A
- A record (address record), 155, 156
-a
switch, 858, 866
-A
switch, 860
- AAAA record (quad-A record), 155, 156
- absorption, unbounded media and, 791
- AC (alternating current), 763
- acceptable-use policy (AUP), 512, 678
- access control hardware, as a prevention method, 643
- access control lists (ACLs)
- about, 589
- hardening and, 615–616
- incorrect settings, 803
- access control vestibules (mantraps), 599, 644–645
- access link, 389, 390
- access point (AP)
- Access Point mode, 444
- access ports, 389
- access/edge layer, 654–655
- accounts, security and, 516
- acknowledgements, Transport layer and, 42–43
- ACLs. See access control lists (ACLs)
- acoustical detection systems, 640
- Active Directory, 167
- Active Timer (HSRP), 349, 552
- active/active, 546–547
- active/passive, 546–547
- ad hoc mode, 432–433
- ad hoc networks, 452–453
- Adaptive Security Appliance (ASA), 542
add
command, 856
- address learning, 373–374
- address record (A record), 155, 156
- Address Resolution Protocol (ARP)
- administrative distances (AD), 327–329
- administrator training, as a prevention method, 642–643
- Advanced Research Projects Agency (Department of Defense), 188–189
- agencies, wireless, 416
- aggregate rate, 100
- AH (Authentication Header), 219
- air flow, device placement and, 710
- alerts, interface, 486–488, 734–736
- alias record, 156
- alternating current (AC), 763
- American National Standards Institute/Telecommunications Industry Association (ANSI/TIA), 715
- American Society of Heating, Refrigerating and Air-Conditioning Engineers (ASHRAE), 544
- amplified/reflected attacks, 587–588
- analog modem, 152, 163
- analog modulation, 50
- angled physical contact (APC), 67–68
- Anomali ThreatStream, 574
- anonymous username, 874
- ANSI/TIA (American National Standards Institute/Telecommunications Industry Association), 715
- ANT+, 441
- antennas
- placement of, 618–619
- unbounded media and, 790
- Anthrax virus, 597
- anycast, 245
- AP. See access point (AP)
- APC (angled physical contact), 67–68
- APIDS (application protocol based IDS), 142
- APIPA (Automatic Private IP Addressing), 196, 241
- APIs. See application programming interfaces (APIs)
- Application layer. See also Process/Application layer
- about, 36–37, 656
- DHCP as Application layer protocol, 151, 159
- features of, 35
- proxy server as operating on, 160
- some firewalls as operating up to, 141
- application plane, 667
- application programming interfaces (APIs)
- about, 666–667
- northbound, 669
- southbound, 667–669
- application protocol based IDS (APIDS), 142
- application server, 7
- applications
- cable, 748–749
- high-bandwidth, 690–691
- video, 690–691
- application-specific integrated circuit (ASIC)
- architecture, network, 12–14
- archives, 696–697
- ARP. See Address Resolution Protocol (ARP)
arp -a
, 288
arp
utility, 846–849
- ARPAnet, 188–189
- AS (autonomous system), 317, 326
- ASA (Adaptive Security Appliance), 542
- ASBR (autonomous system border router), 342
- ASHRAE (American Society of Heating, Refrigerating and Air-Conditioning Engineers), 544
- ASIC. See application-specific integrated circuit (ASIC)
- asset disposal, 646–647, 679
- asset management, 675
- asset tags, 641
- asymmetrical routing, 804
- AT&T, 436–438
- Attachment Unit Interface (AUI) connectors, 110
- attacks
- about, 582, 600
- ARP spoofing, 590
- deauthentication, 594
- denial-of-service (DoS), 453, 583–588
- distributed denial-of-service (DDoS), 583–588
- DNS poisoning, 589
- environmental, 598–600
- evil twin, 592–593
- exam essentials, 600
- human, 598–600
- MAC spoofing, 594
- malware, 594–598
- on-path (man-in-the-middle), 588–589
- password, 593
- phishing, 599
- ransomware, 593
- review questions, 602–603, 927–928
- rogue access point (AP), 591–592
- rogue DHCP, 590–591
- social engineering, 598–599
- technology-based, 582–598
- VLAN hopping, 589–590
- written lab, 601, 899
- attenuation, 76, 749, 783–784
- audit and assessment report, 526–527
- audit logs, 477–478, 731
- AUI (Attachment Unit Interface) connectors, 110
- AUP (acceptable-use policy), 512, 678
- authentication, authorization, and accounting (AAA), 568
- authentication and authorization
- authentication, authorization, and accounting (AAA), 568
- considerations, 631
- 802.1X, 571–572
- Extensible Authentication Protocol (EAP), 572–573
- Kerberos, 570–571
- Lightweight Directory Access Protocol (LDAP), 570
- local, 571
- methods of, 567–573
- multifactor authentication (MFA), 567–568
- Remote Authentication Dial-In User Service (RADIUS), 568
- single sign-on (SSO), 570
- Terminal Access Controller Access Control System Plus (TACACS+), 568–569
- Authentication Header (AH), 219
- authorization. See authentication and authorization
- auto-detect mechanism, 101
- Automatic Private IP Addressing (APIPA), 196, 241
- automation, 705
- autonomous system (AS), 317, 326
- autonomous system border router (ASBR), 342
- availability
- about, 727, 739
- baseline, 736–737
- in CIA triad, 562
- downtime, 738
- exam essentials, 739–740
- interface errors, 734–736
- interface statistics/status, 733–734
- NetFlow, 737–738
- network device logs, 731–733
- network metrics, 728–730
- performance metrics/sensors, 727–728
- review questions, 741–744, 933–934
- uptime, 738
- written lab, 740, 901
B
- backbone
- about, 658
- collapsed, 368
- network, 22–23
- background checks, 517
- backups
- about, 696–697
- security and, 518
- badges, security and, 516
- bandwidth metric, 473, 728
- bandwidth speed testers, 829–830
- bandwidth throttling, 694
- barriers, signal degradation and, 438
- baseband, 51, 99
- baselines
- about, 199, 495
- configurations, 527–528
- network availability, 736–737
- network monitoring and, 676
- basic firewall, 132. See also firewalls
- basic router, 132. See also routers
- basic service area (BSA), 433–434
- basic service set (BSS), 433–434
- basic switch, 132, 136–137. See also switches
- battery testing, 492–493
- baud rate, 99
- Baudot, Jean-Maurice-Émile, 99
- BCP (business continuity plan), 510–511
- bend radius limitations, 786
- bent pins, 751, 785
- Berkeley Software Distribution (BSD) series, 189
- BGP (Border Gateway Protocol), 318, 326, 338–340
- bidirectional communication, 69–70
- bidirectional wavelength-division multiplexing (WDM), Ethernet over, 117
- binary conversion, 102–106
- binary IP address method, 234
- binding, 33
- biometrics, as a prevention method, 643
- bit rate, 99
- BIX block, 87
- BLE (Bluetooth Low Energy), 439–440
- blind test, 575
- block acknowledgement, 425
- blocked port, 379
- Bluetooth, 438–440, 441
- Bluetooth Low Energy (BLE), 439–440
- BNC connectors, 61
- bonding ports, 399–401
- boot-sector viruses, 597
- Bootstrap Protocol (BootP), 194
- Border Gateway Protocol (BGP), 318, 326, 338–340
- botnets, 583–584
- bottlenecks, 785
- bounce, 790
- BPDUs (Bridge Protocol Data Units), 379, 399
- BPL (Broadband over Power Line), 115–117
- branch office data center, 660–661
- breaking policy, 518–519
- Bridge Protocol Data Units (BPDUs), 379, 399
- bridges, 132, 135–136, 172, 173, 175–177, 369
- bridging
- about, 172
- LAN switching vs., 372
- Bridging mode, 444
- Bring Your Own Device (BYOD) policy, 513, 805
- broadband, 99
- Broadband over Power Line (BPL), 115–117
- broadcast, use of term, 241–242
- broadcast domain, 97, 136, 140, 151, 169, 170–174, 176, 177, 242, 243, 264, 383
- broadcast storms, 813
- brute-force attacks, 593
- BSA (basic service area), 433–434
- BSD (Berkeley Software Distribution) series, 189
- BSD Unix, 596
- BSS (basic service set), 433–434
- buffer, 40
- building layout, emergency procedures and, 684
- bus topology, 14–15
- business continuity plan (BCP), 510–511
- business risk assessments, 575
- butt set, 761
- BYOD (Bring Your Own Device) policy, 513, 805
- bypass procedures, 493
- byte counts, 486, 734
- bytes, 102–103, 867
C
-c
switch, 860
- CAA (Certificate Authority Authorization) record, 156
- cabinets, locking, 644
- cable connectivity
- about, 747, 765
- applications, 748–749
- butt set, 761
- cable snips/cutters, 763
- cable testers, 752–754
- certifiers, 755–756
- common issues, 749–751
- considerations, 747–748
- exam essentials, 765
- fiber fusion splicer, 764
- fiber light meter, 764
- hardware tools, 751–764
- metrics, 760–761
- multimeter, 757–758
- optical time-domain reflectometer (OTDR), 756–757
- protocol analyzer, 755
- punch-down tool, 761–762
- review questions, 767–770, 934–935
- specifications and limitations, 747
- spectrum analyzer, 758–759
- tap, 760
- time-domain reflectometer (TDR), 756
- toner generator (probe), 759–760
- voltage event recorder (power), 763–764
- written lab, 766, 902
- cable modem, 133, 153, 166
- cable snips/cutters, 763
- cable testers, 752–754
- cable trays, device placement and, 710–711
- cables
- categories of, 63–65, 109–110
- coaxial, 60–62
- copper, 70
- crossover, 80, 81–82
- DB-25, 75
- distance of, 76
- duplex of, 77
- Ethernet, 62–65, 110–114
- feeder, 86
- fiber-optic, 66–71
- frequency of, 77–78
- managing, 709
- multimode fiber-optic (MMF), 67
- network, 21
- noise immunity of, 77
- patch, 80
- plain old telephone service (POTS), 63
- plenum-rated coating of, 60
- properties of, 76–78
- public switched telephone network (PSTN), 63
- Recommended Standard 232 (RS-232), 74–75
- rolled/rollover, 83
- serial, 74–76
- shielded twisted-pair (STP), 62
- single-mode fiber-optic (SMF), 67
- straight-through, 80
- T1 crossover, 83–85
- Thin Ethernet (thinnet), 60
- tips for, 66
- transmission speeds of, 76
- troubleshooting, 782–786, 817–818
- 25-pair, 86
- twinaxial, 62
- twisted-pair, 62
- Universal Serial Bus (USB), 75–76
- unshielded twisted-pair (UTP), 62, 63–65, 65–66, 82, 109
- caching engines, 695–696
- caching proxy server, 161
- CAD (computer-aided design), 671
- call setup, 205
- cameras, 133, 167, 517, 639–640
- campus area network (CAN), 10
- canonical name (CNAME) record, 156–157
- capacitance detector, 641
- capacity, runtime vs., 491
- Cap/Cap A virus, 597
- captive portal, 621
- CAPWAP (Control and Provisioning of Wireless Access Points), 436, 452
- CARP (Common Address Redundancy Protocol), 697
- Carrier Sense Multiple Access with Collision Avoidance (CSMA/CA), 144–146, 421–422, 784
- Carrier Sense Multiple Access with Collision Detection (CSMA/CD), 97–98, 135, 146
- carrier signal, 50
- C&C (command and control), 583–584
- CCTV (closed-circuit television), 640
cd
command, 875
- CDMA (code division multiple access), 418
- cellular technologies, 418–419
- Central Processing Unit (CPU)
- centralized WAN, 9
- Certificate Authority Authorization (CAA) record, 156
- certificates, security and, 460–462
- certification testers, 755–756
- certifiers, 755–756
change
command, 856
- change management
- about, 508–510
- policies for, 679
- procedures for, 715–717
- change request, 508, 716
- channel service unit/data service unit (CSU/DSU), 49
- channels, overlapping/mismatched, 787–788
- chip creep, 472
