• Shuffle
    Toggle On
    Toggle Off
  • Alphabetize
    Toggle On
    Toggle Off
  • Front First
    Toggle On
    Toggle Off
  • Both Sides
    Toggle On
    Toggle Off
  • Read
    Toggle On
    Toggle Off

How to study your flashcards.

Right/Left arrow keys: Navigate between flashcards.right arrow keyleft arrow key

Up/Down arrow keys: Flip the card between the front and back.down keyup key

H key: Show hint (3rd side).h key

A key: Read text to speech.a key


Play button


Play button




Click to flip

337 Cards in this Set

  • Front
  • Back
  • 3rd side (hint)
What is CSMA/CD stand for, and what does it do?
Carrier Sense, Multiple Access/Collision Detection

For bus networks to help avoid collisions.
Summarize 10base5 bus ethernet.
# Speed is 10 megabits/second.

# Signal type is baseband.

# Distance limit is 500 meters/segment.

# No more than 100 nodes are allowed per segment.

# Nodes must be spaced at 2.5 meter intervals.

# Cables are marked with a black band every 2.5 meters to ease installation.

# Thick coaxial cable used for 10Base5 is almost always yellow, although nothing in the standard requires that color.

# The cost per foot is expensive compared with other cabling systems.

# Known as Thick Ethernet, Thicknet, Thick Coax, yellow cable, or frozen yellow garden hose.

# RG-8 cable
10 items on this list
10Base2 Summary
# Speed is 10 megabits/second.

# Signal type is baseband.

# Distance limitation is 185 meters/segment.

# No more than 30 nodes are allowed per segment.

# Nodes must be spaced at least .5 meters apart.

# The cost per foot is inexpensive compared with 10Base5.

# Also known as Thin Ethernet, Thinnet, Cheapernet.
7 items
Repeaters have four key benefits. Name them?
1. they extend the distance that a network can cover.

2. they increase the number of machines that can connect to the network.

3. they provide a measure of fault tolerance, limiting the impact of breaks in the cable to the segment on which the break occurs.

4. they can link different types of cabling segments together.
What is an Internetwork?
Two or more networks connected together.
Name the 4 network models w/ brief description
1. Centralized - Network resources are centrally located and adminitered.

2. Decentrilized aka distributed - resources are distibuted through different areas of the network. Administration shared among system admins and/or users

3. peer-to-peer - all pc's on the network act as equals and can be a server or client at any given time.

4. Client/Server - Dedicated servers provide services.
Name the different network types?
MAN - Metropoltin
SAN - Storage
PAN - Personal
CAN - Campus
6. looking for 3 letter acronymns.
Name some of the common methods to connect a lan to a wan, and their avg speed?
Modem - up to 56kbs
ISDN - up to 128Kbps
DSL - 1.5 Mbps
Satellite - 400Kbps
T1 - 1.544 Mbps
T3 - 44.736 Mbps
Define WAN in simplest terms?
A WAN is a group of internetworked LANs.
Name the different network topolgies
What is used on the end of a bus network?
a 50 ohm terminator
What is the most commonly used topology?
Star aka hierarchical

Hubs, switches, etc
What is the formula for figuring the number of connections in a mesh network?
Formula is:

C = n(n-1)/2

c = connections required
n = nodes
What is the active monitor on a token ring network
The first pc that accesses the ring.
If a question refers to cells, what are they talking about?
the transmitters useed in devices on a wireless network.
What does IEEE stand for?
Institute of Electrical and Electronics Engineers
What are the 4 testable IEEE standards?
802.2 - Logical Link Control

802.3 - CSMA/CD aka ethernet

802.5 - Token Ring

802.11 - Wireless LAN
The 802 standard breaks the data link layer into 2 catagories. What are they, and what to they do?
Logical link control (LLC) - responsible for starting and maintaining connecections with devices.

Media Access Control (MAC) - allows multiple devices to share the media (cable) that data is being sent over.
What does CSMA / CD stand for, and what does it do?
Carrier Sense Multiple Access with Collision Detection

If the network is quiet device can transmit. If there is still a collision, device stops transmission, sends a signal to other nodes to wait random amount of time and try again.
What is the range of a 10baseT segment?
100 meters or 328 Ft

500 meters or 1640 ft

185 meters or 607 ft
meters and feet. approx a little over 3 to 1 ft to meters
What are RFC's?
Request for Comments

Not directly questioned on the test except to throw you off.
What is the topology of most modern 10baseTnetworks?
Star bus.

Star bus networks use a physical star that provides improved stability, combined with a logical bus that maintains compatibility with existing Ethernet standards.
What is UTP cable?
Unshielded twisted pair. Only two pairs are used in standard 10baseT ethernet networks.
What connector is used at the end of a cat 5 UTP cable?
What pins in UTP cat 5 cable send and receive.
2 pairs -
pins 1 and 2 to send data, and the wires connected to pins 3 and 6 to receive data
Which ethernet standard used all 4 pairs of wires in UTP?
Name the UTP catagories, uses, and speeds?
Category 1 - Regular analog phone lines; not used for data communications.
Category 2 - Supports speeds up to 4 megabits per second.
Category 3 - Supports speeds up to 16 megabits per second.
Category 4 - Supports speeds up to 20 megabits per second.
Category 5 - Supports speeds up to 100 megabits per second.
What is the limit on nodes in a ethernet 10baseT network?
10BaseT hub can connect no more than 1024 computers (nodes)
What is the distance limitation between any hub and node in
10/100baseT Ethernet?
The distance limitation is 100 meters between hub and any node.
What is the 5-4-3 rule in Ethernet networks?
Designed to reduce collisions.

States that each segment must be no more than:

* 5 segments

* 4 repeaters

* 3 populated segments

A populated segment is an Ethernet segment with at least one machine directly connected to it.

For the purposes of the 5-4-3 rule, a hub counts as both a repeater and a segment. The 5-4-3 rule’s limitations do not apply to the entire network, but rather to the paths within the network.
What do bridges do?
Bridges filter (stop) and forward traffic between two or more networks based on the MAC addresses contained in the data packets.
At level of the OSI does a bridge operate?
Bridges operate at Layer 2 of the OSI 7-Layer model, also kown as the Data Link layer.
How do bridges respond to broadcast packets?
While bridges do filter most network traffic, broadcast traffic is always forwarded.

Because the bridge does not know the MAC address of the intended recipient of a broadcast, it plays it safe and forwards all broadcast traffic. This increases traffic on both sides of the bridge, but allows all functions that rely on broadcasts to work correctly.
What are three potential issues with bridges?
1. Bridges cannot be used to provide multiple routes between machines.

2. Bridges can only connect two networks if they use the same type of data packets, e.g., Ethernet to Ethernet, Token Ring to Token Ring.

3. Broadcast packets are automatically forwarded accross the bridge increasing network traffic.
What do routers do with broadcast traffic?
Reject it by default. Since WAN's use routers, all broadcast traffic from LAN's would bring the internet or WANS's to a halt.
Can routers and bridges both use multiple pathways to forward traffic?
Routers can, so they are more fault tolerant. They can choose among multipole paths between two nodes.

Bridges cannot. They can only have one connection from a lan coming through them.
On what basis do routers filter and forward traffic?
Network address aka ip address.
On what level of the OSI model do routers operate?
Routers operate at Layer 3 of the OSI 7-Layer model, known as the Network layer.
What is fast ethernet?
Fast Ethernet is not a single technology. The term Fast Ethernet refers to any of several Ethernet flavors that operate at 100 megabits per second. Rather than limiting Ethernet to a single high-speed solution, the IEEE endorsed multiple standards for Fast Ethernet and allowed the marketplace to choose among them. The major variations include 100BaseT and 100BaseFX.
What are the two variations of 100BaseT?
100BaseTX and 100BaseT4 (most installations will use TX)

The difference between 100BaseTX and 100BaseT4 lies in the quality of the cable used. 100BaseTX requires CAT 5 cabling to achieve 100 megabits per second speed using only two pairs of wires. Like 10BaseT, 100BaseTX ignores the remaining two pairs. 100BaseT4 uses all four pairs to achieve 100 megabit per second performance using lower quality CAT 3 cabling.
What is 100BaseFX?
The 100BaseFX standard specifies 100 megabit Ethernet running over two optical fibers. Fiber optic cabling uses pulses of light instead of electrical current to transmit data packets.
What are the advantages / disadvantages of 100BaseFX over standard 100BaseT using UTP?
Using light instead of electricity addresses the three key weaknesses of copper cabling. First, optical signals can travel much farther. The maximum length for a 100BaseFX cable between two half-duplex distance extenders is about 400 meters. Full-duplex extenders have a limit of 2000 meters!

