Note to the Reader: Throughout this index boldfaced page numbers indicate primary discussions of a topic. Italicized page numbers indicate illustrations.

A

• A records, 149
• A+B power, 827
• AAA (Authentication, Authorization, and Accounting)
  • RADIUS, 470
  • TACACS+, 471, 471
• aaa authentication command, 371
• AAA records, 151
• AAAA records, 149–150
• ABRs (area border routers), 318, 318
• absorption in wireless networks, 749
• acceptable-use policies (AUPs), 797
• access control. See authentication and access control
• access control lists (ACLs)
  • firewalls, 549–551, 549
  • misconfigured, 511
  • overview, 442–443, 442
  • policies, 524
  • troubleshooting, 760
• Access Point mode, 415
• access points (APs)
  • description, 138, 138
  • evil twin, 506
  • overview, 401–402, 401
  • rogue, 422, 505
  • site surveys, 418–420, 419
  • war driving, 504
  • wireless controllers, 407
  • wireless network configuration, 414–417, 416-417
• access ports for VLANs, 364–365, 366
• access rate in Frame Relay, 616
• account lockouts for passwords, 464
• accounts. See user accounts
• acknowledgments in OSI model, 38–39, 39
• ACLs. See access control lists (ACLs)
• acoustical motion detectors, 531
• active detection, 513
• active routers in HSRP, 321
• active timers in HSRP, 325
• ActiveX attacks, 507
• activity LEDs, 130
• Activity Monitor, 711, 711
• ad hoc wireless networks, 405, 406, 423
• Adaptive Security Appliance (ASA), 695, 696
• add option in route command, 661
• address learning in switches, 348–350, 349–350
• Address Resolution Protocol (ARP)
  • ARP inspection, 373
  • ARP table, 651
  • arp utility, 651–654
  • caches
    • in IP routing, 284, 288
    • poisoning, 492–493
  • overview, 195–197, 196, 650–651
  • troubleshooting, 768
• addresses
  • Ethernet specifications, 99–106, 103–104
  • Internet Protocol. See IP addresses
  • MAC. See MAC addresses
• adjacencies in OSPFv3, 334
• administrative distances (ADs) in routing protocols, 303–305
• administrator training, 525
• ADSL (Asymmetric Digital Subscriber Line), 456, 609
• Advanced Research Projects Agency, 177–178
• AES (Advanced Encryption Standard)
  • overview, 453
  • wireless networks, 430–431
• AES-CCMP (AES-Counter Mode CBC-MAC Protocol), 429
• agents in Network Access Control, 475–476
• aggregate rate in Ethernet, 98
• air-conditioning systems, 805
• air flow for device placement, 827
• AirMagnet Survey tool, 421
• aisles, hot/cold, 802, 803, 827
• alert systems, 804
• alias records, 151
• Amazon Web Services (AWS), 824
• analog modems, 156–157, 156
• Angled Physical Contact (APC) fiber-optic cable, 65, 66
• anomaly-detection IDSs (AD-IDSs), 566
• anonymous FTP, 180, 678–679
• anonymous user accounts, 460
• Ant+ protocol, 412
• antennas
  • 2.4 GHz/5 GHz, 398
  • wireless networks, 403–404, 748
• Anthrax virus, 499
• anti-malware software
  • cloud/server based, 533
  • configuration backups, 534
  • host based, 533
  • infected computers, 536
  • overview, 532
  • scans, 535–536
  • updates, 534–535
• anycasts, 222, 225
• APIPA (Automatic Private IP Addressing), 187, 218
• AppleTalk, 448
• Application layer
  • attacks, 507
  • firewalls, 558–559
  • OSI model, 32
• application protocol based IDSs (APIDSs), 137
• application servers, 6
• application-specific integrated circuits (ASICs)
  • Data Link layer, 166
  • multilayer switches, 147
  • switches, 346–347
• applications
  • logs, 709
  • misconfigured, 511
• approval process in change management, 833
• APs. See access points (APs)
• archives, 815–816
• area border routers (ABRs), 318, 318
• ARP. See Address Resolution Protocol (ARP)
• arp command, 263, 289
• ARPAnet, 177–178
• .arts domain, 148
• ASBRs (autonomous system border routers), 318
• ASCII files with File Transfer Protocol, 680
• ASICs (application-specific integrated circuits)
  • Data Link layer, 166
  • multilayer switches, 147
  • switches, 346–347
• assets
  • critical, 583
  • disposal, 530, 798
  • managing, 794
  • tracking tags, 531–532
• Assured Forwarding (AF) in DSCP, 812
• Asymmetric Digital Subscriber Line (ADSL), 456, 609
• ATM (Asynchronous Transfer Mode), 622–623
• attenuation in cables, 74, 107, 742
• audits, 463, 517
• AUPs (acceptable-use policies), 797
• authentication and access control
  • AAA, 470–471, 471
  • access control lists, 442–443, 442
  • backdoor access, 509
  • certificates, 466–467
  • CHAP, 473–474, 473
  • EAP, 474
  • encryption, 451–455, 453–454
  • exam essentials, 477
  • hashes, 474
  • Kerberos, 469, 470
  • LDAP, 466
  • Link Control Protocol, 619
  • local, 466
  • MD5 message-digest algorithm, 474
  • multifactor, 467
  • Network Access Control, 472–473, 475–476
  • network controllers, 472
  • passwords, 461–466
  • PKI, 431–432, 468–469, 468–469
  • PPP, 620–621
  • remote access, 455–458, 456, 458
  • review questions, 479–482
  • Secure Hash Algorithm, 475
  • security filtering, 441
  • security issues, 495–496
  • summary, 476–477
  • tunneling. See tunneling
  • unified voice services, 472
  • user accounts, 458–461
  • VLAN Trunking Protocol, 371
  • web services, 472
  • wireless networks, 427–429, 428, 505
  • written lab, 477–478
• Authentication, Authorization, and Accounting (AAA)
  • RADIUS, 470
  • TACACS+, 471, 471
• Authentication Headers (AHs) in IP Security, 449, 450
• authenticators in IEEE 802.1X, 473
• authorized downtime in change management, 834
• auto-detect mechanisms in Ethernet, 98
• AutoCAD program for documentation, 791
• autoconfiguration of IPv6 addresses, 226–227, 226, 327, 328
• automatic account lockouts, 464
• automatic IPv6 tunneling, 330–331
• Automatic Private IP Addressing (APIPA), 187, 218
• automatic updates, 526–527, 526
• autonomous system border routers (ASBRs), 318
• autonomous systems (ASs)
  • Border Gateway Protocol, 314–315, 314
  • description, 302
  • EIGRP, 312
  • IP routing, 291–292
  • Open Shortest Path First, 318, 318
• autorooters, 507
• availability in CIA triad, 800
• awareness, end user, 582–583
• AWS (Amazon Web Services), 824

B

• back-off algorithms
  • CSMA/CA, 139–140
  • CSMA/CD, 141
  • jam signals, 96
• backbones
  • collapsed, 344
  • network, 20, 21
• backdoors, 508–509
• background checks, 520
• backup hosts in CARP, 816
• backup routes in EIGRP, 313
• backups
  • battery, 582
  • configuration, 534
  • optimization, 815–816
  • security policies, 521
  • snapshots, 581
• badges, 520
• bandwidth
  • routing protocols, 303
  • saturation, 745
  • speed testers, 701–702
  • throttling, 814
  • wide area networks, 600–601
• Bandwidth on Demand Interoperability Group (BONDING), 614
• banner grabbing, 509–510
• bare metal hypervisors, 819
• barriers
  • physical security, 573–574, 574
  • signal degradation, 410
• baseband, 96
• baselines, 702, 795–796
• Basic Analysis and Security Engine (BASE), 696
• Basic Rate Interface (BRI), 613
• basic service areas (BSAs), 406
• basic service set identifiers (BSSIDs), 746–747
• basic service sets (BSSs), 406–408, 406
• battery backups, 582
• baud rates, 97
• Baudot, Jean-Maurice-Émile, 97
• beacons in war driving, 504
• Bearer (B) channels in ISDN, 614
• bend radius limitations in fiber cable, 745
• bent pins in cables, 744
• Berkeley Software Distribution (BSD) Unix, 178
• BGP (Border Gateway Protocol), 314–315, 314
• bidirectional communication in fiber-optic cable, 67, 67
• binary code, 3
• binary files with FTP, 680
• binary notation
  • conversions, 100–103
  • IP addresses, 211
• binding, 29
• biometric systems, 576
• bit rates in Ethernet, 97
• bits, 100, 210
• .biz domain, 148
• black boxes, 547
• Blatand wireless networks, 410–411
• blind tests, 586
• block acknowledgment in 2.4 GHz/5 GHz, 398
• blocked ports
  • Spanning Tree Protocol, 355
  • troubleshooting, 760, 760
• Bluejacking attacks, 506
• Bluesnarfing attacks, 506
• Bluetooth technology
  • attacks, 506
  • personal area networks, 605
  • wireless networks, 410–411
• BNC connectors, 59, 59
• bonding in VLAN Trunking Protocol, 375–376, 375
• boot-sector viruses, 498
• Bootstrap Protocol (BootP), 186–188
• Border Gateway Protocol (BGP), 314–315, 314
• botnets, 487, 488
• bottlenecks
  • baselines, 702, 796
  • cables, 744
• bottom-up troubleshooting approach, 761–762
• bounce in wireless networks, 748
• BPDU Guard, 374
• BPDUs (Bridge Protocol Data Units), 355
• BPL (Broadband over Power Line), 112–113, 112–113
• BRI (Basic Rate Interface), 613
• Bridge Protocol Data Units (BPDUs), 355
• bridges
  • Data Link layer, 166–167, 166
  • first use of, 345
  • overview, 131, 131
  • SOHO networks, 162–163
  • vs. switches, 348
• Bridging mode in access points, 415
• Bring Your Own Device (BYOD) initiatives, 796–797
• Broadband over Power Line (BPL), 112–113, 112–113
• broadband services
  • cable modems, 610–611, 610
  • Digital Subscriber Line, 608–609
  • Ethernet specifications, 96
  • metropolitan-area Ethernet, 611
  • overview, 607–608, 608
• broadcast domains
  • overview, 94–95
  • SOHO networks, 160, 164
  • VLANs, 359
• broadcast storms, troubleshooting, 768–769
• broadcasts
  • Address Resolution Protocol, 196
  • addresses, 211
  • distance vector routing protocols, 309
  • IPv4 addresses, 219
  • switches, 352–353
• brute force attacks, 494
• BSAs (basic service areas), 406
• BSD (Berkeley Software Distribution) Unix, 178
• BSSIDs (basic service set identifiers), 746–747
• Buffer Full message in ICMP, 195
• buffers
  • flow control, 36, 36
  • overflow, 503
• building layout in emergency procedures, 804
• Bureau of Industry and Security, 451
• burned-in-addresses (BIAs), 104
• bursts in Frame Relay, 616
• bus topologies, 12–13, 12
• business continuity, 579–580
• business documents, 799
• butt sets, 721–722, 721
• BYOD (Bring Your Own Device) initiatives, 796–797
• bytes, 100, 210
• bytes statistic in netstat, 672