- Chrome, Application layer and, 36
- CIA triad, 561–562
- CIDR (Classless Inter-Domain Routing), 244, 266–268
- circuit labeling, 714
- circuits, 494, 710
- Cisco
- Cisco Unified Wireless Network (CUWN), for mitigating ad hoc networks, 453
- The Cisco CCNA Study Guide (Lammle), 878
- cladding, 67
- Class A
- Class B
- Class C
- Class D addresses, 239, 243
- Class E addresses, 239
- Class of Service (COS), 693–694
- classful routing, 332, 334
- Classless Inter-Domain Routing (CIDR), 244, 266–268
- classless routing, 275, 332, 333, 338, 340
- clean-desk policy, 515, 678
- Client mode, 393–394, 453
- clientless VPN, 627
- clients. See workstations
- client-server networks, 13–14
- client-to-site VPN, 626–628
- CLNS (Connectionless Network Service), 343, 344
- closed-circuit television (CCTV), 640
- cloud computing
- about, 661–663
- concepts, 704
- service models, 663–665
- cloud sites, 546
- Cluster Management Protocol (CMP), 540
- clusters, redundancy and, 538–542
- CNAME (canonical name) record, 156–157
- coaxial cable, 60–62
- code division multiple access (CDMA), 418
- cold sites, 545
- collapsed backbone, 368
- collision domain, 96–97, 135–136, 143, 144, 150, 153, 169, 170–177
- collision event, 96
- collision light, 778
- collisions, 18, 784
- colocation, 660–661
- Combine, 574
- command and control (C&C), 583–584
- Common Address Redundancy Protocol (CARP), 697
- Common Vulnerabilities and Exposures (CVE), 563
- Common Vulnerability Scoring System (CVSS), 563
- communication
- bidirectional, 69–70
- connection-oriented, 38–39
- full-duplex, 77
- half-duplex, 77
- local area network (LAN), 94–96
- Session layer and, 37
- community cloud, 704
- Compaq, 378
- compliance, 688
- computer-aided design (CAD), 671
- Confidentiality, in CIA triad, 561
- Connectionless Network Service (CLNS), 343, 344
- connection-oriented communication, 38–39
- connectivity
- common devices for, 132–152
- options for, 705–706
- software for, 831–832
- specialized devices, 152–166
- connectors
- about, 87
- BNC, 61
- D series, 75
- dirty, 786
- exam essentials, 88
- fiber-optic, 68–69
- F-type, 60, 61–62
- latched, 69
- local connector (LC), 70
- mechanical transfer registered jack (MT-RJ), 70–71
- registered jack (RJ), 65–66, 109
- review questions, 89–92, 909–910
- small form factor (SFF), 70
- square, 68–69
- straight tip (ST), 68–69
- subscriber, 68–69
- written lab, 88, 889
- consent to monitoring, 678
- content filtering, 162–163
- contention methods, 133, 144–146
- continuity testers, 754
- Control and Provisioning of Wireless Access Points (CAPWAP), 436, 452
- control layer, 656
- control plane, 609, 665, 667
- convergence, STP, 380–381
- coordinated attack, 585
- copper cable, 70
- core layer, 655
- COS (Class of Service), 693–694
- course wavelength-division multiplexing (CWDM), Ethernet over, 117
- CPU. See Central Processing Unit (CPU)
- CRC (cyclic redundancy check), 107, 206, 212, 221, 223, 224, 310–314, 485, 487, 734, 735
- crimping, 763
- crossover cable, 80, 81–82, 748
- crosstalk, 63, 783
- CSMA/CA (Carrier Sense Multiple Access with Collision Avoidance), 144–146, 421–422, 784
- CSMA/CD (Carrier Sense Multiple Access with Collision Detection), 97–98, 135, 146
- CSU/DSU (channel service unit/data service unit), 49
- CUWN (Cisco Unified Wireless Network), for mitigating ad hoc networks, 453
- CVE (Common Vulnerabilities and Exposures), 563
- CVSS (Common Vulnerability Scoring System), 563
- CWDM (course wavelength-division multiplexing), Ethernet over, 117
- cyclic redundancy check (CRC), 107, 206, 212, 221, 223, 224, 310–314, 485, 487, 734, 735
D
- DA (destination address), 108
- DaaS (Desktop as a Service), 664, 704
- DAI (dynamic ARP inspection), 398, 609
- DARPA, 189
- data center architecture
- about, 653–654, 717–718
- access (edge) layer, 654–655
- application layer, 656
- application programming interfaces (APIs), 666–669
- backbone, 658
- branch office vs. on-premise data center vs. colocation, 660–661
- cloud computing, 661–665
- control layer, 656
- core layer, 655
- distribution layer, 655
- exam essentials, 719–720
- infrastructure layer, 656
- management plans, 656–657
- managing network documentation, 670–676
- network monitoring, 676–688
- network optimization, 689–717
- network programmability, 665–666
- review questions, 721–724, 931–932
- software-defined networking, 655–658
- spine-leaf-based two-tier networks, 657
- top-of-rack switching, 658
- traffic flows, 658–660
- written lab, 720, 901
- data communication equipment (DCE), 49
- data encapsulation, 220–224
- data frame, 46
- Data Link layer
- about, 46–48
- in data encapsulation, 221, 223
- Ethernet and, 102–109
- features of, 35
- frames within, 107–109
- in IP routing, 310, 312, 313, 314
- Logical Link Control (LCC) within, 47
- MAC address as residing on, 133
- Media Access Control (MAC) within, 47
- switches and bridges at, 175–177
- data loss prevention (DLP), 519, 678
- Data Over Cable Service Interface Specifications (DOCSIS) standard, 166
- data packets, 44
- data (forwarding) plane, 609, 665, 667
- data terminal equipment (DTE), 48–49
- datagrams
- in data encapsulation, 221
- defined, 670
- dB (decibel) loss, 749, 783–784
- DB-25 cable, 75
- DCE (data communication equipment), 49
- DDoS (distributed denial of service) attacks, 583–588
- deauthentication, 594
- DEC (Digital Equipment Corporation), 378
- decibel (dB) loss, 749, 783–784
- decimal conversion, 102–106
- de-encapsulation, 221
- defense-in-depth strategy
- about, 564
- honeypot, 567
- Network Access Control (NAC), 566–567
- network segmentation enforcement, 564–565
- screened subnet (demilitarized zone), 565
- separation of duties, 565–566
- delay, QoS and, 692
delete
command, 856
- demarcation point (demarc), 23, 87
- demilitarized zone (DMZ), 141, 142, 157, 517–518, 565
- denial of service (DoS) attacks, 453, 583–588
- dense wavelength-division multiplexing (DWDM), Ethernet over, 117–118
- Desktop as a Service (DaaS), 664, 704
- desktops, virtual, 701
- destination address (DA), 108
- detection methods, 639–641
- Device Hardening, 401
- device logs, 731–733
- device saturation, with unbounded media (wireless), 787
- devices
- about, 178–179
- automated graceful shutdown of attached, 491–492
- exam essentials, 179–180
- before Layer 2 switching, 367–370
- logs, 476–482
- performance metrics/sensors for, 471–473
- placement of, 710–714
- review questions, 181–184, 911–913
- sanitizing, 646–647
- UC, 694
- written lab, 180, 891–892
- DFS (Dynamic Frequency Selection), 424
- DHCP. See Dynamic Host Configuration Protocol (DHCP)
- DHCP server. See Dynamic Host Configuration Protocol (DHCP) server
- diagrams, 671–676
- dictionary attacks, 593
- Differentiated Services Code Point (DSCP), 693
- DiffServ, 693
- Diffusing Update Algorithm (DUAL), 337
- Digital Equipment Corporation (DEC), 378
- digital modulation, 50
- Digital Subscriber Line (DSL), 23–24
- Digital Subscriber Line (DSL) modem, 133, 153, 166
- Dijkstra algorithm, 340
- dipole antennas, 431
- directional antennas, 431
- direct-sequence spread spectrum (DSSS), 422
- dirty connectors, 786
- disabled port, 380
- disabling switchports, 610
- disaster recovery plan (DRP), 510. See also high availability (HA)
- discards, 867
- discontiguous networks, 335–336
- distance
- limitation for cables, 76, 783–784, 786
- signal degradation and, 438
- unbounded media and, 789
- distance-vector (DV) routing protocols, 318, 329, 330–340
- distributed denial of service (DDoS) attacks, 583–588
- distributed switching, 378
- distributed WAN, 9
- distribution layer, 655
- distribution system (DS), 433
- distributions, wiring, 85–87
- divide-and-conquer approach, 806
- DLP (data loss prevention), 519, 678
- DMZ (demilitarized zone), 141, 142, 157, 517–518, 565
- DNAT (dynamic NAT), 295
- DNS. See Domain Name Service (DNS)
- DNS amplification attack, 587–588
- DNS poisoning, 589
- DNS (Domain Name Service) server, 148, 152, 153–159, 193–194
- DOCSIS (Data Over Cable Service Interface Specifications) standard, 166
- documents and policies
- about, 507, 529
- audit and assessment report, 526–527
- baseline configurations, 527–528
- business continuity plan (BCP), 510–511
- change management, 508–510
- common, 519–529
- disaster recovery plan (DRP), 510
- exam essentials, 529
- hardening and security policies, 511–519
- incident response plan, 510
- logical network diagram, 524–525
- memorandum of understanding (MOU), 529
- monitoring and, 677–679
- network, 670–676
- nondisclosure agreement (NDA), 528
- physical network diagram, 520–524
- plans and procedures, 507–511
- review questions, 531–532, 925–926
- security, 678–679
- service-level agreement (SLA), 529
- site survey report, 526
- standard operating procedures, 511
- system life cycle, 511
- wiring diagram, 525–526
- written lab, 530, 897–898
- DoD model, layers of, 189
- Domain Name Service (DNS)
- incorrect, 799
- name resolutions and, 95
- Domain Name Service (DNS) server, 148, 152, 153–159, 193–194
- domains
- door locks/swipe mechanisms, 516
- doorbells, smart doorbells, 133
- DORA process, 196
- DoS (denial of service) attacks, 453, 583–588
- dotted-decimal IP address method, 234
- double-blind test, 575
- downtime
- about, 498
- authorized, 509, 717
- network availability and, 738
- planned, 535
- planned vs. unplanned, 695, 738
- drivers, updating, 614–615
- dropped packets, QoS and, 692
- DRP (disaster recovery plan), 510. See also high availability (HA)
- DS (distribution system), 433
- DSCP (Differentiated Services Code Point), 693
- DSL (Digital Subscriber Line), 23–24
- DSL (Digital Subscriber Line) modem, 133, 153, 166
- DSSS (direct-sequence spread spectrum), 422
- DTE (data terminal equipment) (Physical layer), 48–49
- DTP (Dynamic Trunking Protocol), 388
- DUAL (Diffusing Update Algorithm), 337
- dual stacking, 252, 357
- dumb terminals, 8
- duplex
- of cables, 77
- devices and, 483–484
- issues with, 750–751
- mismatch, 798
- network, 733–734
- DV (distance-vector) routing protocols, 318, 329, 330–340
- DWDM (dense wavelength-division multiplexing), Ethernet over, 117–118
- dynamic ARP inspection (DAI), 398, 609
- dynamic ARP table entries, 845
- dynamic assignment, 157
- Dynamic Frequency Selection (DFS), 424
- Dynamic Host Configuration Protocol (DHCP)
- as compared to Bootstrap Protocol (BootP), 194–196
- DHCPv6, 251
- exhausted scope, 802
- snooping, 397, 613
- Dynamic Host Configuration Protocol (DHCP) server
- about, 147–152
- as common network connectivity device, 133
- DHCP relay, 151
- dynamic DNS, 159
- internal and external DNS, 159
- rogue, 590–591, 800–801
- third-party/cloud-hosted DNS, 160
- dynamic NAT (DNAT), 295
- dynamic routing, 307, 316–319
- Dynamic Trunking Protocol (DTP), 388
- dynamic VLANs, 388
E
-e
switch, 866–867
- EAP (Extensible Authentication Protocol), 460–461, 572–573, 620
- EAP-FAST (Extensible Authentication Protocol - Fast), 461, 573
- EAP-TLS (Extensible Authentication Protocol - Transport Layer Security), 461–462, 573