Second, fiber optic cable is immune to electrical interference, making it an ideal choice for high-interference environments. Third, the cable is much more difficult to tap into, making it a good choice for environments with security concerns.

Despite its benefits, the use of fiber optic cable for Ethernet remains limited to infrastructure use — as opposed to personal use — because of its high cost.
What is switched Ethernet?
An Ethernet switch is a special hub that can place some devices into their own collision domains. In essence, an Ethernet switch is a hub with a bridge built in.

Physically, an Ethernet switch looks much like any other Ethernet hub except for the addition of one or more bridged ports.

Logically, an Ethernet switch puts each device plugged into of its switched ports into its own collision domain.
What are the benefits of a switch over a hub?
The switch provides two benefits. First, if both the sender and the receiver are on their own switched ports, the full bandwidth of that connection, 10 or 100 megabits, is available to them—no other machine can cause a collision. Second, the switch can act as a buffer, allowing 10-megabit and 100-megabit devices to communicate with each other.

Ethernet switches can also connect segments to a backbone. A backbone is a segment, usually a high-speed one, that connects other segments.
What is the diffrerence between half-duplex and full-duplex Ethernet?
Full-duplex means that a device can send and receive data simultaneously.

Half - Send only or receive only.

Full duplex will increase the speed of transmissions because each pair of wires can send or receive at the same time without a collision. They are on different "channels"
What must be present for Full-duplex Ethernet to work?
Ethernet NICs on each end of a switched connection must support full-duplex mode.
Name the various types of connectors used in networking?
Dix connectors are a type of D connector and used in thicknet the AUI cable connects to the Dix connector on the back of the NIC.

BNC - Used in thinnet

RJ-11 - phone
RJ-45 - Cat 3 and up utp
RJ-48 - Cat 3 and up stp
RJ-25 - mult phone lines

Fiber connectors -
Standard Connectors (SC) - most common fiber connector used

Straight tip (ST) Stick and twist

Local Connector (LC) - lock and click

Mechjanical Transfer Registered Jack (MTRJ) -
Name the three types of interference and typical causes.
EMI aka noise - low voltage, low current, high frequency. Power lines, fluorescent lights, industrial tools, motors, lamps, fans, and other electric tools and equipment.

RFI - Radio and TV towers, microwave satellite dishes, appliances , and furnaces.

Crosstalk - caused by the electromagnetic field of one wire bleeds to another that is too close.

All can cause data corruption and loss.
What are the max lengths of all media standards.
10base2 - 185 meters
10base5 - 500 meters
10baseT - 100 meters
100baseTX - 100 meters
10baseFL - 2 Kilometers
100baseFX - 400 meters (half duplex) 2KM (full-duplex)
1000baseT - 100 meters
1000baseSX - 550 meters (multi-mode fiber)
1000baseLX - 550 meters (multi-mode fiber) or 10km (single mode fiber)
1000baseCX - 100 meters
10GbaseSR - 300 meters
10GbaseLX4 - 10km (single mode fiber)
10GbaseLR - 10km (single mode fiber)
Which cable type is the most secure from wiretapping / eavesdropping
Fiber Optic
Name 5 types of cable testers
Tone generator (fox and hound)
Time domain reflectomter
Wire map tester
Oscilloscope Network monitors and protocol analyzers
see page 80/81
Name the colors of each of the four pairs in twisted pair cables.
pair 1 - Blue
Pair 2 - orange
Pair 3 - Green
Pair 4 - Brown
Fast Ethernet is also known as:
What is an AUI cable, and what is it used for?
aka Attachment Unit Interface. Has a 15 pin D connector on each end. Used to connect an MAU (transceiver) to the NIC in a 10base5 network.
The transceiver used in a 10Base5 network is also called:
MAU aka Media Attachment Unit
How many nodes can connect to a 10base5 network, and how far apart must each node be.
max of 100 taps per segment. Each tap MUST be 2 1/2 meters apart.
What is Arcnet?
Rarely used anymore. 802.3 standard. Uses Coax. Token bus technology, combining feature of token ring and bus technologies.
Name the various types of Coax cable and uses?
RG-58 /U - solid copper wire. 10base2.
RG-58 A/U - stranded copper wire. 10base2
RG-58 C/U - military implementation of RGB-58 A/U.
RG-59 - 10base5 also cable tv
RG-6 - broadband cable etc. supports higher transmission rate than 59.
RG-62 - Arcnet
RG-8 - 10Base5
Name the catagories of Twisted Pair cabling?
CAT 1 - up to 1 Mbps. voice in older phone systems only.
CAT 2 - 4 Mbps. Voice and low speed data transmission.
CAT 3 - 16 Mbps. Voice in new phone systems. Min spec for 10baseT networks.
CAT4 - 20 Mbps
CAT 5 - 100 Mbps. works for 100baseT.
CAT 5e - 1000 Mbps Gigibyte Ethernet.
CAT6 - same as 5e, but higher standard for cable.
CAT 6e - 10Gigabit Ethernet.
CAT 7 - still in development.

Review - Cat 1 and 2 - voice only. 3 or higher for networking.
What are the two different types of fiber optic cable?
Single Mode Fiber (SMF) - Greater bandwidth, and longer distances.

Multimode Fiber - Used for shorter distances. LED is the light source.
What are the two speeds of 1394 (firewire)
400Mbps in IEEE1394a

800Mpbs in IEEE1394b
What is the SQE on a 10base5 network?
SQE = signal quality error

MAU's have a heartbeat aka test signal that is sent to the workstation when a collision is detected. IF a repeater is on the network, turn this signal off or it will send a jam signal because it reads the SQE as a collison.
Token Ring is also known as:
IEEE 802.5
Why is Token Ring more efficient than Ethernet?
Because it uses a token, and only the node with the token can transmit, that means there are no collision, and no overhead. A 16 Mbps Token Ring network, can literally use all 16 MB.
What data is contained in a Token Ring packet?
the source MAC address, the destination MAC address, the data to be transmitted, and a Frame Check Sequence, or FCS, used to check the data for errors. It also contains the token.
What are the two speeds that Token Ring networks employ?
4 Mbps or 16 Mbps
a Token Ring network consisting of five 4/16-megabit Token Ring nodes and one 4-megabit Token Ring node will run at what speed?
4 megabits per second.
A modern token ring network uses what physical topolgy?
A star topology is employed using MAU's as the logical ring.
What is a MAU on a token ring network?
It essentially acts as a hub, using a logical ring struture inside the MAU. Stands for Multistation Access Unit. The terms Token Ring hub, MAU, and MSAU are synonymous.
The original Token Ring used STP. What connector is used, what does it look like. How many nodes can be attached, and what is the max length of the cable from the node to the MAU?
Token Ring uses a special Type 1 connector for STP (see pic)

When using STP, a single Token Ring MAU can support up to 260 computers. The STP cable connecting the computer to the hub may not be longer than 100 meters.

It is more expensive, but protects from interference better.
What connector does Token Ring UTP use, how many nodes can connect, and what is the max length of the cable to the MAU?
Uses standard RJ-45 connector

UTP can support up to 72 nodes, and each node must be within 45 meters of the MAU.
How would you connect two MAU's together to form one larger logical Token Ring network?
Token Ring MAUs, whether using UTP or STP, have two special ports on the MAU, labeled Ring In and Ring Out. These special connections link multiple MAUs together to form a single ring.

The Ring In port on the first MAU must connect to the Ring Out port on the second MAU, and vice versa, in order to form a single logical ring.
How many MAU's can be connected together to form a larger logical ring?
Up to 33 MAUs can combine to form a single logical ring. Building a network with more than 33 MAUs requires the use of bridges or routers. Routers can also connect Token Ring LANs to other types of LANs, such as Ethernet.
What are the two types of hubs?
Passive - No power source. Passes all data to all ports.

