Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
250 Cards in this Set
- Front
- Back
|
A(n) ____ is the place where a telephone company terminates lines and switches calls between different locations. |
CO (Central Office) |
|
|
Because WAN connections require routers or other Layer 3 devices to connect locations, their links are not capable ofcarrying ____ protocols. |
nonroutable |
|
|
Broadband cable requires many subscribers to share the same local line, thus raising concerns about ____ and actual(versus theoretical) throughput. |
security |
|
|
A ____ connection is one in which a user connects her computer, via a modem, to a distant network and stays connected fora finite period of time. |
dialup |
|
|
At the customer’s demarcation point, either inside or outside the building, RJ48connectors terminate in a ____. |
smart jack |
|
|
____ WANs are the most faulttoleranttype of WAN because they provide multiple routes for data to follow between any twopoints. |
Mesh |
|
|
What sets ATM apart from Ethernet is its ____ size. |
fixed packet |
|
|
____ is an updated, digital version of X.25 that also relies on packet switching. |
Frame relay |
|
|
ISDN PRI uses ____ B channels and one 64KbpsD channel. |
23 |
|
|
____ means that a telephone company connects residential users to its network with fiberopticcable. |
PON (Passive Optical Network) |
|
|
The individual geographic locations connected by a WAN are known as ____. |
WAN sites |
|
|
A ____ aggregates multiple DSL subscriber lines and connects them to the carrier’s CO. |
DSLAM (Digital Subscriber Line Access Multiplexer) |
|
|
A ____ converts digital signals into analog signals for use with ISDN phones and other analog devices. |
terminal adapter |
|
|
The speed of a Tcarrierdepends on its ____ level. |
signal |
|
|
On most modern WANs, a ring topology relies on ____ rings to carry data. |
redundant |
|
|
WANs typically send data over ____ available communications networks. |
publicly |
|
|
The data rate of a particular SONET ring is indicated by its ____, a rating that is internationally recognized by networkingprofessionals and standards organizations. |
OC (Optical Carrier) level |
|
|
The ____ encompasses the entire telephone system, from the wires that enter homes and businesses to the network centersthat connect different regions of a country. |
PSTN (Public Switched Telephone Network) |
|
|
In a process called ____, two 64KbpsISDN B channels can be combined to achieve an effective throughput of 128 Kbps. |
bonding |
|
|
The portion of the PSTN that connects any residence or business to the nearest CO is known as the ____. |
local loop |
|
|
SONET’s extraordinary ____ results from its use of a doubleringtopology over fiberopticcable. |
fault tolerance |
|
|
A(n) ____________________ combines individual SONET signals on the transmitting end, and another multiplexer separatescombined signals on the receiving end. |
multiplexer |
|
|
A(n) ____________________ uses TDM (time division multiplexing) over two wire to divide a single channel into multiplechannels. |
T-Carrier (one of several digital transmission systems developed by Bell Labs) |
|
|
A(n) ____________________ node in synchronous communications recognizes that it should be receiving data by looking atthe time on the clock. |
receiving |
|
|
____________________ encapsulates incoming Ethernet or token ring frames, then converts them into ATM cells fortransmission over an ATM network. |
LANE (LAN emulation) |
|
|
____________________ are connections between network nodes that, although based on potentially disparate physical links,logically appear to be direct, dedicated links between those nodes. |
Virtual circuits |
|
|
Occurs when downstream throughput is higherthan upstream throughput. |
asymmetrical technology |
|
|
Refers to the Tcarrier’sPhysical layerelectrical signaling characteristics as definedby ANSI standards in the early 1980s. |
signal level |
|
|
Contains a single site acting as the centralconnection point for several other points. |
star topology WAN |
|
|
Contain sites that are connected in star or ringformations are interconnected at differentlevels, with the interconnection points beingorganized into layers to form hierarchicalgroupings. |
tiered topology WAN |
|
|
Incorporates many directly interconnectedsites. |
mesh topology WAN |
|
|
Occurs when data travels from the customer tothe carrier’s switching facility. |
upstream |
|
|
Provides equal capacity for data traveling bothupstream and downstream. |
symmetrical technology |
|
|
Occurs when each site is directly connected tono more than two other sites in a serial fashion. |
bus topology WAN |
|
|
Occurs when data travels from the carrier’sswitching facility to the customer. |
downstream |
|
|
Define a fractional T1 and explain why an organization might implement it. |
An arrangement that allows a customer to lease only some of the channels ona T1 line. They may expect theirtraffic to grow and that may require a full T1 eventually, but can't currently justify leasing a full T1. |
|
|
Explain how ATM relies on virtual circuits. |
It helps ATM maintain point-to-point connection-oriented transmissions. (ATM, Asynchronous Transfer Mode, provides functionality that is similar to both circuit switching and packet switching networks: ATM uses asynchronous time-division multiplexing, and encodes data into small, fixed-sized packets (ISO-OSI frames) called cells.) |
|
|
Describe an important difference between frame relay and X.25. |
x25 was analog and frame relay incorporated digital signalling into the transmission. |
|
|
List and describe the key strengths of SONET. |
Integrates many WAN technologies, allows for simple link additions and removals, and had a high degree of fault tolerance. |
|
|
Define the term xDSL and name the better known DSL varieties. |
xDSL is all types of DSL. The varieties are ADSL, G.LITE, HDSL, SDSL, VDSL, and SHDSL. |
|
|
Describe the most important advantage of SONET. |
high degree of fault tolerance |
|
|
