Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
224 Cards in this Set
- Front
- Back
Maximum data size for ethernet frame (in Bytes) |
1500 bytes |
|
Name 4 tools for querying or troubleshooting a DNS server |
- nslookup followed by IP address (memorize output) - dig - ping - ipconfig /flushdns (or ifconfig /flushdns) |
|
UDP data type |
Datagram |
|
TCP data type |
Segment |
|
Device that connects the data terminal equipment (routers) to the T1 digital signal. |
CSU/DSU (Channel Service Unit Data Service Unit) |
|
4 wireless troubleshooting tips |
APIPA interference password forgot network |
|
LACP explain acronym and define |
Lync Aggregation Control Protocol used for port trunking/bonding) |
|
4 benefits of virtualization |
saves power hardware consolidation system recovery (snapshots) research |
|
6 area network types and uses |
LAN - Local Area Network WAN - Wide Area Network CAN - Campus Area Network MAN - Metro Area Network WLAN - Wireless Local Area Network PAN - Personal Area Network |
|
Describe Rogue DHCP problem |
2 DHCP servers on one broadcast domain |
|
Bastien Host |
Machine on a network that's exposed to the internet |
|
Cisco managed switch operating system |
IOS |
|
APIPA network host address /subnet |
169.254.x.x/16 |
|
4 mitigation techniques |
training & awareness patch management policies & procedures incident response |
|
3 network design considerations |
customer needs compatibility and existing infrastructure security assessment |
|
WIDS |
Wireless Intrusion Detection System |
|
Well Known Ports |
Ports 0-1023 (total 2014) |
|
RDP (MS Remote Desktop) Port # |
RDP = tcp/3389 |
|
MUMIMO |
Multi-user Multi input/Multi output used in 802.11ac wireless protocol extension |
|
Port Mirroring |
Allows traffic flow of one port to be monitored on another port. Used to allow admins to inspect network traffic remotely. |
|
Medianet |
UC gateways that ensure voice & video data gets from one place to another in a timely manner using QoS |
|
IDF |
Intermediary Distribution Frame connects Main Distribution Frame to Workstations |
|
IPv6 address size (bits) |
128 bits |
|
WPS |
wifi protected one button setup. recommend disabling due to poor security. |
|
6 change request steps |
type of change configuration procedures rollback plan impact of change notification plan documentation |
|
Ephemeral ports range |
Ports 1024-65535 |
|
Port bonding |
Combine two or more ports to act as one higher speed port for increased bandwidth. |
|
NTP port |
NTP = udp/123 |
|
Event Viewer |
Windows logging tool |
|
Evil Twin |
Rogue access points setup to intrude and steal |
|
Explain the differences between Firewall, IDS, IPS. |
Firewall = filters IDS = detects and reports intrusions IPS = prevents/stops attacks/intrusions |
|
Explain the differences between routers and switches. |
Routers manage traffic via IP addresses Switches manage traffic via MAC addresses |
|
Frames are created and destroyed here... |
NIC |
|
Critical Assets |
Assets that will cause work stoppage if they fail. |
|
BERT test |
Bit error rate test for T1 |
|
Broadcast address |
FF-FF-FF-FF-FF-FF |
|
Where is an IP frame located? |
Inside an ethernet frame |
|
4 kinds of clouds |
public private community hybrid |
|
Wireshark |
popular free protocol analyzer |
|
3 access control types |
mandatory - uses labels discretionary - creator controlled (r/w/x) role based - group controlled |
|
MAC address |
48 bit unique identifier |
|
Default Gateway |
IP address of a router |
|
cable for connecting to managed switch port |
Rollover cable |
|
Traffic shaping |
QoS that allows bandwidth management via priority of applications |
|
Demarc |
Where the public telcom ends and the private network begins |
|
VTP |
Virtual Trunk Protocol (Cisco) trunking for multi-switch VLAN traffic |
|
ARP |
Address Resolution Protocol IP broadcast message sent to get a MAC address |
|
VLAN |
Virtual LAN used to split one broadcast domain into multiple broadcast domains on one or more switches. |
|
AAA (Security) |
Authentication Authorization Accounting |
|
nbtstat -c |
