Note to the Reader: Throughout this index boldfaced page numbers indicate primary discussions of a topic. Italicized page numbers indicate illustrations.
A
A records, 149
A+B power, 827
AAA (Authentication, Authorization, and Accounting)
aaa authentication command, 371
AAA records, 151
AAAA records, 149 –150
ABRs (area border routers), 318 , 318
absorption in wireless networks, 749
acceptable-use policies (AUPs), 797
access control. See authentication and access control
access control lists (ACLs)
Access Point mode, 415
access points (APs)
description, 138 , 138
evil twin, 506
overview, 401 –402, 401
rogue, 422 , 505
site surveys, 418 –420, 419
war driving, 504
wireless controllers, 407
wireless network configuration, 414 –417, 416 -417
access ports for VLANs, 364 –365, 366
access rate in Frame Relay, 616
account lockouts for passwords, 464
accounts. See user accounts
acknowledgments in OSI model, 38 –39, 39
ACLs. See access control lists (ACLs)
acoustical motion detectors, 531
active detection, 513
active routers in HSRP, 321
active timers in HSRP, 325
ActiveX attacks, 507
activity LEDs, 130
Activity Monitor, 711 , 711
ad hoc wireless networks, 405 , 406 , 423
Adaptive Security Appliance (ASA), 695 , 696
add option in route command, 661
address learning in switches, 348 –350, 349 –350
Address Resolution Protocol (ARP)
ARP inspection, 373
ARP table, 651
arp utility, 651 –654
caches
overview, 195 –197, 196 , 650 –651
troubleshooting, 768
addresses
adjacencies in OSPFv3, 334
administrative distances (ADs) in routing protocols, 303 –305
administrator training, 525
ADSL (Asymmetric Digital Subscriber Line), 456 , 609
Advanced Research Projects Agency, 177 –178
AES (Advanced Encryption Standard)
overview, 453
wireless networks, 430 –431
AES-CCMP (AES-Counter Mode CBC-MAC Protocol), 429
agents in Network Access Control, 475 –476
aggregate rate in Ethernet, 98
air-conditioning systems, 805
air flow for device placement, 827
AirMagnet Survey tool, 421
aisles, hot/cold, 802 , 803 , 827
alert systems, 804
alias records, 151
Amazon Web Services (AWS), 824
analog modems, 156 –157, 156
Angled Physical Contact (APC) fiber-optic cable, 65 , 66
anomaly-detection IDSs (AD-IDSs), 566
anonymous FTP, 180 , 678 –679
anonymous user accounts, 460
Ant+ protocol, 412
antennas
2.4 GHz/5 GHz, 398
wireless networks, 403 –404, 748
Anthrax virus, 499
anti-malware software
cloud/server based, 533
configuration backups, 534
host based, 533
infected computers, 536
overview, 532
scans, 535 –536
updates, 534 –535
anycasts, 222 , 225
APIPA (Automatic Private IP Addressing), 187 , 218
AppleTalk, 448
Application layer
attacks, 507
firewalls, 558 –559
OSI model, 32
application protocol based IDSs (APIDSs), 137
application servers,
application-specific integrated circuits (ASICs)
Data Link layer, 166
multilayer switches, 147
switches, 346 –347
applications
approval process in change management, 833
APs. See access points (APs)
archives, 815 –816
area border routers (ABRs), 318 , 318
ARP. See Address Resolution Protocol (ARP)
arp command, 263 , 289
ARPAnet, 177 –178
.arts domain, 148
ASBRs (autonomous system border routers), 318
ASCII files with File Transfer Protocol, 680
ASICs (application-specific integrated circuits)
Data Link layer, 166
multilayer switches, 147
switches, 346 –347
assets
Assured Forwarding (AF) in DSCP, 812
Asymmetric Digital Subscriber Line (ADSL), 456 , 609
ATM (Asynchronous Transfer Mode), 622 –623
attenuation in cables, 74 , 107 , 742 audits, 463 , 517
AUPs (acceptable-use policies), 797
