command that's a variant of ping and quicker than tracert
pathping
36
tool that verifies the upload and download speeds to an individual computer
bandwidth speedtester
37
protocol analyzer integrated with a frame capture tool
wireshark
38
netstat -n
presents results numerically
39
netstat -b
shows executable for every connection; needs admin
40
netstat -o
shows executable and process ID for every connection
41
netstat -a
shows all active ports
42
netstat -r
shows the local routing table
43
IP version that uses A Record
IPv4
44
IP version that uses AAAA Record
IPv6
45
an algorithm that does not encrypt but verifies data, creates a fixed size hash value
cryptographic hash
46
what are two common hashes?
MD5 and SHA-1
47
an access control that uses labels
Mandatory Access Control (MAC)
48
access control that gives creators control over permissions and provides more flexibility
Discretionary Access Control (DAC)
49
access control that assigns rights and permissions to a group
Role-based Access Control (RBAC)
50
client that handles authentication requests from supplicants and provides AAA
RADIUS client
51
a bridging device that connects into an ethernet network and communicates via radio waves to wireless clients
WAP
52
the method used to prevent wireless collisions
CSMA/CA (carrier sense multiple access with collision avoidance)
53
what are the current fastest 802.11 standards?
802.11n and 802.11ac
54
type of antenna used on exterior walls
patch antenna
55
encryption protocol used with WPA
Temporal Key Integrity Protocol (TKIP)
56
type of encryption protocol used with WPA2
CCMP-AES
57
What are three ways to implement wireless security?
- disable SSID broadcast
- use MAC filtering
- limit the number of DHCP-issued addresses
58
difference between rogue access points and evil twins
evil twins are intentional, rogue access points can be accidental
59
monitors traffic, sets up various zones or access areas, and define services' access to specific WAP destination
wireless controller
60
environmental issues that can affect the wireless signal
interference, reflections, and absorption
61
what are some sources of interference?
other WAPs, wireless mice and keyboards, and microwaves
62
enablles virtualization to occur and emulates the physical hardware
hypervisor
63
disk storage delivered as a service over TCP/IP (file level)
Network Attached Storage (NAS)
64
specialized LAN that transfers data at block-level with a special protocol
Storage Area Network (SAN)
65
what two types of connections do SANs use?
Fibre Channel (FC) or iSCSI
66
lowers cost and relies on configuration that allows jumbo frames over the network
IP Small Computer System Interface (iSCSI)
67
virtualized storage technology that uses a switched fabric topology and features very high throughput and very low latency
InfiniBand
68
provides an easy-to-use front end to configure physical and virtual devices throughout the network
software-defined networking (SDN)
69
hypervisor that runs on top of the OS
Type 2 hypervisor
70
hypervisor that boots off of the system
Type 1 or bare metal
71
What are three benefits of virtualization?
1. saves power
2. hardware consolidation
3. system recovery
72
aspects of cloud computing
scalability, elasticity, multitenancy, security implications
73
the management of infrastructure in a descriptive model, using the same versioning as developers use for source code
Infrastructure as Code (IaC)
74
a network architecture that describes how physical network devices will be virtualized
Network Function Virtualization (NFV)
75
What are five ways to help ensure high availability of data?
- redundancy protocols
- load balancing
- clustering
- uninterruptible power supplies (UPSes)
- generators
76
what are the three layers connected by three-tiered architecture in the classic data center?
access, distribution, and core
77
What are five hardening techniques for IoT devices?
- use separate SSID
- create a long PSK
- put device(s) on a separate VLAN
- periodically update firmware
- use access control lists (ACLs)
78
What are the four steps of the forensic process?
1. secure the area
2. document the scene
3. collect evidence
4. interface with authorities (submit forensics report)
79
What type of attack can DHCP servers be used to perform?
on-path (man-in-the-middle)
80
Data traveling through which layers of the OSI model does de-encapsulation take place?
Layers 1 to 7
81
method used on Layer 2 of the OSI model in 802.1q to identity ethernet traffic as part of a specific VLAN
tagging
82
on which layer of the OSI model does tunneling take place?
Layer 2
83
tool used to create long fiber optic cable lengths by combining multiple cables together, or to repair a break in a fiber optic cable
fusion splicer
84
the process of varying one or more properties of a periodic waveform, called the carrier signal, with a separate signal that typically contains information to be transmitted
modulation
85
what are three common types of modulation?
- Orthogonal frequency-division multiplexing (OFDM)
- Quadrature Amplitude Modulation (QAM)
- Quadrature Phase-shift keying (PSK)
86
space between floors used to circulate air conditioning ductwork, piping, electrical an network cables throughout the building
plenum
87
flag used to terminate a connection between two hosts when the sender believes something has gone wrong with the TCP connection between them
RST (reset)
88
flag used to request that the connection be terminated. This usually occurs at the end of a session and allows for the system to release the reserved resources that were set aside for this connection
FIN (finish)
89
flag that is set in the first packet sent from the sender to a receiver as a means of establishing a TCP connection and initiating a three-way handshake
SYN (synchronization)
90
what are the seven severity levels?