Active - Same as above, except signal is regenerated (repeat) the data, so can be used to lengthen segments.
At what part of the OSI does a gateway operate?
All 7 layers
Name the devices that work at the physical level?
Hub, MAU, Repeater, Gateway
Name the devices that work at the Data Link Layer?
NIC, Bridge, Layer 2 Switch, Access Point, Gateway
Name the devices that work at the network layer?
Router, Layer 3 switch, gateway
Why should hubs only be used on very small networks?
Hubs work at layer 1 (physical) and as such are unintelligent. If you have an 8 port hub, each pc gets the packet, and has to examine it to see if it is for itself. This process takes time, and means there is much more traffic on the network. Only use for home or very small networks. Active hubs repeat the data, and are the only ones covered on the exam.
A bridge can connect what?
Two different segments only (unlike a switch). It passes or rejects traffic accross itself based on the Mac address (layer 2 - data link layer)
What is an MAU? (network device)
Multi-Station Access Unit- Basically the "hub" for token ring networks.
What is generally the max length one can be from the central office or repeater for DSL?
18,000 feet, but for some higher speed services it can be less. For ADSL, CDSL, DSL Lite, or G.lite it is 18,000 ft.
What are the two basic types of ISDN service?
BRI - Basic Rate Interface
PRI - Primary RAte Interface

BRI consists of two 64 Kbps B channels and one 16 Kbps channel for a total of 144Kpbs. Can use existing wiring, most basic.

PRI for greater bandwidth requirements. Contains 23 B channels and one 64KBps D channel for a total of 1536 Kbps.
What is a CSU/DSU?
Channel Service Unit / Data Service Unit.

Terminates the end of a Leased T-Carrier line.
What are the two main T-Carrier lines?
T1 line consists of 24 channels called DSOs that are 64Kbps each. This equals 1.544 Mbps. A company can lease one or more lines depending on their bandwidth needs. Also called fractional T1.

T3 line = 44.736 Mbps
What is multiplexing?
Sending of multiple signals over one communciation channel at the same time. (think cable tv)
Name three funtions of a NIC?
1 - Translates data from the parallel bus to a serial bit stream for transmission on the network

2 - It formats the packets according to the protocol used?

3 - It transmits/receives data based on the mac addrss of itself
What is a switch?
Similar to a hub, but smarter. A switch only sends data to the port it is intended for, and guarantees full speed to that port.
What is a multiport bridge?
A switch. Just another name, because it does some of the same things a bridge does.
What is a layer 2 switch?
A common type of switch that looks at the MAC address of the packet to determine its destination.
What is a layer 3 switch?
Can provide more features than a layer 2, as it can also proivide routing functions at layter 3 of OSI. Functions as a switch/router at the same time. Can speed things up because it doesnt have to send wan data through another device.
What is a brouter?
A device that can route specific protocols, and bridge others (bridge+router). Similar to layer 3 switch, older technology.
What is a layer 4 switch?
Works at the trasnport level. ability to look at the info in the poackets to not only identify mac and ip, but also the application protocol being used to send it, like http, ftp, or other protocols inside tcp/ip. Because it contains this info, priorties can be set on the packets, as well as rules about how they are to be forwarded.
What is a layer 5 switch?
Work at the session layrer. Provides info like URL that allow the switch to route the packet more effectively.
What are the two types of routers?
Static - have to set up a routing table, which must be updated. Not used much anymore.

Dynamic - gets its info from other routers, and updates itself. By far most common.
Name the types of firewall architecture companies use?
1 - Dual Homed - A pc with two nics. Acts as a gateway between two networks.

2 - Screened host - more secure. Provides packet filtering. Place a screening router between the gateway host and the public network.

3 - Screened subnet - Uses two screening routers. Second goes between the internal network and the proxy server. Most secure esp. from internal attack.
Name the firewall types?
1 - Packet level - uses screening router that examines packets based upon filters.

Application level - Understands data at the application level. Operates at the application, presentation, and session layers. Proxy servers are this type.

Circuit level - Same as above, but security mechanisms are applied at the time the connection is established. After that, packets flow between hosts with no further checking. (Transport layer)
What is the DMZ?
neurtal network segment where system are available to the public internet, and which offer some basic forms of protection from the rest of the network.
Name the two implentations of DMZ?
1 - Layered DMZ - the dmz is placed between two firewalls, so think firewall, dmz, second firewall in a straight line.

2 - Multiple interface DMZ - Adds a 3rd interface to the firwall and places the DMZ there. Basically like a separate network segment. Preferred method.
What is a proxy server?
Server that performs a function on behlaf of another system. Usually meansi t ascts as a gateway between the internet and company network. When you browse, you submit a request to the proxy, who then transmits the request to the internet, and then the results are sent back from the proxy to your own pc.
Name the two different types of VPNs?
Site to site - Establishes connection between two corp. offices that a lan cannot cover.

Remote Access VPN - for end user to connect to company.
Name the common protocols used with VPN.
PPTP - point-to-point tunneling prootcol

L2TP - Layer 2 tunneling protocol.

SSH - Secure Shell

IpSec - IP Security
Name the 3 different types of protocols used in VPN transmission.
Carrier protocol - IE IP addy

Encapsulating protocol - PPTP,L@TP,IP Sec, SSH (wrapped around the actual data to encrypt it

Passenger protocol - the original data being carried
What is an IDS?
Intrusion Detection System - Inspects and detects the network behavior. Tool that knows how to read and intrepret log files from routers, firewalls, servers, etc. Contains a database of known attack sigs. Can issue alrams, etc.
What is a gateway?
2 meanings - A bridge between two completely different technoligies. can be application based.(ethernet to token ring, unix to netware et al)

Also is the path out of the lan onto the wan. "default gateway" router address to the outside world.
What is NAS?
Network attached storage - provides for storage of data on the network
What are SANs
Storage area Network. Network that is dedicated to the transmission of data between servers and storage devices.
What is reflection?
Think of a mirror. RF Wave impacts a surface that it cannot penetrate easily, and the wave bounces off of it. Doors, walls, floors, cielings, buildings, and the curvature of the earth are some possible causes.
What is refraction?
Some of the wave passes thru the medium and change course, and some of the wave gets reflected. Think of a straight line going thru an object. On the other side of the wall, the line is no longer straight with the line on the first side of the wall. Happens alot outside in long range point to point links. Biggest cause is differing air densities due to changes in air temps, etc
What is absorbation?
Wireless signal cannot pass thru a medium, which also absorbs all of the signal, so that the signal essentially dies.
What is scattering?
Think of first shot inplaying pool. Cue ball hits the group and all the balls scatter. All kinds of rf waves bounce of an abject, and go in all sorts of directions. Also what happens to satellite tv during heavy rain. Sources - trees, street signs, and atmospheric conditions.
How does an antenna work?
By focusing the RF energy is focused into a smaller beam, it becomes amplified.
What is the Fresnel Zone?
An ellipitical region extending outward from the visual LOS betweeen two points. If more than 20% of the zone is blocked, you can have RF signal loss. Buildings, trees, etc.
What is FHSS?
Frequency hopping spread spectrum.
Moves from one freq. to another according to a random pattern. Works off of 2.4 Ghz ISM band, and up to 79 channels. Usually lesser speed than dsss. Bluetooth, homerf use it.
What is DSSS?
Direct sequence spread spectrum.
The data is divided and simultaneously transmitted on as many frequency channels as possible within a frequency band.
Plusses - more redundent, faster than fhss
negative - more vulnerable to interference.
11 channels available in N Amer.
Channels 1,6,11 may be used concurrently without the use of overlapping frequencies.
At what parts of the osi does wireless operate?
Physical and data link
WEP operates at the mac part of dll.
Does ethernet wireless use CSMA / CD?
No, it uses CSMA / CA (collison avoidence)
It listens to the network. If no other device is transmitting, it sends the packet. The receiving device then sends an ACK. If the sender never gets the ACK, it assumes a collison has occured and resends the packet.
What is WAP?
(as it related to wireless)
Wireless Application Protocol.
open international standard for applications that use wireless communication. Its principal application is to enable access to the Internet from a mobile phone or PDA. A WAP browser is to provide all of the basic services of a computer based web browser but simplified to operate within the restrictions of a mobile phone.
What is WTLS?
Wireless Transport Layer Security.
WTLS is derived from TLS. WTLS uses similar semantics adapted for a low bandwidth mobile device. The main changes are…

Compressed data structures — Where possible packet sizes are reduced by using bit-fields, discarding redundancy and truncating some cryptographic elements.
New certificate format — WTLS defines a compressed certificate format. This broadly follows the X.509 v3 certificate structure, but uses smaller data structures.
Packet based design — TLS is designed for use over a data stream. WTLS adapts that design to be more appropriate on a packet based network. A significant amount of the design is based on a requirement that it be possible to use a packet network such as SMS as a data transport.
WTLS has been superseded in the WAP 2.0 standard by the End-to-end Transport Layer Security Specification.
What are the common implementations of 802.11?
802.11b - up to 11Mbps. DSSS only. Uses 2.4 Ghz ISM band. Works at layers 1,2.