Define and describe a PSTN. |
Public switched telephone network. The system and equipment that provides telephone service to most homes. This system caries digitaland analog data. |
|
|
Explain how a cable modem is utilized in broadband cable connections. |
The modem converts signals into a recognizable style for capsulazation and decapsulazation. |
|
|
Describe the fundamental properties WANs and LANs have in common. |
They connect multiple clients for file transfer and peer to peer communication. They also offer a more secure environment. |
|
|
In a star topology, a single connection failure will halt all traffic between all sites. - THIS IS A FALSE QUESTION. NEED TO FIND THE CORRECT ANSWER. |
|
|
|
____________________ does not convert a computer’s digital signals to analog before transmitting them over the PSTN. |
Dialup ISDN |
|
|
__________________specifies framing and multiplexing techniques at the Physical layer. |
SONET |
|
|
Why is SONET technology typically not implemented by small or mediumsizebusinesses? |
expense |
|
|
ATM is a WAN technology that functions in the _________________________________. |
Data Link layer |
|
|
After SONET, BPL has the best maximum throughput available. - THIS IS A FALSE QUESTION. NEED TO FIND THE CORRECT ANSWER. |
|
|
|
The ____________________ is a unique character string used to identify an access point. |
ssid (Service Set Identifier) |
|
|
The use of multiple frequencies to transmit a signal is known as ____________________ technology. |
spread spectrum |
|
|
802.11b and g signals can extend a maximum of ____________________ feet and still deliver data reliably. |
330 feet |
|
|
____________________ means that satellites orbit the Earth at the same rate as the Earth turns. |
Geosynchronous orbit |
|
|
A(n) ____________________ assesses client requirements, facility characteristics, and coverage areas to determine an access pointarrangement that will ensure reliable wireless connectivity within a given area. |
site survey |
|
|
Boasts a maximum throughput of 600 Mbps. |
802.11n |
|
|
Uses the 2.4GHzfrequency band and provides amaximum theoretical throughput of 54 Mbps. |
802.11g |
|
|
Represents the connection between a carrier’santenna and a client’s transceiver. |
downlink |
|
|
a wireless networking technique that uses DSSS signaling in the 2.4-2.4835 GHz frequency range |
802.11b |
|
|
The locations of the transmitter and receiver do notmove. |
Fixed Wireless |
|
|
Refers to the connection between a client’stransceiver and the carrier’s antenna. |
uplink |
|
|
Uses channels in the 5GHzband and provides amaximum theoretical throughput of 54 Mbps. |
802.11a |
|
|
The receiver can be located anywhere within thetransmitter’s range. |
mobile wireless |
|
|
Accepts wireless signals from multiple nodes andretransmits them to the rest of the network. |
access point |
|
|
Define and explain the MIMO innovation in the 802.11n standard. Include a description of the advantages it provides. |
MIMO (multiple input-multiple output) - In 802.11n, multiple antennas on an access point may issue a signal to one or more receivers. Signals issued by an omnidirectional antenna will propagate in a multipath fashion. Therefore, multiple signals cannot be expected to arrive at the same receiver in concert. To account for this, in MIMO the phases of these signals are adjusted when they reach a receiving station, and the strength of the multiple signals are summed. To properly adjust phases, MIMO requires stations to update access points with information about their location. Among 802.11 equipment, this function is only available with 802.11n-capable transceivers. In addition to increasing the networks throughput, MIMO can increase an access points range. |
|
|
Describe the FHSS spread spectrum technologies. |
FHSS (frequency-hopping spread spectrum)-Frequency hopping is one of two basic modulation techniques used in spread spectrum signal transmission. It is the repeated switching of frequencies during radio transmission, often to minimize the effectiveness of "electronic warfare" - that is, the unauthorized interception or jamming of telecommunications. It also is known as frequency- hopping code division multiple access (FH-CDMA). |
|
|
Describe the DSSS spread spectrum technologies. |
DSSS (direct-sequence spread spectrum) is a spread spectrum modulation technique. Spread spectrum systems are such that they transmit the message bearing signals using a bandwidth that is in excess of the bandwidth that is actually needed by the message signal. This spreading of the transmitted signal over a large bandwidth make the resulting wideband signal appear as a noise signal which allows greater resistance to intentional and unintentional interference with the transmitted signal. |
|
|
List and describe the three groups into which frame types are divided. |
Multiple frame types are divided into three groups: control, management, and data. Management frames are those involved in association and reassociation, such as the probe and beacon frames. Control frames are those related to medium access and data delivery, such as the ACK and RTS/CTS frames. Data frames are those that carry the data sent between stations. |
|
|
What is the purpose of the Frame Control field in an 802.11 frame? |
The Frame Control field contains control information used for defining the type of 802.11 MAC frame and providing information necessary for the following fields to understand how to process the MAC frame. |
|
|
Discuss what must be taken into account when placing an access point on a WLAN. |
Placement of an access point on a WLAN must take into account the typical distances between the access point and its clients. |
|
|
Describe how interference can distort and weaken a wireless signal. |
Interference can distort and weaken a wireless signal in the same way that noise distorts and weakens a wired signal. Interference is a significant problem for wireless communications because the atmosphere is saturated with electromagnetic waves.