C

• .ca domain, 148
• cable modems, 607, 610–611, 610
• cable strippers, 723, 723
• cable trays, 828, 828
• cables
  • coaxial, 58–60, 58–59
  • crossover, 78–82, 78–81
  • distance, 74
  • duplex, 74
  • fiber-optic, 64–69, 66–69
  • frequency, 75
  • managing, 826
  • noise immunity, 74–75
  • quality, 19
  • rolled, 80
  • serial, 72, 72–73
  • straight-through, 77–78, 77
  • testers, 712–713, 713
  • transmission speeds, 73–74
  • troubleshooting, 740–745, 772–773
  • twisted-pair, 60–64, 63–64
• caches
  • Address Resolution Protocol, 651
  • firewalls, 558
  • IP routing, 284, 288
  • poisoning, 492–493
• caching engines, 815
• caching proxy servers, 155
• call setup in TCP, 188
• callback in PPP, 619
• cameras
  • IP, 576
  • security policies, 520
• campus area networks (CANs), 21
• canonical name (CNAME) records, 151
• capacitance motion detectors, 531
• capacity in wireless network site surveys, 418–420, 419
• captive portals, 476
• CARP (Common Address Redundancy Protocol), 816–817
• Carrier Sense Multiple Access with Collision Avoidance (CSMA/CA)
  • 2.4 GHz, 395, 395
  • overview, 139–140
• Carrier Sense Multiple Access with Collision Detection (CSMA/CD)
  • cables, 743
  • hubs, 130
  • overview, 95–96, 95, 140–141
• carrier signals in OSI model, 46–47
• CAs (certificate authorities), 432, 468, 468
• categories of twisted-pair cable, 61–62, 62, 64
• .cc domain, 148
• CCTV (closed circuit television) cameras, 576
• cd command in File Transfer Protocol, 680
• CDMA (code division multiple access), 393, 612
• CDPCP (Cisco Discovery Protocol Control Protocol), 619
• cells in Asynchronous Transfer Mode, 622–623
• cellular technologies, 612
• central office (CO), 598
• centralized WANs, 9
• certificate authorities (CAs), 432, 468, 468
• certificates
  • authentication, 466–467
  • PKI, 431–432, 468–469, 468–469
  • troubleshooting, 759, 759
  • VPN concentrators, 571
• certification testers, 716–717
• chain of custody for evidence, 516
• chains in iptables, 646
• Challenge Handshake Authentication Protocol (CHAP)
  • credentials transmission, 501
  • overview, 473–474, 473
  • Point-to-Point Protocol, 620
• change management
  • approval process, 833
  • authorized downtime, 834
  • documentation, 833–834
  • maintenance window, 834
  • notifications, 833–834
  • policies, 798
  • procedures, 832–834
• change option for route command, 661
• changes, troubleshooting, 750–751
• channel service unit/data service unit (CSU/DSU), 45, 596–597
• channels
  • access points, 415
  • unencrypted, 501
  • utilization, 711, 712
  • wireless networks, 746
• CHAP (Challenge Handshake Authentication Protocol)
  • credentials transmission, 501
  • overview, 473–474, 473
  • Point-to-Point Protocol, 620
• CIA triad, 800
• CIDR (Classless Inter-Domain Routing), 241–243
• cipher locks, 577
• CIR (committed information rate), 616–617
• circuit switching, 600
• circuits
  • labeling, 832
  • power management, 827
• Cisco Discovery Protocol Control Protocol (CDPCP), 619
• Cisco Unified Wireless Network (CUWN), 423
• cladding for multimode fiber, 65
• Class A network addresses
  • overview, 213–214
  • subnets, 888–893
• Class B network addresses
  • overview, 214–215
  • subnets, 253–260
• Class C network addresses
  • overview, 215–216
  • subnets, 243–253, 246–247
• Class D network addresses, 216, 219–220
• Class E network addresses, 216
• Class of Service (COS), 812–813
• Class Selector in DSCP, 812
• classes of routing protocols, 305–306
• classful routing in RIP, 308
• Classless Inter-Domain Routing (CIDR), 241–243
• classless network design, 310, 310
• classless routing in RIP, 308
• clean-desk policies, 518, 797
• clearing assets, 530
• client mode in denial of service, 424
• client-server networks, 11, 11
• client-to-site VPNs, 446
• clients
  • description, 5
  • Teredo, 332
  • VLAN Trunking Protocol, 369
• closed circuit television (CCTV) cameras, 576
• closets, 575
• clouds
  • anti-malware software, 533
  • concepts, 823–824
  • DNS, 153–154
  • and local resources, 825
  • virtual networking, 817
• CNAME (canonical name) records, 151
• Coarse Wavelength Division Multiplexing (CWDM), 604–605
• coaxial cable, 58–60, 58–59
• code division multiple access (CDMA), 393, 612
• cold aisles, 802, 803, 827
• cold sites, 580
• collapsed backbones, 344
• collision domains
  • bridges, 131, 131
  • overview, 94
  • SOHO networks, 160, 160, 162–165
  • switches, 132
• collision lights, checking, 737
• collisions
  • cables, 743
  • CSMA/CD. See Carrier Sense Multiple Access with Collision Detection (CSMA/CD)
  • mesh topologies, 16
• colons (:) in IPv6 addresses, 223
• .com domain, 148
• committed information rate (CIR), 616–617
• Common Address Redundancy Protocol (CARP), 816–817
• common names (CNs), 466
• communications satellites (comsat), 606, 606
• community clouds, 824
• company security policies, 629
• Compaq, 354
• compliance in network segmentation, 808
• compressed air, 803
• compression in Link Control Protocol, 619
• concentrators, VPN, 571–572, 571
• confidentiality in CIA triad, 800
• configuration
  • backups, 534
  • change management, 833
  • logical security, 577–578, 577–578
  • misconfiguration issues, 510–511
  • troubleshooting, 771–772
  • wireless network errors, 746–748
• congestion causes, 160
• connection-oriented communication, 34–35, 34
• Connectionless Network Service (CLNS), 319
• connectionless protocols, 190
• connections
  • limiting for user accounts, 460–461
  • T-series, 601–603
  • TCP/IP, 669–676, 671
  • UTP cable, 62–64, 63
  • wide area networks, 599–600, 599
• connectivity
  • virtual networking, 824
  • wide area networks, 624, 624
• connectivity devices. See networking devices
• connectivity software, 639–640, 639
• connectors, fiber cable, 66–67, 66–67, 744
• console routers for remote access, 457
• content filtering
  • appliances, 156, 156
  • firewalls, 562
• Content Security and Control Security Services Module (CSC-SSM), 561
• contention methods
  • CSMA/CA, 139–140
  • CSMA/CD, 140–141
• context awareness in firewalls, 563
• continuity testers, 715
• contracts in traffic shaping, 814
• Control and Provisioning of Wireless Access Points (CAPWAP), 408
• controllers, wireless, 407–408, 408
• converged networks, 283
• converged routing tables, 307, 307
• convergence in STP, 356–357, 357
• converters, power, 827
• coordinated attacks, 489
• copper line drivers, 597
• copy-on-write snapshots, 581
• CPE (customer premises equipment), 596
• CPU statistics in SNMP, 705
• crackers, 506
• CRC (cyclic redundancy check)
  • Ethernet frames, 104
  • IP routing, 287
  • packets, 199, 284
• crimpers, 723, 723
• critical assets, 583
• critical nodes, 583
• cross-site scripting, 494
• crossover cables
  • diagrams, 788, 789
  • overview, 78–79, 78–79
  • T1, 80–81, 80
• crosstalk
  • cable categories, 62, 107
  • description, 742
  • twisted-pair cable, 61
• CSMA/CA (Carrier Sense Multiple Access with Collision Avoidance)
  • 2.4 GHz, 395, 395
  • overview, 139–140
• CSMA/CD (Carrier Sense Multiple Access with Collision Detection)
  • cables, 743
  • hubs, 130
  • overview, 95–96, 95, 140–141
• CSU/DSU (channel service unit/data service unit), 45, 596–597
• customer premises equipment (CPE), 596
• customer satisfaction in broadband services, 607
• cyclic redundancy check (CRC)
  • Ethernet frames, 104
  • IP routing, 287
  • packets, 199, 284

