Reading...
Play button
Play button
Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
59 Cards in this Set
- Front
- Back
|
What are the four factors to consider when choosing a device? |
Cost (often determines the features and capacity) |
|
|
How can redundancy be achieved?
|
Duplicate equipment, duplicate network links, redundant switch connections, multiple NICs. |
|
|
How can you ensure consistent availability for network resources?
|
Secure vital servers in a central location, protect that location from unauthorized access (both physically and logically), create redundancy in a server farm and configure redundant paths to those servers. |
|
|
What is a network application?
|
Software programs used to communicate on the network (web browser, e-mail clients).
|
|
|
What are application layer services?
|
Interface with the network and prepare data for transfer (file transfers or printer spooling). |
|
|
What's the difference between VoIP and IP telephony?
|
VoIP requires a voice enabled router to convert analog to IP packets while IP telephones do the analog to IP conversion themselves. IP telephony also uses a dedicated server for call control and signaling.
|
|
|
What are RTP and RTCP?
|
Real Time Protocol and Real Time Control Protocol. They enable the support of real time applications upon a network. It uses quality of service mechanisms.
|
|
|
What does scaling a network include?
|
Network documentation (logical and physical topology), device inventory, itemized IT budget and traffic analysis.
|
|
|
How should you go about determining how to manage network traffic?
|
Use a protocol analyzer during peak utilization on several network segments.
|
|
|
What categories of attacks can occur to a network?
|
Information theft, identity theft, data loss or manipulation and disruption of service.
|
|
|
What are the four physical threats to a network?
|
Hardware threats (physical damage)
Environmental threats (temperature and humidity) Electrical threats Maintenance threats (poor handling, insufficient replacement parts) |
|
|
What's a vulnerability
|
The degree of weakness inherent to every device in a network.
|
|
|
What kind of network security weaknesses must we be concerned with?
|
TCP/IP protocol weaknesses (HTTP, FTP and ICMP are inherently insecure)
Operating System weaknesses Network equipment weaknesses (throw passwords on things!) |
|
|
What kind of configuration vulnerabilities can you encounter?
|
Unsecured user accounts (poor passwords, no passwords)
Default settings remaining on a device |
|
|
What is a virus?
|
Malicious software attached to another program to execute a bad function. It requires user interaction and deployment.
|
|
|
What is a Trojan Horse?
|
A virus disguised as something else.
|
|
|
What is a worm?
|
A virus that self replicates across the network after successfully exploiting a system.
|
|
|
What are the three categories of network attacks?
|
Reconnaissance
Access Attacks Denial of Service |
|
|
What is a reconnaissance attack?
|
An unauthorized attempt to map or profile a network. This can include internet queries, ping sweeps, port scans and packet sniffing.
|
|
|
What is an access attack?
|
Exploits known vulnerabilities in authentication services, FTP and web services to gain access to databases. Includes password attacks, trust exploitation, port redirection and man in the middle attacks.
|
|
|
What is port redirection?
|
Uses a compromised host to pass traffic through a firewall that would otherwise be filtered.
|
|
|
What is a denial of service attack?
|
It is the most publicized type of attack and the most difficult to eliminate. Its ultimate aim is the prevent unauthorized access by consuming resources.
|
|
|
How does one mitigate a worm infestation?
|
Containment, inoculation, quarantine and treatment.
|
|
|
Why are firewalls good?
|
They perform packet filtering, application filtering and URL filtering.
|
|
|
What are different kinds of firewalls?
|
Appliance based (dedicated hardware)
Server based (runs on the OS) Integrated (adding firewall capabilities to an existing device) Personal (resides in the host operating system as an application) |
|
|
What is Cisco AutoSecure?
|
Secures a router by using a single command to disable common IP configurations that can be exploited. AKA Cisco routers for n00bs.
|
|
|
What's the guideline with patches?
|
Some patches can wait, security patches CANNOT.
|
|
|
Name some password guidelines.
|
No less than 8 characters (10+ preferred) |
|
|
What is a pass phrase?