authentication and access control
AAA, 470 –471, 471
access control lists, 442 –443, 442
backdoor access, 509
certificates, 466 –467
CHAP, 473 –474, 473
EAP, 474
encryption, 451 –455, 453 –454
exam essentials, 477
hashes, 474
Kerberos, 469 , 470
LDAP, 466
Link Control Protocol, 619
local, 466
MD5 message-digest algorithm, 474
multifactor, 467
Network Access Control, 472 –473, 475 –476
network controllers, 472
passwords, 461 –466
PKI, 431 –432, 468 –469, 468 –469
PPP, 620 –621
remote access, 455 –458, 456 , 458
review questions, 479 –482
Secure Hash Algorithm, 475
security filtering, 441
security issues, 495 –496
summary, 476 –477
tunneling. See tunneling
unified voice services, 472
user accounts, 458 –461
VLAN Trunking Protocol, 371
web services, 472
wireless networks, 427 –429, 428 , 505
written lab, 477 –478
Authentication, Authorization, and Accounting (AAA)
Authentication Headers (AHs) in IP Security, 449 , 450
authenticators in IEEE 802 .1X, 473
authorized downtime in change management, 834
auto-detect mechanisms in Ethernet, 98
AutoCAD program for documentation, 791
autoconfiguration of IPv6 addresses, 226 –227, 226 , 327 , 328
automatic account lockouts, 464
automatic IPv6 tunneling, 330 –331
Automatic Private IP Addressing (APIPA), 187 , 218
automatic updates, 526 –527, 526
autonomous system border routers (ASBRs), 318
autonomous systems (ASs)
Border Gateway Protocol, 314 –315, 314
description, 302
EIGRP, 312
IP routing, 291 –292
Open Shortest Path First, 318 , 318
autorooters, 507
availability in CIA triad, 800
awareness, end user, 582 –583
AWS (Amazon Web Services), 824
B
back-off algorithms
CSMA/CA, 139 –140
CSMA/CD, 141
jam signals, 96
backbones
backdoors, 508 –509
background checks, 520
backup hosts in CARP, 816
backup routes in EIGRP, 313
backups
battery, 582
configuration, 534
optimization, 815 –816
security policies, 521
snapshots, 581
badges, 520
bandwidth
routing protocols, 303
saturation, 745
speed testers, 701 –702
throttling, 814
wide area networks, 600 –601
Bandwidth on Demand Interoperability Group (BONDING), 614
banner grabbing, 509 –510
bare metal hypervisors, 819
barriers
physical security, 573 –574, 574
signal degradation, 410
baseband, 96
baselines, 702 , 795 –796
Basic Analysis and Security Engine (BASE), 696
Basic Rate Interface (BRI), 613
basic service areas (BSAs), 406
basic service set identifiers (BSSIDs), 746 –747
basic service sets (BSSs), 406 –408, 406
battery backups, 582
baud rates, 97
Baudot, Jean-Maurice-Émile, 97
beacons in war driving, 504
Bearer (B) channels in ISDN, 614
bend radius limitations in fiber cable, 745
bent pins in cables, 744
Berkeley Software Distribution (BSD) Unix, 178
BGP (Border Gateway Protocol), 314 –315, 314
bidirectional communication in fiber-optic cable, 67 , 67
binary code,
binary files with FTP, 680
binary notation
conversions, 100 –103
IP addresses, 211
binding, 29
biometric systems, 576
bit rates in Ethernet, 97
bits, 100 , 210
.biz domain, 148
black boxes, 547
Blatand wireless networks, 410 –411
blind tests, 586
block acknowledgment in .4 GHz/5 GHz, 398
blocked ports
Spanning Tree Protocol, 355
troubleshooting, 760 , 760
Bluejacking attacks, 506
Bluesnarfing attacks, 506
Bluetooth technology
attacks, 506
personal area networks, 605
wireless networks, 410 –411
BNC connectors, 59 , 59
bonding in VLAN Trunking Protocol, 375 –376, 375
boot-sector viruses, 498
Bootstrap Protocol (BootP), 186 –188
Border Gateway Protocol (BGP), 314 –315, 314
botnets, 487 , 488
bottlenecks