- EAS (Emergency Alert System), 685
- East-West traffic, 659–660
- edge/access layer, 654–655
- EGPs (exterior gateway protocols), 317, 318, 326
- EIA/TIA (Electronic Industries Association/Telecommunications Industry Alliance) standards, 109
- 802.1X standards, 571–572. See also Remote Authentication Dial-In User Service (RADIUS)
- 802.3 standards, 109, 110–114
- 802.11 standards, 441
- about, 419–421
- comparing, 427–428
- 5 GHz (802.11a), 423–424
- 5 GHz (802.11ac), 426
- 5 GHz (802.11h), 424
- 2.4 GHz (802.11b), 421–422
- 2.4 GHz (802.11g), 422–423
- 2.4 GHz/5 GHz (802.11n), 425
- WiFi 6 (802.11ax), 426–427
- EIGRP (Enhanced Interior Gateway Routing Protocol), 328, 336–338, 358
- EIGRPv6, 358
- elasticity, 707
- electrical issues
- about, 490
- automated graceful shutdown of attached devices, 491–492
- bypass procedures, 493
- flooding, 495
- maximum load, 493
- multiple circuits, 494
- periodic testing of batteries, 492–493
- runtime vs. capacity, 491
- uninterruptible power supply (UPS), 490–491
- electrical safety, 682
- electromechanical systems, 640
- Electronic Industries Association/Telecommunications Industry Alliance (EIA/TIA) standards, 109
- electrostatic discharge (ESD), 682
- Emergency Alert System (EAS), 685
- emergency procedures, 684–685
- employee training, as a prevention method, 642–643
- Encapsulating Security Payload (ESP), 219–220
- encapsulation
- defined, 32
- errors with, 488, 735
- introduction to, 49–50
- encryption devices, 152, 162–163
- encryption/security type mismatch, 787
- end-user training, as a prevention method, 642
- engines, caching, 695–696
- Enhanced Interior Gateway Routing Protocol (EIGRP), 328, 336–338, 358
- enhanced small form-factor pluggable (SFP+) transceiver, 72
- environmental attacks, 598–600
- environmental factors/sensors, 489–495, 735–736, 790
- environmental monitors, 489–490
- EPA (US Environmental Protection Agency), 544–545
- equipment access
- locating and installing, 708–715
- security and, 516
- Ericsson, 439
- errors
- ESD (electrostatic discharge), 682
- ESP (Encapsulating Security Payload), 219–220
- ESS (extended service set), 434
- EtherChannel, 400
- Ethernet
- about, 96–102, 118–119
- addressing within, 106–107
- baseband, 99
- baud rate of, 99
- bit rate of, 99
- broadband, 99
- broadcast domain within, 97
- carrier sense multiple access with collision detection (CSMA/CD), 97–98
- collision domain within, 96–97
- Data Link layer (OSI reference model) and, 102–109
- defined, 96
- exam essentials, 119
- Fast, 110–114
- frames of, 107–109
- full-duplex, 100–102
- half-duplex, 100–102
- number conversions within, 102–106
- over bidirectional wavelength-division multiplexing (WDM), 117
- over Broadband over Power Line (BPL), 115–117
- over course wavelength-division multiplexing (CWDM), 117
- over dense wavelength-division multiplexing (DWDM), 117–118
- over HDMI, 117, 118
- over Power Line Communication (PLC), 115–117
- Physical layer (OSI reference model) and, 109–115
- review questions, 124–127, 910–911
- specifications for, 109
- wavelength of, 99–100
- written lab, 119–123, 889–891
- Ethernet cables, 62–65
- Ethernet loopback adapter (plug), 753
- European Telecommunications Standards Institute (ETSi), 416
- Event Viewer, 477
- evil twin, 592–593
- exam essentials
- attacks, 600
- availability, 739–740
- cable connectivity, 765
- connectors, 88
- data center architecture, 719–720
- documents and policies, 529
- Ethernet, 119
- hardening techniques, 621
- high availability, 555
- Internet Protocol (IP), 224–225
- IP address, 254, 298–299
- IP routing, 319–320
- Layer 2 switching, 406
- Network Address Translation (NAT), 298–299
- networking devices, 179–180
- networks, 25
- Open Systems Interconnection (OSI) model, 51–52
- performance metrics/sensors, 498–499
- physical security, 647
- remote access security, 632
- routing, 359–360
- security, 577
- software tools and commands, 879
- subnetting, 298–299
- troubleshooting, 818–819
- virtual local area network (VLAN), 406
- wireless networking, 462–463
- exclusion ranges, 147
- explicit deny, 618
- exploits, 563
- extended service set (ESS), 434
- Extensible Authentication Protocol (EAP), 460–461, 572–573, 620
- Extensible Authentication Protocol - Fast (EAP-FAST), 461, 573
- Extensible Authentication Protocol - Transport Layer Security (EAP-TLS), 461–462, 573
- exterior gateway protocols (EGPs), 317, 318, 326
- external threats, 562
F
-f
option (route
command), 854
- facilities support, 542–545
- factory reset, 646
- fail open/fail close, 685
- Fast Ethernet standards, 110–114
- fault tolerance, 15, 696
- fax server, 7
- FCC (Federal Communications Commission), 416
- FCoE (Fibre-Channel over Ethernet), 703
- FCS (Frame Check Sequence), 108
- FCS (Frame Check Sequence) field, 221, 222, 223, 310, 311, 312, 313, 314
- FDM (frequency-division multiplexing), 50
- FDMA (frequency-division multiple access), 418
- FDPs (fiber distribution panels), 69
- feasible successor, 338
- Federal Communications Commission (FCC), 416
- feeder cable, 86
- FHRP (first-hop redundancy protocol), 344–351, 541–542, 548–553, 552
- fiber cable, 785–786
- fiber distribution panels (FDPs), 69
- fiber fusion splicer, 764
- fiber light meter, 764
- fiber loopback adapter (plug), 753
- fiber to coaxial converter, 73
- fiber type mismatch, 786
- fiber-optic cables
- about, 66–71
- connectors for, 68–69
- fiber-optic transceivers, 69–70
- Fibre Channel, 703
- Fibre-Channel over Ethernet (FCoE), 703
- FIFO (first-in, first-out) buffer, 694
- file server, 7
- File Transfer Protocol (FTP)
- about, 191, 706, 871–872
- downloading files, 874–875
- logging in to server, 872–874
- starting, 872–874
- uploading files, 876
- files
- downloading via FTP, 874–875
- uploading via FTP, 876
- viruses in, 596
- fire escape plan, 685
- fire suppression, 544–545
- Firefox, Application layer and, 36
- fire-suppression systems, 685
- firewalls
- defined, 141
- demilitarized zone (DMZ) of, 141, 142
- incorrect host-based settings, 803
- next-generation firewall (NGFW), 166
- private side of, 141
- public side of, 141
- redundancy and, 542
- rules for, 617–618
- security and, 517
- typical design of, 142
- virtual, 700
- firmware, managing, 614–615
- first hop, 344
- first-hop redundancy protocol (FHRP), 344–351, 541–542, 548–553, 552
- first-in, first-out (FIFO) buffer, 694
- 5 GHz (802.11a), 423–424
- 5 GHz (802.11ac), 426
- 5 GHz (802.11h), 424
- 5G, 419
- five-nines availability, 695
- flat network, 383
- flood guard, 398–399
- flooding, 495, 804
- floor plan, 523
- flow control, Transport layer and, 39–41
- 40 MHz channels, 425
- forward/filter decision, 375–376
- forward/filter table, 373
- forwarding (data) plane, 667
- forwarding port, 380
- 4G, 418–419
- four-post racks, 711, 712
- FQDN (fully qualified domain name), 193
- frame, in data encapsulation, 221, 223
- Frame Check Sequence (FCS), 108
- Frame Check Sequence (FCS) field, 221, 222, 223, 310, 311, 312, 313, 314
- frames
- within the Data Link layer (OSI reference model), 107–109
- filtering, 375
- freestanding racks, 711, 713
- frequency
- of cables, 77–78
- incorrect, 788
- frequency-division multiple access (FDMA), 418
- frequency-division multiplexing (FDM), 50
- friendly/unintentional DoS, 585
- FTP. See File Transfer Protocol (FTP)
- F-type connector, 60, 61–62
- full tunneling, 628
- full-duplex communication, 77, 483, 733–734, 750–751
- full-duplex Ethernet, 100–102
- full-duplex mode, 37
- fully qualified domain name (FQDN), 193
G
- gateways
- generators, 543
- Generic Routing Encapsulation (GRE), 211, 218, 354
- geofencing, 457, 620
GetRequest
command, 670
- giants, 488, 735
- Gigabit Media Independent Interface (GMII), 110
- gigabit wiring, 82
- global addresses, 295
- global positioning (GPS), 457, 620
- Global System Mobile (GSM), 418
- GMII (Gigabit Media Independent Interface), 110
- GPS (global positioning), 457, 620
- GRE (Generic Routing Encapsulation), 211, 218, 354
- grounding, 682
- GSM (Global System Mobile), 418
- guards, security and, 518
- guest network, 566
- guest network isolation, 620
H
- H.323 protocol, 204
- HA. See high availability (HA)
- half-duplex communication, 77, 415
- half-duplex Ethernet, 100–102
- half-duplex mode, 37
- handshake
- defined, 38
- three-way, 39
- hardening
- about, 607, 621
- best practices, 607–618
- exam essentials, 621
- IoT access considerations, 621
- review questions, 623–624, 928–929
- security policies and, 511–519
- wireless security, 618–621
- written lab, 622, 899–900
- hardware
- addressing of, 46
- redundancy and, 538–542
- troubleshooting, 780
- hardware address, 95, 102, 211
- HDMI, Ethernet over, 117, 118
- heating, ventilation, and air conditioning (HVAC) sensors, 133, 167, 544, 686
- Hello Timer (HSRP), 348–349, 551–552
- hexadecimal conversion, 102–106
- hexadecimal IP address method, 234
- HIDS (host-based IDS), 132, 142
- hierarchical addressing, 234–241
- high availability (HA)
- about, 535, 555, 695
- exam essentials, 555
- facilities and infrastructure support, 542–545
- load balancing, 535–536
- mean time between failure (MTBF), 554
- mean time to repair (MTTR), 553–554
- multipathing, 536–537
- network availability and, 738
- network device backup/restore, 554–555
- network interface card (NIC) teaming, 537
- recovery point objective (RPO), 554
- recovery time objective (RTO), 554
- redundancy and, 545–553
- redundant hardware/clusters, 538–542
- review questions, 557–558, 926
- written lab, 556, 898
- high throughput (HT), 426
- high-bandwidth applications, 690–691
- Hold Timer (HSRP), 349, 552
- honeynets, 688
- honeypots, 567, 688
- hop count, 45, 327, 330, 331, 332, 333, 340, 341, 358
- host address, 235
- host-based IDS (HIDS), 132, 142
- hosts. See workstations
- Hosts file, resolving names with, 850–851
- Host-to-Host layer
- hot sites, 546
- Hot Standby Router Protocol (HSRP), 344–350, 548–549, 551–552, 553, 697
- hound, 761
- HSRP timers, 348
- HT (high throughput), 426
- HTTP (Hypertext Transfer Protocol), 197
- HTTPS (Hypertext Transfer Protocol Secure), 200
- hub-and-spoke topology. See star topology
- hubs
- access point (AP) as, 142, 143
- as common network connectivity device, 132, 134, 135
- considering replacing of with switches, 174
- defined, 5
- hub-and-spoke topology, 219
- as older technology, 173
- at Physical layer of SOHO network, 177–178
- switches as compared to, 136, 174
- switches as replacing, 170
- use of as contributing to congestion, 172
- human attacks, 598–600
- humidity, as an environmental concern, 489
- HVAC (heating, ventilation, and air conditioning) sensors, 133, 167, 544, 686
- hybrid cloud, 704
- hybrid mesh topology, 17–18
- hybrid protocol, 318–319, 320, 327, 330, 332, 336, 338
- hybrid topology, 20–21
- Hypertext Transfer Protocol (HTTP), 197
- Hypertext Transfer Protocol Secure (HTTPS), 200
- hypervisor, 24, 698–699
I
- IaaS (Infrastructure as a Service), 663–665, 704