|
|
|
Describe the wireless spectrum. |
All wireless communications signals travel over the air via radio frequency, aka spectrum. The TV broadcast you watch, the radio program you listen to, the GPS device that helps get you where you're going, and the wireless phone service you use to make phone calls and check Facebook from your smartphone -- all use invisible airwaves to transmit bits of data through the air.The easiest way to understand what spectrum really is and how it provides services is to look at your radio. When you tune your radio to 93.9 FM, you are tuning into a station that is broadcasting at 93.9 megahertz. If you want to a listen to a different station, like one that only plays country music or jazz, you turn the dial to another frequency like 104.7 FM. And a different radio station will be transmitting over that particular frequency on a different setting on your radio dial. No two stations transmit over the same spectrum at the same time in the same area, because if they did, they'd cause interference with one another.And because wireless signals only transmit over a certain distance, you won't be able to tune in a radio station you like that broadcasts out of New York City when you are in Philadelphia or Chicago or anywhere beyond the distance that those broadcast signals can travel via spectrum over the air to your radio. |
|
|
Describe what an administrator can do if during a wireless router configuration, something goes awry. |
If something goes awry during your wireless router configuration, you can force all of the variables you changed to be reset. Wireless routers feature a reset button on their back panel. To reset the wireless router, first unplug it. Then, using the end of a paperclip, depress the reset button while you plug it in. Continue holding down the button for at least 30 seconds (this time period varies among manufacturers; check your wireless routers documentation for the duration yours requires). At the end of this period, the wireless routers values will be reset to the manufacturers defaults. |
|
|
Define reassociation and provide two examples explaining when it occurs. |
Connecting to a different access point requires reassociation. Reassociation occurs when a mobile user moves out of one access points range and into the range of another. It might also happen if the initial access point is experiencing a high rate of errors. |
|
|
Describe the use of CSMA/CA (Carrier Sense Multiple Access with Collision Avoidance) to access a shared medium. |
Wireless devices are not designed to transmit and receive simultaneously, and, this means they cannot quickly detect collisions since they are not meant to send and receive at the same time, how to get past this problem is where CSMA/CA comes into effect.Carrier Sense Multiple Access with Collision Avoidance: A Station on a Wireless Network checks for other Wireless transmissions before it begins to send data, if it detects no activity it waits a brief period of time, then sends its transmission. If it does detect some activity, it waits a little while before checking the medium again. Once it sends , the destination node receives the transmission and, after then checks its accuracy, It will then issue an acknowledgment (ACK) packet to the source. If the source receives this acknowledgment, it assumes the transmission was properly completed. |
|
|
Wireless networks are laid out using the same topologies as wired networks. THIS IS A FALSE QUESTION. NEED TO FIND THE CORRECT ANSWER. |
|
|
|
An ad hoc arrangement would work well for a WLAN with many users. THIS IS A FALSE QUESTION. NEED TO FIND THE CORRECT ANSWER |
|
|
|
________________ is a popular way of making wireless transmissions more secure. |
Spread spectrum |
|
|
WiMAX is defined by the IEEE 802.11 standard. THIS IS A FALSE QUESTION. NEED TO FIND THE CORRECT ANSWER |
|
|
|
_________________ experience attenuation. |
Wireless signals |
|
|
____ is an 802.11n network feature allowing the combination of multiple frames into one larger frame. |
Frame aggregation |
|
|
In ____ wireless systems, the transmitting antenna focuses its energy directly toward the receiving antenna which results in a pointtopointlink. |
fixed |
|
|
Clients are able to exchange signals with satellites as long as they have a ____ path. |
line of sight |
|
|
In ____ scanning, the station transmits a special frame, known as a probe, on all available channels within its frequency range. |
active |
|
|
____ is a significant problem for wireless communications because the atmosphere is saturated with electromagnetic waves. |
Interference |
|
|
In ____, a wireless signal splits into secondary waves when it encounters an obstruction. |
diffraction |
|
|
In the case of connecting two WLANs, access points could be as far as ____ feet apart. |
1000 |
|
|
To establish a satellite Internet connection, each subscriber must have a ____. |
dish antenna |
|
|
____ is the least popular WLAN standard. |
802.11a |
|
|
____ is a commandlinefunction for viewing and setting wireless interface parameters and it is common to nearly all versions of Linux andUNIX. |
iwconfig |
|
|
____ is an 802.11n feature that allows two adjacent 20MHzchannels to be combined to make a 40MHzchannel. |
Channel bonding |
|
|
The average geographic range for an 802.11a antenna is ____ meters. |
20 |
|
|
____ may use either the 2.4GHzor 5GHzfrequency range. |
802.11n |
|
|
An 802.11g antenna has a geographic range of ____ meters. |
100 |
|
|
Which satellites transmit and receive signals in the 12 to 18 GHz band? |
Ku- |
|
|
In wireless communication, to exchange information, two antennas must be tuned to the same ____. |
frequency |
|
|
A directional antenna issues wireless signals along a(n) ____ direction. |
single |
|
|
A unique characteristic of the 802.11 data frame is its ____ field. |
sequence control |
|
|
____ satellites are the type used by the most popular satellite data service providers. |
Geosynchronous earth orbiting |
|
|
If intermittent and difficulttodiagnosewireless communication errors occur, ____ might be the culprit. |
interference |
|
|
Most satellites circle the Earth ____ miles above the equator in a geosynchronous orbit. |
22,300 |
|
|
The MIME standard replaces SMTP. THIS IS A FALSE QUESTION. NEED TO FIND THE CORRECT ANSWER |
|
|
|
On a network using ___________________, some nodes may use multiple IP addresses. |