D

• DAP (Directory Access Protocol), 466
• data acquisition servers, 806
• data collection in forensics, 515–516
• data communication equipment (DCE), 45
• data encapsulation. See encapsulation
• Data Encryption Standard (DES), 452
• Data field in Ethernet frames, 105
• data frames in Data Link layer, 43
• Data Link Connection Identifiers (DLCIs), 617–618
• Data Link layer
  • Ethernet specifications, 99–106, 103–104
  • OSI model, 42–45, 43
  • switches and bridges, 166–167, 166
• Data Loss Prevention (DLP) software, 798
• Data over Cable Service Interface Specifications (DOCSIS), 610
• data packets in Network layer, 40
• data terminal equipment (DTE), 45
• data transport in forensics, 516
• Datagram Transport Layer Security (DTLS), 447
• datagrams
  • Protocol Data Units, 199
  • Simple Network Management Protocol, 785
• DB-25 connectors, 72
• dBd (decibel dipole) rating for antennas, 403
• dBi (decibel isotropic) rating for antennas, 403
• DCE (data communication equipment), 45
• de-encapsulation, 199
• dead zones in protocol switching, 554, 555
• deauthentication, wireless, 505
• DEC (Digital Equipment Corporation), 354
• decibel dipole (dBd) rating for antennas, 403
• decibel isotropic (dBi) rating for antennas, 403
• decimal conversions, 100–103
• dedicated lines, 599–600
• default administrative distances, 304–305
• default Border Gateway Protocol routes, 314
• default gateways
  • IP routing, 283, 287
  • troubleshooting, 756–757
  • VLAN Trunking Protocol, 371
• default passwords, 496
• default subnet masks, 241–242
• definition files for anti-malware software, 535
• degaussing media, 530
• delay in Quality of Service, 811
• delete option in route command, 661
• delivery protocols for tunneling, 444
• Delta (D) channels in ISDN, 614
• deluge fire-suppression systems, 805
• demarc/demarc extensions, 84
• demarcation points, 597
• demilitarized zones (DMZs)
  • firewalls, 136, 137, 552–553, 552
  • security policies, 520, 521
• denial of service (DoS) attacks
  • description, 486
  • distributed, 487–489, 488
  • NTP refection, 492
  • permanent, 489
  • Ping of Death, 486
  • reflective/amplified, 491
  • Smurf, 489–490, 490
  • Stacheldraht, 491
  • SYN flood, 490–491, 491
  • unreachable gateways, 486–487, 487
  • wireless networks, 423–424
• Dense Wavelength Division Multiplexing (DWDM), 604
• DES (Data Encryption Standard), 452
• desktops in virtual networking, 821
• Destination Address (DA) field in Ethernet frames, 105
• destination option for route command, 661
• Destination Unreachable message, 195
• destruction of assets, 530
• detection policies, 531–532
• devices. See networking devices
• DHCP. See Dynamic Host Configuration Protocol (DHCP)
• DHCPv6, 227
• diagrams. See schematics and diagrams
• Differentiated Services Code Point (DSCP), 812
• Diffie, Whitfield, 454
• Diffie-Hellman algorithm, 453–454
• Diffusing Update Algorithm (DUAL), 312–313
• dig utility, 655
• digital certificates. See certificates
• Digital Equipment Corporation (DEC), 354
• digital IDs in public-key encryption, 453
• digital subscriber line access multiplexer (DSLAM), 608
• Digital Subscriber Line (DSL) services
  • connections, 63
  • wide area networks, 607–609, 608
• Dijkstra algorithm
  • IS-IS, 319
  • OSPF, 316
• Direct Sequence Spread Spectrum (DSSS), 396
• directed attacks, 507
• directional antennas, 403
• Directory Access Protocol (DAP), 466
• dirty connectors in fiber cable, 744
• disabled ports in STP, 356
• disabling user accounts, 459–460
• disaster recovery, 579
• discards statistic in netstat, 672
• discontiguous networks, 309–312, 309–311
• disk mirroring, 584, 584
• disk striping, 583, 584
• distance vector (DV) routing protocols
  • BGP, 314–315, 314
  • EIGRP, 312–314, 313
  • IP routing, 292, 293
  • overview, 306–307, 306–307
  • RIP, 308–309
  • variable length subnet masks, 309–312, 309–311
• distances
  • administrative, 303–305
  • cables, 74
  • fiber cable, 745
  • signal attenuation, 742
  • signal degradation, 410
  • subnets for, 239
  • wireless networks, 747
• distinguished names (DNs) in X.500, 466
• distortion, recording, 724
• distributed DoS (DDoS) attacks, 487–489, 488
• distributed switching, 354, 354
• distributed WANs, 9
• distribution access control lists, 550
• distribution cable networks, 610
• distribution systems (DSs) in wireless networks, 406, 406
• distributions, wiring, 82–84, 83
• diversity in wireless access points, 401
• divide-and-conquer troubleshooting approach, 762
• DLCIs (Data Link Connection Identifiers), 617–618
• DLP (Data Loss Prevention) software, 798
• DMVPN (Dynamic Multipoint VPN), 621, 621
• DMZs (demilitarized zones)
  • firewalls, 136, 137, 552–553, 552
  • security policies, 520, 521
• DNAT (dynamic NAT), 269
• DNS servers. See Domain Name Service (DNS) servers
• DOCSIS (Data over Cable Service Interface Specifications), 610
• documentation
  • asset management, 794
  • change management, 833–834
  • in forensics, 515
  • IP address utilization, 795
  • schematics and diagrams
    • logical network diagrams, 793, 794
    • overview, 786–787
    • physical network diagrams, 790–793, 791–793
    • wiring schematics, 787–790, 787, 789
  • SNMP, 785–786
  • standard business documents, 799
  • troubleshooting, 769–770
  • vendors, 795
• DoD model
  • Host-to-Host layer protocols, 188–192, 189–191
  • Internet layer protocols, 192–197, 194–197
  • layers overview, 178–179, 178–179
  • process/application layer protocols. See process/application layer protocols
• domain components (DCs) in LDAP, 466
• Domain Name Service (DNS) servers
  • amplification attacks, 491–492, 492
  • dynamic, 153
  • external, 153, 153
  • internal, 153, 153
  • overview, 148–153, 149–153
  • poisoning, 503
  • process/application layer, 185–186
  • third-party, 153–154
  • troubleshooting, 757
  • wide area network issues, 628
• domains
  • broadcast, 94–95, 160, 164, 359
  • collision. See collision domains
  • configuration, 510
  • top-level, 148
• doors
  • access controls, 576–577
  • emergency procedures, 804
  • locks, 520
• DoS attacks. See denial of service (DoS) attacks
• dotted-decimal notation for IP addresses, 211
• double-blind tests, 586
• downgrading vs. upgrading, 528–529
• downloading
  • files, 679–681
  • patches, 527
• downtime
  • change management, 834
  • high availability, 814
• driver updates, 527–528
• drop cables, 788
• dropped packets in Quality of Service, 811
• dry pipe fire-suppression systems, 805
• DSCP (Differentiated Services Code Point), 812
• DSL (Digital Subscriber Line) services
  • connections, 63
  • wide area networks, 607–609, 608
• DSLAM (digital subscriber line access multiplexer), 608
• DSSS (Direct Sequence Spread Spectrum), 396
• DTE (data terminal equipment), 45
• DTLS (Datagram Transport Layer Security), 447
• DTP (Dynamic Trunking Protocol), 364
• DUAL (Diffusing Update Algorithm), 312–313
• dual power supplies, 579
• dual stacks in IPv6 addresses, 228, 332
• dumb terminals, 7
• duplex command, 134–135
• duplex communication
  • description, 74
  • Ethernet specifications, 98–99, 99
  • routers, 134–135
  • troubleshooting, 755–756
  • wide area networks, 625
• duplicate IP addresses, 756
• DV routing protocols. See distance vector (DV) routing protocols
• Dynamic ARP inspection (DAI), 373
• dynamic ARP table entries, 651
• dynamic DNS, 153
• Dynamic Frequency Selection (DFS), 397
• Dynamic Host Configuration Protocol (DHCP)
  • DHCP relay, 145–146, 146
  • overview, 141–145, 142–145
  • process/application layer, 186–188
  • snooping, 372–373
  • troubleshooting, 758–760, 758
• dynamic IP routing, 291–293, 291–293
• Dynamic Multipoint VPN (DMVPN), 621, 621
• dynamic NAT (DNAT), 269
• dynamic packet filtering in firewalls, 555–556, 556
• dynamic routing, 281
• dynamic state lists, 556
• Dynamic Trunking Protocol (DTP), 364
• dynamic VLANs, 364