- IaC (Infrastructure as Code), 704–705
- IBSS (independent basic service set), 432–433
- ICMP (Internet Control Message Protocol), 211, 214–215, 309, 583
- ICS (Industrial control system), 168, 686–687
- ICSA, 515
- IDF (intermediate distribution frame), 85, 524, 708
- IDSs (intrusion detection systems), 132, 142, 454, 517, 584
- IEEE. See Institute of Electrical and Electronics Engineers (IEEE)
- IEEE 802.1D, 378
- IEEE 802.1Q, 391–392
- IEEE 802.1X, 388
- IEEE 802.3ad standard, 400
- IEEE 802.11, 456
- IETF (Internet Engineering Task Force), 188
ifconfig
utility, 840
- I/G (Individual/Group) address, 106
- IGMP (Internet Group Management Protocol), 204
- IGPs (interior gateway protocols), 317, 326, 343
- IGRP (Interior Gateway Routing Protocol), 318, 329
- IMAP (Internet Message Access Protocol), 198–199, 202
- implicit deny, 618
- in-band management, 394, 631–632
- incident response policies, 510, 678
- independent basic service set (IBSS), 432–433
- Individual/Group (I/G) address, 106
- Industrial control system (ICS), 168, 686–687
- InfiniBand, 703
- information gathering, during site survey, 447
- infrared (IR), 440, 441
- infrared (IR) sensors, 640
- Infrastructure as a Service (IaaS), 663–665, 704
- Infrastructure as Code (IaC), 704–705
- infrastructure layer, 656
- infrastructure mode, 433–434, 453
- infrastructure support, 542–545
- inherent attenuation, 109
- input errors, 487
- input queue drops, 487
- inside global address, 296
- inside local address, 296
- installation safety, 682–684
- Institute of Electrical and Electronics Engineers (IEEE)
- about, 416
- Data Link layer specifications of, 46–47
- 802.3 Committee, 109, 110
- 1905.1-2013, 115–118
- organizationally unique identifier (OUI) by, 106
- Project 802, 47–48
- Integrity, in CIA triad, 561
- interface
- about, 45
- configurations, 138–141
- errors and alerts, 486–488, 734–736
- incorrect, 800
- misconfiguration, 800
- statistics/status, 482–486, 733–734
- interference
- cables and, 749, 784–785
- signal degradation and, 438
- with unbounded media (wireless), 786–787
- interior gateway protocols (IGPs), 317, 326, 343
- Interior Gateway Routing Protocol (IGRP), 318, 329
- intermediate distribution frame (IDF), 85, 524, 708
- Intermediate System-to-Intermediate System (IS-IS), 318, 328, 329, 340, 343–344
- internal threats, 562
- international export controls, 678
- International Organization for Standardization (ISO), 681, 755–756
- International Telecommunications Union (ITU), 476
- Internet Control Message Protocol (ICMP), 211, 214–215, 309, 583
- Internet Engineering Task Force (IETF), 188
- Internet Group Management Protocol (IGMP), 204
- Internet layer
- as describing same thing as Network layer, 189, 190
- of DoD model, 189, 190
- protocols of, 210–220
- TCP as preparing data stream for, 205
- Internet Message Access Protocol (IMAP), 198–199, 202
- Internet of Things (IoT), 133, 168, 440–441, 621
- Internet Protocol (IP)
- about, 211–214, 224, 687
- defined, 44
- exam essentials, 224–225
- review questions, 226–229, 913–914
- as routed protocol, 306
- routing process, 309–314
- terminology of, 233–234
- troubleshooting IP addressing, 286–293
- version 4 (IPv4) (See IPv4)
- version 6 (IPv6) (See IPv6)
- written lab, 225, 892–893
- Internet Protocol Security (IPSec), 211, 218–219
- Internet Relay Chat (IRC), 583–584
- Internet Service Providers (ISPs), 547–548
- Internet Small Computer Systems Interface (iSCSI), 702
- internetwork, 137–138, 171, 172, 173, 175, 176
- internetworking models
- about, 32–34
- router within, 45
- Inter-Switch Link (ISL), 391
- inter-VLAN communication, 386
- intranet, 9
- Intra-Site Automatic Tunnel Addressing Protocol (ISATAP) tunneling, 356
- intrusion detection systems (IDSs), 132, 142, 454, 517, 584
- intrusion prevention systems (IPSs), 132, 142, 454, 585
- inverters, 710
- IoT (Internet of Things), 133, 168, 440–441, 621
- IP. See Internet Protocol (IP)
- IP address
- about, 253, 298
- AP, 444
- determining problems with, 289–293
- duplicate, 799
- exam essentials, 254, 298–299
- expired, 800
- hierarchical scheme for, 234–241
- incorrect, 799
- IP address management (IPAM), 152
- network addressing, 235–239
- review questions, 257–260, 300–304, 914–916
- using, 675–676
- VLAN Trunking Protocol (VTP) and, 394–396
- written labs, 255–256, 299, 893–894
- IP address management (IPAM), 152
- IP cameras, 639
- IP exclusions, 147
- IP routing
- about, 319
- exam essentials, 319–320
- process of, 309–314
- review questions, 321–324, 918–919
- testing your understanding of, 315–316
- written lab, 320, 895
- IP scanner, 832–833
- IP spoofing, 594
ip
utility, 840
- IPAM (IP address management), 152
ipconfig
utility, 288, 483, 836–839
- IPSec (Internet Protocol Security), 211, 218–219
- IPSs (intrusion prevention systems), 132, 142, 454, 585
iptables
utility, 841
- IPv4 (Internet Protocol version 4)
- address types, 241–243
- address-exhaustion crisis of, 243, 244
- header, 212, 245, 252
- loopback address, 287
- popularity of, 271
- prolific use of broadcasts in, 245
- use of with dual stacking, 252, 357
- IPv6 (Internet Protocol version 6)
- about, 44
- address types in, 247–248
- addressing and expressions in, 246
- advanced concepts of, 351–357
- benefits of and uses for, 244–245
- DHCPv6, 251
- dual stacking, 252
- introduction, 243
- migrating to, 251
- Neighbor Discovery Protocol (NDP), 353–354
- as routed protocol, 306
- router advertisement, 351–352
- routing protocols of, 357–359
- shortened expression in, 246–247
- 6to4 tunneling, 252–253
- special addresses in, 248–249
- stateless address autoconfiguration (SLAAC), 249–250
- why we need it, 244
- IR (infrared), 440, 441
- IR (infrared) sensors, 640
- IRC (Internet Relay Chat), 583–584
- ISATAP (Intra-Site Automatic Tunnel Addressing Protocol) tunneling, 356
- iSCSI (Internet Small Computer Systems Interface), 702
- ISDN, 687
- IS-IS (Intermediate System-to-Intermediate System), 318, 328, 329, 340, 343–344
- ISL (Inter-Switch Link), 391
- ISO (International Organization for Standardization), 681, 755–756
- isolation
- guest network, 620
- wireless client, 619
- isotropic antennas, 431
- ISPs (Internet Service Providers), 547–548
- ITU (International Telecommunications Union), 476
J
- Jerusalem virus, 596
- jitter
- jumbo frames, 703
K
- Kardach, Jim, 439
- Kerberos, 570–571
- Krone block, 86
L
- labeling, 714–715
- Lammle, Todd (author)
- The Cisco CCNA Study Guide, 878
- website of, 59
- LAN. See local area network (LAN)
- latched connectors, 69
- latency
- Layer 1 device
- analog modem as, 163
- hub as, 135
- media converter as, 165
- Layer 2
- access point (AP) as operating at, 142
- broadcasts, 177, 195, 242
- DORA components as operating at, 151
- Layer 2 device
- Layer 2 switching. See also virtual local area network (VLAN)
- about, 140, 141, 171, 175, 367, 405–406
- exam essentials, 406
- limitations of, 371–372
- networking before, 367–370
- port mirroring/spanning (SPAN/RSPAN), 404–405
- Power over Ethernet (PoE/PoE+), 401–404
- review questions, 408–411, 921–922
- services for, 370–378
- Spanning Tree Protocol (STP), 378–382
- switch functions at, 372–377
- written lab, 406–407, 895–896
- Layer 3
- broadcasts, 195, 242
- design, 138, 140
- Network layer as, 171
- protocol, 218
- switch, 137, 138, 153, 171
- Layer 3 device
- Layer 7 firewall, 152, 166
- layered approach, 33
- layered architecture, 33
- layers
- defined, 33
- of OSI reference model, 35
- LBFO (load balancing/failover), 813
- LC (local connector), 70
- LCAP (Link Aggregation Control Protocol), 400–401
- LCC (Logical Link Control) (Data Link layer), 47
lcd
command, 875
- LDAP (Lightweight Directory Access Protocol), 200, 202, 570
- learning port, 380
- lease time, 150
- leased line, 24
- least privilege, 563
- LEDs. See Light-Emitting Diodes (LEDs)
- legacy systems, 687
- Length field, 108
- L/G (Local/Global) bit, 106
- licensed features, 805
- licensing restrictions, 678
- lifting equipment, 682
- light source
- of fiber-optic cables, 77
- of multimode fiber-optic (MMF), 67
- of single-mode fiber-optic (SMF) cables, 67
- Light-Emitting Diodes (LEDs)
- in network interface cards (NICs), 134
- Status Indicators, 750
- Lightweight Access Point Protocol (LWAPP), 436, 452
- Lightweight Directory Access Protocol (LDAP), 200, 202, 570
- line testers, 754
- line voltage, 763–764
- Link Aggregation Control Protocol (LCAP), 400–401
- link state, 482–483, 733
- link-local address, 353
- link-state advertisements or packets (LSAs or LSPs), 340
- link-state (LS) routing protocol, 318, 329, 340–344
- Linux, 596
- listening port, 380
- load balancing, 133, 144, 327, 535–536, 695
- load balancing/failover (LBFO), 813
- local addresses, 296
- local area network (LAN)
- about, 4–6
- baseband of, 99
- bridging vs. switching, 372
- communication within, 94–96
- Ethernet media within, 109
- traffic congestion, 169
- local authentication, 571
- local connector (LC), 70
- Local/Global (L/G) bit, 106
- location-based WLAN, 450
- locking cabinets, 644
- locking racks, 643–644
- log reviews, 476–480, 676, 731
- logging levels, 480–482
- logic bomb, 596
- logical address, 211
- Logical Link Control (LCC) (Data Link layer), 47
- logical network diagrams, 524–525, 675
- login procedure/rights, troubleshooting, 776–777
- logs, device, 476–482
- Long-Term Evolution (LTE), 418
- loop avoidance, 376–377
- loopback adapter (plug), 753
ls
command, 875
- LS (link-state) routing protocol, 318, 329, 340–344
- LSAs/LSPs (link-state advertisements or packets), 340
- LTE (Long-Term Evolution), 418
- LWAPP (Lightweight Access Point Protocol), 436, 452
M
- MAC. See Media Access Control (MAC)
- MAC address. See Media Access Control (MAC) address
- macro viruses, 596–597
- magnetic flux, 77
- mail exchanger (MX) record, 155, 156
- mail relay, security and, 518
- mail servers
- about, 7
- security and, 517
- main distribution frame (MDF), 85, 524, 708
- mainframes, 8
- maintenance window, 509, 717
- malware (malicious software), 594–598
- MAM (mobile application management), 513
- MAN (metropolitan area network), 9
- managed switches, 137, 394
- Management Frame Protection (MFP), 453
- Management Information Base (MIB), 199, 476
- management plane, 609, 656–657
- man-in-the-middle attack (on-path attack), 588–589
- mantraps (access control vestibules), 599, 644–645
- Master License Agreement (MLA), 680
- Material Safety Data Sheet (MSDS), 684
- maximum load, 493
- maximum transmission unit (MTU), 798, 812
- MDF (main distribution frame), 85, 524, 708
- MDI/MDI-X (medium dependent interface/medium dependent interface-crossover), 782
- MDM (mobile device management), 513
- mean time between failure (MTBF), 554
- mean time to repair (MTTR), 553–554
- mechanical transfer registered jack (MT-RJ) connector, 70–71
- media, physical, 59
- Media Access Control (MAC)
- about, 47
- defined, 102
- efficiency, 425
- Ethernet addressing and, 106–107
- filtering, 618
- frame format, 107