TCP/IP |
|
|
In ____________________, conventional network class distinctions do not exist. |
CIDR |
|
|
______________________design makes it best suited to users who retrieve their mail from the same workstation all the time. |
POP3’s |
|
|
IMAP4 servers require less storage space and usually more processing resources than POP servers do. THIS IS A FALSE QUESTION. NEED TO FIND THE CORRECT ANSWER |
|
|
|
A program similar to mtr, ____, is available as a commandlineutility in Windows operating systems. |
pathping |
|
|
The gateways that make up the Internet backbone are called ____ gateways. |
core |
|
|
An administrator can discover the host name assigned to a client by using the ____ utility. |
hostname |
|
|
CIDR notation takes the form of the network ID followed by a(n) ____, followed by the number of bits that are used for the extended networkprefix. |
forward slash ( / ) |
|
|
An example of a popular client email software is ____. |
Microsoft Outlook |
|
|
The result from ANDing 11001111 with 10010001 is ____. |
10000001 |
|
|
A class ____ network class is reserved for special purposes. |
D |
|
|
In ____ addressing, the network information portion of an IPv4 address is limited to the first 8 bits in a Class A address. |
classful |
|
|
POP3 (Post Office Protocol, version 3) relies on TCP and operates over port ____. |
110 |
|
|
In classful addressing, Class C IPv4 address host information is located in the ____. |
last 8 bits |
|
|
Because the octets equal to 0 and 255 are ____, only the numbers 1 through 254 can be used for host information in an IPv4 address. |
reserved |
|
|
When using classful IPv4 addressing, a network ID always ends with an octet of ____. |
0 |
|
|
The standard message format specified by SMTP allows for lines that contain no more than ____ ASCII characters. |
1000 |
|
|
IMAP (Internet Message Access Protocol) is a mail retrieval protocol that was developed as a more sophisticated alternative to ____. |
POP3 |
|
|
Within a classful addressing, ____ is the default subnet mask for a Class C address. |
255.255.255.0 |
|
|
The ____ utility allows you to view a host’s routing table. |
route |
|
|
The ____ gateway is the gateway that first interprets its outbound requests to other subnets, and then interprets its inbound requests fromother subnets. |
default |
|
|
SMTP operates from port ____.
|
25 |
|
|
Within a classful addressing subnet mask, the ____ bits indicate that corresponding bits in an IPv4 address contain network information. |
1 |
|
|
In classful addressing, the Class B IPv4 address network ID is located in the ____. |
first 16 bits |
|
|
The most popular mail server programs are Sendmail and ____.
|
Microsoft Exchange Server
|
|
|
____________________ separates a network into multiple logically defined segments, or subnets. |
subnetting |
|
|
The backbone are called ____________________ gateways. |
core |
|
|
The combination of additional bits used for subnet information plus the existing network ID is known as the ____________________. |
extended network prefix |
|
|
____________________ is a standard for encoding and interpreting binary files, images, video, and nonASCIIcharacter sets within an emailmessage. |
mime |
|
|
____________________ is the protocol responsible for moving messages from one mail server to another over TCP/IPbasednetworks. |
smtp |
|
|
Allows an administrator to query the DNS databasefrom any computer on the network and find the hostname of a device by specifying its IP address, or viceversa. |
nslookup utilitity |
|
|
The TCP/IP administration utility for use withWindows operating systems. |
ipconfig utility |
|
|
Displays TCP/IP statistics and details about TCP/IPcomponents and connections on a host. |
netstat utility |
|
|
Allows you to view a host’s routing table. |
route utility |
|
|
Used if an administrator already know a host’s nameand wants to learn its IP address. |
host utility |
|
|
Useful only on networks that run Windowsbasedoperating systems and NetBIOS. |
nbstat utility |
|
|
The TCP/IP configuration and management utilityused on UNIX and Linux systems. |
ifconfig utility |
|
|
Uses ICMP ECHO requests to trace the path from onenetworked node to another, identifying allintermediate hops between the two nodes. |
traceroute utility |
|
|
Allows an administrator to query a DNS databaseand find the host name associated with a specific IPaddress or vice versa. |
dig utility |
|
|
Describe four features of IMAP4. |
IMAP4 provides the following features: Users can retrieve all or only a portion of any mail message - The remainder can be left on the mail server. This feature benefits users who move from machine to machine and users who have slow connections to the network or minimal free hard drive space. Users can review their messages and delete them while the messages remain on the server - This feature preserves network bandwidth, especially when the messages are long or contain attached files, because the data need not travel over the wire from the server to the clients workstation. For users with a slow modem connection, deleting messages without having to download them represents a major advantage over POP3. Users can create sophisticated methods of organizing messages on the server - A user might, for example, build a system of folders to contain messages with similar content. Also, a user might search through all of the messages for only those that contain one particular keyword or subject line. Users can share a mailbox in a central location - For example, if several maintenance personnel who use different workstations need to receive the same messages from the Facilities Department head but do not need e-mail for any other purpose, they can all log on with the same ID and share the same mailbox on the server. If POP3 were used in this situation, only one maintenance staff member could read the message; she would then have to forward or copy it to her colleagues. |
|
|
Explain what happens when an administrator issues the mtr command. |
By issuing the mtr command, you instruct your computer to first determine the path between your client and the host you specify, and then successively send ICMP ECHO requests to every hop on the route. In return, you learn about the devices in the path and whether and how promptly they respond. After letting the command run for a while, you also learn the devices shortest, longest, and average response times and the extent of packet loss for each hop. This can reveal what portions of a network are suffering poor performance or even faults. |