E

• E3 connections, 603
• EAP. See Extensible Authentication Protocol (EAP)
• EAP Transport Layer Security (EAP-TLS), 432
• EAP-FAST, 431
• EDFAs (erbium-doped fiber amplifiers), 604
• edge control, 476
• eDiscovery, 515
• .edu domain, 148
• EGPs (exterior gateway protocols), 291–293, 302
• EIA/TIA-232-C standard, 619
• EIA/TIA 568B wiring standard, 787, 789
• EIA/TIA Ethernet specifications, 106
• 802.11 standards
  • 2.4 GHz, 395–396, 395–396
  • 2.4 GHz/5 GHz, 398–399
  • 5 GHz, 397–399, 397
  • committees and subcommittees, 393–394
  • comparing, 399–401, 400
  • wireless access points, 401–402, 401
• EIGRP (Enhanced Interior Gateway Routing Protocol), 312–314, 313, 767
• EIGRPv6, 333
• Ekahau Site Survey tool, 421
• electrical safety, 801–802, 801
• electromagnetic interference (EMI), 60–61, 74–75, 743
• electromechanical motion detectors, 531
• Electronic Industries Alliance and Telecommunications Industry Association (EIA/TIA), 62
• electrostatic discharge (ESD), 802
• Emergency Alert System (EAS), 804
• emergency procedures, 804–805
• EMI (electromagnetic interference), 60–61, 74–75, 743
• employees
  • exit interviews, 523
  • threats from, 500
• Encapsulating Security Payload (ESP), 449, 450
• encapsulation
  • GRE, 448–449, 448
  • IEEE 802.1Q, 367
  • OSI model, 45–46
  • overview, 198–201, 198, 200
  • wide area networks, 600
• encryption
  • AES, 453
  • devices, 155–156, 155–156
  • media, 530
  • overview, 451–452
  • PKI, 431–432
  • public-key, 453–455, 453–454
  • symmetrical encryption keys, 452
  • unencrypted channels, 501
  • VPN concentrators, 571
• end user awareness and training, 524–525, 582–583
• endpoints
  • Digital Subscriber Line, 608
  • VoIP, 158
• Enhanced Data Rates for GSM Evolution (EGPRS), 612
• Enhanced Interior Gateway Routing Protocol (EIGRP), 312–314, 313, 767
• environmental factors
  • SOHO networks, 168
  • wireless networks, 748
• environmental monitors, 724–725
• equipment
  • access policies, 519
  • virtual networking, 825–826, 826
• erbium-doped fiber amplifiers (EDFAs), 604
• error messages
  • ICMP, 195–196, 196
  • troubleshooting, 751
• errors
  • Link Control Protocol, 619
  • network monitoring, 721
  • Quality of Service, 811
• errors statistic in netstat, 672
• escalation in forensics, 515
• ESP (Encapsulating Security Payload), 449, 450
• ESSIDs (extended service set identifiers), 746–747
• EtherChannel, 376
• Ethernet cable, 60–62, 62
• Ethernet over MPLS (EoMPLS), 623
• Ethernet specifications, 92
  • bit rates vs. baud rate, 97
  • broadband/baseband, 96
  • broadcast domains, 94–95
  • collision domains, 94
  • CSMA/CD, 95–96, 95
  • Data Link layer, 99–106, 103–104
  • duplex, 98–99, 99
  • Ethernet over HDMI, 113, 114
  • Ethernet over Power Line, 112–113, 112–113
  • exam essentials, 115
  • frames, 104–106, 104
  • network basics, 92–94, 93
  • Physical Layer, 106–111, 106
  • review questions, 120–123
  • summary, 114–115
  • wavelength, 97–98, 97
  • written lab, 115–119
• EUI-64 format, 226–227, 226
• European Telecommunications Standards Institute (ETSI), 391, 612
• events
  • collision, 94
  • system logs, 709–710, 710
• evidence collection in forensics, 515–516
• evil twin access points, 506
• Evolved High Speed Packet Access (HSPA+), 612–613
• exit interviews, 523
• Expedited Forwarding (EF) in DSCP, 812
• expiration
  • IP addresses, 757–758
  • passwords, 465
• exploits vs. vulnerabilities, 500
• Export Administration Regulations (EAR), 451
• export controls, 519, 797
• expressions in IPv6 addresses, 222–224, 222
• extended access control lists, 551
• extended demarcs, 597
• extended service set identifiers (ESSIDs), 746–747
• extended service sets (ESSs), 406–407, 407
• Extensible Authentication Protocol (EAP)
  • description, 474
  • PKI, 431–432
  • PPP, 620–621
  • Remote Access Services, 455
• exterior gateway protocols (EGPs), 291–293, 302
• external DNS, 153, 153
• extranet VPNs, 446

F

• F-type connectors, 58–59
• fail close door systems, 804
• Fast Ethernet, 107
• fault tolerance
  • description, 13
  • high availability. See high availability
  • optimization, 815
• fax servers, 6
• FDM (frequency-division multiplexing), 47
  • FDMA (Frequency-Division Multiple Access) standard, 393
  • FDPs (fiber distribution panels), 67
• feasible successors in EIGRP, 313
• Federal Communications Commission (FCC), 391
• feeder cable, 83
• FHRPs (first hop redundancy protocols), 319–320, 320, 325
• FDPs (fiber distribution panels), 67
• fiber-optic cable
  • APV vs. UPC, 65, 66
  • connectors, 66–67, 66–67
  • issues, 744–745
  • multimode, 65
  • overview, 64–65
  • single-mode, 65
  • small form factor connectors, 68–69, 68–69
  • transceivers, 67, 67
• fiber to coaxial media converters, 70, 71
• fiber to the premises, 605
• Fibre-Channel (FC), 69, 822
• Fibre-Channel over Ethernet (FCoE), 822
• file servers, 6
• File Transfer Protocol (FTP)
  • downloading files, 679–681
  • encryption, 451
  • firewall proxies, 558
  • overview, 677–678
  • port attacks, 508
  • process/application layer, 180
  • scanning services, 561
  • server login, 678–679
  • uploading files, 681–682
  • virtual networking, 824
• files
  • downloading, 679–681
  • hashing, 528
  • integrity monitoring, 524
  • uploading, 681–682
  • viruses, 497–498
• filters
  • content, 156, 156, 562
  • firewalls, 555–556, 556, 562
  • MAC, 443
  • ports, 443
• fingerprints, 576
• fire escape plans, 804
• fire-suppression systems, 805
• firewalls
  • access control lists, 442, 549–551, 549
  • application layer, 558–559
  • challenges, 560
  • content filtering, 562
  • context awareness, 563
  • demilitarized zones, 552–553, 552
  • dynamic packet filtering, 555–556, 556
  • host-based, 548
  • misconfigured, 510–511
  • need for, 507
  • network-based, 548
  • network layer, 559–560
  • NGFW/Layer 7, 159, 560
  • overview, 136–137, 137, 547
  • port security, 551
  • protocol switching, 553–555, 555
  • proxy services, 556–558, 557
  • scanning services, 561–566, 563–565
  • security policies, 520
  • signature identification, 563
  • stateful and stateless, 559–560
  • troubleshooting, 760
  • virtual networking, 820
  • virtual wire vs. routed, 563, 563
  • zones, 564–566, 564–565
• .firm domain, 148
• firmware
  • unpatched, 511
  • updates, 527
• first generation cellular (1G), 612
• first hop redundancy protocols (FHRPs), 319–320, 320, 325
• first responders, 514–515
• 5 GHz standard, 397–399, 397
• flat networks, 359
• flicker, voltage event recorders for, 724
• flood guard, 373, 374
• floors in site surveys, 421
• flow control in Transport layer, 35–37, 36
• fluoroethylenepropylene (FEP) cable covering, 58
• forensic concepts, 514–516
• 40 MHz Channels, 398
• forward chains in iptables, 646
• forward/filter decisions in switches, 351–352, 351
• forward/filter tables in switches, 349–350, 349–350
• forwarding ports in STP, 356
• four-post racks, 828, 829
• fourth generation cellular (4G), 612
• fox and hound wire tracers, 720–721, 720
• FQDNs (fully qualified domain names)
  • DNS servers, 148
  • process/application layer, 185
• Frame Check Sequence (FCS) field
  • data encapsulation, 199
  • Ethernet frames, 105
  • packets, 284
• Frame Relay
  • committed information rate, 616–617
  • DLCI, 617–618
  • overview, 615–616, 615
  • virtual circuits, 617
• frames
  • Data Link layer, 43
  • Ethernet, 104–106, 104
  • packets, 199, 201, 284–288, 285
  • switches, 351
• freestanding racks, 830, 830
• frequency
  • cables, 75
  • wireless networks, 746
• frequency-division multiplexing (FDM), 47
• Frequency Hopping Spread Spectrum, 605
• friendly distributed DoS attacks, 489
• FTP. See File Transfer Protocol (FTP)
• FTP PORT command, 508
• full-duplex communication
  • description, 74
  • Ethernet specifications, 98–99, 99
  • routers, 135
  • Session layer, 33
• fully qualified domain names (FQDNs)
  • DNS servers, 148
  • process/application layer, 185