|
Literally a password phrase. Uses spaces between words for a more complex password.
|
|
|
How can you set a minimum password length on a Cisco device?
|
In global config, type "security passwords min-length".
|
|
|
How can you block login after a certain number of unsuccessful attempts?
|
In global config, type "login block-for ___ (time in sec) attempts ___ (number of failed attempts) within ___ (time in seconds)".
|
|
|
How can you configure an exec time out?
|
In global config, type "exec-timeout ___ (time in mins)".
|
|
|
How do you enable SSH on a Cisco router?
|
1. Enter in domain name "ip domain-name _____"
2. Generate a key "crypto key generate rsa general-keys modulus ___ (size of bits)" 3. Create a username "username ____ secret ____" 4. Enable line inbound SSH with "login local" and "transport input SSH". |
|
|
When you ping a node in IOS, what does "!" indicate?
|
A successful ping.
|
|
|
When you ping a node in IOS, what does "." indicate?
|
Time expired while waiting for a response.
|
|
|
When you ping a node in IOS, what does "U" indicate?
|
ICMP message unreachable.
|
|
|
What does the "show interfaces" command display?
|
Displays device status including IP addresses, link status, etc.
|
|
|
What does the "show arp" command do?
|
Displays the arp cache (MAKE SURE I SAY ARP CACHE, NOT ARP TABLE).
|
|
|
What does "show ip route" command do?
|
Corresponds an IP address to an interface.
|
|
|
What does the "show protocols" command display?
|
Enabled protocols
|
|
|
What command displays the arp cache on a Windows machine?
|
arp -a
|
|
|
What command deletes the arp cache?
|
arp -d
|
|
|
What is CDP?
|
It's a Cisco proprietary protocol running at the data link layer. It automatically discovers and obtains information about neighboring Cisco device's hardware and software info.
|
|
|
What does the "show cdp neighbor detail" display?
|
Reveals the IP of neighboring devices, regardless of your ability to ping it. This helps determine if there are IP addressing errors.
|
|
|
CDP is enabled by default and can be dangerous. How do you disable it?
|
"no cdp run" in global config. To disable it on an interface, use "no cdp enable" in that line's config.
|
|
|
What does the "show file systems" command do?
|
Shows a list of available file systems on a Cisco device. Comes in read only, write only and read/write flavors.
|
|
|
What does an asterisk mean when it precedes a line when running "show files systems"?
|
Indicates the file system is in use.
|
|
|
What does a pound sign after a file system listing indicate when running "show files systems"?
|
Indicates that it is the currently active bootable file system.
|
|
|
How do you back up a configuration with TFTP?
|
1. "copy running-config tftp"
2. Enter the IP address to the FTP server 3. Enter the name you desire for the file |
|
|
How do you restore a configuration from an FTP server to a router?
|
1. "copy tftp running-config"
2. Enter the IP address to the FTP server 3. Enter the config's file name |
|
|
What can Cisco devices use USBs for?
|
Secondary storage (multiple configs, versions, etc) and an additional boot device.
|
|
|
What sizes can Cisco compatible USBs be?
|
24, 128 and 256 MBs.
|
|
|
What file system must Cisco compatible USBs use?
|
FAT16
|
|
|
How do you back up a router config onto a USB?
|
1. Run "show file systems to ensure the USB is seen".
2. Run "copy run ____ (USB's name) 3. IOS prompts for file name |
|
|
How do you restore a configuration from a USB to a router?
|
"copy ____ (USB's name) ___ (router's name)-config running config
|
|
|
Explain WEP properties.
|
Supports 64, 128 and 256 keys. They are static only.
|
|
|
Explain WPA properties
|
Supports 64, 128 and 156 keys. Keys are dynamic and therefore are more secure than WEP.
|
|
|
What is the difference between show cdp neighbors and show cdp neighbors detail? |
While show cdp neighbors displays device ID, address list, port ID, capabilities and platform, it does NOT display the IP address of the device. Adding detail displays the device's IP address as well.
|
|
|
DHCP port? |
67 & 68 UDP |