|
|
Explain how the traceroute utility uses ICMP ECHO requests to trace the path from one networked node to another, identifying allintermediate hops between the two nodes. |
To find the route, the traceroute utility transmits a series of UDP datagrams to a specified destination, using either the IP address or the host name to identify the destination. The first three datagrams that traceroute transmits have their TTL (Time to Live) set to 1. Because the TTL determines how many more network hops a datagram can make, datagrams with a TTL of 1 expire as they hit the first router. When they expire, they are returned to the source - in this case, the node that began the traceroute. In this way, traceroute obtains the identity of the first router. After it learns about the first router in the path, traceroute transmits a series of datagrams with a TTL of 2. The process continues for the next router in the path, and then the third, fourth, and so on, until the destination node is reached. Traceroute also returns the amount of time it took for the datagrams to reach each router in the path. |
|
|
If subnetting is used on a LAN, explain how devices interpret subnetting information. |
|
|
|
Explain how to calculate a host’s network ID given its IPv4 address and subnet mask. |
|
|
|
Describe the function of the route utility and provide examples of how it is entered on a UNIX or Linux system, a Windowsbasedsystem,and a Ciscobrandrouter. |
The route utility allows you to view a hosts routing table. On a UNIX or Linux system, type route and then press Enter at the command prompt to view the routing table. On a Windows-based system, type route print and then press Enter. On a Cisco-brand router or another brand that uses Cisco command conventions type show ip route and press Enter. Routing tables on network clients typically have no more than a few unique entries, including the default gateway and loopback address. However, routing tables on Internet backbone routers, such as those operated by ISPs, maintain hundreds of thousands of entries. |
|
|
Explain why SNAT is considered static and describe why this is useful. |
SNAT (Static Network Address Translation) is considered static because each client is associated with one private IP address and one public IP address that never changes. SNAT is useful when operating a mail server, for example, whose address must remain the same for clients to reach it at any time. |
|
|
Describe what PAT is and how it works. |
To accomplish DNAT, a gateway performs PAT (Port Address Translation). With PAT each client session with a server on the Internet is assigned a separate TCP port number. When the client issues a request to the server, its datagrams source address includes this port number. When the Internet server responds, its datagrams destination address includes the same port number. This allows the gateway to send the response to the appropriate client. PAT is the most common type of address translation used on small office and home networks. |
|
|
Explain how hiding IP addresses on private networks allows network managers more flexibility in assigning addresses. |
|
|
|
Describe the formula determining how to modify a default subnet mask to create subnets. |
|
|
|
Most _________________________ use virtualization software to supply multiple platforms to multiple users. |
cloud service providers |
|
|
Using a_____________________________, you can create dozens of different VMs. |
virtualization program, |
|
|
The software required to establish VPNs is usually expensive. THIS IS A FALSE QUESTION. NEED TO FIND THE CORRECT ANSWER |
|
|
|
A VM must use the same operating system, type of CPU, storage drive, and NIC as the physical computer it resides on.THIS IS A FALSE QUESTION. NEED TO FIND THE CORRECT ANSWER |
|
|
|
PPTP and L2TP are the only protocols that can be used to carry VPN traffic. THIS IS A FALSE QUESTION. NEED TO FIND THE CORRECT ANSWER. |
|
|
|
In the case of dialupnetworking, the term ____ refers to a modem. |
serial connection |
|
|
A ____ uses very little hard disk space or processing power from the workstation on which it is installed. |
thin client |
|
|
____ mode is appropriate for test networks or if you simply need to install a different operating system on your workstation to use a programthat is incompatible with your host’s operating system. |
Host only |
|
|
In a ____ VPN, tunnels connect multiple sites on a WAN. |
site to site |
|
|
To connect to a network, a virtual machine requires a ____. |
virtual adapter |
|
|
On network diagrams, the Internet is frequently depicted as a ____. |
cloud |
|
|
____ desktops are desktop operating environments hosted virtually, on a different physical computer from the one with which the userinteracts. |
Virtual |
|
|
A VPN tunneling protocol operates at the ____ layer. |
Data Link |
|
|
Upon creation, each vNIC is automatically assigned a ____. |
MAC address |
|
|
When a server compares a user’s credentials with those in its database, the process is known as ____. |
authentication |
|
|
____ is the most widely implemented virtualization software today. |
VMware |
|
|
____ connect vNICs with a network, whether virtual or physical. |
Virtual bridges |
|
|
____ is an open source system designed to allow one workstation to remotely manipulate and receive screen updates from anotherworkstation. |
VNC (In computing, Virtual Network Computing(VNC) is a graphical desktop sharing system that uses the Remote Frame Buffer protocol (RFB) to remotely control another computer.) |
|
|
In ____, each datagram can follow one of many paths to reach its destination. |
packet switching |
|
|
____ refers to dialing directly into a private network’s or ISP’s remote access server to log on to a network. |
Dialupnetworking |
|
|
Each VM is known as a ____. |
guest - (In computing, a virtual machine (VM) is an emulation of a particular computer system. Virtual machines operate based on the computer architecture and functions of a real or hypothetical computer, and their implementations may involve specialized hardware, software, or a combination of both.) |
|
|
In the NAT networking mode, a vNIC relies on the ____ to act as a NAT device. |