G

• gateway option in route command, 662
• gateways
  • description, 7
  • encryption, 155
  • IP routing, 283, 287
  • troubleshooting, 756–757
  • unified communications, 813
  • unreachable, 486–487, 487
  • VLAN Trunking Protocol, 371
• GB (gigabytes), 601
• GBICs (gigabit interface converters), 744, 768
• general logs, 709–710, 710
• General Packet Radio Services (GPRS), 612
• General Protection Fault messages, 739
• Generic Routing Encapsulation (GRE) tunnels, 329, 448–449, 448
• geographical distances, subnets for, 239
• geostationary satellite orbits, 606
• GET messages in SNMP, 704–705, 704
• Gigabit Ethernet adapters, 69
• gigabit interface converters (GBICs), 744, 768
• Gigabit Media Independent Interface (GMII), 107
• Gigabit wiring, 79, 80
• gigabytes (GB), 601
• glass in single-mode fiber, 65
• global addresses in NAT, 269
• Global System for Mobile Communications (GSM), 393, 425, 427, 612
• global unicast addresses, 224
• GMII (Gigabit Media Independent Interface), 107
• goodput in 2.4 GHz, 396
• GoToMyPC tool, 639
• .gov domain, 148
• GPRS (General Packet Radio Services), 612
• GRE (Generic Routing Encapsulation) tunnels, 329, 448–449, 448
• grounding, electrical, 801, 801
• groups, configuration, 510
• GSM (Global System for Mobile Communications), 393, 425, 427, 612
• guards
  • benefits, 577
  • security policies, 521
• guest networks, 475
• guests
  • user accounts, 460
  • virtual networking, 818, 818

H

• H.323 protocol
  • description, 183
  • video teleconferencing, 807
• half-duplex communication
  • description, 74, 390
  • Ethernet specifications, 98–99, 99
  • routers, 135
  • Session layer, 33
• half-open scanning, 697
• Halon fire extinguishers, 805
• handshakes
  • connection-oriented communication, 34–35
  • Transmission Control Protocol, 188
• hardware addresses
  • Ethernet specifications, 99–106, 103–104
  • Internet Protocol, 193
  • MAC. See MAC addresses
• hardware installation for wireless networks, 412–417, 413–414, 416–417
• hardware problems vs. software, 738–739
• hardware tools
  • butt sets, 721–722, 721
  • cable strippers, 723, 723
  • cable testers, 712–713, 713
  • certification testers, 716–717
  • continuity testers, 715
  • environmental monitors, 724–725
  • exam essentials, 725–726
  • loopback adaptors, 714, 714
  • metrics, 721
  • multimeters, 718–719, 719
  • OTDRs, 717–718, 718
  • protocol analyzers, 715–716
  • punch-down tools, 722, 722
  • review questions, 727–730
  • security devices, 545–546, 546
  • spectrum analyzers, 719, 719
  • summary, 725
  • time-domain reflectometers, 717
  • tone generators, 720–721, 720
  • voltage event recorders, 723–724
  • wire-map testers, 714–715, 715
  • written lab, 726
• hashes
  • authentication, 474
  • files, 528
• HDLC (High-Level Data Link Control)
  • PPP, 618–619, 618
  • wide area networks, 600
• HDMI, Ethernet over, 113, 114
• HDSL (High Bit-Rate Digital Subscriber Line), 609
• headends in cable networks, 610
• headers in Internet Protocol, 194, 194
• heat
  • environmental monitors, 724–725
  • heating and air-conditioning systems, 805
• heat maps for site surveys, 421, 421
• heating and air-conditioning (HVAC) systems, 805
• Hellman, Martin, 454
• Hello messages in HSRP, 321
• hello packets in link state routing protocols, 316
• hello timers in HSRP, 324, 324
• helper-address command, 146
• heuristic scanning in anti-malware software, 534
• hexadecimal notation
  • conversions, 100–103
  • IP addresses, 211, 223
• hierarchical IP addresses, 211–218, 212
• high availability
  • HSRP, 321–325, 322–324
  • optimization, 814–815
  • overview, 319–321, 320
  • VRRP, 325–326
• high-bandwidth applications, 809–810
• High Bit-Rate Digital Subscriber Line (HDSL), 609
• High-Level Data Link Control (HDLC)
  • PPP, 618–619, 618
  • wide area networks, 600
• histories, password, 465
• history logs, 709–710, 710
• hold timers in HSRP, 325
• honeypots
  • intrusion detection systems, 568–569, 569
  • network segmentation, 807
• hooks in Internet layer protocols, 193
• hop counts
  • distance vector routing protocols, 307–308
  • Network layer, 41
  • routing protocols, 303
• Hops message in ICMP, 195
• Host (A) records, 149
• host addresses, 212
• host based anti-malware software, 533
• host-based firewalls, 548, 760
• host-based IDSs (HIDSs), 137, 569
• Host-to-Host layer protocols, 188
  • DoD model, 178
  • key concepts, 190–191
  • port numbers, 191–192, 191
  • Transmission Control Protocol, 188–189, 189
  • User Datagram Protocol, 189–190, 190
• host-to-host VPNs, 446
• hostname command, 657
• hosts
  • CARP, 816
  • description, 5
  • forward/filter tables, 350, 350
  • overview, 7
  • router advertisements, 327
  • virtual networking, 818, 818
• HOSTS file, 148
• Hosts table, 656–657
• hot aisles, 802, 803, 827
• hot sites, 580
• hot spots, 409–410, 409
• Hot Standby Router Protocol (HSRP)
  • overview, 321–322, 322
  • timers, 324–325, 324
  • virtual MAC addresses, 322–323, 323
  • vs. VRRP, 326
• hotfixes
  • downloading, 527
  • overview, 525–526
  • Windows Update, 526–527, 526
• HSRP. See Hot Standby Router Protocol (HSRP)
• hubs
  • description, 4
  • overview, 130–131, 130
  • Physical layer, 167–168, 168
  • SOHO networks, 160, 160
  • VLANs, 359, 359
• humidity
  • environmental monitors, 724–725
  • SOHO networks, 168
• hybrid clouds, 824
• hybrid firewalls, 558
• hybrid IP routing, 293, 293
• hybrid protocols, 305–306, 312
• hybrid topologies, 15, 18, 18
• Hypertext Transfer Protocol (HTTP)
  • description, 184
  • proxies for firewalls, 557–558
  • scanning services, 561
• Hypertext Transfer Protocol Secure (HTTPS), 184, 472
• hypervisors in virtual networking, 818–819, 819