- spoofing, 594
- Media Access Control (MAC) address
- about, 133, 136–137, 145, 149, 151, 216–217, 242, 246, 249–250, 310, 314–316, 344–345, 348, 373–374
- authentication/MAC filtering, 455–457
- duplicate, 800
- virtual, 549–551
- media converters, 72–74, 152, 165
- Media Gateway Control Protocol (MGCP), 203
- Media Independent Interface (MII), 110
- medianets, 687
- medium dependent interface/medium dependent interface-crossover (MDI/MDI-X), 782
- memberships, VLAN, 387
- Memorandum of Understanding (MOU), 529, 680
- memory
- buffer within, 40
- metrics for, 472–473, 728
- mesh topology, 17–18
- metrics, 45, 728–730, 760–761. See also performance metrics/sensors
- metro optical network, 24
- metropolitan area network (MAN), 9
- MFA (multifactor authentication), 567–568
- MFP (Management Frame Protection), 453
- MGCP (Media Gateway Control Protocol), 203
- mGRE (Multipoint Generic Routing Encapsulation), 12
- MIB (Management Information Base), 199, 476
- Michelangelo virus, 597
- Microsoft
- Active Directory, 167
- SQL Server, 202
- Windows Internet Naming Service (WINS), 153
- Microsoft Word, Application layer and, 37
- MII (Media Independent Interface), 110
- Mills, David, 198
- MILNET, 189
- MIMO (multiple-input, multiple-output), 425
- missing routes, 811
- mitigation
- ad hoc networks, 453
- denial of service (DoS), 453
- passive attacks, 454
- rogue access points (AP), 592
- rogue APs, 452
- MLA (Master License Agreement), 680
- MLS (multilayer switch), 138, 152, 153
- MMF (multimode fiber-optic) cable, 67
- mobile application management (MAM), 513
- mobile device management (MDM), 513
- mobile devices, onboarding/offboarding, 677
- mobile hot spots, 436–438
- modems
- modulation techniques, 50–51, 422
- modulator, 50
- modules, bad, 812
- monitors
- environmental, 489–490
- security and viewing, 516
- Monkey B virus, 597
- motion detection, 640–641
- MOU (Memorandum of Understanding), 529, 680
- MPLS (Multiprotocol Label Switching), 11–12
- MSDS (Material Safety Data Sheet), 684
- MTBF (mean time between failure), 554
Mtr
utility (pathping
), 852–853
- MT-RJ (mechanical transfer registered jack) connector, 70–71
- MTTR (mean time to repair), 553–554
- MTU (maximum transmission unit), 798, 812
- multicast addresses, 242, 243, 691
- multicast flooding, 804
- multifactor authentication (MFA), 567–568
- multilayer switch (MLS), 138, 152, 153
- multimeter, 757–758
- multimode fiber to Ethernet converter, 72–73
- multimode fiber-optic (MMF) cable, 67
- multipartite viruses, 597–598
- multipathing, 536–537
- multiple-input, multiple-output (MIMO), 425
- Multipoint Generic Routing Encapsulation (mGRE), 12
- Multiprotocol Label Switching (MPLS), 11–12
- multitenancy, 706–707
- Multiuser Multiple-Input, Multiple-Output (MU-MIMO), 425
- MX (mail exchanger) record, 155, 156
- MySQL, 203
N
-n
switch, 860–861, 869–870
- NaaS (Network as a Service), 702
- NAC (Network Access Control), 513, 566–567, 677
- name resolution, 153, 850–851
- name server (NS) record, 156
- naming conventions, 714
- NAS (network attached storage), 703
- NAT. See Network Address Translation (NAT)
- National Fire Protection Association (NFPA), 60
- National Security Agency (NSA), 515
- NAT/PAT. See network address translation (NAT); port address translation (PAT)
- NBIs (northbound interface) APIs, 669
nbstat
utility, 857–863
- NCP (Network Control Protocol), 188
- NDA (nondisclosure agreement), 528, 679
- NDP (Neighbor Discovery Protocol), 353–354
- near-end/far-end crosstalk, 783
- near-field communication (NFC), 440, 441
- Neighbor Discovery Protocol (NDP), 353–354
- neighbor table, 337, 340
- Net8, 202
- NetBIOS (Network Basic Input/Output System), 204
- NETCONF, 668
- NetFlow analyzers, 830–831
- NetFlow data, 496–498, 737–738
- netmask, 856
netstat
utility, 863–871
- NetWare services, 368
- Network Access Control (NAC), 513, 566–567, 677
- Network Access layer, of DoD model, 189, 190
- network access policy, 678
- Network Address Translation (NAT)
- about, 298
- defined, 239
- exam essentials, 298–299
- how it works, 296–298
- introduction, 294–298
- names in, 295–296
- review questions, 300–304, 916–918
- traffic and, 687–688
- types of, 295
- WAPs and, 429
- written labs, 299, 894
- network addresses
- about, 44
- Class A addresses, 236–237, 240
- Class B addresses, 238, 240, 278–286
- Class C addresses, 238–239, 240, 268–278
- Class D addresses, 239, 243
- Class E addresses, 239
- defined, 235
- special purposes of, 239
- Network as a Service (NaaS), 702
- network attached storage (NAS), 703
- Network Basic Input/Output System (NetBIOS), 204
- network connection LED status indicators, 777–778
- Network Control Protocol (NCP), 188
- network device backup/restore, 554–555
- network device logs, 731–733
- network interface card (NIC)
- network interface device (NID), 87
- network interface unit (NIU), 87
- Network layer
- about, 43–46
- in data encapsulation, 221
- data packets within, 44
- as describing same thing as Internet layer, 189, 190
- features of, 35
- ICMP as working at, 214
- IGMP as working at, 204
- interface within, 45
- as layer 3, 171
- metric within, 45
- network addresses within, 44
- responsibilities of, 223, 312
- routers as using logical address in header of, 175
- route-update packets within, 44
- as working with Transport layer, 213, 221
- Network Management System (NMS), 199, 475
- Network Monitor tool, 828
- Network Policy and Access Services (NPAS), 566
- network segmentation
- defined, 169
- enforcement of, 564–565
- planning and implementing a basic SOHO network using, 168–178
- network stack, 36
- Network Time Protocol (NTP), 152, 160, 198, 588, 805
- network-activity light, 778
- networked devices, 167–168
- networks
- about, 3–4, 24–25, 94–96
- architecture, 12–14
- backbone, 22–23
- cables, 21
- campus area network (CAN), 10
- client-server, 13–14
- components of, 6–9
- device logs, 476–482
- disabling unneeded services, 610
- exam essentials, 25
- hosts, 8–9
- implementing segmentation, 686–688
- local area network (LAN), 4–6
- managing documentation for, 670–676
- metrics for, 473–474, 728–730
- metropolitan area network (MAN), 9
- monitoring, 676–688
- Multipoint Generic Routing Encapsulation (mGRE), 12
- Multiprotocol Label Switching (MPLS), 11–12
- optimizing, 689–717
- peer-to-peer, 12–13
- performance issues, 805
- personal area network (PAN), 10
- physical topologies, 14–21
- programmability of, 665–666
- review questions, 26–29, 906–907
- segments, 23–24
- selecting topologies, 22
- servers, 6–8
- software-defined wide area network (SDWAN), 11
- storage area network (SAN), 10–11
- virtual networking, 24
- wide area network (WAN), 9–10
- workstations, 6
- written lab, 25, 888
- network-traffic light, 778
- next-generation firewall (NGFW), 152, 166, 542
- next-hop IP address, 856
- NFC (near-field communication), 440, 441
- NFPA (National Fire Protection Association), 60
- NGFW (next-generation firewall), 152, 166, 542
- nibble, 102
- NIC. See network interface card (NIC)
- NID (network interface device), 87
- Nimda virus, 596
- 1905.1-2013 (IEEE) standards, 115–118
- NIU (network interface unit), 87
- Nmap utility, 853–854
- NMS (Network Management System), 199, 475
- noise immunity, of cables, 77
- nondisclosure agreement (NDA), 528, 679
- nonpersistent agents, 566–567
- non-unicast packets, 867
- non-volatile RAM (NVRAM), 614
- northbound interface (NBIs) APIs, 669
- North-South traffic, 659
- notifications
- security and, 516
- security information and event management (SIEM), 576
- Novell, 368
- NPAS (Network Policy and Access Services), 566
- NS (name server) record, 156
- NSA (National Security Agency), 515
nslookup
utility, 849–850
- NTP (Network Time Protocol), 152, 160, 198, 588, 805
- NVRAM (non-volatile RAM), 614
O
- Object Identifiers (OIDs), 476
- octet, 102–103
- OE (operator error), 779
- off site virtual networking, 698
- offboarding
- of mobile devices, 677
- policy for, 513–514
- OIDs (Object Identifiers), 476
- omni directional antennas, 431
- on site virtual networking, 698
- onboarding
- of mobile devices, 677
- policy for, 513–514
- 110 block, 86
- 1000BaseT4, 674
- onePK, 668
- one-to-many, 242
- on-path attack (man-in-the-middle attack), 588–589
- on-premise data center, 660–661
- open access, 455
- Open Impedance Mismatch (echo), 784
- open relay, 518
- Open Shortest Path First (OSPF)
- as link-state protocol, 329, 340–343
- OSPFv3, 359
- use of, 328
- Open Systems Interconnection (OSI) reference model
- about, 34–36, 51, 153, 188, 189, 190
- advantages of, 34
- Application layer of, 35, 36–37
- Data Link layer of, 35, 46–48
- exam essentials, 51–52
- as hierarchical, 33
- layer functions of, 35
- Network layer of, 35
- origin of, 32
- Physical layer of, 35, 48–49
- Presentation layer of, 35, 37
- protocols of, 37
- review questions, 53–56, 907–908
- Session layer of, 35, 37
- Transport layer of, 35, 37–38, 38–39, 39–41, 41–42, 42–43
- written lab, 52, 888
- OpenFlow, 668
- operating mode, 444
- operator error (OE), 779
- OpFlex, 668–669
- optical cables, 751
- optical link budget, 804
- optical time-domain reflectometer (OTDR), 756–757
- Oracle, 202
- orchestration, 705
- organizationally unique identifier (OUI), 106
- OSFP. See Open Shortest Path First (OSPF)
- OSI. See Open Systems Interconnection (OSI) reference model
- OSPFv3, 359
- OTDR (optical time-domain reflectometer), 756–757
- OUI (organizationally unique identifier), 106
- out-of-band management, 394, 631–632
- out-of-order delivery, QoS and, 692
- output errors, 487
- output queue drops, 487
- outside global address, 296
- outside local address, 296
- overcapacity, unbounded media and, 789
- overhead, 39
- overlapping channels, 787–788
- overloading, 295, 297
- overvoltage threshold, 764
P
-p
option (route
command), 855
-p
switch, 868–869
- PaaS (Platform as a Service), 663–665, 704
- packet, in data encapsulation, 221, 223
- packet capture, 828–829
- Packet InterNet Groper (ping), 288
- packet shaper, 152, 164
- packet shaping, 694
- packet switching, 171
- PAgP (Port Aggregation Protocol), 400–401
- Palo Alto Networks AutoFocus, 574
- PAN (personal area network), 10
- Pan/Tilt/Zoom (PTZ) camera feature, 167
- passive attacks, 453–454
- passphrase, 459, 788
- password attacks, 593
- password policy, 512–513, 678
- passwords
- changing default, 610
- complexity and length of, 610–611
- for network interface card (NIC), 444
- security and, 516
- using characters to make strong, 612
- PAT (port address translation), 295, 297
- patch cable, 80
- patch panel labeling, 715
- patches
- management issues, 676
- managing, 614–615
- security and, 518
- paths, diversity of, 547–548
- Payment Card Industry Data Security Standard (PCI DSS), 688
- PBX (private branch exchange), 165, 701–702
- PCI DSS (Payment Card Industry Data Security Standard), 688
- PCP (Priority Code Point), 693
- PDUs (power distribution units), 543
- PDUs (protocol data units), 49, 220, 488