host machine (Network address translation (NAT) is a methodology of remapping one IP address space into another by modifying network address information in Internet Protocol (IP) datagram packet headers while they are in transit across a traffic routing device. - virtual network interface card (vNIC)) |
|
|
VPNs can be classified based on the kinds of ____ they connect. |
endpoints (A virtual private network (VPN) extends a private network across a public network, such as the Internet. It enables a computer or network-enabled device to send and receive data across shared or public networks as if it were directly connected to the private network, while benefiting from the functionality, security and management policies of the public network.) |
|
|
____ is the remote virtual computing software that comes with Windows client and server operating systems. |
Remote Desktop |
|
|
____ are wide area networks that are logically defined over public transmission systems. |
VPNs |
|
|
The physical computer on a virtual machine is known as a ____. |
host |
|
|
____________________ refers to the flexible provision of data storage, applications, or services to multiple clients over a network. |
Cloud computing |
|
|
The software that allows you to define VMs and manages resource allocation and sharing among them is known as a(n)____________________. |
virtual machine manager, or hypervisor |
|
|
In bridged mode, a(n) ____________________ accesses a physical network using the host machine’s NIC. |
a vNIC |
|
|
In a(n) ____________________ VPN, clients, servers, and other hosts establish tunnels with a private network using a remote access serveror VPN gateway. |
client-to-site |
|
|
A(n) ____________________ is a logically defined device that operates at the Data Link layer to pass frames between nodes. |
Virtual switch |
|
|
When multiple customers share storage locations orservices without knowing it. |
multitenant |
|
|
Software whose code is publicly available for useand modification. |
open source |
|
|
May be managed and delivered by a serviceprovider over public transmission lines, such as theInternet. |
public cloud |
|
|
A standard accepted and used by multiple differentvendors, so it can connect a VPN that uses a mix ofequipment types. |
L2TP (Layer Two Tunneling Protocol (L2TP) is an extension of the Point-to-Point Tunneling Protocol (PPTP) used by an Internet service provider (ISP) to enable the operation of a virtual private network (VPN) over the Internet.) |
|
|
A service provider offers its customers a complete setof networking services. |
naas (network as a service) |
|
|
Services and storage capacity can be quickly anddynamically—sometimes even automatically—scaledup or down. |
Elastic |
|
|
The emulation of a computer, operating systemenvironment, or application on a physical system. |
Virtualization |
|
|
The virtual connection between two VPN endpoints. |
tunnel |
|
|
The cloud assumes functions that go beyondnetworking, including, for example, monitoring,storage, applications, and virtual desktops. |
cloud services |
|
|
What are two important considerations when designing a VPN? |
|
|
|
Describe metered service. |
Metered serviceWhether the cloud provides applications, desktops, storage, or services, its use is measured. A service provider might limit or charge by the amount of bandwidth, processing power, storage space, or client connections available to customers. |
|
|
Describe how remote virtual computing is used. |
Remote virtual computing allows a user on one computer, called the client, to control another com- puter, called the host or server, across a network connection. |
|
|
Where do virtual switches or bridges and their configuration reside? |
Virtual switches or bridges reside in the RAM of the physical computers that act as their hosts, while their configuration resides in a separate file on the hosts hard disk. |
|
|
List two potential disadvantages to create multiple guests on a single host machine. |
Compromised performanceWhen multiple virtual machines contend for finite physical resources, one virtual machine could monopolize those resources and impair the performance of other virtual ma- chines on the same computer. In theory, careful management and resource allocation should prevent this. In practice, however, it is unwise to force a critical applicationfor example, a factorys real- time control systems or a hospitals emergency medical systemsto share resources and take that risk. Increased complexityAlthough virtualization reduces the number of physical machines to manage, it increases complexity and administrative burden in other ways. For instance, a network administrator who uses virtual servers and switches must thoroughly understand virtualization software. In addition, managing addressing and switching for multiple VMs is more complex than doing so for physical ma- chines. (You will learn more about these techniques later in this chapter.) Finally, because VMs are so easy to set up, they may be created capriciously or as part of experimentation, and then forgotten. As a result, extra VMs may litter a servers hard disk, consume resources, and unnecessarily complicate net- work management. By contrast, abandoned physical servers might only take up rack space. Increased licensing costsBecause every instance of commercial software requires its own license, every VM that uses such software comes with added cost. In some cases, the added cost brings little return. For example, an instructor might want to create four instances of Windows 7 on a single com- puter to supply four students with their own operating system environment. To comply with Mi- crosofts licensing restrictions, the instructor will have to purchase four copies of Windows 7. Depend- ing on the instructors intentions, it might make more sense, instead, to share one copy of Windows 7 and separate each students files and settings by using four different logon IDs. |
|
|
Describe PPPoE. |
PPPoEstands for Point-to-Point Protocol over Ethernet, a network protocol for encapsulating Point-to-Point Protocol (PPP) frames inside Ethernet frames. It is used mainly with DSL services where individual users connect to a DSL modem over Ethernet. |
|
|
Describe the purpose of RRAS and how it is used. |
A Microsoft API and server software that makes it possible to create applications to administer the routing and remote access service capabilities of the OS, to function as a network router. |