802.11a - Uses 5 Ghz UNII band. up to 54 Mbps. Does not use DSSS. Uses OFDM (orthogonal frequency division multiplexing). NOT backward compatible with b.

802.11g - Up to 54Mbps. Works in ISM 2.4 Ghz band. Backwards compatible with b devices.
What is the difference between ad-hoc and infrastructure model?
Adhoc - all devices make a connection with any other device on their own. no central authority.

Infrastructure - Uses an AP
Which technology has a range of 10 meters, uses 2.45 Ghz, and can select from up to 70 different frequencies with a radio band?
What is the min encryption level a biz should use with WEP?
128 bit
Advantages of WEP?
Encrypted using a CRC-32 checksum
Privacy is maintained via RC4 encrpytion.
Easy to implement.
Provides basic security.
Keys are user-definable and unlimited, and should be changed often.
What is IV?
Initialization Vector -
One is generated and prepended to the secret key.
What are the two tpes of authentication for use with 802.11?
Open and shared-key
Open - all requests are granted.
Shared-key - 4 steps
1) client sends request
2) AP responds by sending random challenge text
3) client encrpyts the challenge with the secret key, and transmits it back.
4) AP decrpyts the challenge text and compares it against the original.

**The challenge is sent in cleat text, giving a hacker a chance to try and crack the WEP secret key. Known as plaintext attack, making open slightly more secure than shared key.
What are some of the different types of attacks made on wireless networks?
Jamming, hijacking, man in the middle, flooding, and denial of service.
A stronger type of wireless security than WEP is?
WPA. - Wi-Fi Protected Access.
Data is encrypted using the RC4 stream cipher, with a 128-bit key and a 48-bit initialization vector (IV). One major improvement in WPA over WEP is the Temporal Key Integrity Protocol (TKIP), which dynamically changes keys as the system is used. When combined with the much larger IV, this defeats the well-known key recovery attacks on WEP.
Name the 7 OSI layers?
Layer 1: Physical
Layer 2: Data Link
Layer 3: Network
Layer 4: Transport
Layer 5: Session
Layer 6: Presentation
Layer 7: Application
What is layer 1 and its purpose?
the Physical layer, defines the physical form taken by data when it travels across a cable. While the other layers deal with ones and zeros, the Physical layer defines the rules for turning those ones and zeros into electrical signals going out over a copper cable. The Physical layer adds no information to the data packet; it simply transmits the data provided by the layers above it.
What is layer 3 and its purpose?
Packets are sequenced and logical addressing (ip) is handled.Responsible for routing anmd creating a virtual circuit between nodes. adds information to the packet that determines how routers move a data packet from its source on one network to its destination on a different network.
Explain Layer 2?
The Data Link layer defines the rules for accessing and using the Physical layer. The Data Link layer provides a way to identify devices on the network, to determine which machine should use the network at a given moment, and to check for errors in the data received from the Physical layer. Responsible for flow control and error notification. Manages the physical addressing (mac) and synchronization of the data packets. Broken into 2 sub layers, MAC and LLC.
Explain the two sub layers contained within the data link layer?
LLC - Logical link control.

Provides the logic for the data link, thus controlling synchronzation, flow control, and error checking functions. Sits above the MAC sublayer, and acts as liaison between the upper layers and the protocols operating at the MAC, lie ehternet, token ring, etc.

The MAC (Media Access Control) provides control for accessing the transmission medium. Physical addressing 9mac address) is addressed at the MAC. Responible for moving data packets from one nic to the other.
Explain layer 4?
The Transport layer breaks data received from the upper layers into smaller pieces for transport within the data packets created at the lower levels. f you need to transfer a chuck of data larger than 1500 bytes, the data must be broken into smaller pieces on the sending node and reassembled at the receiving node, as shown above. The protocols that typically handle this job include NetBEUI, SPX, UDP and TCP. Those all work in this layer. Provides for error recovery. Also handles addressing to ports.
Explain layer 5.
The Session layer responsible for setting up the connection between an app process on one pc and an app process on another pc. Resposible for establishing, monitoring, and terminating sessions. Adds header info to packets. Controls whether communication is full or half duplex.
Explain layer 6.
The Presentation layer allows different types of computers to communicate with each other despite the fact that they use different methods to store and express the same data, ie "data translation". Gateway services operate here, ie., different email systems, novell to microsoft.
Explain layer 7.
The Application layer in the OSI model provides a set of tools that programs can use to access the network. Application layer programs provide services to other programs—they aren’t the programs that the users themselves see.
apps that use this layer: ftp, telnet, smtp, pop3, imap4, http, nntp, snmp.
When troubleshooting networking, at what part of the osi should you start?
layer 1, and work your way up.
Name the 802 standards.
802.1 - standrads for MANs and LANs

802.2 - division of layer 2 into LLC and mac

* 802.3 - CSMA / CD (ethernet)

802.4 - Old token bus networks that use 75 ohm coax or fiber optics

* 802.5 - token ring

802.6 - MANs

802.7 - Broadband

802.8 - fober optic networks like FDDI

802.9 - ISDN

802.10 - VPN

* 802.11 - wireless

802.12 - 100vg anylan by HP. uses demand priority access method.
What is the difference between baseband and broadband?
baseband - all bandwidth on the medium is used to transmit a single digital signal

broadband - bandwidth on the medium is broken into channels that support a wide range of frequencies.
What is a collison domain?
A segment of cable on which two stations can't transmit at the same time without causing a collison. *like when using a huib.
What is CSMA / CA?
Mainly used on wireless and some token passing networks. Used to be used on Apple Talk.

Pc first tries to detect if there is a WS transmitting. If not, it transits, and waits for an ACK. If no ACK is received, it assumes a collison has happened and retransmits.
What is ICMP?
Handles errors related to IP packets. Used by ping and tracert.
What is IGMP?
Manages host membership in multicast groups. (groups of devices that listed for and receive traffic addressed to a specific, shared multicast ip)
What is ARP?
Address Resolution Protocol.

Maps ip addresses to MAC addresses. MAppings are stored in the arp cache.
IS TCP connection oriented or connectionless?

Tcp is connection oriented. It first makes the connection, then transmits.

UDP just transmits, and hopes it makes it. For this reason, it is faster, but less reliable.
What is Netbios over TCP?
Largely supplanted by DNS. If DNS is not available, netbios must be used for name services. Works at app layer 7. Resolves a netbios name to an ip address.
What is WINS?
Windows internet name service. Netbios name server that netbios clients can use to attain, register and resolve netbios names. Like netbios over tcp, but for larger networks, as the server does the work of resolving netbios names to ip addresses.
What are the 2 preferred methods of resolving Netbios names to ip addresses?
Lmhosts file or a WINS server.
What are the four node types that netbios uses to resolve names to ip addresses?
Broadcast (B-node)
Peer-to-peer (p-node)
Mixed (M-mode)
Hybrid (H-node)
What is SMB?
Server message block aka Common internet file system (CIFS)
USed for file and printer sharing, sharing serial ports and things like named pipes and mail slots.
What are windows sockets?
Winsock is an API for tcp/ip. Software that is developed for tcp/ip functionality can use this api. Ping, tracert, etc use it.
What is Telnet?
Emulation protocol that allows you to log onto a remote pc. The other pc must have the telnet client and the service must be running.
What two ports does FTP use?
Ports 20 and 21
What port does SSH use?
port 22
Port 23 maps to what?
SMTP maps to what port?
port 25
Port 53 maps to what?
HTTP uses what port?
port 80
POP3 uses what port?
port 110
Port 119 maps to what?
NTP uses what port?
port 123
Port 143 maps to what port?
HTTPS maps to what port?
Port 443
Port 137 maps to what?
(UDP) maps to the name service
Port 138 maps to what?
(UDP) maps to the datagram service
Port 139 maps to what?
(TCP) maps to the session service
Hubs operate at what layer of the OSI?
Layter 1 physical
What devices operate at the data link layer?
switches, bridges, NICs, and APs
Routers operate at what level of the osi?
layer 3 network
What port does tftp map to?
port 69
Explain IPX/SPX?
Novell networks -
ipx - connectionless, opereates at layer 3
spx - connection oriented, operates at layer 4
Uses Novell based version of RIP and NLSP routing protocols
Which ipx/spx protocols reside at the application, presentation, and session layers?
SAP, NCP, NetBios
Which ipx/spx protocol resides at the tranport layer?
Which ipx/spx protocols reside at the Network layer?
How long is an IPX address?
80 bits. 32 bits for the network number, and 48 bits for the node number.
Written in hex format.
What OS's do not support IPX/SPX
Unix and Linux
What addresses are reserved in IPX addressing?