bottom-up troubleshooting approach, 761 –762
bounce in wireless networks, 748
BPDU Guard, 374
BPDUs (Bridge Protocol Data Units), 355
BPL (Broadband over Power Line), 112 –113, 112 –113
BRI (Basic Rate Interface), 613
Bridge Protocol Data Units (BPDUs), 355
bridges
Data Link layer, 166 –167, 166
first use of, 345
overview, 131 , 131
SOHO networks, 162 –163
vs. switches, 348
Bridging mode in access points, 415
Bring Your Own Device (BYOD) initiatives, 796 –797
Broadband over Power Line (BPL), 112 –113, 112 –113
broadband services
cable modems, 610 –611, 610
Digital Subscriber Line, 608 –609
Ethernet specifications, 96
metropolitan-area Ethernet, 611
overview, 607 –608, 608
broadcast domains
broadcast storms, troubleshooting, 768 –769
broadcasts
Address Resolution Protocol, 196
addresses, 211
distance vector routing protocols, 309
IPv4 addresses, 219
switches, 352 –353
brute force attacks, 494
BSAs (basic service areas), 406
BSD (Berkeley Software Distribution) Unix, 178
BSSIDs (basic service set identifiers), 746 –747
Buffer Full message in ICMP, 195
buffers
building layout in emergency procedures, 804
Bureau of Industry and Security, 451
burned-in-addresses (BIAs), 104
bursts in Frame Relay, 616
bus topologies, 12 –13, 12
business continuity, 579 –580
business documents, 799
butt sets, 721 –722, 721
BYOD (Bring Your Own Device) initiatives, 796 –797
bytes, 100 , 210
bytes statistic in netstat, 672
C
.ca domain, 148
cable modems, 607 , 610 –611, 610
cable strippers, 723 , 723
cable trays, 828 , 828
cables
coaxial, 58 –60, 58 –59
crossover, 78 –82, 78 –81
distance, 74
duplex, 74
fiber-optic, 64 –69, 66 –69
frequency, 75
managing, 826
noise immunity, 74 –75
quality, 19
rolled, 80
serial, 72 , 72 –73
straight-through, 77 –78, 77
testers, 712 –713, 713
transmission speeds, 73 –74
troubleshooting, 740 –745, 772 –773
twisted-pair, 60 –64, 63 –64
caches
Address Resolution Protocol, 651
firewalls, 558
IP routing, 284 , 288
poisoning, 492 –493
caching engines, 815
caching proxy servers, 155
call setup in TCP, 188
callback in PPP, 619
cameras
IP, 576
security policies, 520
campus area networks (CANs), 21
canonical name (CNAME) records, 151
capacitance motion detectors, 531
capacity in wireless network site surveys, 418 –420, 419
captive portals, 476
CARP (Common Address Redundancy Protocol), 816 –817
Carrier Sense Multiple Access with Collision Avoidance (CSMA/CA)
Carrier Sense Multiple Access with Collision Detection (CSMA/CD)
carrier signals in OSI model, 46 –47
CAs (certificate authorities), 432 , 468 , 468
categories of twisted-pair cable, 61 –62, 62 , 64
.cc domain, 148
CCTV (closed circuit television) cameras, 576
cd command in File Transfer Protocol, 680
CDMA (code division multiple access), 393 , 612
CDPCP (Cisco Discovery Protocol Control Protocol), 619
cells in Asynchronous Transfer Mode, 622 –623
cellular technologies, 612
central office (CO), 598
centralized WANs,
certificate authorities (CAs), 432 , 468 , 468
certificates
certification testers, 716 –717
chain of custody for evidence, 516
chains in iptables, 646
Challenge Handshake Authentication Protocol (CHAP)
credentials transmission, 501
overview, 473 –474, 473
Point-to-Point Protocol, 620
change management
approval process, 833
authorized downtime, 834
documentation, 833 –834
maintenance window, 834
notifications, 833 –834
policies, 798
procedures, 832 –834
change option for route command, 661
changes, troubleshooting, 750 –751
channel service unit/data service unit (CSU/DSU), 45 , 596 –597
channels
access points, 415