cached connections of IP addresses, shares shows the contents of the NetBIOS name cache, which contains NetBIOS name-to-IP address mappings. (memorize output) |
|
nbstat -s |
list the current open sessions (destination IP & computer name) and their status, including statistics. Sample output: (memorize output) |
|
encryption symmetric vs asymmetric |
single key for encrypt/decrypt vs public key (encrypt) and private key (decrypt) |
|
2 popular web servers |
IIS (MS) Apache (open source) |
|
2 characteristics of coax cable |
RG connectors measured in Ohms |
|
IANA |
Internet Address Numbers Authority Passes out IP addresses to RIR (Regional Internet Registries) |
|
MDF |
Main Distribution Frame Equipment rack that connections to subscriber carrier on one end and IDF on the other end. |
|
TDR & OTDR |
Time Domain Reflectometer Optical Time Reflectometer Finds cable length and breaks |
|
What causes MTU errors and MTU black holes? |
MTU for ethernet is typically 1500 bytes. MTU errors occur with byte size and fragmentation issues. MTU black holes occur when you tell a device not to fragment. |
|
wifi protocol, channels, band, speed (GHz) |
protocol = 802.11 channels = 14; 11 in the US; limited to 1,6 or 7, 11 Transmit band = ISM (cannot change) speed = 2.4 GHz & 5 GHz |
|
wimax protocol |
802.16 |
|
IPv6 loopback address |
::1 |
|
arp -a |
lists cached MAC address resolutions |
|
2 vulnerability scanners |
NMAP Nessus |
|
2 ways to abbreviate IPv6 addresses |
remove leading zeros between colons collapse 1 or more continuous sets of 0000 to :: |
|
3 wireless cellular technologies |
HSPA HSPA+ LTE |
|
BPL |
Broadband over Power Lines |
|
*NIX logging |
Syslog |
|
T1 crossover |
cable that allows emulation of T1 connection between CSU/DSU |
|
Explain the size and structure of bits, 2 parts, and purpose of a subnet mask. |
32 bits series of ones followed by a series of zeros network address and host address purpose- masks an IP address |
|
Explain active and passive ports in port bonding |
Active ports look for ports to bond. One or more ports must be set as active in order to port bond. |
|
2 dynamic routing types |
distance vector link state |
|
Used to encrypt unencrypted protocols |
Tunnelling |
|
2 common IPv6 tunnels |
Toredo 6to4 |
|
Satellite modem cable type |
RJ-6 |
|
SNMP trap |
Presets for SNMP managed devices to send messages to SNMP manager when criteria are met. |
|
Name and describe 3 ICS (Industrial Control Systems) |
SCADA - Supervisory Control & Data Acquisition uses RTU (Remote Terminal Unit) DCS - Distributed Control Systems Human Interface- sensors, actuators, feedback PLC - Programmable Logic Controllers uses special I/O & Human Machine Interface |
|
2 DHCP ports |
DHCP = udp/67, 68 |
|
SNMP device ports and listening ports |
SNMP Device Ports 162 UPD 10162 TLS SNMP Listening Ports 161 UDP 10161 TLS |
|
TFTP (Trivial FTP) port |
TFTP = tcp/69 |
|
Describe HSRP & VRRP |
Host Standby Router Protocol Virtual Router Redundancy Protocol Used for failover clustering for high availability |
|
SNMP versions |
v.1 limited commands and no encryption v.2 more commands, added encryption v.3 TLS encryption |
|
CSU/DSU wiring types |
RJ-48c for Demarc v.35 or RS323 to the router |
|
Describe Virtual IP addresses |
IP address that does not correspond to an actual physical network interface port used for one-to-many NAT connection redundancy for alternate failover options |
|
OSI model layers |
Application (What you see on screen) Presentation (Application encryption SSL/TLS) Session (Control; tunneling) Transport (TCP segment, UDP datagram) Network (IP routing fragmented packets) Data-Link (MAC switching frames) Physical (Cables) |
|
TCP model layers |
Application Transport Internet Network |
|
SNMPWalk |
Batch of SNMP get commands |
|
Name 802.11 protocol extensions, speed, & band |
b - 11mbps - 2.4GHz a - 54mbps - 5GHz g - 54mbps - 2.4GHz n - 74-600mbps - both ac - 1Gbs - both |
|
BGP |
Border Gateway Protocol The primary dynamic routing protocol which breaks the internet into Autonomous Systems (AS) interconnected via BGP edge routers. |