Also, there is no broadcast network number
Where does the AFP protocol for Appletalk map to in the OSI model?
Application and presentation
What are the four appletalk media-access protocols?
ethertalk - appletalk over ethernet.
localtalk - appletalk over phone wire.
tokentalk - appletalk over token ring.
fdditalk - appletalk over fddi.
What are the five key appletalk protocols that map to the transport layer?
appletalk echo protocol(AEP)- like ping
Appletalk transaction protocol (ATP) - makes sure that communcations between a source and destination socket occur without any loss.
Name Binding protocol (NBP) - maps names to addresses
Routing table maint. protocol (RTMP) - based on ip rip
Apletalk update-based routing protocol (AURP) - an ext of rtmp. sort of a vpn type deal.
What is AFP?
Appletalk filing protocol. Sits at layers 6,7. Allows files to be shared over a network.
Appletalk addressing scheme?
network number is 16 bits. Can be 1 - 65,279

node number - 8 bits. valid is 1-253

socket number - 8 bits. kind of like a port in tcp/ip. 1-127 are statically assigned. 128-254 can be dynamically assigned.

example address - 5.3.20
(network 5, node 3, socket 20)
What are the 2 types of Appletalk networks?
Phase 1 and 2

1 aka non-extended networks have a limit of 253 nodes.

phase 2 aka extended networks overcomes the 253 limit by using a cable range, which uses a range of networks as a single network.
What tcp/ip protocols reside at the top 3 layers?
FTP, HTTP, Telnet, SMTP, and many others
What tcp/ip protocols reside at the transport layer?
What tcp/ip protocols reside at the network layer?
What tcp/ip protocols reside at the bottom two layers?
Ethernet, Token Ring
Basic difference between ipv4 and ipv6?
v4 v6
32 bits 128 bits

Review pages 332,333 before test
Name the four basic rules for network id's?
cannot begin with 127
cannot have all bits set to 1
or 0
must be unique on the network segment. each segment must have its own network id.
Name the class ip ranges.
Class A: 1-126 (left most bit always set to 0)

Class B: 128 - 191 (first 2 bits always 10)

Class C: 192 - 223 (first 2 bots always 110)

Class D: 224 - 253 (first 4 bits always 1110. used for multi-casting)
Formula for finding the number of networks or hosts?
For hosts (2^n)-2 n = # bits

For networks, its the same basic formula, but subtract the number of bits that cannot be changed before calculating. That means -1 for a, -2 for b, and -3 for c. So, for class C, it's 24 bits for the network id, but we subtract 3 for the 110 that are fixed. So, we have 2^21 = 2,097,152.
How to determine how many bits to take from the host when subnetting?
Example 2 subnets are needed. Counting from the right, 1 bit would work, because 0 and 1 can be used. If we need 8 subnets, we need three bits 1 + 2 + 4 = 7, but we use 0 meaning 8 subnets.
What is VLSM
Variable length subnet mask -
they conserve ip addresses by tailoring the mask to each subnet. used in conjuntion with a routing protocol.
What are the private addresses for each class?
Class A - 10
Class B - 172
Class C - 192
What is apipa and the range of it?
Automatic private IP addressing. Happens when DHCP is down. System assigns a random address begginning with 169.254.
Explain multicast, broadcast, and unicast.
Unicast is host to host

Broadcast goes to all hosts

Multicast used alot with videoconferencing or to push updates. Uses IGMP and UDP based. Hosts join the multicast address. Saves a lot of bandwidth.
What is the range of class D addresses?
224 - 239
Always starts 1110
*Any answer higher than 239 is wrong
What is a host file?
Used in place of DNS for very small networks only. Provides host name resolution to ip address. Can also use the FQDN to map to the ip. Main thing is it maps to dns. Do not save with a txt ext. Made more for wan than lan traffic generally.
What is an Lmhosts file?
Provides netbios name resolution. Wins does it now for the most part, but this file can be used in place of wins on small networks. Lan not wan.
What is arp and rarp?
Address resolution protocol (R = reverse)
Resolves a known ip address to a MAC address.
Reverse resolves a known MAC to an IP.
The two most common routing protocols are:
RIP - Routing info protocol
OSPF - Open shortest path first
RIP determines routes based on the number of hopss. No route is allowed over 15 hops (important fact!)
Therefore, it's best on smaller networks.

OSPF is a link state protocol, and good for large networks.
Name four commonly used routing utilities?
Route: Used to view and modify entries in the routing table.
Ping: Uses ICMP
Tracert: ICMP echo to determine route.
Pathping: used to discover the path between a host and destination
What is SFTP?
A secure encrypted form of FTP.
What is TFTP?
Trivial file transfer protocol. Less overhead and quicker than normal ftp.
What is SSH?
Secure socket shell, or secure shell. It's nothing more than encrypted Telnet. Uses port 22.
How do you view the arp cache on a pc?
How do you add an entry?
arp -a to view

arp -s to add
What is NTP?
Network time protocol.
USes port 123
What is NNTP?
Used for managing message posted to private and public newsgroups. Think Outlook Express news reader.
Uses port 119.
What is SCP?
Secure copy protocol.
Securely copy files between hosts on a network.
What is LDAP?
Lightweight version of the X.500 global directory service aka DAP. Think Edirectory and active directory.
* Uses port 389
What is NAT?
NAT permits an ip address to appear differently outside the network, then it does inside it. CAn use a private address on the inside. It basically "hides" the internal ip address from external internet users, which provides another layer of security to the network.
What is SNMP?
Simple network management protocol.
Provides a way to gather all sorts of statistical information. Makes uses of MIB (Management inforamtion base)
What port does Ldap use?
Port 389
What is NFS?
Network file system.
Ensures that different makes of pc's running different OS's cna share files and disk storage. Only one protocol in a suite that includes RPC, XDR, and others.
What is SMB?
Server message block.

This is what makes file and printer sharing work.
Whata is LPD?
Line printer dameon.

Works with LPR. Standrad UNIX printer service.
Microsoft's implemenation of IPX/SPX is called:
Explain some differences between DNS and WINS.
DNS: Used by Sockets applications.
Database built manually
Text file alternative is HOSTS

WINS: Used by NetBIOS applications
Database built dynamically
Text file alternative is LMHOSTS
Name the two switching methods?
1 - Circuit switching
2 - packet switching

1 is not always available. connection must be initiated first. info arrives in the same order it was sent. ex - ISDN

2 is always on. More efficient and robust. not the same as dedicated bandwidth like t1. Ex - ATM, SMDS, and X.25.
Name the T and E carrier lines and speeds.
T1 - 224 channels at 64kbps = 1.5 mbps
T3 - 672 channels = 43mbps
E = European
E1 - 32 channels = 2 mbps
E3 - 35 mbps

So in order of speed from highest down:
E1 - 2
T1 - 1.5
Fiber - 100Mbps dual ring token passing
the two types of ISDN?
BRI - basic rate interface:
Uses 2 B and one D channel = 128Kbps. D channel can carry 16kbps, but usually used for signaling.