|
|
List two things that distinguish cloud computing. |
Self-service and on demand Elastic Support for multiple platforms Resource pooling and consolidation Metered service |
|
|
Describe the L2TP technology. |
L2TP (Layer 2 Tunneling Protocol) is based on technology developed by Cisco and standardized by the IETF. It encapsulates PPP data in a similar manner to PPTP, but differs in a few key ways. Unlike PPTP, L2TP is a standard accepted and used by multiple different vendors, so it can connect a VPN that uses a mix of equipment typesfor example, a Juniper router, a Cisco router, and a Netgear router. Also, L2TP can connect two routers, a router and a remote access server, or a client and a re- mote access server. |
|
|
What are three advantages of virtualization? |
The ability to test software installation without corrupting the main system, testing OS for compatibility and other purposes, and managing multiple machines through a single system for personal or organizational use. |
|
|
A NOS that contains a “back door”is an example of a risk associated with ____. |
protocols and software |
|
|
____ is a public key encryption system that can verify the authenticity of an emailsender and encrypt emaildata in transmission. |
PGP (Pretty Good Privacy (PGP) is a data encryption and decryption computer program that provides cryptographic privacy and authentication for data communication.) |
|
|
A(n) ____ is a passwordprotectedand encrypted file that holds an individual’s identification information, including a public key. |
digital certificate |
|
|
The use of certificate authorities to associate public keys with certain users is known as ____. |
PKI (A public key infrastructure (PKI) is a set of hardware, software, people, policies, and procedures needed to create, manage, distribute, use, store, and revoke digital certificates and manage public-key encryption.) |
|
|
____ software searches a node for open ports. |
Port scanner |
|
|
A ____ attack occurs when a hacker uses programs that try a combination of a user ID and every word in a dictionary to gain access to thenetwork. |
dictionary |
|
|
In ____, a hacker forges name server records to falsify his host’s identity. |
DNS spoofing |
|
|
In ____, both computers verify the credentials of the other. |
mutual authentication |
|
|
A ____ attack occurs when a hacker tries numerous possible character combinations to find the key that will decrypt encrypted data. |
brute force |
|
|
A ____ attack occurs when an Internet chat user sends commands to a victim’s machine that causes the screen to fill with garbagecharacters and requires the victim to terminate their chat sessions. |
flashing |
|
|
____ is a social engineering practice in which a person attempts to glean access or authentication information by posing as someone whoneeds that information. |
Phishing |
|
|
____ is a method of encrypting TCP/IP transmissions above the network layer. |
SSL |
|
|
RADIUS and TACACS belong to a category of protocols known as AAA (____). |
authentication, authorization, and accounting |
|
|
A VPN ____ authenticates VPN clients and establishes tunnels for VPN connections. |
concentrator |
|
|
____ protocols are the rules that computers follow to accomplish authentication. |
Authentication |
|
|
A ____ main function is to examine packets and determine where to direct them based on their Network layer addressing information. |
router’s |
|
|
A ____ firewall is a router (or a computer installed with software that enables it to act as a router) that examines the header of every packetof data it receives to determine whether that type of packet is authorized to continue to its destination. |
packetfiltering |
|
|
A router that is not configured to drop packets that match certain or suspicious characteristics is an example of a risk associated with ____. |
transmission and hardware |
|
|
In a ____ attack, a person redirects or captures secure transmissions as they occur. |
man in the middle |
|
|
The combination of a public key and a private key is known as a ____.key pair |
key pair |
|
|
A ____ attack occurs when a system becomes unable to function because it has inundated with requests for services and can’t respond toany of them. |
denial of service |
|
|
A(n) ____________________ is a software application on a network host that acts as an intermediary between the external and internalnetworks, screening all incoming and outgoing traffic. |
proxy service |
|
|
In general, information is ____________________ if it could be used by other parties to impair an organization’s functioning, decreasecustomers’ confidence, cause a financial loss, damage an organization’s status, or give a significant advantage to a competitor. |
confidential |
|
|
A(n) ____________________ is a thorough examination of each aspect of the network to determine how it might be compromised. |
security audit |
|
|
____________________ is the use of an algorithm to scramble data into a format that can be read only by reversing the algorithm. |
encryption |
|
|
A(n) ____________________ identifies an organization’s security risks, levels of authority, designated security coordinator and teammembers, responsibilities for each team member, and responsibilities for each employee. |
security policy |
|
|
A firewall that can view a data stream. |
stateful |
|
|
Data is encrypted using two keys. |
public key encryption |
|
|
Software that can only detect and log suspiciousactivity. |
IDS (An intrusion detection system (IDS) is a device or software application that monitors network or system activities for malicious activities or policy violations and produces reports to a management station. ) |
|
|
A software application on a network host that acts asan intermediary between the external and internalnetworks, screening all incoming and outgoingtraffic. |
proxy service |
|
|
Software that can react to suspicious activity. |
IPS (Intrusion prevention is a preemptive approach to network security used to identify potential threats and respond to them swiftly. Like an intrusion detection system (IDS), an intrusion prevention system (IPS) monitors network traffic.) |
|
|
A firewall that can block designated types of trafficbased on application data contained within packets. |
content filtering |
|
|
Data is encrypted using a single key. |
private key encryption |