- PEAP (Protected Extensible Authentication Protocol), 461, 573
- peer-to-peer networks, 12–13
- penetration testing, 575
- performance metrics/sensors
- about, 471, 498, 727–728
- baselines, 495
- device/chassis, 471–473
- environmental factors/sensors, 489–495
- exam essentials, 498–499
- interface errors/alerts, 486–488
- interface statistics/status, 482–486
- NetFlow data, 496–498
- network, 473–474
- network device logs, 476–482
- optimizing performance, 691–694
- review questions, 501–504, 924–925
- Simple Network Management Protocol (SNMP), 474–476
- uptime/downtime, 498
- written lab, 499–500, 896–897
- permanent DoS, 585
- persistent agents, 566–567
- personal area network (PAN), 10
- phishing, 599
- photoelectric systems, 640
- physical access control devices, 133, 167
- physical attack, 585
- physical carrier sense, 145
- physical conditions, 817
- Physical layer
- about, 48–49
- data communication equipment (DCE) within, 49
- data terminal equipment (DTE) within, 48–49
- Ethernet and, 109–115
- features of, 35
- hubs at, of SOHO network, 177–178
- responsibilities of, 221, 224, 311, 312, 313, 314
- physical media, 59
- physical network diagrams, 520–524, 675
- physical NICs, 700
- physical security
- about, 638–639, 647
- asset disposal, 646–647
- detection methods, 639–641
- exam essentials, 647
- prevention methods, 642–645
- review questions, 649–650, 930–931
- written lab, 648, 900
- physical star network, 177–178
- physical topologies
- about, 14
- bus topology, 14–15
- hybrid topology, 20–21
- mesh topology, 17–18
- point-to-multipoint topology, 19–20
- point-to-point topology, 18–19
- ring topology, 17
- selecting, 22
- star topology, 15–16
- PIDS (protocol based IDS), 142
- piggybacking, 599
- Ping of Death attack, 583
ping
utility, 841–845
- pinouts, 750, 782–783
- PKI (Public Key Infrastructure), 461–462, 572
- placement, of equipment, 683
- plain old telephone service (POTS) cable, 63
- plans, 507–511
- Platform as a Service (PaaS), 663–665, 704
- PLC (Power Line Communication), 115–117
- PLCs (programmable logic controllers), 168
- plenum cables, 60, 748
- plenum-rated coating, 60
- PoE (Power over Ethernet), 401–404
- PoE (Power over Ethernet) cable, 749
- pointer record (PTR), 155, 156
- point-to-multipoint topology, 19–20
- point-to-point link, 16
- point-to-point topology, 18–19
- POP (Post Office Protocol), 198, 202
- port address translation (PAT), 295, 297
- Port Aggregation Protocol (PAgP), 400–401
- port channeling/bonding, 400
- port labeling, 714
- port mirroring/spanning (SPAN/RSPAN), 404–405
- port numbers, 209–210
- port scanners, 830
- port sweeping, 830
- port tagging, 391–392
- ports
- ARP inspection, 397–398
- bad, 750, 783
- bonding, 399–401
- BPDU guard, 399
- DHCP snooping, 397
- duplex mismatch, 798
- flood guard, 398–399
- root guard, 399
- security, 396–397, 608–609
- speed of, 797
- STP and, 379–380
- positive acknowledgement with retransmission, 42
- Post Office Protocol (POP), 198, 202
- postdeployment site survey, 447
- posture assessment, 566
- POTS (plain old telephone service) cable, 63
- power converters, 709–710
- power distribution units (PDUs), 543
- power failures/anomalies, 813
- power levels, 619, 789
- Power Line Communication (PLC), 115–117
- power management, 709–710
- Power over Ethernet (PoE, PoE+/802.3af, 802.3at), 401–404
- Power over Ethernet (PoE) cable, 749
- power redundancy, 710
- power switch, 778–779
- preamble, 107
- predeployment site survey, 447
- prefix routing, 332
- presence, 691
- Presentation layer, 35, 37
- preshared keys (PSKs), 462, 573, 620
- prevention methods, 642–645
print
command, 856
- print server, 7
- printer, 133, 167
- Priority Code Point (PCP), 693
- private branch exchange (PBX), 165, 701–702
- private cloud, 704
- private direct connection, 705–706
- private IP addresses, 239–240
- private networks, 687
- private VLANs, 609–610
- privileged user agreement, 678
- procedures
- process assessment, 575
- Process/Application layer
- processes, network monitoring and, 676
- programmable logic controllers (PLCs), 168
- Project 802 (IEEE), 47–48
- Protected Extensible Authentication Protocol (PEAP), 461, 573
- protocol analyzers, 755, 828–829
- protocol based IDS (PIDS), 142
- protocol data units (PDUs), 49, 220, 488
- protocol packet, 486, 734
- protocols. See also specific protocols
- distance-vector (DV) routing protocols, 318, 329, 330–340
- exterior gateway protocols (EGPs), 317, 318, 326
- first-hop redundancy protocols (FHRPs), 344–351
- of Host-to-Host layer, 204–210
- interior gateway protocols (IGPs), 317, 326, 343
- of Internet layer, 210–220
- of IPv6, 357–359
- of Process/Application layer, 191–204
- routing protocols, 306, 326–330
- shortest path first protocols, 329
- signal degradation and, 438
- proxy ARP, 812–813
- proxy server, 7, 133, 152, 160–162
- PSKs (preshared keys), 462, 573, 620
- PSTN (public switched telephone network), 166
- PSTN (public switched telephone network) cable, 63
- PTR (pointer record), 155, 156
- PTZ (Pan/Tilt/Zoom) camera feature, 167
- public cloud, 704
- Public Key Infrastructure (PKI), 461–462, 572
- public networks, 687
- public switched telephone network (PSTN), 166
- public switched telephone network (PSTN) cable, 63
- punch-down tool, 761–762
- PuTTY, 832
pwd
command, 875
Q
- QoS (quality of service), 167, 386–387, 692
- quad small form-factor pluggable (QSFP), 72
- quad-A record (AAAA record), 155, 156
- quality of service (QoS), 167, 386–387, 692
- queue drops, 487
R
-r
switch, 861–862, 867
-R
switch, 862
- RA (Router Advertisement) Guard, 608
- rack diagram, 523
- racks
- device placement and, 711–713
- installation of, 683
- locking, 643–644
- monitoring of, 715
- security of, 715
- radio frequency identification (RFID), 441, 457, 620, 784–785
- radio frequency interference (RFI), 749
- Radio Resource Management (RRM), for mitigating rogue APs, 452
- RADIUS (Remote Authentication Dial-In User Service), 388, 457, 568
- range, 802.11 standards and, 428
- ransomware, 593, 596
- Rapid Spanning Tree Protocol (RSTP), 381–382
- RARP (Reverse Address Resolution Protocol), 211, 217
- rate limiting, 694
- rate shifting, 421
- RBAC. See role-based access control (RBAC)
- RDP (Remote Desktop Protocol), 203, 629
- RDP Gateway, 630
- Real-time Transport Protocol (RTP), 203
- Recommended Standard 232 (RS-232) cable, 74–75
- recording equipment, 515
- records, types of found on DNS servers, 155–157. See also specific records
- recovery point objective (RPO), 554
- recovery sites, 545
- recovery time objective (RTO), 554
- redundancy
- hardware/clusters, 538–542
- high availability and, 545–553
- power, 710
- redundancy group, 697
- redundancy protocol, 344–351
- reference model, 33–34
- reflected/amplified attacks, 587–588
- reflection, unbounded media and, 790
- refraction, unbounded media and, 790–791
- refrigerator, 133
- registered jack (RJ) connector
- for Ethernet, 109
- use of, 65–66
- regulations, monitoring and, 677–678, 680–681
- reliable networking, 38
- remote access policy, 513, 678
- remote access security
- about, 626, 632
- authentication and authorization, 631
- client-to-site VPN, 626–628
- exam essentials, 632
- in-band management, 631–632
- out-of-band management, 631–632
- Remote Desktop Connection, 628–629
- Remote Desktop Gateway, 629–630
- review questions, 634–635, 929–930
- Secure Shell (SSH), 630
- site-to-site VPN, 626
- virtual desktop, 631
- Virtual Network Computing (VNC), 630–631
- written lab, 632–633, 900
- Remote Authentication Dial-In User Service (RADIUS), 388, 457, 568
- Remote Desktop, 706
- Remote Desktop Connection, 628–629
- Remote Desktop Protocol (RDP), 203, 629
- Remote Frame Buffer (RFB), 630–631
- remote wipe, 646
- repeater, 133, 178
- replay attacks, 458
- Request for Comments (RFCs)
- in Class B network, 238
- in Class C network, 238
- RFC 791, 211
- RFC 1487, 200
- RFC 1518, 268
- RFC 1777, 200
- RFC 1918, 239–240
- RFC 2338, 350
- RFC 3232, 209
- RFC 3377, 200
- very first ones, 188
- Request to Send, Clear to Send (RTS/CTS), 422
- Reverse Address Resolution Protocol (RARP), 211, 217
- reverse lookup zone (or table), 156
- review questions
- attacks, 602–603, 927–928
- availability, 741–744, 933–934
- cable connectivity, 767–770, 934–935
- connectors, 89–92, 909–910
- data center architecture, 721–724, 931–932
- documents and policies, 531–532, 925–926
- Ethernet, 124–127, 910–911
- hardening techniques, 623–624, 928–929
- high availability, 557–558, 926
- Internet Protocol (IP), 226–229, 913–914
- IP address, 257–260, 300–304, 914–916
- IP routing, 321–324, 918–919
- Layer 2 switching, 408–411, 921–922
- Network Address Translation (NAT), 300–304, 916–918
- networking devices, 181–184, 911–913
- networks, 26–29, 906–907
- Open Systems Interconnection (OSI) model, 53–56, 907–908
- performance metrics/sensors, 501–504, 924–925
- physical security, 649–650, 930–931
- remote access security, 634–635, 929–930
- routing, 361–364, 919–921
- security, 578–579, 927
- software tools and commands, 881–885, 937–938
- subnetting, 300–304, 916–918
- troubleshooting, 821–824, 935–937
- virtual local area network (VLAN), 408–411, 921–922
- wireless networking, 465–468, 922–923
- RFB (Remote Frame Buffer), 630–631
- RFI (radio frequency interference), 749
- RFID (radio frequency identification), 441, 457, 620, 784–785
- RIB (Routing Information Base), 339
- ring topology, 17
- RIP. See Routing Information Protocol (RIP)
- RIPng, 358
- riser-rated cables, 748
- risk assessments
- business, 575
- penetration testing, 575
- threat assessment, 573–574
- vulnerability assessment, 574
- RJ. See registered jack (RJ) connector
- rogue access point (AP), 591–592
- rogue APs, 452
- rogue DHCP, 590–591
- role-based access control (RBAC)
- about, 564
- hardening and, 616–617
- rollback, 508, 614, 676, 716
- rolled/rollover cable, 83, 748
- root domains, 153–154
- root guard, 399
- round-robin load balancing, 330
route
command, 854–857
- route redistribution, 338
- routed protocols, 44, 306
- router advertisement, 351–352
- Router Advertisement (RA) Guard, 608
- router interface, 140
- routers
- about, 43–46
- advantage of using in network, 171
- defined, 9
- described, 137–138
- purpose of, 170, 175–176
- redundancy and, 540–542
- virtual, 700
- route-update packets (Network layer), 44
- routing
- about, 359
- asymmetrical, 804
- basics of, 306–309
- exam essentials, 359–360
- issues with, 812
- protocols of, 306, 326–330
- review questions, 361–364, 919–921
- by rumor, 330
- written lab, 360, 895
- Routing Information Base (RIB), 339
- Routing Information Protocol (RIP). See also RIPng
- routing loops, 812
- routing protocols
- administrative distances (AD), 327–329
- basics of, 326–330
- classes of, 329–330
- defined, 306
- routing table, 171, 307, 337
- RPO (recovery point objective), 554
- RRM (Radio Resource Management), for mitigating rogue APs, 452
- RS-232 (Recommended Standard 232) cable, 74–75