PRI - primary rate interface:
23 B channels a 1 D channel = 1.544 Mbps. D channel = 64kbps.
What is X.25?
WAN standard for packet switching network.
layers 1,2,3.
What is SONET?
Synchronous Optical Network - extrmely high speed. Uses fiber in dual counter rotation rings. Ocx levels from OC1 - OC-768.
Oc1 = 51.84 Mbps
OC-768 = 40 Gbps
Difference between Adsl and Sdsl?
A = asynchronous - download much faster than upload.

S = synchronous - upload/download are the same speed.
What is RAS?
Remote access server - Allows users to connect when on the road. Provide some form of authentication and then connect the user to the network. Can use chap, ms-chap, pap, or Eap.Pap = least secure. Eap best, and can use 3rd party methods like smart cards or kerberos.
What is slip?
Serial line internet protocol. Used to encapsulate data for transmission - Old - rarely used - only works with ip - requires static ip address.
What is PPP?
Point-to-point protocol.
Used to encapsulate data for transmission - more stable than slip - provide error checking - works at layer 2 - allows use of dhcp - can use other protocols other than ip.
What is IPSec?
open standard for encrypting data.
*Implemented at the network layer, not app layer.
That means it is not app dependent, so users do not have to configure each appl ication to ipsec standards.
What are the two IPSec modes?
Transport mode - specifies that data only is encrypted. pos - faster speed. neg - less secure

Tunnel Mode - Both the data and the IP headers are encrypted. - disadvantage is less speed, bit more secure.
What two security protocols make up IPSec?
AH and ESP
AH = Authentician header.
ESP = Encapsulating security payload
ESP encrpyts the data.
AH signs the data
NAT can mess up AH but not ESP
What are the types of IPSec authenication?
IKE = Internet key exchange - provides a secure exchange of a shared key.
Digital Signature via a certificate authrority
name the differences between PPTP and L2TP?
pptp = port 1723 - uses tcp - will only work over ip networks.

l2tp = port 1701 and uses udp - not supported in win 9.x or nt 4 without an add-in - requires IPSec in order to offer encryption - offers radius and tacacs+ - often implented as hardware solution - requires two levels of authentician so it is more secure.(computer and user level)
What is TLS?
Transport layer security - does NOT operate at transport layer, is higher than that. Related to SSL to work for browser security.
What makes WPA better than WEP?
TKIP. Temporal Key Integerity Protocol. Adds more encryption benefits to wireless inclduing a message integerity check.
How is EAP used on a wireless 8021x network?
When a user wants to access the network, EAP (extensible authentication protocol) passes messages between the suplicant (user) and the authenticator. The user is placed into an unauthroized state, and the only messages sent during this time are EAP start messages. Once a correct credentials are supplied then the authenticator changes the user to authorized.
Name the common authentication protocols?
CHAP, MS-CHAP, PAP, Kerberos
What is CHAP and MS-CHAP?
These are authentication protocols.
CHAP = Challenge handshake authentication protocol.
Used for access to remote resources. It periodically verifies the identity of the peer using a 3-way handshake. 1) authenticator sends a challenge
2) client responds with a value using a one-way hash function
3) The authenticator claculates the expected hash value to make sure it matches
4) at random intervals, this process repeats.

MS-CHAP - Microsoft extension for chap -
The MS-CHAP Response packet is in a format designed for compatibility with Microsoft's Windows NT 3.5, 3.51 and 4.0, and Windows95 networking products. The MS-CHAP format does not require the authenticator to store a clear-text or reversibly encrypted password.
MS-CHAP provides authenticator-controlled authentication retry and password changing mechanisms.
MS-CHAP defines a set of reason-for-failure codes returned in the Failure packet Message field.
What is PAP?
simplest form of authentication. PAP is the weakest - password is sent in cleartext
What is Kerberos?
authentication protocol - provides mutual authentication — both the user and the server verify each other's identity.
makes use of a trusted third party, termed a Key Distribution Center (KDC), which consists of two logically separate parts: an Authentication Server (AS) and a Ticket Granting Server (TGS). Kerberos works on the basis of "tickets" which serve to prove the identity of users.

The KDC maintains a database of secret keys; each entity on the network — whether a client or a server — shares a secret key known only to itself and to the KDC. Knowledge of this key serves to prove an entity's identity. For communication between two entities, the KDC generates a session key which they can use to secure their interactions. check p473 and here for review b4 test -
What is RADIUS?
Remote authentication dial-in service - AAA (authentication, authorization and accounting) protocol for applications such as network access or IP mobility. It is intended to work in both local and roaming situations. Uses UDP.
What is TACACS/+
Similar functions to RADIUS.
TACACS - oldest from arpanet days. Offers authentication and authorization but not accounting tools. *Uses UDP.

TACACS+ - Cisco developed version. Allows centrialized management to remote access components. Also separates the AAA functions. *Uses TCP. Proprietary version by Cisco and Not compatible with other versions.
Use this over RADIUS or TACACS if reliable transport (tcp) and sensitvity to packet disruption is important.
What protocol runs over the data link layer and does not require the use of IP, and works with diverse authentication protocols like RADIUS, CHAP and TLS?
Supports multiple authentication protocols like token cards, Kerberos, one time passwords, pluble key authentication and smart cards.
Min specs for installing Windows server 2003?
133 Mhz CPU
128 MB RAM
1.5 GB HD

550 Mhz cpu
256 RAM
If you are upgrading from NT 4.0 to Windows Server 2003, what must you have?
Service pack 5 or higher
On Win server 2003, what groups can create accounts by default?
Account operators
Domain Admins
Enterprise Admins
What are some of the things you can do within the Computer Management utility?
Managing disks
Managing user connection to a server
Creating shared folders
Managing IIS
Accessing removable storage like backup tapes and usb devices
Device mgr
What must a Mac or Linux pc have to connect to an AD domain?
Client services for Macintosh/UNIX
What do earlier versions of Windows use for Authentiucation on the server? How about newer clients contacting AD?
NT 4.0, Win 3.1, or Win 9x uses either LAN Manager (LM) or NT LAN Manager (NTLM).

Win 2000, XP or Win server 2003 use Kerberos. All AD servers are backwards compatible to NTLM.
What are shadow copies?
Used on Win server 2003. If the clietn software is installed, users can right click the file name, and view previous versions that were backed up via shadow copies.
How are permissions determined.
In general, the most permissive is granted, unless it is explcitly denied, in which case, the user has no rights at all.
What are leaf objects in Novell?
Objects that do not conatain any other types of objects - pritner, user, group etc.
Installation requirements for netware 6.5?
512 ram
svga display adadpter
200 mb free space
2 GB free space on another partition

1GB ram
4GB space on another partition
What does Novell Netware use for Authentication?
NMAS - Novell Modular Authentication Service.
Bundled with 6.5 or later.
Single login for all netware resources.
What is BorderManager?
Provides firewall and VPN services for Novell networks.
Whata is Groupwise?
Provides email and other collaboration services for Novell networks.
What is DirXML?
Provides a way for Novell networks to sync info between Edirectory and NT domains, AD, and 3rd party solutions like Peoplesoft and Lotus Notes.
How do you create new users and groups from the Linux command line?
useradd command

groupadd command
Common command line commands for linux.
cd - change dir
ls - = dir in dos
cp - copy
mv - move
cat - view the contents of a file
more - to view a file one screen at a time
vi - text editor
man - help page for all built in linix commands
What is LDAP?
Lightweight Directory Application Protocol.
It is the authentication service used for Linux, Solaris, UNIX, etc.
SASL and TLS/SSL increase security
What port does LDAP and Secure Ldap (LDAPS) operate on?
LDAP = port 389

LDAPS = port 636
What is PAM?
Pluggable Authentication Modules - Can be used to allow authentication to servers accross various platforms. Solaris, Linux etc can use it.
What is the Workgroup Manager in OS X?
Tool to create and manager user and group objects.
Name five Mac server NOS apps for clients accessing the server?
Software Update Server - updates
Ichat Server - IM
Weblog server - Blogging
SpamAssasin - Spam filtering
ClamAV - AV protection
What does an Punch down tool do? (aka impact tool)
Allows you to connect Ethernet cabling to a walkk jack using a series of metal pegs and wires.
What is Multilink?
Allows you to combine multiple modem links into a single faster connection.
What is the Bandwidth Allocation Protocol?
Used in conjection with Multilink. BAP is used to manage multilink so that multiple connection are not wated unnecessarily. Using BAP, a connection can automatically add and remove multilink connections as needed.
What tunneling protocol does NT 4.0 supprt?
PPTP ONLY! No other ones.