|
AS (Autonomous Systems) number size |
32 bits |
|
FTP ports (listen and respond) |
FTP Listen = tcp/21 FTP Respond = tcp/20 |
|
SNMP MIB |
SNMP Management Information Database Database of command sets included on SNMP devices to allow query from SNMP manager. |
|
5 dynamic routing metrics |
hop count MTU bandwidth cost latency |
|
ICMP |
Internet Control Message Protocol Unlike TCP, UDP content only consists of type & checksum and does not use ports. Used for control messages by devices like routers for error check. |
|
SNMP Get |
standard SNMP query command GET RESPONSE from device. |
|
telnet port |
telnet = tcp/23 |
|
Static NAT |
aka port forwarding (often used for web servers) one-to-one translation of IP addresses incoming data for NAT IP address goes to one designate device on the network |
|
Dynamic NAT |
aka pooled NAT (rare, often used for web servers) Dynamic mapping with address ports fixed multiple IP addresses for getting out of network |
|
PAT |
Port Address Translation Allows specific UDP/TCP port to map traffic inbound to destination. |
|
Dynamic Routing |
auto routing table updating protocols use metrics to find routes and determine the best routes |
|
IGP, EGP, BGP |
Interior Gateway Protocol- Internet
Exterior Gateway Protocol- BGP is the only one Border Gateway Protocol- Connects Internet AS |
|
Digital Signal Designation (DS1, DS3, etc) T1 • T3 • E1 • E3 Channels, Speeds |
T1 • Ch24 • 1.5mbps T3 • Ch672 • 44mbps E1 • Ch32 • 2mbps E3 • Ch512 • 34mbps |
|
SIP Ports |
SIP udp or tcp/ 5060 unencrypted, 5061encrypted |
|
RTP Ports |
RTP udp/5004, 5005 |
|
H.323 Port |
H.323 udp/1720 |
|
MGCP Ports |
Media Gateway Control Protocol MGCP udp/2427, 2727 |
|
Describe RIP 1 & RIP 2 |
2 older versions of Interior Gateway Protocols that use distance vector RIP 1 = 15 max hops, classful subnets only RIP 2 = adds hops, security, and classless subnets |
|
Port Triggering vs Port Forwarding |
Port Forwarding = traffic sent via open ports Port Triggering = traffic outbound from a specific port triggers opening a new port for incoming traffic |
|
netstat -o |
show process ID |
|
netstat -a |
show connections and active ports |
|
SSH port |
SSH = tcp/22 |
|
netstat -b |
show foreign address connecting |
|
4 characteristics of OSPF |
Interior Gateway Protocol Link State Designated router and backup designated router Each router gets and Area ID |
|
netstat -n |
list all port #s |
|
netstat -r |
show routing table |
|
Hypervisors |
Creates and hosts VMs baremetal (hardware) hosted (host OS) |
|
WEP |
Wireless Encryption Protocol Old, weak security 64 and 218bit security options w/ 20bit overhead |
|
IGMP |
Internet Group Management Protocol one to many IP multicast for streaming video/gaming; accessed via 224.x.x.x group address; sent from a source address. |
|
VNC Port |
VNC tcp/5900 |
|
TACACS+ Port |
TACACS+ tcp/49 |
|
RADIUS Ports |
RADIUS udp/1812, 1813, 1645, 1646 |
|
rLogin Port |
rLogin tcp/513 |
|
SONET OC-1 (STS-1) speed |
OC-1 51.85 |
|
DWDM |
Dense Wave Division Multiplexing New faster SONET to compete with 10G Ethernet |
|
3 Packet Switching Technologies |
Frame Relay ATM (Asynchronous Transfer Mode) MPLS |
|
IMAP Port |
IMAP tcp/143 |
|
SMTP Port |
tcp/SMTP 25 |
|
POP Mail Port |
POP tcp/110 |
|
Describe and Ethernet Frame including parts and # of bytes for each part. |
TCP Data 1460 bytes TCP Header 20 bytes IP Header 20 bytes Total IP packet 1500 bytes DLC 14 bytes |
|
Trunking Protocol |
802.Q |
|
Class A private IP addresses |
10.0.0.0 - 10.255.255.255 subnet mask = 255.0.0.0 wack 8 |
|
Class B private IP addresses |
172.16.0.0 - 172.31.255.255 sunset mask = 255.240.0.0 wack 16 |
|
Class C private IP addresses |
192.168.0.0 - 192.168.255.255 subnet mask = 255.255.0.0 wack 24 |
|
10BaseT Cat/cable @ distance speed Mbits/s |
Cat 3 UTP cable @ 100 meters 10 Mbits/s |
|
10Base2 cable type |
RG-58 BNC coax cable @ 200 meters with T Connectors and terminating resistors |
|
10Base5 cable type @ distance speed Mbits/s |
Thick coax w/ vampire connectors @ 500 meters 10 Bits/s |