|
|
A firewall that protects only the computer on which itis installed. |
HIDS (A host-based intrusion detection system (HIDS) is an intrusion detection system that monitors and analyzes the internals of a computing system as well as (in some cases) the network packets on its network interfaces (just like a network-based intrusion detection system (NIDS) would do). |
|
|
Describe the SCP (Secure CoPy) utility. |
The SCP (secure copy) utility copies an ordinary or directory file from one system to another on a network SFTP is a secure FTP Client |
|
|
Define and describe PAP. |
Almost all network operating system remote servers support PAP. PAPtransmits unencrypted ASCII passwords over the network and is therefore considered insecure. It is used as a last resort when the remote server does not support a stronger authentication protocol, like CHAP or EAP (the latter is actually a framework). |
|
|
Describe who should conduct a security audit and the advantages of doing so, if any. |
An authorized authority should perform a security audit to determine how a network could be compromised and any faults it may have. |
|
|
Describe one potential flaw in CHAP and MSCHAPauthentication and explain how it is resolved. |
One potential flaw in CHAP and MS-CHAP authentication is that someone eavesdropping on the net- work could capture the string of characters that is encrypted with the password, decrypt that string, and obtain the clients password. To address this, Microsoft released MS-CHAPv2 (Microsoft Challenge Authentication Protocol, version 2), which uses stronger encryption, does not use the same encryption strings for transmission and reception, and requires mutual authentication. |
|
|
Describe what distinguishes 802.1x from other authentication standards. |
What distinguishes 802.1x from other authentication standards is the fact that it applies to communica- tion with a particular port - for example, a physical switch port or a logically defined port on an access point. When a client wants to access the network, a port on the authenticator (such as a switch or ac- cess point) challenges the client to prove its identity. If the client is running the proper 802.1x soft- ware, the client will supply the authenticator with its credentials. The authenticator next passes on the clients credentials to an authentication server - for example, a RADIUS server. Only after the authen- tication server has verified a clients legitimacy will the switch or access point port be opened to the clients Layer 3 traffic. For this reason, 802.1x is sometimes also called port authentication, or port- based authentication. After the port is opened, the client and network communicate using EAP and an agreed-upon encryption scheme. |
|
|
Describe the threewayhandshake used in CHAP. |
In CHAP, the authenticating device (for example, the remote access server) takes the first step in au- thentication after PPP establishes a connection between it and the computer requesting authentication (for example, a remote client). The server sends the client a randomly generated string of characters called the challenge. In the second step, the client adds its password to the challenge and encrypts the new string of characters. It sends this new string of characters in a response to the server. Meanwhile, the server also concatenates the users password with the challenge and encrypts the new character string, using the same encryption scheme the client used. In the third step of the three-way handshake, the server compares the encrypted string of characters it received from the client with the encrypted string of characters it has generated. If the two match, it authenticates the client. But if the two differ, it rejects the clients request for authentication. |
|
|
Describe an advantage of using EAP. |
One of EAPs advantages is its flexibility. It is supported by nearly all modern operating systems and can be used with any authentication method. For example, although the typical network authentication involves a user ID and password, EAP also works with biorecognition methods, such as retina or hand scanning. EAP is also adaptable to new technology. Therefore, no matter what future wireless encryp- tion schemes are developed, EAP will support them. |
|
|
Describe the two phases IPSec use to accomplish authentication. |
There are two phases in IPSec Authentication. First is Key managementwhich refers to the way two nodes agree on common parameters for thekeys that will be used. IKE is used for key management. As IPSecs and IKEare evolving standards, interopability between different vendors is still aproblem. IKE runs on UDP and after it creates the rules the two nodes will use. Then the second phse begins which is encryption. Second isencryption AH and ESP may be used to encypt the keys. |
|
|
Define SSH (secure shell) and explain the threats it guards against. Include an explanation of the encryption algorithms that may be usedwith it. |
Secured shell is a collection of protocols; which you can securely log on,execute commands and copy files to and from that host. You are secure from many threats such as: IP Spoofing, interception of your data, or unauthorized access to a host, and DNS spoofing which means the hackers can not pretend to be someone they really are not. The software it uses depends on what version you are using. Examples would be RSA, DES,triple DES, Kerberos |
|
|
Explain how to block traffic attempting to exit a LAN and discuss why an administrator would want to do this. |
Use a packet-filtering firewall to stop worms from spreading.
|
|
|
Network security is more often compromised _________________________ than from external sources.
|
“from the inside”
|
|
|
A security policy should state exactly which hardware, software, architecture, or protocols will be used to ensure security. - THIS IS A FALSE QUESTION. NEED TO FIND THE CORRECT ANSWER.
|
- THIS IS A FALSE QUESTION. NEED TO FIND THE CORRECT ANSWER.
|
|
|
By default, the 802.11 standard offers substantial security.- THIS IS A FALSE QUESTION. NEED TO FIND THE CORRECT ANSWER.
|
- THIS IS A FALSE QUESTION. NEED TO FIND THE CORRECT ANSWER.
|
|
|
____________________ is the last means of defense against data theft.
|
Encryption
|
|
|
Human errors, ignorance, and omissions cause more than half of all _______________________ sustained by networks.
|
security breaches
|