L2TP/IPSec is supported by Win 2000 and later.
Describe the diifferent remote access (VPN) types for differing servers.
Windows - RRAS
Netware - BorderManager
Linux - PPTP and L2TP/IPSec using open source firewalls.
Mac OS X - L2TP
Appleshar IP - Apple Remote Access (ARA)
Microsoft Client for NetWare Networks that comes with Windows 9x has two key weaknesses. Name them?
First, it cannot connect to NetWare servers via TCP/IP - must use IPX/SPX.

Second, the Microsoft Client for NetWare Networks does not understand Novell Directory Services, or NDS, which is NetWare’s default security and directory system for NetWare 4 and 5.

(it does work with Edirectory)

Novell’s Client32 enables Windows 9x clients to connect to a NetWare server using either IPX/SPX or TCP/IP, in addition to providing full support for NDS
Name a couple of issues with NEtware 3.x that make it not the server OS of choice?
No native TCP/IP support - uses IPX/SPX

No NDS or centralized security database. If more than one server is in use, a user must log in to each one.
What improvements were made in Netware 4.5 over 3.5?
Support for TCP/IP encapsulation, and NDS.
What improvements were made on Netware 5.5 over 4.5?
NetWare 5.x removes the need for TCP/IP encapsulation, enabling NetWare to run TCP/IP natively. Native TCP/IP means that NetWare 5 no longer needs to use IPX/SPX at all—although it can, for backward compatibility. Because NetWare 5 can speak TCP/IP natively, it performs far more efficiently when using TCP/IP than NetWare 4.
What is the directory called in Netware 3.5?
NetWare 3.x used a directory called the Bindery
Name three ways Unix systems can share files?
FTP - works justs like windows FTP.

Network File System, or NFS - enables two UNIX systems to treat files and directories on another UNIX host as though they were local files. User A "mounts" user B directory, and it appears to be a local folder.

SAMBA - enables UNIX systems to communicate using Server Message Blocks, or SMBs. To a Windows-based system running a Client for Microsoft Networks, a UNIX system running SAMBA looks just like any Microsoft server.
What is the difference between share level and user level security?
Share Level - a network administrator assigns each shared resource a password. All users attempting to access the resource must supply the password. Network administrators usually consider share level control to be weak and difficult to manage.

User Level - A user account defines the rights and privileges of a specific person who accesses a computer system or network.
What is Client32?
enables Windows 9x clients to connect to a NetWare server using either IPX/SPX or TCP/IP, in addition to providing full support for NDS. An alternative to Microsoft Client for NetWare Networks.
The most common DB connectors used in the networking world are the female DB-15 connector used on 10Base5 Ethernet networks and the female DB-9 used on older Token Ring cards. The Network+ exam assumes that you know these connectors as well as the standard connectors used in the back of PCs, such as the female DB-25 for parallel ports and the male DB-9 or DB-25 for serial ports.
Identify this item.
10Base5 card using a female DB15 aka DIX connector
What is this?
Centronics connectors are the D-shaped connectors on the back of printers. They do not have true pins; instead, they use a single blade that contains some number of flat tabs that make the connection.

While these connectors don’t really use pins, the term pins is still used with Centronics to reflect the number of tabs. Centronics have both female and male versions, and only come in two common sizes: the famous 36-pin version found on the backs of printers and the increasingly rare 50-pin used with SCSI devices. This one is a female 36-pin Centronics printer connector.
What is this?
Identify these cables?
The left is an SC connector. The right is an ST connector.
What is this?
A fiber optic NIC with SC connectors. The ST and SC connectors control the overwhelming majority of all fiber installations within the world of PC networking, but they are certainly not the only ones. Some fiber networks use a very special networking topology called Fiber Distributed Data Interface, or FDDI.
Identify the connector.
The special connector shown here is used exclusively by FDDI networks. FDDI connectors are very rare, but you may see them on the exam as a possible type of fiber optic connection.
Identify the card and connector.
10Base5 NICs use a female, 15-pin DB connector. Officially, this connector is called a DIX connector, short for Digital-Intel-Xerox. The DIX connector goes to the AUI, or Attachment Unit Interface. many people call the DIX connector the AUI.
Identify the card and connector.
10Base2 NICs have a BNC connector, as shown here. The BNC connector attaches to the network cable via a T-connector.
Identify the card.
The 10BaseFL and 100BaseFX standards account for about 99% of implementations of Ethernet running over fiber optic cable. As their names suggest, 10BaseFL runs at 10 megabits per second while 100BaseFX clips along at 100 megabits per second. Like most fiber networking standards, you can see either SC or ST connections used on their NICs, even by cards from the same manufacturer.
Token Ring NIC connectors come in only one of two types. Name them.
The older and still quite common connector is a female DB-9. The cable runs from the back of the PC to an MSAU, or Multi-Station Access Unit.

The newer, and increasingly more common, connector is—you guessed it—an RJ-45.
What is a UART?
The UART takes digital serial data from the modem and converts it into parallel data that makes sense to the PC. A serial port is really just a connection to a UART. External modems don’t have UARTs and must connect to a serial port on the PC. Internal modems are really a UART and a modem on one card. An internal modem, therefore, brings its own UART to the PC.

(Exception is winmodem, which does not have an onboard UART and relies on the cpu)
Name the IRQ's and their default function.
IRQ Default Function Available?

IRQ 0 System Timer No
IRQ 1 Keyboard No
IRQ 2/9 Open for use Yes
IRQ 3 Serial ports Yes
IRQ 4 Serial ports Yes
IRQ 5 Second parallel port Yes
IRQ 6 Floppy Drive No
IRQ 7 Primary parallel port No
IRQ 8 Real-Time Clock No
IRQ 10 Open for Use Yes
IRQ 11 Open for Use Yes
IRQ 12 Open for Use Yes
IRQ 13 Math-Coprocessor No
IRQ 14 Primary Hard Drive Controller No
IRQ 15 Secondary Hard Drive Controller No
Name the DMA channels and their default function.
DMA Channel Default Function Available?
DMA 0/4 System No
DMA 1 Open for Use Yes
DMA 2 Floppy Drive No
DMA 3 Open for Use Yes
DMA 5 Open for Use Yes
DMA 6 Open for Use Yes
DMA 7 Open for Use Yes
Name the four types of system resources a device may require.
I/O Address
Memory Address

Nics and modems use the first two. Very few devices use memory addresses in modern PCs; in fact, only video cards still commonly use memory addresses. Most NICs today do not require memory addresses, but a lot still do.