0 - emergency, system unstable
1 - alert condition, needs correction immediately
2 - critical condition, failure in the system's primary application, requires immediate attention
3 - error condition, something preventing proper function
4 - warning condition, error may occur if action not taken soon
5 - notice condition, unusual events
6 - information condition, no action required
7 - debugging condition, info for developers
91
type of antenna for outside wireless applications where you want directional control of the signal and over longer distances
parabolic
92
type of unidirectional antenna that can focus the transmission over a long distance
yagi
93
a standardized protocol designed to exchange routing and reachability information between autonomous systems on the internet
Border Gateway Protocol (BGP)
94
SNMPv3 option that ensures that the communications are sent with authentication and privacy
authPriv
95
maximum amount of data, measured in time, that an organization is willing to lose during an outage
RPO (recovery time objective)
96
implementation where separate DNS servers are provided for security and privacy management for internal and external networks
Split Domain Name System (Split DNS)
97
security feature that enables an interface to retain dynamically learned MAC addresses when the switch is restarted or if the interface goes down and is brought back online
port security
98
most common way to perform an on-path attack on a wireless network
evil twin
99
802.3ad protocol used to group numerous physical ports to make one high bandwidth path
LACP (Link Aggregation Control Protocol)
100
authentication protocol developed by Cisco that provides authentication, authorization, and accounting services
TACACS+
101
which OSI layer do ATM cells operate at?
Data Link (Layer 2)
102
maximum rate of data transfer across a given network
bandwidth
103
what tool would you use to determine where a cable break occured
time-domain reflectometer
104
an attack where the attacker sends a large number of requests to one or more legitimate DNS servers while using a spoofed source IP of the targeted victim. The DNS server then replies to the spoofed IP and unknowingly floods the targeted victim with responses to DNS requests that it never sent.
reflective DNS attack
105
two methods of allowing multiple devices on a LAN to be mapped to a single public IP address to conserve IP addresses
NAT (network Address Translation) and PAT (Port Address Translation)
106
technique where private IP addresses are translated into public IP addresses
NAT (Network Address Translation)
107
technique where private IP addresses are translated into a single public IP address and their traffic is segregated by port numbers
PAT (Port Address Translation)
108
tool used to measure the magnitude of an input signal's frequency
spectrum analyzer
109
tool used to accurately identify the location of a cable pair or conductor within a wiring bundle, cross-connection point, or at the remote end
tone generator
110
tool that measures the voltage, resistance, and amperage of a cable or conduit
multimeter
111
tool used to verify the electrical connections in a twisted pair or coaxial cable
cable tester
112
tool used to certify the performance of new fiber optics links and detect problems with existing fiber links, can provide an approx. location of a break
Optical Time Domain Reflectometer (OTDR)
113
IPv6 communication type that sends a packet to the nearest interface that shares a common address in a routing table
anycast
114
approach to security that unified endpoint security tech, user or system authentication, and network security enforcement. Restricts access to authorized devices by placing it into an automated testing area first
Network Access Control (NAC)
115
network authentication protocol that opens ports for network access when an organization authenticates a user's identity and authorizes them for access to the network
IEEE 802.1x
116
At which layer of the OSI model do ping requests occur?
Layer 3 (Network Layer)
117
what are the software defined networking layers?
Application - communication resource requests or info about the network
Control - uses information from the applications to decide how to route a data packet on the network
Infrastructure - switches and routers, physical hardware
Infrastructure - physical networking devices
Management Plane - monitors traffic conditions, status of network, allows admin to oversee network operations
118
what mode do devices operate in when connected to a hub?
half-duplex
119
communication mode where devices cannot listen and talk at the same time
half-duplex
120
what network device allows devices to operate in full duplex mode?
switch
121
communication mode that allows devices to listen and talk simultaneously
full duplex
122
maximum distance of copper cables
100 meters
123
what happens to the speed of CAT 6 at 100 meters?
speed goes from 10 Gbps to 1 Gbps
124
what can the speed of CAT 6 be at under 55 meters?
10 Gbps
125
what is the distance range of multimode fibers?
200 - 500 meter range
126
which is better for longer distances, single mode or multi mode fibers?
single mode
127
what does S is not Single mean?
Ethernet standards with S in the name are multimode, not single mode
ex. 100BASE-SX = multimode
128
which ethernet standard works with both single mode and multimode?
1000BASE-LX
129
what is IEEE 802.3ad?
link aggregation
130
what is the ethernet standard for power over ethernet?
PoE 802.3af
131
what is the ethernet standard for power over ethernet plus?