I

• IaaS (infrastructure as a service), 824
• IBSSs (independent basic service sets), 405–406, 406
• ICA (Independent Computing Architecture), 457
• ICMP. See Internet Control Message Protocol (ICMP)
• ICSs (Industrial control systems), 806
• IDCs (insulation displacement connectors), 722
• IDFs (intermediate distribution frames), 82, 825–826, 826
• IDSs. See intrusion detection systems (IDSs)
• IEEE 802.1Q standard, 366–367, 367
• IEEE 802.1X standard, 473
• IEEE 802.3 standards, 107–111
• IEEE (Institute of Electrical and Electronics Engineers) wireless network standards, 391
• ifconfig tool, 646
• IGMP (Internet Group Management Protocol), 185
• IGPs (interior gateway protocols), 291–292, 302
• iLO (Integrated Lights-Out) technology, 457, 458
• IMAP (Internet Message Access Protocol), 182
• impedance mismatches in cables, 743
• inbound access control lists, 551
• incident response
  • overview, 514
  • policies, 798
• incorrect channels in wireless networks, 746
• independent basic service sets (IBSSs), 405–406, 406
• Independent Computing Architecture (ICA), 457
• Individual/Group (I/G) address bit, 103
• Industrial control systems (ICSs), 806
• Industrial, Scientific, and Medical (ISM) bands, 391–392
• infected computers, fixing, 536
• InfiniBand standard, 822
• .info domain, 148
• information gathering
  • site surveys, 418
  • troubleshooting, 750
• Information technology – Security Techniques – Code of practice for information security controls, 800
• infrared motion detectors, 531
• infrared (IR) wireless, 395, 411
• infrastructure as a service (IaaS), 824
• infrastructure implementations in wireless networks, 410–412
• infrastructure mode for wireless networks, 107, 406–408, 406
• input chains in iptables, 646
• input queues in wide area networks, 626
• inside addresses in NAT, 270
• insider threats, 500
• installation safety practices, 802–804, 803
• Institute of Electrical and Electronics Engineers (IEEE) wireless network standards, 391
• insulation displacement connectors (IDCs), 722
• .int domain, 148
• Integrated Lights-Out (iLO) technology, 457, 458
• Integrated Services Digital Network (ISDN), 613–615, 806
• integrity in CIA triad, 800
• Inter-Switch Link (ISL), 366
• interface command, 134
• interface configurations for routers, 133–136
• interface errors
  • troubleshooting, 757
  • wide area networks, 624–627
• interfaces in Network layer, 41
• interference
  • cables, 60–61, 74–74, 743
  • electromagnetic, 60–61, 74–75, 743
  • radio frequency, 60, 743
  • signal degradation, 410
  • wireless networks, 745
• interior gateway protocols (IGPs), 291–292, 302
• intermediate distribution frames (IDFs), 82, 825–826, 826
• Intermediate System-to-Intermediate System (IS-IS), 318–319, 319, 767
• internal DNS, 153, 153
• International Computer Security Association (ICSA), 518
• international export controls, 519, 798
• Internet connectivity in wide area networks, 624, 624
• Internet Control Message Protocol (ICMP)
  • error messages, 640
  • IP routing, 283, 287–288
  • maximum transmission units, 768
  • overview, 194–195, 195
• Internet Engineering Task Force (IETF), 177
• Internet Group Management Protocol (IGMP), 185
• Internet layer protocols
  • ARP, 195–197, 196
  • DoD model, 178, 192–193
  • ICMP, 194–195, 195
  • Internet Protocol, 193–194, 194
  • RARP, 197, 197
• Internet Message Access Protocol (IMAP), 182
• Internet of Things (IoT), 412
• Internet Protocol (IP)
  • addressing. See IP addresses
  • data encapsulation, 198–201, 198, 200
  • DoD model, 193–194, 194
  • exam essentials, 202
  • history, 177
  • review questions, 204–207
  • routing. See IP routing
  • summary, 202
  • TCP/IP. See Transmission Control Protocol/Internet Protocol (TCP/IP)
  • written lab, 203
• Internet Protocol Control Protocol (IPCP), 619
• Internet Protocol Security (IPSec), 571
• Internet Security Association and Key Management Protocol (ISAKMP), 450
• Internet Small Computer System Interface (iSCSI), 821–822, 822
• Internetwork Packet Exchange (IPX), 448, 553
• internetworking models, 28
  • advantages, 29–30
  • DoD model. See DoD model
  • layered approach, 29
  • OSI. See Open Systems Interconnection (OSI) model
• internetworks
  • description, 8, 8
  • devices, 39–40
  • routers, 132, 161–163, 163
• Intra-Site Automatic Tunnel Addressing Protocol (ISATAP) tunneling, 331
• intranets
  • description, 8
  • virtual private networks, 446
• intrusion detection security policies, 520
• intrusion detection systems (IDSs)
  • description, 137
  • host-based, 569
  • network-based, 567–569, 567–569
  • overview, 566–567, 567, 695–696, 696
  • unified threat management, 570–571
  • vulnerability scanners, 570
  • wireless networks, 424
• intrusion prevention systems (IPSs)
  • description, 137, 568
  • overview, 695–696, 696
  • wireless networks, 425
• inverse multiplexing, 614
• inverters for power management, 827
• ip address command for routers, 136
• IP address management (IPAM) tools, 146
• IP addresses, 93–94
  • access points, 416–417
  • APIPA, 218
  • ARP, 651–654
  • DHCP servers, 144
  • exam essentials, 230–231
  • FHRPs, 320, 320
  • hierarchical, 211–218, 212
  • Hosts table, 656–657
  • IPv4, 218–220
  • IPv6. See IPv6 addresses
  • name resolution. See Domain Name Service (DNS) servers
  • NAT, 268–272, 268, 270–271
  • network addresses, 212–216
  • nslookup, 654–656
  • private, 216–217
  • review questions, 233–236
  • routers, 136
  • Smurf attacks, 489–490, 490
  • spoofing, 494
  • subnets. See subnets
  • summary, 230
  • switches, 369–371
  • terminology, 210–211
  • troubleshooting, 756–758
    • overview, 260–263, 261
    • problem detection, 263–267, 264–267
  • utilization documentation, 795
  • virtual, 217–218
  • written labs, 231–232
• IP exclusions in DHCP servers, 141
• ip helper-address command, 146
• IP proxies for firewalls, 557
• ip route command, 282
• IP routing
  • basics, 280–283, 281
  • exam essentials, 294
  • example, 289–291, 289–290
  • process, 283–289, 283, 285
  • review questions, 296–299
  • static and dynamic, 291–293, 291–293
  • summary, 294
  • written lab, 294–295
• IP Security (IPSec), 449–450, 450
• IP video systems, 576
• IPAM (IP address management) tools, 146
• ipconfig command, 642–645, 645
• ipconfig /all command
  • IP address troubleshooting, 263, 762, 762
  • problem resolution, 765, 765
  • working with, 643–644
• ipconfig /release command, 637, 645
• ipconfig /renew command, 637, 645
• IPCP (Internet Protocol Control Protocol), 619
• IPSec (Internet Protocol Security), 571
• IPSs (intrusion prevention systems)
  • description, 137, 568
  • overview, 695–696, 696
  • wireless networks, 425
• iptables utility, 646–647
• IPv4 addresses
  • broadcasts, 219
  • multicast, 219–220
  • overview, 218–219
  • unicasts, 219
• ipv6 address autoconfig command, 327
• IPv6 addresses
  • 6to4 tunneling, 228–229, 229
  • benefits and uses, 221–222
  • DHCPv6, 227
  • dual stack, 228, 332
  • EIGRPv6, 333
  • expressions, 222–224, 222
  • migrating to, 227–228
  • need for, 220–221
  • neighbor discovery, 328–329, 328
  • OSPFv3, 333–334
  • overview, 220
  • RIPng, 333
  • router advertisements, 326–327, 327–328
  • routing protocols, 332–334
  • special, 225
  • stateless autoconfiguration, 226–227, 226
  • tunneling, 329–332
  • types, 224–225
• ipv6 unicast-routing command, 332
• IPX (Internetwork Packet Exchange), 448, 553
• IR (infrared) wireless, 395, 411
• iris scans, 576
• IS-IS (Intermediate System-to-Intermediate System), 318–319, 319, 767
• ISAKMP (Internet Security Association and Key Management Protocol), 450
• iSCSI (Internet Small Computer System Interface), 821–822, 822
• ISDN (Integrated Services Digital Network), 613–615, 806
• ISL (Inter-Switch Link), 366
• ISM (Industrial, Scientific, and Medical) bands, 391–392
• ISO 17799 standard, 800
• ISO 19770 standards, 794
• ISO/IEC 27002 standard, 800
• isotropic antennas, 403

J

• J3 connections, 603
• .ja domain, 148
• jamming process, 96, 510
• Jerusalem virus, 497
• jitter
  • cables, 743
  • Quality of Service, 811
• jumbo frames in storage area networks, 822

K

• Kardach, Jim, 411
• Kerberos authentication
  • overview, 469, 470
  • VPN concentrators, 571
• key fobs, 576
• key pairs, 432
• keypads, 577
• keys
  • devices, 528
  • encryption, 451–452
  • symmetrical, 452

L

• L2F (Layer 2 Forwarding) technology, 447–448
• L2TP (Layer 2 Tunneling Protocol), 447–448
• labeling devices, 831–832
• LACP (Link Aggregation Control Protocol), 375–376
• LAN Manager servers, 344
• LAN Speed Test, 702
• LANs (local area networks)
  • description, 3–5, 3–4
  • VLANs. See virtual local area networks (VLANs)
• lasers for single-mode fiber, 65
• last mile, 608
• latched SC connectors, 66
• latency
  • Asynchronous Transfer Mode, 623
  • cables, 742–743
  • sensitivity, 809
  • wireless networks, 747–748
• Layer 2 broadcasts, 219
• Layer 2 Forwarding (L2F) technology, 447–448
• Layer 2 switches, 346–347
  • address learning, 348–350, 349–350
  • vs. bridges, 348
  • distributed switching, 354, 354
  • forward/filter decisions, 351–352, 351
  • limitations, 347–348
  • loop avoidance, 352–353, 353
• Layer 2 Tunneling Protocol (L2TP), 447–448
• Layer 3 broadcasts, 219
• Layer 7 firewalls, 560
• layers
  • internetworking models, 29
  • OSI. See Open Systems Interconnection (OSI) model
• LBSs (location-based services), 427
• lcd command in File Transfer Protocol, 680
• LCP (Link Control Protocol), 618–619, 618
• LDAP (Lightweight Directory Access Protocol), 184–185, 466
• learning ports in Spanning Tree Protocol, 356
• leased lines, 599–600
• LEDs (light-emitting diodes)
  • checking, 736–737
  • network interface cards, 129–130
  • single-mode fiber, 65
• legacy systems
  • network segmentation, 807
  • security, 501
• legal holds in forensics, 516
• Length field in Ethernet frames, 105
• licensing restrictions, 519, 798
• lifting equipment, 802
• light-emitting diodes (LEDs)
  • checking, 736–737
  • network interface cards, 129–130
  • single-mode fiber, 65
• Lightweight Access Point Protocol (LWAPP), 408, 408, 423
• Lightweight Directory Access Protocol (LDAP), 184–185, 466
• line testers, 715
• line voltage event recorders, 723–724
• Link Aggregation Control Protocol (LACP), 375–376
• Link Control Protocol (LCP), 618–619, 618
• link-establishment phase in PPP, 620
• link-local addresses
  • IPv6, 224
  • neighbor discovery, 328
• link state (LS) routing protocols
  • description, 305
  • IS-IS, 318–319, 319
  • IP routing, 292, 293
  • OSPF, 316–318, 318
  • overview, 315–316
• link status for wide area networks, 625
• listening ports in STP, 356
• LLC (Logical Link Control), 43, 43
• LMHOSTS file, 667
• load balancers, 147
• load balancing
  • optimization, 814
  • round-robin, 306
  • routing protocols, 303
• load balancing/failover (LBFO), troubleshooting, 769
• local addresses in NAT, 270
• local area networks (LANs)
  • description, 3–5, 3–4
  • VLANs. See virtual local area networks (VLANs)
• local authentication, 466
• Local Connector (LC), 68
• Local/Global bits (L/G), 104
• local groups configuration, 510
• local loops, 598, 608
• location-based services (LBSs), 427
• location devices in site surveys, 421
• lockouts for passwords, 464
• locks
  • cipher, 577
  • security policies, 520
• logic bombs, 497
• logical addresses, 193
• Logical Link Control (LLC), 43, 43
• logical network diagrams, 793, 794
• logical security configurations, 577–578, 577–578
• logical topologies, 11–12
• login procedures, checking, 735–736
• LogMeIn.com tool, 639, 639
• logs
  • NIDSs, 568
  • server, 709–710, 710
  • syslog, 705–707, 705
• Long Term Evolution (LTE), 613
• Looking Glass (LG) servers, 709, 709
• loop avoidance for switches, 352–353, 353
• loopback adaptors, 714, 714
• low-polar satellite orbits, 606
• ls command in FTP, 680
• LS routing protocols. See link state (LS) routing protocols
• LTE (Long Term Evolution), 613
• LWAPP (Lightweight Access Point Protocol), 408, 408, 423