|
100BaseTX Cat/cable @ distance speed Mbits/s |
Cat 5 UTP cable @ 100 meters 100 Mbits/s |
|
1000BaseT Cat/cable @ distance speed Mbits/s |
Cat 5e or 6 UTP @ 100 meters 1000 Mbits/s |
|
10GBaseT Cat/cable @ distance speed Mbits/s |
Cat 6 UTP cable @ 55 meters Cat 6a UTP cable @ 100 meters 10 Gbits/s |
|
100BaseFX cable @ distance speed Mbits/s |
100 Mbits/s @ multimode 2 kilometers |
|
1000BaseSX |
multimode @ 500 meters1000 Mbits/s |
|
10GBaseSR |
10Gbits/s @ multimode 300 Meters |
|
1000BaseLX |
1000 Mbits/s @ singlemode 2 kilometers |
|
10GBaseLR & LW |
10 Gbits/s @ 1310 nanometer singlemode 10 kilometers W version for SONET |
|
ipconfig /all |
Displays the DNS assignments and full TCP/IP configuration for all adapters. Without this parameter, ipconfig displays only the IP address, subnet mask, and default gateway values for each adapter |
|
What is the primary form of logical addressing? |
Internet Protocol (IP) |
|
Router |
connects multiple LANS/broadcast domains |
|
Singlemode fiber cable is usually what color? |
yellow
|
|
Multimode fiber cable is usually what color? |
orange |
|
3 fiber cables polish types |
PC Polished UPC Ultra Polished APC Angle Polished |
|
CSMA/CD
|
Carrier Sense Multiple Access with Collision Detection used in early ethernet for preventing data collisions during transmissions. |
|
|
FC (single mode) screw-in |
|
|
LC (multimode) flange top |
|
|
MTRJ (multimode) very small dual connector |
|
|
SC (single mode) square push-pull |
|
|
ST (single mode) bayonet |
|
1000BaseCX |
Twinax cable @ 25 meters |
|
10GBaseER & EW |
10Gbits/s @ 1550 nanometer singlemode
40km W version for SONET |
|
Equipment rack height and width |
Height measured as "U" = 1.75 inches
Width = 19 inches |
|
2 RJ45 Ethernet cables List wire colors in order for each |
568A GW-G-OW-B-BW-O 568B OW-O-GW-B-BW-G Brown+Blue Never Move -- Remember 568Bowogw |
|
Subnet number conversion octaves vs binary |
128 64 32 16 8 4 2 1 |
|
SSL Port |
SSL 443 |
|
DNS Forward lookup zone |
resolve FQDN
|
|
SOA |
Start of Authority Authoritative server for DNS name |
|
NS record |
Name Server |
|
Host record |
Name, Address, Host takes precedence over DNS |
|
A records |
IKPv4, AAAA records, IPv6 |
|
CN record |
Alias or Canonical Name |
|
MX record |
Mail record |
|
SRV |
System Record (uncommon) |
|
authentication |
username + password
|
|
authorization |
what you are allowed access to (ACL) |
|
3 ACL |
Mandatory (labels) Discretionary (single user) Role Based (groups) |
|
What does NAT assign to external frames in order to track internet requests made by client |
255.255.255.128 subnets 128 usable hosts 126 (128-2) |
|
How do you calculate # of subnets and # of hosts for nnnnnnnn.nnnnnnnn.nnnnnnnn.xxyyyyyy where x = 1 and y =0 |
nnnnnnnn.nnnnnnnn.nnnnnnnn.xxxyyyyy subnets = 2 to the power of # of spaces moved to the left of the last octet dot (ex 2 to power of 3) hosts = 2 to the power of # spaces moved to the right of the last octet dot (ex 2 to power of 5) |
|
what is the job of a subnet mask |
The Subnet Mask is a setting that you add to every computer to tell an individual system whether to send it locally or to send it out through the router. |
|
What are 2 parts of the subnet mask |
Network ID (all ones) Host ID (all zeros) |
|
How many ip addresses for 255.255.0.0 |
that gives us 16 bits to the 16th power which equals 65,536- but you can't use all zeroes or all 255s, so you get 65,534 IP Addresses. |
|
What is CIDR? |
Classless Inter-Domain Routing is a method for allocating IP addresses and IP routing. |
|
How is CIDR notated? |
slash ('/') character, and a decimal number. The number is the count of leading 1 bits in the routing mask (aka network mask). |
|
/25 |
2 subnets, 128-2=126 hosts |
|
/26 |
4 subnets, 64-2=62 hosts |
|
/27 |
8 subnets, 32-2=30 hosts |
|
/28 |
16 subnets, 16-2=14 hosts |
|
/29 |
32 subnets, 8-2=6 hosts |
|
4 VPN types |
PTPP L2TP IPSec SSL Tunnel (SSTP) ikEv2 |
|
2 VPN encryption types |
EAP/TTLS CHAP & MSCHAP |
|
InterVLAN routing |
Virtualization of router functionality in higher end switches.
