Lesson 6: Networking Devices

Question 1

A list of rules or policies programmed into a router or other device to control what can gain access to a network. When used in servers ___s are used to control what resources are available to specific users or devices. When used in routers and firewalls, ___s are used to define what protocols are allowed in a network and what content various protocol packets are allowed to bring into the network.

Answer 1

Access Control List (ACL)

Question 2

A type of network connection device that repeats all incoming signals from one connected computer and transmits them out to all of the other connected computers. To function properly, a(n) _____ _____ must be connected directly to a power source.

Answer 2

Active Hub

Question 3

A load-balancing methodology that involves varying throughput to a network’s devices or segments based on the speed and capacity of the items receiving the data. As a result, some devices will get a heavier workload than others.

Answer 3

Asymmetric Loading

Question 4

A software or hardware based network management technology that enables administrators to optimize how a network uses its available bandwidth by managing and/or controlling network utilization.(See Bandwidth Shaping/Traffic Shaping.)

Answer 4

Bandwidth Shaper

Question 5

A process that involves managing and/or controlling network usage in order to optimize how a network uses its available bandwidth. Also known as traffic shaping.

Answer 5

Bandwidth Shaping

Question 6

The IDS/IPS creates a baseline for a network’s normal activity or _____ and then uses that baseline to look for any activity or _____ on the network that differs from what it considers to be normal activity. When such a divergence from the baseline is detected the IDS/IPS takes the action it is programmed to do against the threat. The main weakness of _____-_____ _____ is that it tends to produce a high number of false-positive detections. This means that it has a tendency to report activity as malicious that is not.

Answer 6

Behavior-Based Detection

Question 7

ACLs can be set to block everything from specific IP addresses and ranges all the way up to specific ports and protocols. If one or more ACLs are in place in a router, when a router opens a packet to see what its destination is, it also runs a test on the packet to see if any ACL running on the router causes the packet to be rejected. If the packet has an IP address or contains a protocol or port that an ACL says is not to be allowed into the network, the router will discard the packet and not allow it entry into the network.

Answer 7

Block/Allow

Question 8

A device intended to break up networks into smaller sections. A _____ is similar to a switch, except with fewer ports. Because _____ work on the Data Link layer of the OSI Model, they manage data traffic rather than simply rebroadcast to neighboring network segments.

Answer 8

Bridge

Question 9

A technology that allows a faster network device to process a request from a slower network device quickly and store it in a region of memory, called a buffer, designed to hold data temporarily while it’s being moved from one place to another.

Answer 9

Buffering

Question 10

A technology in which a specific memory location is set aside on a network device for storage of frequently requested information.

Answer 10

Caching

Question 11

The physical section of a network where the various devices connected to it run the risk of having their signals collide with each other because all the devices present use a shared media.

Answer 11

Collision Domain

Question 12

A device used to convert a digital signal from one frame format to another.

Answer 12

Channel Service Unit/Data Service Unit (CSU/DSU)

Question 13

Specific fields in the DHCP Message packet that carry configuration parameters and control information.

Answer 13

DHCP Options

Question 14

sometimes referred to as DDNS, a standard that has been added to the normal DNS standard. What _____ ___ does is allow a host with a changing IP address to use a permanent Fully Qualified Domain Name (FQDN). (A FQDN is basically a permanent URL or computer name within a defined network domain.) The way _____ ___ allows a host with a changing IP address to use a permanent FQDN is by automatically sending an update message to the DNS server every time the IP address changes. The RFC that fully describes Dynamic DNS is RFC 2136.

Answer 14

Dynamic DNS

Question 15

Hardware or software components that are used to encrypt information.

Answer 15

Encryption Devices

Question 16

A networking device designed to prevent a hacker or other security threats from entering the network or barring that limit the ability of threats to spread through the network using intrusion detection software.

Answer 16

Firewall

Question 17

Basically a permanent URL or computer name within a defined network domain.

Answer 17

Fully Qualified Domain Name (FQDN)

Question 18

A type of proxy server that passes requests and replies in an unmodified form.

Answer 18

Gateway Proxy Server

Question 19

A special purpose device that acts as a router with a large number of access control lists (ACLs) built into it which is designed to recognize activities that can be interpreted as attacks on the network and counter them.

Answer 19

Hardware Firewall

Question 20

A device similar to a repeater that works as though it were the bus of a larger network.

Answer 20

Hub

Question 21

In some firewalls, if a specific port or IP address is not explic­itly allowed in the ACL, then it is automatically denied passage through the firewall. This method ofcontrolling access to the network or device being protected by the firewall is called _____.

Answer 21

Implicit Deny

Question 22

A multiport repeater that has additional features, such as diagnostic and management capabilities.

