Network Operations

Question 1

Device/Chassis sensors

Answer 1

Abnormal values can signal a problem

Question 2

Bandwidth

Answer 2

Amount of network use over time.
Excessive bandwidth could signal lack of available space, etc.

Question 3

Latency

Answer 3

A delay between request and response.
High latency signals a problem.

Question 4

Jitter

Answer 4

The time between frames. Excessive jitter can cause choppy calls/video.

Question 5

SNMP

Answer 5

Simple Network Management Protocol.
On a network, devices run an SNMP Agent that responds to queries (or just sends information to) from an SNMP Manager (a server).

Question 6

SNMP Traps

Question 7

SNMP OIDs

Answer 7

Object Identifiers. Statistics about devices, example: How many bytes have gone into a router interface?

Question 8

SNMP MIBs

Answer 8

Management Information Bases. A database of information that you can query for info (MIB II). Some proprietary MIBs also exist.

Question 9

Syslog

Answer 9

Message logging protocol that creates a consolidated log. Stored in a central logging receiver (SIEM)

Question 10

Logging Levels/Severity Levels

Answer 10

1. Emergency
2. Critical
3. Major
4. Minor
5. Warning
6. Notice
7. Info
8. Trace
9. Debug

Question 11

Speed/Duplex

Answer 11

Must match on both ends of a link.

Question 12

CRC errors

Answer 12

Typically caused by bad cable or interface.

Question 13

Giants

Answer 13

Frames that are more than 1518 bytes (when not using jumbo frames). Can indicate a communication problem.

Question 14

Runts

Answer 14

Frames that are less than 64 bytes - can be the result of a collision.

Question 15

Encapsulation Errors

Answer 15

Mismatch between switch tagging configurations (ISL / 801.2Q)

Question 16

Netflow Data

Answer 16

Gathers traffic statistics from all traffic flows. Consists of a probe and a collector. The probe collects data and sends it to the collector.

Question 17

Change Management

Answer 17

Clear policies to document a change to a device/ configuration, etc.

Question 18

Incident Response Plan

Answer 18

How to respond to security incidents:
Preparation
Detection/Analysis
Containment, Eradication, and Recovery
Post-Incident Activity

Question 19

Disaster Recovery Plan

Answer 19

How to keep things going after/during a disaster.

Question 20

Business Continuity Plan

Answer 20

Can involve manual/physical methods of doing things instead of using a computer

Question 21

System Life Cycle

Answer 21

Must include managing asset disposal (can data be kept? should it be kept? how to make sure it can’t be stolen)

Question 22

AUP

Answer 22

Acceptable Use Policy
Determines what is the acceptable use of company assets (Internet, telephones, computers, mobile devices). Used to limit legal liability

Question 23

DLP

Answer 23

Data Loss Prevention looks for sensitive data and blocks it from leaving the company network.

Question 24

Floor Plans

Answer 24

Overlays the wired and wireless network with existing architectural layout.
Can also be useful for patch panel labels to associate a desk with a number.

Question 25

Physical Network Map

Answer 25

Shows how each physical device is connected to the others (physical wires and devices). Can include rack locations.

Question 26

Distribution frame

Answer 26

Passive cable termination with punch down blocks or patch panels.

Question 27

MDF

Answer 27

Main Distribution Frame - central point of the network; termination point for WAN links.

Question 28

IDF

Answer 28

Intermediate Distribution Frame - an extension of the MDF (for places with multiple floors, etc.)

Question 29

Logical Network maps

Answer 29

Gives you an overall view of connectivity for an organization. Shows WAN layout, application flows, etc.

Question 30

Site Survey

Answer 30

Samples wireless landscape of an area. Allows you to configure WAPs to avoid interference.

Question 31

Cold Site

Answer 31

(Recovery site) An empty building; no data, no hardware, no people, etc.

Question 32

Hot Site

Answer 32

An exact copy of your existing data center. Automated replication of data. Duplicate hardware, etc.

Question 33

Warm Site

Answer 33

Just enough to get going in event of a disaster.

Question 34

Cloud Site

Answer 34

Some cloud providers can provide resources for recovery processes.

Question 35

Active-passive redundancy

Answer 35

Two devices are installed and configured, but only one is operating at a time.

Question 36

Active-Active redundancy

Answer 36

Both devices are active at the same time.

Question 37

Diverse paths

Answer 37

Creating multiple paths for data to follow (example: more than one ISP)

Question 38

FHRP

Answer 38

First Hop Redundancy Protocol. Allows a router to take over as the default gateway if the default one fails.

Question 39

VRRP

Answer 39

Virtual Router Redundancy Protocol. The “default” router is a virtual machine.

Question 40

RTO

Answer 40

Recovery Time Objective. How long until it’s up and running

Question 41

RPO

Answer 41

Recovery Point Objective. How much data loss is acceptable, etc.

Question 42

Full backup

Answer 42

All files are backed up

Question 43

Differential backup

Answer 43

All files that have changed since the last FULL BACKUP are backed up.

Question 44

Incremental backup

Answer 44

All files that have changed since the last INCREMENTAL BACKUP are backed up. Leads to longer recovery times since the data must be reconstituted from the full backup + all incremental backups.

Question 45

Protocol analyzer

Answer 45

A tool used to analyze traffic in a network. It allows you to view frame contents.