|
|
IPv6 subnet mask |
always /64 |
|
IPv6 link local address |
FE80 |
|
IPv6 Native Addressing |
pure IPv6 |
|
DUID |
DHCPv6 Unique Identifier (DUID) is used by a client to get an IP address from a DHCPv6 server |
|
IPv6 EUI64 |
The IPv6 EUI-64 format address is obtained through the 48-bit MAC address. The MAC address is first separated into two 24-bits, with one being OUI (Organizationally Unique Identifier) and the other being NIC specific. FFFE as a reserved value which appear in-between the OUI and NIC portions of the 48 bit address. |
|
Frequency Division Multiplexing |
Analog- change frequencies to allow multiple conversations. |
|
Time Division Multiplexing |
breaks up into pieces- analog to digital to analog. Digital Signal Designation (T1/E1, T3/E3, etc) |
|
Satellite characteristic and cable connector |
Synchronous or asynchronous high latency and interference cable RG6 F-type |
|
Wireless bridging |
propagates SSID wirelessly |
|
IaaS |
Infrastructure (building web servers like AWS) |
|
PaaS |
Platform (for dev code) |
|
SaaS |
Software (subscription or web-based software) |
|
4 characteristics of Acceptable Use Policy |
ownership network access privacy/consent illegal use |
|
network access policy |
defines access to things like databases, files, VPN |
|
3 types of business documentation |
SLA - memorandum of understanding MSA - multi source agreement (between vendors) SOW- statement of work |
|
virus vs worm vs malware |
virus- makes copies and requires activation worm- propagates and uses web to activate malware- any kind of bad infection installed |
|
smurf attack |
DDoS using spoofing and zombies |
|
Name the 6 steps of the troubleshooting theory |
- Identify the problem: Questions, user changes - Establish a theory: Question the obvious - Test the theory: confirm or repeat; escalate. - Act – Establish a plan of action to resolve the problem and implement the solution. - Test and prevent – Verify functionality, implement preventative measures. - Report – Document findings, actions, outcomes. |
|
Describe the 2 kinds of firewalls |
Stateless- filters by port # Stateful- monitors I/O packets over time, as well as the state of the connection, and stores the data in dynamic state tables. This cumulative data is evaluated, so filtering decisions are not only be based on admin-defined rules, but also on context built by previous connections and previous packets of the same connection. |
|
16 to the powers of 0, 1, 2, 3 |
1, 16, 256, 4096 |
|
DNS port |
DNS = udp/53 |
|
SMB port |
SMB = tcp/445 |
|
Classful IP Addressing: Class A first octet |
first octet 1 - 126 |
|
Classful IP Addressing: Class B first octet |
128 - 191 |
|
Classful IP Addressing: Class C first octet |
192 - 223 |
|
tracert (windows) and traceroute (unix) |
traces routes to internet sites based on number of hops and time taken |
|
clustering |
group of redundant mirrored servers for fault-tolerance, load-balancing, high availability, scaling, and minimized downtime |
|
RAID Types |
RAID 0 - 2 disks striped; no fault tolerance RAID 1 - 2 disks mirrored, duplexed RAID 5 - 3 disks striped with parity RAID 0+1 aka RAID 10 - 4 disks as a mirror of stripes |
|
Decimal / hex list |
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 0 1 2 3 4 5 6 7 8 9 A B C D E F 4096 256 16 1 |
|
802.3 |
Ethernet standard |
|
Fiber using LED |
multimode |
|
Fiber using laser |
singlemode |
|
Max distance for horizontal UTP/STP cable run |
90 meters |
|
Resolves IP address to FQDN |
Reverse lookup zone |
|
Switch vs Managed Switch |
Switch looks at MAC address Managed switch looks at IP address and QoS, too Managed switch has IP address for configuring |
|
Describe the parts of ICS and how they are connected. |
|
|
Where are most MTU errors found |
Routers |