PoE+ 802.3at
132
what is the wattage of PoE 802.3af?
15.4 watts
133
what is the wattage of PoE+ 802.3at?
25.5 watts
134
what is 802.1x used for?
user authentication
135
flag used to ensure data is given priority and is processed at the sending or receiving ends
PSH (push)
136
what is the ideal range for humidity?
40-60%
137
type of trap message that has a OID to distinguish each message as a unique message being received using SNMP
granular
138
the structure of the management data of a device subsystem using a hierarchical namespace containing object identifiers (OID)
Management Information Base (MIB)
139
SNMP trap that may be configured to contain all information about a given alert or event
verbose
140
in SNMP, asynchronous notifications sent from the managed agent to the manager to notify it of significant events in real time
trap messages
141
a method of preventing routing loops in distance-vector routing protocols by prohibiting a router from advertising a route back onto the interface from which it was learned
split-horizon route advertisement
142
a method to prevent a router from sending packets through a route that has become invalid within computer networks by changing the route's metric to a value that exceeds the maximum allowable hop count so that the route is advertised as unreachable
route poisoning
143
tool used to connect a network cable (such as Cat 5e) to a patch panel, 110-block, or the inside portion of a wall jack
punchdown tool
144
tool used to join the internal wires of a twisted pair cable with metallic pins housed inside a plastic connector, such as an RJ-45 connector
cable crimper
145
type of attack by stealing or predicting a valid session token to gain unauthorized access to the web server
session highjacking
146
an unintended connection between two points in a cable or wire allowing current to flow where it should not
short
147
occurs within a twisted pair cable when the pairs become untwisted or no shielding or insulation remains
crosstalk
148
standard used to define VLAN tagging for Ethernet frames and the accompanying procedures to be used by bridges and switches in handling such frames
IEEE 801.q
149
standard that defines STP (Spanning Tree Protocol)
IEEE 802.1d
150
what devices are used to split up broadcast domains?
Router
151
devices that split up broadcast domains
routers, VLANs, layer 3 switch
152
a password-based authentication protocol used by Point to Point Protocol (PPP) to validate users
Password Authentication Protocl (PAP)
153
an approach to cybersecurity in which a series of defensive mechanisms are layered in order to protect valuable data and information
Defense in Depth
154
provides a method to control the bonding of several physical ports to form a single logical channel
LACP (Link Aggregation Protocol)
155
a mechanism used within computer network infrastructures to speed up the time it takes a data packet to flow from one node to another. The label-based switching mechanism enables the network packets to flow on any protocol
MPLS (Multi-protocol label switching)
156
Which remote access tool that allows you to connect to a desktop remotely and see their screen is open-source?
VNC (Virtual Network Computing)
157
an attack where the attacker is able to send traffic from one VLAN into another by either double tagging the traffic or conducting switch spoofing
VLAN Hopping
158
what is the first flag used in a three way handshake?
SYN
159
type of denial of service attack that targets communication between a user and a Wi-Fi wireless access point by causing the wireless client to disconnect from the wireless network and then reconnect, during which time an attacker can conduct a packet capture of the authentication handshake and use that to attempt to brute force the network's pre-shared key
deauthentication attack
160
a broadcast domain that is partitioned and isolated in a computer network at the data link layer.
VLAN
161
type of data center that is equipped but no customer data
warm site
162
which wireless standard uses MU-MIMO on non-overlapping channels to increase the wireless network's bandwidth?
802.11ac
163
technology that allows a wireless access point to communicate with multiple devices simultaneously to decrease the time each device has to wait for a signal and dramatically speeds up the entire wireless network
MU-MIMO (Multi-user, Multiple-input, Multiple-output technology)
164
what happens to data in each layer of the OSI model?
Layers 5, 6, 7 - data transmitted
Layer 4 - data encapsulated into segments
Layer 3 - segments encapsulated into packets
Layer 2 - packets encapsulated into frames
Layer 1 - frames encapsulated into bits
165
DHCP security techniques that can configure a LAN switch to prevent malicious or malformed DHCP traffic or rogue DHCP servers
DHCP snooping
166
command used on a Cisco networking device to display the current state of the routing table for a given network device
show route
167
Which cellular technology is compromised of LTE and LTE-A to provide higher data speeds than previous cellular data protocols?
4G
168
the sending of unsolicited messages over Bluetooth to Bluetooth-enabled devices such as mobile phones, PDAs, or laptop computers, sending a vCard which typically contains a message in the name field to another Bluetooth-enabled device via the OBEX protocol.
bluejacking
169
cross-platform, open-source tool used to scan IP addresses and ports on a target network, and to detect running services, applications, or operating systems on that network's clients, servers, and devices
nmap, or Network Mapper
170
authentication protocol that uses strong encryption to securely send data over insecure networks
Kerberos