Answer 22

Intelligent Hub

Question 23

A passive system that monitors network activity and notifies the network administrator so that he can take steps to stop any suspect activity found on the monitored network.

Answer 23

Intrusion Detection System (IDS)

Question 24

An active system that monitors network activity and takes steps to stop any questionable activity without involving the network administrator.

Answer 24

Intrusion Protection System (IPS)

Question 25

The length of time an IP address remains valid from when it is issued by the DHCP Server.

Answer 25

Lease

Question 26

A device used to balance network traffic so that no network sections are overloaded.

Answer 26

Load Balancer

Question 27

Whatever carries communications physically across a network, such as copper wires, radio signals, or fiber optic cables.

Answer 27

Media

Question 28

A device used to convert one type of media to another type, such as converting coaxial to twisted pair or fiber to copper, thus allowing different types of technologies on the same network.

Answer 28

Media Converter

Question 29

A device used to modulate (change) an analog signal so that it can encode digital information, or to demodulate the encoded signal so that it can be decoded back into something a computer can read. The term is short for modulator/ demodulator.

Answer 29

Modem

Question 30

A basic component that connects a computer to a network. ___s can be found in expansion cards or built directly into a computer’s motherboard. ___s are also sometimes called _____ _____ _____.

Answer 30

Network Interface Card (NIC)/Network Interface Controller (NIC)

Question 31

A load-balancing methodology in which packets containing specific protocols, such as Secure Sockets Layer (SSL) or TCP, are sent to one server while other packets are sent to another.

Answer 31

Offloading

Question 32

The specific practice of limiting packet types, sources, or content as the means to do bandwidth shaping.

Answer 32

Packet Shaping

Question 33

A type of cabling nexus -rarely if ever used in networking today- that splits one connection into two or more connections, much as a splitter would. _____ _____ do not need a power source and do not repeat signals. Therefore, they cannot extend the reach of a network.

Answer 33

Passive Hub

Question 34

A security methodology in which a device limits access to a specific port to certain MAC addresses.

Answer 34

Port Authentication/Port-Based Authentication

Question 35

A technique in which a switch sends a copy of the frames from one or more ports on a switch to another port on the same switch.

Answer 35

Port Mirroring

Question 36

The protocol used to safely transfer power over Ethernet cabling.

Answer 36

Power over Ethernet (PoE)

Question 37

The act of sending data packets to a specific device or segment of a network based on their priority thus ensures that data from more important sources are sent to their destination first.

Answer 37

Priority Activation

Question 38

A device that repeats a signal it receives in order to rebroadcast it, thus extending the range of a particular cable run.

Answer 38

Repeater

Question 39

When a DHCP server is configured to only assign a specific IP address within its scope to a specific client.

Answer 39

Reservation

Question 40

A type of proxy server that acts as a front end for a private network’s Internet requests and returns the resulting data to clients without identifying its source.

Answer 40

Reverse Proxy Server

Question 41

A networking device that moves packets across a network.

Answer 41

Router

Question 42

The range of IP addresses a server has available to it to assign to DHCP clients.

Answer 42

Scope

Question 43

A method in which an Intrusion Detection System (IDS)/Intrusion Protection System (IPS) compares incoming activity to a signature database of known attacks. When an activity matches a signature, the IDS/IPS responds based on how it’s programmed to deal with the malicious activity.

Answer 43

Signature-Based Detection

Question 44

The protocol used when multiple switches are employed in the same network.

Answer 44

Spanning Tree Protocol (STP)

Question 45

A technique in which the Intrusion Detection System (IDS)/Intrusion Protection System (IPS) analyzes each packet for any settings or flags in its header that do not belong there.

Answer 45

Stateful Protocol Analysis

Question 46

A device used to connect multiple networking devices, usually computers, to form a local area network (LAN).

Answer 46

Switch

Question 47

A technique for network optimization in which traffic is prioritized based on what type of packet is passing through the network. Also known as bandwidth shaping.

Answer 47

Traffic Shaping

Question 48

Virtual LAN (VLAN) multiplexing, in which data from multiple VLANs are carried across a single cable or other network link.

Answer 48

Trunking

Question 49

A logical subgroup on a local area network (LAN) created via software inside a switch instead of physical cables. ____s work in Layer 2 (Data Link layer) of the OS! Model and enable you to break up a much larger network into smaller networks.

Answer 49

Virtual LAN (VLAN)

Question 50

A device that combines the roles of a switch and a router in smaller wireless networks. Generally, _____ _____ _____s are connected to larger networks and allow access to them via wireless media.

Answer 50

Wireless Access Point (WAP)