M

• mac address-table command, 351
• MAC addresses, 93–94
  • 2.4 GHz/5 GHz, 398
  • ARP, 651–654
  • DHCP, 144–145
  • Ethernet specifications, 99–106, 103–104
  • FHRPs, 320
  • flood guard, 373
  • forward/filter decisions, 351–353
  • HSRP, 322–323, 323
  • IP routing, 284
  • IPv6, 226, 226
  • neighbor discovery, 328
  • port security, 372
  • switches, 132
  • troubleshooting, 757
  • VLANs, 364
• MAC forward/filter tables for switches, 349–350, 349–350
• MAC (Media Access Control)
  • Data Link layer, 43, 43
  • filters, 443
  • wireless networks, 426–427
• Mac operating system viruses, 498
• macro viruses, 498
• magnetic fields, 803
• magnetic flux, 75
• mail exchanger (MX) records, 150
• mail relay security policies, 521
• mail scanning services, 561
• mail servers
  • description, 6
  • security policies, 520, 521
• main distribution frames (MDFs), 82, 825–826, 826
• mainframes, 7
• maintenance accounts, 461
• maintenance window in change management, 834
• malicious employees, 500
• malicious users, 501–502
• malware, 497. See also viruses
• man-in-the-middle attacks, 509, 509
• managed switches, 370
• management
  • changes. See change management
  • documentation
    • asset management, 794
    • IP address utilization, 795
    • logical network diagrams, 793, 794
    • physical network diagrams, 790–793, 791–793
    • schematics and diagrams overview, 786–787
    • SNMP, 785–786
    • vendors, 795
    • wiring schematics, 787–790, 787, 789–790
  • exam essentials, 835–836
  • network monitoring. See network monitoring
  • overview, 784
  • review questions, 837–840
  • subnets for, 239
  • summary, 834–835
  • written lab, 836
• Management Frame Protection (MFP), 424
• Management Information Bases (MIBs), 704
• mantraps, 574–575, 575
• manual IPv6 tunneling, 330
• masks, subnet
  • route command, 661–662
  • subnets, 240–241
  • troubleshooting, 757
  • variable length, 309–312, 309–311
• master hosts in CARP, 816
• master license agreements (MLAs), 799
• Materials Safety Data Sheets (MSDSs), 803
• maximum transmission units (MTUs), 756, 768
• MD5 Message-Digest Algorithm, 473–474
• MDFs (main distribution frames), 82, 825–826, 826
• mean time between failures (MTBF), 581
• mean time to repair (MTTR), 581
• mechanical transfer registered jacks (MT-RJs), 68
• media. See physical media; transmission media
• Media Access Control (MAC)
  • Data Link layer, 43, 43
  • filters, 443
  • wireless networks, 426–427
• media converters
  • common, 69–70, 69–71
  • description, 158, 158
• Media Gateway Control Protocol (MGCP), 183
• Media Independent Interface (MII), 107
• medianets, 806
• medium dependent interface/medium dependent interface crossover (MDI/MDI-X) port settings, 741
• meet-in-the-middle attacks, 452
• megabytes (MB), 601
• memberships in VLANs, 363
• memoranda of understanding (MOU), 799
• mesh topologies, 15–16, 15
• Message Analyzer packet sniffer, 693
• Message Integrity Check (MIC), 424
• meters, 718–719, 719
• metrics
  • Network layer, 41
  • network monitoring, 721
  • route command, 662
• metropolitan-area Ethernet, 611
• MFP (Management Frame Protection), 424
• MGCP (Media Gateway Control Protocol), 183
• MIBs (Management Information Bases), 704
• Michelangelo virus, 498
• Microsoft Challenge Handshake Authentication Protocol (MS-CHAP), 455, 474
• microwave radio relay, 605–606
• migrating to IPv6 addresses, 227–228
• MII (Media Independent Interface), 107
• .mil domain, 148
• Mills, David, 184
• MILNET, 178
• MIMO (multiple-input, multiple-output)
  • 2.4 GHz/5 GHz, 398–399
  • 5 GHz, 399
• minimum length of passwords, 462
• Miredo tunneling, 229
• misconfiguration issues, 510–511
• mismatches
  • cables, 743–744
  • wireless network channels, 746
• missing routes, troubleshooting, 767
• misuse-detection IDSs (MD-IDSs), 566, 567
• MLAs (master license agreements), 799
• MLSs (multilayer switches), 147
• mobile devices, on-boarding and off-boarding, 796
• mobile hot spots, 409–410, 409
• mobility, IPv6 addresses for, 221
• modems
  • analog, 156–157, 156
  • cable, 610–611, 610
  • security policies, 521
• modulation
  • OSI model, 46–47
  • wide area networks, 601
• modules, troubleshooting, 768
• molniya satellite orbits, 606
• monitor security policies, 520
• monitoring
  • network. See network monitoring
  • video, 576
• Monkey B virus, 498
• monlist command, 492
• motion detection, 531
• MOU (memoranda of understanding), 799
• MPLS (MultiProtocol Label Switching)
  • description, 9, 9
  • wide area networks, 623
• MS-CHAP (Microsoft Challenge Handshake Authentication Protocol), 455, 474
• MSDSs (Materials Safety Data Sheets), 803–804
• MT-RJs (mechanical transfer registered jacks), 68
• MTBF (mean time between failures), 581
• Mtr command, 657–658
• MTTR (mean time to repair), 581
• MTUs (maximum transmission units), 756, 768
• multicast addresses, 219–220
• multicasts
  • IPv6 addresses, 224
  • real-time services, 810
• multifactor authentication, 467
• multilayer switches (MLSs), 147
• multilink in Link Control Protocol, 619
• multimeters, 718–719, 719
• multimode fiber (MMF), 65
• multimode fiber to Ethernet media converters, 69, 70
• multipartite viruses, 498–499, 499
• multiple approaches in troubleshooting, 761–762
• multiple barrier systems, 574, 574
• multiple floors in site surveys, 421, 421
• multiple-input, multiple-output (MIMO)
  • 2.4 GHz/5 GHz, 398–399
  • 5 GHz, 399
• multiple problems, troubleshooting, 754
• MultiProtocol Label Switching (MPLS)
  • description, 9, 9
  • wide area networks, 623
• MX (mail exchanger) records, 150
• My traceroute command, 657–658