- RSTP (Rapid Spanning Tree Protocol), 381–382
- RTO (recovery time objective), 554
- RTP (Real-time Transport Protocol), 203
- RTS/CTS (Request to Send, Clear to Send), 422
- runtime, capacity vs., 491
- runts, 488, 735
S
-s
switch, 863, 867–868
-S
switch, 862
- SA (source address), 108
- SaaS (Software as a Service), 663–665, 704
- safety practices, 681–686
- safety/emergency exits, 685
- SAM (Security Accounts Manager), 571
- sanitizing devices, 646–647
- SANs (storage area networks), 10–11, 702–703
- SBI (southbound interface) APIs, 667–669
- SC (square (subscriber) connector), 68–69
- SCADA (supervisory control and data acquisition), 133, 168, 686–687
- scalability, 707
- schematics, 671–676
- scope options, 148
- screened subnet (demilitarized zone), 142, 157, 565
- SDN. See software-defined networking (SDN)
- SDWAN (software-defined wide area network), 11
- Secure File Transfer Protocol (TCP 22), 192
- Secure Shell (SSH) protocol, 192, 630, 878
- Secure Sockets Layer (SSL), 200, 202
- SecureCRT, 832
- security
- about, 576–577
- authentication methods, 567–573
- CIA triad, 561–562
- defense in depth, 564–567
- exam essentials, 577
- hardening and, 511–519
- implications and considerations, 707–708
- least privilege, 563
- Media Access Control (MAC) authentication/MAC filtering, 455–457
- open access, 455
- ports, 396–397, 608–609
- Public Key Infrastructure (PKI), 461–462
- Remote Authentication Dial-In User Service (RADIUS), 457
- review questions, 578–579, 927
- risk assessments, 573–575
- role-based access, 564
- security information and event management (SIEM), 576
- segmentation and, 688
- service set identifier (SSID), 455–457
- Temporal Key Integrity Protocol (TKIP), 458–459
- threats, 562
- vulnerabilities, 562–563
- Wi-Fi Protected Access (WPA), 459–462
- wired equivalent privacy (WEP), 455–457
- wireless, 451–462, 618–621
- WPA2 pre-shared key, 459–462
- written lab, 577, 898–899
- zero trust, 564
- Security Accounts Manager (SAM), 571
- security audits, 514, 526–527, 612–613
- security event management (SEM), 479–480
- security information and event management (SIEM), 477, 479–480, 576
- security policies, 514–519, 678–679
- segments/segmentation
- in data encapsulation, 220–221
- network, 23–24, 686–688
- security and, 688
- troubleshooting, 781
- SEM (security event management), 479–480
- sensitivity, of latency, 690
- separation of duties, 565–566
- serial cables, 74–76
- Server Message Block (SMB), 200
- Server mode (VTP), 393
- server rail racks, 711
- servers
- network, 6–8
- troubleshooting, 781
- UC, 694
- service models, 663–665
- service provider links, 23–24
- service set identifier (SSID), 434, 444, 455–457, 788
- Service-Level Agreement (SLA), 529, 680
- service-related entry points, 23
- services, unresponsive, 803–804
- Session Initiation Protocol (SIP), 203, 687
- Session layer (OSI reference model), 35, 37
- session secret, 459
- severity levels, 480–482, 733
- SFF (small form factor) connector, 70
- SFP (small form-factor pluggable) transceiver, 72
- SFP+ (enhanced small form-factor pluggable) transceiver, 72
- SFP/GBIC (cable mismatch), 785–786
- shared keys, 444
- shielded twisted-pair (STP) cable, 62, 748, 785
- short circuit, 750, 784
- Shortest Path Bridging (SPB), 359
- shortest path first protocols, 329
- shoulder surfing, 599–600
show run
command, 484–485
- SIEM (security information and event management), 477, 479–480, 576
- signal degradation, 438
- signal strength, unbounded media and, 789
- signal-to-noise ratio, unbounded media and, 791
- Simple Mail Transfer Protocol (SMTP), 193, 202
- Simple Network Management Protocol (SNMP)
- about, 199, 474–475, 729–730
- Management Information Bases (MIBs), 476
- Object Identifiers (OIDs), 476
- secure, 608
- traps, 475
- using, 670–671
- simplex mode, 37
- simultaneous wired/wireless connections, with unbounded media (wireless), 787
- single sign-on (SSO), 570
- single-mode fiber to Ethernet converter, 72
- single-mode fiber-optic (SMF) cable, 67
- single-mode to multimode fiber converter, 73–74
- SIP (Session Initiation Protocol), 203, 687
- site survey
- about, 447
- capacity, 448–449
- location-based WLAN, 450
- multiple floors, 449–450
- report for, 526
- tools for, 450–451
- site-to-site VPN, 626
- 6to4 tunneling, 252–253, 354–356
- 66 block, 86
- SLA (Service-Level Agreement), 529, 680
- SLAAC (stateless address autoconfiguration), 249–250
- small form factor (SFF) connector, 70
- small form-factor pluggable (SFP) transceiver, 72
- small office, home office (SOHO) network
- about, 455
- determining requirements of, 169–175
- environmental considerations of, 178
- hubs at Physical layer of, 177–178
- planning and implementing of basic on using network segmentation, 168–178
- switches and bridges at Data Link layer of, 175–177
- small office, home office (SOHO) router, 137, 138
- smart antennas, 425
- smart doorbells, 133
- smart jack, 23, 87
- smart lockers, 645
- smart speakers, 133
- smart thermostats, 133
- SMB (Server Message Block), 200
- SMF (single-mode fiber-optic) cable, 67
- SMTP (Simple Mail Transfer Protocol), 193, 202
- Smurf attack, 585–586
- SNAT (static NAT), 295, 297
- SNMP. See Simple Network Management Protocol (SNMP)
- SOA (start of authority) record, 156
- social engineering attacks, 598–599
- software
- checking configurations, 816
- troubleshooting, 780
- software address, 211
- Software as a Service (SaaS), 663–665, 704
- software tools and commands
- about, 827, 878–879
- Address Resolution Protocol (ARP), 845–846
arp
utility, 846–849
- bandwidth speed testers, 829–830
- connectivity software, 831–832
- exam essentials, 879
- File Transfer Protocol (FTP), 871–876
ifconfig
utility, 840
- IP scanner, 832–833
ip
utility, 840
ipconfig
utility, 836–839
iptables
utility, 841
Mtr
utility (pathping
), 852–853
nbstat
utility, 857–863
- NetFlow analyzers, 830–831
netstat
utility, 863–871
- Nmap utility, 853–854
nslookup
utility, 849–850
ping
utility, 841–845
- port scanners, 830
- protocol analyzers/packet capture, 828–829
- resolving names with Hosts file, 850–851
- review questions, 881–885, 937–938
route
command, 854–857
tcpdump
utility, 871
- Telnet utility, 876–878
traceroute/tracert
, 833–835
- Trivial File Transfer Protocol (TFTP) server, 831
- Wi-Fi analyzers, 827
- written lab, 880, 903
- software-defined networking (SDN)
- about, 655, 666, 701
- application layer, 656
- backbone, 658
- control layer, 656
- infrastructure layer, 656
- management plane, 656–657
- spine-leaf-based two-tier networks, 657
- top-of-rack switching, 658
- software-defined wide area network (SDWAN), 11
- SOHO (small office, home office) router, 137, 138
- source address (SA), 108
- southbound interface (SBI) APIs, 667–669
- SOW (Statement of Work), 680
- Spanning Tree Algorithm (STA), 379
- Spanning Tree Protocol (STP)
- about, 378–379, 811
- convergence, 380–381
- port states, 379–380
- Rapid Spanning Tree Protocol (RSTP), 381–382
- SPAN/RSPAN (port mirroring/spanning), 404–405
- SPB (Shortest Path Bridging), 359
- speakers, smart speakers, 133
- spectrum analyzer, 758–759
- speed
- devices and, 483–484
- 802.11 standards and, 428
- network, 733–734
- of ports, 797
- speed distance, 747
- spine-leaf-based two-tier networks, 657
- split MAC, 435–436
- split pairs, 751, 754, 785
- split tunneling, 628
- SQL (Structured Query Language) Server, 202, 203
- SQLnet, 202
- SQL*Net, 202
- square (subscriber) connector (SC), 68–69
- SRV record, 156
- SSH (Secure Shell) protocol, 192, 630, 878
- SSID (service set identifier), 434, 444, 455–457, 788
- SSL (Secure Sockets Layer), 200, 202
- SSL certificate, untrusted, 801–802
- SSO (single sign-on), 570
- ST (straight tip) connector, 68–69
- STA (Spanning Tree Algorithm), 379
- StackWise technology, 539–540
- standard operating procedures, 511
- Standby Timer (HSRP), 349, 552
- star topology, 15–16
- start of authority (SOA) record, 156
- Start of Frame Delimiter (SOF)/Synch, 107–108
- state transitions, 48
- state/configuration, 554–555
- stateless address autoconfiguration (SLAAC), 249–250
- Statement of Work (SOW), 680
- static assignment, 147
- static energy, 682
- static IP addressing, 196
- static NAT (SNAT), 295, 297
- static routing, 307, 316–319
- static VLANs, 387–388
- Stealth Boot virus, 597
- Stoned virus, 597
- storage area networks (SANs), 10–11, 702–703
- STP. See Spanning Tree Protocol (STP)
- STP (shielded twisted-pair) cable, 62, 748, 785
- straight tip (ST) connector, 68–69
- straight-through cable, 80
- Structured Query Language (SQL) Server, 202, 203
- subnet mask, 799–800, 856
- subnetting
- about, 298
- basics of, 263–286
- benefits of, 264
- Class A, 940–945
- Class B addresses, 278–286
- Class C addresses, 268–278
- Classless Inter-Domain Routing (CIDR), 266–268
- exam essentials, 298–299
- how to create, 264–265
- review questions, 300–304, 916–918
- subnet masks, 265–266
- written lab, 943–945
- written labs, 299, 894
- subscriber (square) connector (SC), 68–69
- successor route, 338
- supervisory control and data acquisition (SCADA), 133, 168, 686–687
- surge protectors, 764
- Switch Port Analyzer (SPAN) and Remote SPAN, 404–405
- switch stacking, 538–540
- switches. See also specific switches
- switching loops, 811
- switching services, 370–378
- switchports, disabling, 610
- SYN flood, 586–587
- syslog, 201, 478–479, 731
- system labeling, 714
- system life cycle, 511, 679
T
- T1 crossover cable, 83–85
- T568A wiring standard, 78–80
- T568B wiring standard, 78–80
- TACACS+ (Terminal Access Controller Access Control System Plus), 568–569
- tailgating, 599
- tamper detection, 641
- tap, 760
- tapping the wire, 77
- target test, 575
- TCP. See Transmission Control Protocol (TCP)
- TCP (Transport Control Protocol), 157
- TCP 23 (Telnet), 192–193, 630, 876–878
- TCP segment format, 205–207
tcpdump
utility, 871
- TCP/IP. See Transmission Control Protocol/Internet Protocol (TCP/IP)
- TCP/UDP ports, blocked, 802–803
- TDM (time-division multiplexing), 51
- TDMA (time-division multiple access), 418
- TDR (time-domain reflectometer), 756
- technology-based attacks, 582–598
- Telecommunications Industry Alliance/Electronic Industries Association (TIA/EIA), 672–673
- Telecommunications Industry Association (TIA), 755–756
- telephony server, 7
- Telnet (TCP 23), 192–193, 630, 876–878
- temperature, as an environmental concern, 471–472, 489, 727
- Temporal Key Integrity Protocol (TKIP), 458–459
- 10Base2, 110
- 10Base5, 110
- 10BaseT, 110
- Tequila virus, 597
- Teredo, 356–357
- Terminal Access Controller Access Control System Plus (TACACS+), 568–569
- testing, security and, 516
- testing labs, 688
- TFTP (Trivial File Transfer Protocol), 196–197
- TFTP (Trivial File Transfer Protocol) server, 831
- thermostats, smart thermostats, 133
- thin computing, 701
- Thin Ethernet (thinnet), 60
- thin protocol, 207
- thinnet, 110
- threat assessment, 573–574
- ThreatConnect, 574
- ThreatQuotient, 574
- threats
- categories of, 562