*Just remember that there are four of them—I/O address, IRQ, DMA, and memory address—and that all NICs and modems will need an I/O address and an IRQ. Only NICs might need a DMA channel or a memory address
List the ports and their i/o address and IRQ number.
Port Name I/O address IRQ
COM1 03F8 4
COM2 02F8 3
COM3 03E8 4
COM4 02E8 3
LPT1 0378 7
LPT2 0278 5
What is a Bastion host?
A pc located in the dmz with strong host level protection and minimal services. Used as a gateway between inside and outside of network. Normally not the firewall, but is often used as a distraction to lure hackers away from more critical network resources.
What is stateful packet filtering?
process used to inspect packets as they reach the firewall and maintain the state of connection by allowing or disallowing packets to pass based on the access policy.
What is a screened subnet?
Isolated network containing hosts that need to be accessible from both the untrusted external network, and internel network. Often part of a dmz implentation.
page 565
What is application layer filtering?
Connections are analyzed all the way up to the application layer.
What are the two types of NAT?
Static: a permanent one-to-one mapping gets established between a local and global host.
Dynamic: define a pool of addresses to pull from
What is the main vulnerabilty of running a software based firewall as opposed to a hardware based one?
An attacker may try bypassing the firewall be exploting a software vulnerability of the underlying OS.
What is the MS ISA Server?
Mcrosoft Internet Security and Accelration server -
Used for application layer firewalling, content filtering, NAT, VPN server, and web caching. An all in one security package.
What is IP Chains?
It's a software based firewall for Linux and Unix.
What ip security protocol allows you to build some security features directly into tcp/ip packets?
Name some of the common attacks/vulnerablities of TCP/IP.
Denial of Service
Distributed DOS - the same but uses agents/zombies to launch the attack on a wider scale.
Ping of Death - Launched by making an ip packet larger than the max of 65,536 bytes
Teardrop - Crates ip fragments that don't match up when put back together (100-300 / 200-400)
Ping Flood or storm - ties up a specific machine by sending a large number of ping packets.
Mail Bomb attack - overwhelms a mail server
Port Scanning - uses a port scanner to listen for open ports.
What is a virtual LAN (Vlan)
*operate at the date link layer.
Configured on a switch. Even if pc's are spread out, can be configured as if they are on a single lan segment. Can be done via port number on the switch, mac address, 802.1q, or ISL(cisco only)
Name the types of viruses.
Virus - needs to be exucuted by a user, then replicates itself.
Worms - A worm can replicate itself without user intervention.
Logic Bombs - Payload happens when certain conditions are met like a date.
Macro Virus - VBA virus
Trojan Horse - Hides in a program that seems legit.
Name the raid levels with very brief description.
Raid 0 - Disk striping. 2 + disks
Raid 1 - Mirroring
Raid 2 - Disk stiping with error correction codes accross disks.
Raid 3 - Same as 2, except the correction info is stored as parity bits on one disk. 3 + disks.
Raid 5 - Disk striping. Parity bits stored on multiple drives. 3-32 disks.
Note - there are others but wont be on the test. Pay special attention to 0, 1 , and 5.
Whata is duplexing as it concerns raid?
It's a raid 1 mirror but also has additional fault tolerance as it uses a separate disk controller for each drive.
Advantages/disadvantages of Raid 1?
advantages - fault tolerent
faster read performance because it pulls from both.
dis - slower write speeds as it has to write to both disks.
Advantages/disadvantages of Raid 0?
Advantages - can use 3-32 discs. Data is read/writen equally to each one equally in same size blocks, so it increases performance. Acts as one drive.
Disadvantage - if one drive fails, the set is destroyed.
What is clustering?
Grouping indivdual pcs or servers together to work as a single unit. To the user, it would act as one server. If a node does not send out its "heartbeat" a failover occurs and the resources of that pc will be taken offline, and another one of the nodes in the cluster will take care of those services.
Name the 4 types of backups.
Full - everything. Archive bit is changed to indicate the file was backed up. Longest time to back up, fastest to restore.
Incremental - Backs up anything that has changed since the last full, incremental, or differential backup. Does change the archive bit. Least time to back up, more time to restore than differential.
Differential - Backs up anything not backed since the last full backup only. So, it does not alter the archive bit. More time to backup, less to restore than incremental.
Copy - Full backup, but doesnt change the archive bit, so if an incremental is done later, it won't know the copy backup had been done, and will proceed as normal.
What is ifconfig?
Same as ipconfig, but used on linux/unix systems.
Name the 3 logs in event viewer and brief description?
Application log - events logged by programs.
Security log - login attempts, and other security issues.
System log - things like events about drivers, warnings on low disk space etc.
Name the two types of internal SCSI connectors.
There are two types of internal SCSI connections, both of which are inserted into a ribbon cable, just like EIDE: the 50-pin narrow connection and the 68-pin wide SCSI.
Name a common external SCSI connector?
The oldest external SCSI connection is a 50-pin Centronics. Although it’s dated, a large number of SCSI devices still use this connector. It looks like a slightly longer version of the printer Centronics connector.
Name the common host adapters for SCSI
Many host adapters use a female DB-25 connector. DB-25s have been on Apple computers for many years, but they are fairly new to PCs. This SCSI connector is identical to a PC parallel port. If you plug your printer into the SCSI port, or a SCSI device into the printer, it definitely will not work—and in some cases it may damage devices!
What do most modern SCSI devices use to connect?
Most modern SCSI devices now come with the special, SCSI-only, High Density DB connectors. High Density DB connectors look like regular DBs at first, but have much thinner and more densely packed pins. High Density DB connectors come in 50-pin and 68-pin versions. The 50-pin version is much more common.
Name this device.
This is a SCSI-only, High Density DB connectors called a DB-50.
Name the three kinds of tapes commonly used for backups.

QIC - QIC, or Quarter Inch Tape, is an old standard that’s rarely used in any but the smallest of networks. Imation Corporation created an improved QIC format called Travan that is quite popular, again on smaller networks, with capacities up to 8 gigabytes

DAT - DAT tapes have much higher storage capacities than QIC/Travan tapes—up to 24 gigabytes—and are popular for medium-sized networks.

DLT, or Digital Linear Tapes, are quickly becoming the tape backup standard of choice. DLT is a relatively new standard that has massive data capacity—up to 70 gigabytes. DLT is very fast, incredibly reliable, and quite expensive compared to earlier technologies. When the data is critical, however, the price of the tape backup is considered insignificant. DLT drives use a SCSI connection.
What is plenum cable?
Fire rated cable. 3-5 times more expensive.
What is this?
This is a cheap cable tester. It will test continuity and other basic things, but both ends of the cable must be plugged into the same device, so if the cable is run, it's useless. Instead get a Time Domain Reflectometer.
What is this?
Time Domain Reflectometer, or TDR, a type of cable tester. It has the ability to determine the length of the cables. They can also tell you where a break is located.testers will have a small loopback device that inserts into the far end of the cable, enabling them to work with installed cables. These are the types of testers you want to have around.
What is this?
A very high end cable tester. Can tell you everything a TDR can and then some. In some cases it can literally draw a schematic of the entire network for you, including neat stuff like the MAC addresses of the systems, IP or IPX address, and so on. $2000
What is this?
This is a tone generator aka fox and hound. Place this device on a cable, take the "hound" to the other end and when it is near the correct cable, it will make a sound.
Difference between an active and passive hub?
Active will boost the signal, passive transmits only without any boost.
What is pathping?
Win XP, 2000, 2003 only. Combines tracert and ping.
What is Netstat?
Provides info on each protocol and port on a pc that is listening or that has established a connection with another pc.
Listening = a port is open and waiting for connections, but no active connection exists currently.
Established means the connection is active.
Name some common switches for Netstat?
-a: Shows the listening ports not just active.

-b: displays the name of the exe that created each connection

-e: Displays ethernet stats for the local pc.

-r: Displays the routing table for the local pc
What is Nbtstat?
Similar to netstat, but it displays info specfic to netbios over TCP. Will show you the netBT protocol stats and netbios name tables for local and remote pc's. Also allows you to display and refresh the netbios cache.
Name some common nbtstat switches.
-a: displays the netbios name cache for a remote pc, specified by the host name.

-A: same as above except by ip address

-c: displays the name cache that has alreadyh been resolved on the local pc.

-n: displays the netbios names that are registered for the local pc.

-r: displays netbios stats for the locl pc.

-R: will purge the contents of the netbios cache on the local pc. Will also reload any entries in the lhhosts file that have the #PRE tag.

-RR: will release and refresh any netbios names that are registered on the local pc. **Especially useful if u change the name and need to quickly remove cached entries.

-s: Will display and existing netbios sessions.
What is Nslookup?
Allows you to test and query the records stored in the DNS server. Can be used in command or interactive modes.
What is the difference between command and interactive modes when using nslookup?
Command mode: used to perform a single query. ex: nslookup www.yahoo.com

Interactive mode: Used to perform multiple queries. To enter interactive mode type nslookup at the command prompt.
What are some of the common commands when using nslookup in interactive mode?
Set [no] debug: turns debugging on or off.

set domain = name: Sets the default name for any queries.

set root = name: Sets the root server being used.

set querytype = X (X can be Cname records, MX records, NS and SRV records and more)
Restricts the query type so that it only returns a particular type of records.
What is the route command?
Displays the routing table for the local pc.
What is the dig command?
Linus equivelent to nslookup for windows pc's. Sends queries to dns servers to troubleshoot name resolution issues.
see p715
How can u verify the network number and frame type for a windows pc?
By typing ipxroute config at the command prompt.
What is a common item to check if there are connectivity issues connecting to a Netwarae server?
Check the fram type. Versions prior to Netware 4 used 802.3 as the fefault, and Netware 4.0 and later use 802.2