N

• NaaS (network as a service), 821
• NAC (Network Access Control), 472–473, 475–476, 796–797
• NAC (Network Admission Control), 796
• name resolution
  • DNS. See Domain Name Service (DNS) servers
  • Hosts table, 656–657
• names
  • conventions, 832
  • maintenance accounts, 461
  • NAT, 269–270
• NAS (network-attached storage), 823, 823
• NAT. See Network Address Translation (NAT)
• National Fire Protection Association (NFPA), 58
• National Security Agency (NSA), 451, 518
• native hypervisors, 819
• nbtstat utility, 663, 663
  • -A switch, 665
  • -a switch, 663–665, 664
  • -c switch, 665–666, 666
  • -n switch, 666, 666
  • -R switch, 667
  • -r switch, 666–667, 667
  • -S switch, 668, 668
  • -s switch, 668, 668
• NCP (Network Control Protocol)
  • PPP, 618–620, 618
  • TCP/IP replacement for, 177
• NDAs (nondisclosure agreement), 798
• near-end/far-end crosstalk, 62, 742
• near-field communication (NFC), 411–412
• neighbor discovery
  • EIGRP, 312
  • IPv6 addresses, 328–329, 328
• neighbor solicitation messages, 328, 328
• neighbor tables
  • EIGRP, 313
  • link state routing protocols, 316
• Nessus scanners, 570, 585, 585
• .net domain, 148
• netstat utility, 669–671
  • -a switch, 670–672, 671
  • -e switch, 672–673
  • -n switch, 675–676
  • -p switch, 673–674
  • -r switch, 673
  • -s switch, 673
• NetWare servers, 344
• Network Access Control (NAC), 472–473, 475–476, 796–797
• Network Access layer in DoD model, 178
• Network Access Protection, 797
• Network Address Translation (NAT)
  • advantages and disadvantages, 269
  • firewalls, 557
  • names, 269–270
  • operation, 270–272, 270–271
  • overview, 268–269, 268
  • private IP addresses, 216
  • types, 269
  • wireless access points, 402
• network addresses
  • Class A, 213–214
  • Class B, 214–215
  • Class C, 215–216
  • Class D and E, 216, 219–220
  • classes overview, 212–213, 212
  • defined, 211
  • Network layer, 40
  • special purposes, 216
  • subnets. See subnets
• Network Admission Control (NAC), 796
• network as a service (NaaS), 821
• network-attached storage (NAS), 823, 823
• network-based firewalls, 548
• network-based IDSs (NIDSs), 567–569, 567–569
• Network Basic Input/Output System (NetBIOS), 185, 663
• network closets, 575
• Network Control Protocol (NCP)
  • PPP, 618–620, 618
  • TCP/IP replacement for, 177
• network controllers, 472
• network interface cards (NICs)
  • overview, 129–130, 129
  • virtual networking, 820, 820
  • wireless networks
    • configuration, 413–415, 414
    • overview, 402–403, 402
    • network interface devices (NIDs), 84
    • network interface units (NIUs), 84, 597
    • Network layer
      • firewalls, 559–560
      • OSI model, 40–42, 41–42
    • network management stations (NMSs), 704
    • Network Mapper (Nmap) utility
      • functionality, 570
      • overview, 658–659, 659
      • working with, 697–698, 698
    • Network Monitor tool, 637
    • network monitoring, 703–704
      • baselines, 795–796
      • exam essentials, 835–836
      • mobile devices, 796
      • Network Admission Control, 796–797
      • network segmentation, 805–808
      • policies and procedures, 797–799
      • regulations, 799–801
      • review questions, 837–840
      • safety practices, 801-805, 801, 803
      • server logs, 709–710, 710
      • SIEM, 707–708
      • SNMP, 704–705, 704
      • summary, 834–835
      • syslog, 705–707, 705
      • utilization, 710–711, 711–712
      • written lab, 836
    • network monitors, 693–695, 694
    • Network Policy and Access Services (NPAS), 475
    • network reconnaissance, 508
    • network scanners, 693
      • bandwidth speed testers, 701–702
      • IDP software, 695–696, 696
      • packet sniffers, 693–695, 694
      • port scanners, 697–699, 698–699
      • Wi-Fi analyzers, 700–701, 700–701
    • network segments, 20–21, 21
      • implementing, 805–808
      • Protocol Data Units, 198
      • SOHO networks, 160
      • troubleshooting, 740
      • User Datagram Protocol, 190, 190
    • Network Time Protocol (NTP)
      • process/application layer, 184
      • refection attacks, 492
    • network traffic, subnets for, 239
    • networking devices
      • access points, 138, 138
      • analog modems, 156–157, 156
      • bridges, 131, 131
      • common, 128–129
      • contention methods, 139–141
      • DHCP servers, 141–146, 142–146
      • DNS servers, 148–154, 149–153
      • encryption, 155–156, 155–156
      • exam questions, 169–170
      • firewalls, 136–137, 137
      • hardening, 376
      • host-based IDSs, 137
      • hubs, 130–131, 130
      • IDS/IPS, 137
      • internetwork, 39–40
      • IP address management tools, 146
      • keys, 528
      • load balancers, 147
      • media converters, 158, 158
      • multilayer switches, 147
      • network interface cards, 129–130, 129
      • NGFW/Layer 7 firewalls, 159
      • packet shapers, 157, 157
      • placement optimization, 827–832, 828–830
      • proxy servers, 154–155, 154
      • review questions, 171–174
      • routers, 132–136, 133
      • saturation in wireless networks, 745
      • SOHO networks. See SOHO networks
      • summary, 169
      • switches, 131–132, 132
      • unified communications, 813
      • VoIP endpoints, 158
      • VoIP PBX, 158
      • VPN concentrators, 157, 157
      • wireless range extenders, 138
      • written lab, 170
    • networks overview
      • architecture, 9–10
      • client-server, 11, 11
      • peer-to-peer, 10, 10
    • backbones, 20, 21
    • campus area networks, 21
    • components
      • hosts, 7
      • servers, 5–7, 7
      • workstations, 5
    • exam essentials, 22
    • LANs, 3–5, 3–4
    • network description, 2–3, 2
    • review questions, 23–26
    • segments. See network segments
    • storage area networks, 21
    • summary, 21–22
    • topologies
      • physical. See physical topologies
      • selecting, 19–20
    • wide area networks, 7–9, 8–9
    • written lab, 22
  • next-generation firewalls (NGFWs), 159, 560
  • next-hop attributes in OSPFv3, 334
  • NEXT (near-end crosstalk), 62, 742
  • NFC (near-field communication), 411–412
  • NGFWs (next-generation firewalls), 159, 560
  • nibbles, 100
  • NIC Teaming, troubleshooting, 769
  • NICs. See network interface cards (NICs)
  • NIDSs (network-based IDSs), 567–569, 567–569
  • Nimda virus, 497
  • Nmap utility
    • functionality, 570
    • overview, 658–659, 659
    • working with, 697–698, 698
  • no shutdown command, 136
  • noise immunity in cables, 74–75
  • non-unicast statistic in netstat, 672
  • nonces
    • CHAP, 473
    • TKIP, 429
  • nondisclosure agreement (NDAs), 798
  • nonpersistent agents in NAC, 475–476
  • notifications
    • change management, 833–834
    • NIDSs, 568
    • security policies, 519
    • SIEM, 708
  • Novell networks, 344
  • NPAS (Network Policy and Access Services), 475
  • NS records, 151
  • NSA (National Security Agency), 451, 518
  • nslookup utility, 654–656
  • NTP (Network Time Protocol)
    • process/application layer, 184
    • refection attacks, 492

O

• obvious causes, troubleshooting, 754–762, 758–761
• octets, 100, 210
• OFDM (Orthogonal Frequency Division Multiplexing), 396
• off-boarding mobile devices, 796
• off site virtual networking, 817
• omni directional antennas, 403–404
• on-access scans, 536
• on-boarding mobile devices, 796
• on-demand scans, 535–536
• on site virtual networking, 817
• 100Basex networks, 107–109
• 110 blocks, 83, 83
• 1000BaseT wiring, 79, 80
• 1000Basex networks, 108, 110
• one-to-many addresses in IPv6, 224
• open access, 426
• open impedance cable mismatches, 743
• open ports
  • description, 500–501
  • misconfigured, 511
• Open Shortest Path First (OSPF) protocol, 316–318, 318, 767
• Open Systems Interconnection (OSI) model
  • acknowledgments, 38–39, 39
  • Application layer, 32
  • connection-oriented communication, 34–35, 34
  • Data Link layer, 42–45, 43
  • encapsulation, 45–46
  • exam essentials, 48
  • flow control, 35–37, 36
  • internetworking models overview, 28–30
  • layers overview, 30–32, 30–31
  • modulation, 46–47
  • Network layer, 40–42, 41–42
  • Physical layer, 45
  • Presentation layer, 33
  • review questions, 50–53
  • Session layer, 33
  • summary, 47
  • Transport layer, 33–40, 34, 36, 38–39
  • windowing, 37, 38
  • written lab, 48–49
• operating modes for access points, 415
• operating systems, unpatched, 511
• operator errors (OEs), 738
• optical carrier (OC) levels in SONET, 603
• optical line termination (OLT) in PONs, 605
• optical network units (ONUs) in PONs, 605
• optical time-domain reflectometers (OTDRs), 717–718, 718
• optimization
  • archives and backups, 815–816
  • benefits, 808–809
  • cable management, 826
  • caching engines, 815
  • CARP, 816–817
  • change management, 832–834
  • Class of Service, 812–813
  • device placement, 827–832, 828–830
  • exam essentials, 835–836
  • fault tolerance, 815
  • high availability, 814–815
  • high-bandwidth applications, 809–810
  • labeling, 831–832
  • latency, 809
  • load balancing, 814
  • power management, 826–827
  • Quality of Service, 811–812
  • real-time services, 810
  • review questions, 837–840
  • subnets for, 239
  • summary, 834–835
  • traffic shaping, 813–814
  • unified communications, 813
  • uptime, 811
  • virtual networking, 817–825, 818–820, 822–823
  • written lab, 836
• .org domain, 148
• organizational unit (OU) attributes, 466
• organizationally unique identifiers (OUIs), 103
• Orthogonal Frequency Division Multiplexing (OFDM), 396
• OSI model. See Open Systems Interconnection (OSI) model
• OSPF (Open Shortest Path First) protocol, 316–318, 318, 767
• OSPFv3, 333–334
• OTDRs (optical time-domain reflectometers), 717–718, 718
• out-of-band management, 457–458
• out-of-band switches, 370
• out-of-order delivery in Quality of Service, 812
• outbound access control lists, 551
• output chains in iptables, 646
• output queues in wide area networks, 626
• outside addresses in NAT, 270
• overcapacity in wireless networks, 747–748
• overflow, buffer, 503
• overhead in connection-oriented communication, 34
• overlapping channels in wireless networks, 746
• overloading NAT, 269, 271
• overvoltage thresholds, 724
• overwriting media, 530