- wireless, 451–455
- 3G, 418, 419
- three-way handshake, 39, 205
- throughput, 747
- TIA (Telecommunications Industry Association), 755–756
- TIA/EIA (Telecommunications Industry Alliance/Electronic Industries Association), 672–673
- time to live (TTL) value, 156, 589
- time-division multiple access (TDMA), 418
- time-division multiplexing (TDM), 51
- time-domain reflectometer (TDR), 756
- TKIP (Temporal Key Integrity Protocol), 458–459
- TLS (Transport Layer Security), 200
- TNS (Transparent Network Substrate), 202
- tone generator, 759–760
- toner probe, 759–760
- tool safety, 684
- top-level domains, 153–154
- top-of-rack switching, 658
- topology table, 337, 340
- Top-to-Bottom/Bottom-to-Top OSI model, 805–806
- TPC (Transmit Power Control), 424
Traceroute
, 288
traceroute/tracert
, 833–835
Tracert
, 288
- tracking, security and, 516
- traffic
- checking status of, 484–485
- receiving, 734
- sending, 734
- shaping, 694
- traffic contract, 694
- traffic flows
- about, 658
- East-West, 659–660
- North-South, 659
- traffic logs, 476–477, 731
- traffic spike, 584–585
- transceivers
- about, 71–72
- incorrect, 750
- mismatch, 783
- Transmission Control Protocol (TCP)
- connection-oriented communication, 38–39
- as Host-to-Host layer protocol, 204–205
- key concepts of, 208–210
- segment format, 205–207
- Transport layer and, 38
- Transmission Control Protocol/Internet Protocol (TCP/IP)
- about, 8, 586–587, 781
- brief history of, 188–189
- creation of, 188
- and DoD model, 189–190
- pinging, 842
traceroute/tracert
and, 833–835
- transmission speeds, of cables, 76
- Transmit and Received (TX/RX) Reversed, 751, 785
- Transmit Power Control (TPC), 424
- transparent bridge, 135, 176
- Transparent mode (VTP), 392, 394
- Transparent Network Substrate (TNS), 202
- Transport Control Protocol (TCP), 157
- Transport layer
- about, 37–38
- acknowledgements within, 42–43
- connection-oriented communication within, 38–39
- in data encapsulation, 220–224
- features of, 35
- flow control within, 39–41
- Host-to-Host layer also known as, 189, 190, 195
- port numbers for, 209, 213, 297
- separation of data at, 315
- use of UDP at, 158, 195
- windowing within, 41–42
- as working with Network layer, 213, 221
- Transport Layer Security (TLS), 200
- traps, 475
- Trivial File Transfer Protocol (TFTP), 196–197
- Trivial File Transfer Protocol (TFTP) server, 831
- Trojan horse, 598
- troubleshooting
- about, 775–776, 818
- cables, 782–786
- exam essentials, 818–819
- hardware vs. software, 780
- login procedure/rights, 776–777
- network connection LED status indicators, 777–778
- network segments, 781
- operator error, 779
- power switch, 778–779
- review questions, 821–824, 935–937
- steps for, 791–815
- tips for, 815–818
- unbounded media (wireless), 786–791
- workstation vs. server, 781
- written lab, 819–820, 902
- trunk ports, 389–390
- TTL (time to live) value, 156, 589
- Tunneled Transport Layer Security (TTLS), 462
- tunneling, 354–357
- 25-pair cable, 86
- twinaxial cable, 62
- twisted-pair cable, 62
- 2.4 GHz (802.11b), 421–422
- 2.4 GHz (802.11g), 422–423
- 2.4 GHz/5 GHz (802.11n), 425
- 2G, 418
- two-post racks, 711, 712
- TX/RX (Transmit and Received) Reversed, 751, 785
- TXT (DKIM) record, 156
- TXT (SPF) record, 156
- Type 1 hypervisor, 699
- Type 2 hypervisor, 699
- Type field, 108
U
- UC (unified communications), 694
- UDP (User Datagram Protocol), 38, 157, 205, 207–210, 670
- ultra physical contact (UPC), 67–68
- unbounded media issues (wireless), 786–791
- unicast addresses, 242, 243, 691
- unicast packets, 867
- unified communications (UC), 694
- unified threat management (UTM) devices, 166
- unintentional/friendly DoS, 585
- uninterruptible power supply (UPS), 489, 490–491, 542, 710
- Universal Serial Bus (USB), 75–76
- Unix, BSD version of, 189
- unknown protocols, 867
- unknown unicast flood blocking (UUFB), 398–399
- unknown unicast flood rate-limiting (UUFRL), 398–399
- unmanaged switches, 137, 394
- unreliable protocol, 207
- unshielded twisted-pair (UTP) cable
- about, 672, 748
- categories of, 63–65
- connecting, 65–66
- defined, 62
- for Ethernet, 109
- gigabit wiring of, 82
- untested updates, 789
- UPC (ultra physical contact), 67–68
- UPS (uninterruptible power supply), 489, 490–491, 542, 710
- uptime, 498, 691, 738
- US Environmental Protection Agency (EPA), 544–545
- USB (Universal Serial Bus), 75–76
- User Datagram Protocol (UDP), 38, 157, 205, 207–210, 670
- UTM (unified threat management) devices, 166
- UTP. See unshielded twisted-pair (UTP) cable
- UUFB (unknown unicast flood blocking), 398–399
- UUFRL (unknown unicast flood rate-limiting), 398–399
V
- VA (volts ampere), 493
- variable-length subnet mask (VLSM), 244, 266, 333–335
- vendor assessment, 575
- vendor documentation, 676
- very high throughput (VHT), 426
- VHT (very high throughput), 426
- video applications, 690–691
- video teleconferencing (VTC), 687
- virtual circuit, 38
- virtual desktops, 631, 701
- virtual firewall, 700
- virtual IP address, 241
- virtual LANs (VLANs)
- about, 173–174
- changing default, 613
- hopping, 589–590
- incorrect, 798
- private, 609–610
- virtual local area network (VLAN). See also Layer 2 switching
- about, 173–174, 382–386, 405–406
- changing default, 613
- dynamic, 388
- exam essentials, 406
- hopping, 589–590
- identifying, 388–392
- incorrect, 798
- memberships, 387
- private, 609–610
- quality of service (QoS), 386–387
- review questions, 408–411, 921–922
- static, 387–388
- trunking protocol, 392–401
- written lab, 406–407, 895–896
- virtual MAC address, 348, 549–551
- Virtual Network Computing (VNC), 630–631
- virtual network interface card (vNIC), 24, 700
- virtual networking
- about, 24, 697–698
- components, 698–702
- on site vs off site, 698
- storage area networks (SANs), 702–703
- virtual PBX, 701–702
- Virtual Private Network (VPN)
- clientless, 627
- client-to-site, 626–628
- as a connectivity option, 705
- site-to-site, 626
- Virtual Router Redundancy Protocol (VRRP), 345, 350–351, 548–553, 697
- virtual routers, 700
- virtual servers, 699
- virtual switch (vSwitch), 24, 700
- virtual terminals, 394
- viruses
- about, 594–595
- boot-sector, 597
- checking for, 818
- file, 596
- macro, 596–597
- multipartite, 597–598
- VLAN. See virtual local area network (VLAN)
- VLAN Management Policy Server (VMPS), 388
- VLAN Trunking Protocol (VTP)
- about, 392–393
- IP addresses and, 394–396
- modes of operation, 393–394
- VLSM (variable-length subnet mask), 244, 266, 333–335
- VMPS (VLAN Management Policy Server), 388
- VMware Remote Console, 706
- VNC (Virtual Network Computing), 630–631
- vNIC (virtual network interface card), 24, 700
- voice access ports, 389
- voice gateway, 133
- Voice over Internet Protocol (VoIP), 690
- voice security information and event management (vSIEM), 480, 576
- VoIP (Voice over Internet Protocol), 690
- VoIP endpoint, 152, 166
- VoIP gateway, 152, 166
- VoIP PBX, 152, 165
- VoIP phone, 133, 167
- voltage event recorder (power), 763–764
- volt/ohm meter (VOM), 757–758
- volts ampere (VA), 493
- VOM (volt/ohm meter), 757–758
- VPN. See Virtual Private Network (VPN)
- VPN concentrator headend, 152, 164–165
- VPN headend, 133
- VRRP (Virtual Router Redundancy Protocol), 345, 350–351, 548–553, 697
- vSIEM (voice security information and event management), 480, 576
- vSwitch (virtual switch), 24, 700
- VTC (video teleconferencing), 687
- VTP. See VLAN Trunking Protocol (VTP)
- vulnerabilities
- assessment of, 574
- categories of, 562–563
W
- walls, signal degradation and, 438
- WAN. See wide area network (WAN)
- WAP (wireless access point), 429
- war driving, 454–455
- warm sites, 545
- wave motion detector, 640
- waveform, 50
- wavelength
- about, 99–100
- mismatch, 786
- wavelength-division multiplexing (WDM), Ethernet over, 117
- web proxy server, 161
- web server, 7
- well-known port numbers, 209
- WEP (wired equivalent privacy), 444, 455–457
- wide area network (WAN)
- about, 9–10
- troubleshooting, 781
- wide local area network (WLAN)
- installing and configuring hardware, 441–447
- location-based, 450
- WiFi 6 (802.11ax), 426–427
- Wi-Fi Alliance, 416, 426
- Wi-Fi analyzers, 827
- Wi-Fi Protected Access (WPA), 444, 458, 459–462
- windowing, Transport layer and, 41–42
- Windows, enabling Telnet in, 877–878
- Windows Internet Naming Service (WINS), 153
- Windows Server 2019, 477
- WINS (Windows Internet Naming Service), 153
- wire crimper, 763
- wire tapping, 77
- wired equivalent privacy (WEP), 444, 455–457
- wireless access point (WAP), 429
- wireless antennas, 431–432
- wireless channel, for network interface card (NIC), 444
- wireless client isolation, 619
- wireless controllers, 434–436
- wireless LAN controller (WLC), 143, 452
- wireless network interface card (NIC), 430
- wireless networking
- about, 415–417, 462
- cellular technologies, 418–419
- components, 428–432
- 802.11 standards, 419–428
- exam essentials, 462–463
- installing, 432–447
- review questions, 465–468, 922–923
- security, 451–462
- site survey, 447–451
- written lab, 464, 896
- wireless range extender, 133, 143
- wireless security, 618–621
- wireless standard, 789
- wireless threats, 451–455
- wire-map testers, 754
- wiring
- diagrams for, 525–526
- installing distributions, 85–87
- schematics for, 671–672
- security and, 516
- standards for, 78–85
- WLAN. See wide local area network (WLAN)
- WLAN Association (WLANA), 416
- WLC (wireless LAN controller), 143, 452
- Word (Microsoft), Application layer and, 37
- workgroup, 4
- workstations
- auto-detecting by, 101
- carrier sense multiple access with collision detection (CSMA/CD) and, 97–98
- network, 6, 8–9
- troubleshooting, 781
- worm, 594
- WPA (Wi-Fi Protected Access), 444, 458, 459–462
- WPA2 pre-shared key, 459–462
- WPA3-SAE encryption, 460
- written lab
- attacks, 601, 899
- availability, 740, 901
- cable connectivity, 766, 902
- connectors, 88, 889
- data center architecture, 720, 901
- documents and policies, 530, 897–898
- Ethernet, 119–123, 889–891
- hardening techniques, 622, 899–900
- high availability, 556, 898
- Internet Protocol (IP), 225, 892–893
- IP address, 255–256, 299, 893–894
- IP routing, 320, 895
- Layer 2 switching, 406–407, 895–896
- Network Address Translation (NAT), 299, 894
- networking devices, 180, 891–892
- networks, 25, 888
- Open Systems Interconnection (OSI) model, 52, 888
- performance metrics/sensors, 499–500, 896–897
- physical security, 648, 900
- remote access security, 632–633, 900
- routing, 360, 895
- security, 577, 898–899
- software tools and commands, 880, 903
- subnetting, 299, 894, 943–945
- troubleshooting, 819–820, 902
- virtual local area network (VLAN), 406–407, 895–896
- wireless networking, 464, 896
Z
- Zero Trust concept, 564
- zero-day attacks, 563, 598
- zone updates, 157
- Z-Wave, 440–441
..................Content has been hidden....................
You can't read the all page of ebook, please click
here login for view all page.