unencrypted, 501
utilization, 711 , 712
wireless networks, 746
CHAP (Challenge Handshake Authentication Protocol)
credentials transmission, 501
overview, 473 –474, 473
Point-to-Point Protocol, 620
CIA triad, 800
CIDR (Classless Inter-Domain Routing), 241 –243
cipher locks, 577
CIR (committed information rate), 616 –617
circuit switching, 600
circuits
labeling, 832
power management, 827
Cisco Discovery Protocol Control Protocol (CDPCP), 619
Cisco Unified Wireless Network (CUWN), 423
cladding for multimode fiber, 65
Class A network addresses
overview, 213 –214
subnets, 888 –893
Class B network addresses
overview, 214 –215
subnets, 253 –260
Class C network addresses
Class D network addresses, 216 , 219 –220
Class E network addresses, 216
Class of Service (COS), 812 –813
Class Selector in DSCP, 812
classes of routing protocols, 305 –306
classful routing in RIP, 308
Classless Inter-Domain Routing (CIDR), 241 –243
classless network design, 310 , 310
classless routing in RIP, 308
clean-desk policies, 518 , 797
clearing assets, 530
client mode in denial of service, 424
client-server networks, 11 , 11
client-to-site VPNs, 446
clients
description,
Teredo, 332
VLAN Trunking Protocol, 369
closed circuit television (CCTV) cameras, 576
closets, 575
clouds
anti-malware software, 533
concepts, 823 –824
DNS, 153 –154
and local resources, 825
virtual networking, 817
CNAME (canonical name) records, 151
Coarse Wavelength Division Multiplexing (CWDM), 604 –605
coaxial cable, 58 –60, 58 –59
code division multiple access (CDMA), 393 , 612
cold aisles, 802 , 803 , 827
cold sites, 580
collapsed backbones, 344
collision domains
collision lights, checking, 737
collisions
colons (:) in IPv6 addresses, 223
.com domain, 148
committed information rate (CIR), 616 –617
Common Address Redundancy Protocol (CARP), 816 –817
common names (CNs), 466
communications satellites (comsat), 606 , 606
community clouds, 824
company security policies, 629
Compaq, 354
compliance in network segmentation, 808
compressed air, 803
compression in Link Control Protocol, 619
concentrators, VPN, 571 –572, 571
confidentiality in CIA triad, 800
configuration
backups, 534
change management, 833
logical security, 577 –578, 577 –578
misconfiguration issues, 510 –511
troubleshooting, 771 –772
wireless network errors, 746 –748
congestion causes, 160
connection-oriented communication, 34 –35, 34
Connectionless Network Service (CLNS), 319
connectionless protocols, 190
connections
limiting for user accounts, 460 –461
T-series, 601 –603
TCP/IP, 669 –676, 671
UTP cable, 62 –64, 63
wide area networks, 599 –600, 599
connectivity
virtual networking, 824
wide area networks, 624 , 624
connectivity devices. See networking devices
connectivity software, 639 –640, 639
connectors, fiber cable, 66 –67, 66 –67 , 744
console routers for remote access, 457
content filtering
Content Security and Control Security Services Module (CSC-SSM), 561
contention methods
CSMA/CA, 139 –140
CSMA/CD, 140 –141
context awareness in firewalls, 563
continuity testers, 715
contracts in traffic shaping, 814
Control and Provisioning of Wireless Access Points (CAPWAP), 408
controllers, wireless, 407 –408, 408
converged networks, 283
converged routing tables, 307 , 307
convergence in STP, 356 –357, 357
converters, power, 827
coordinated attacks, 489
copper line drivers, 597
copy-on-write snapshots, 581
CPE (customer premises equipment), 596
CPU statistics in SNMP, 705
crackers, 506
CRC (cyclic redundancy check)
crimpers, 723 , 723
critical assets, 583
critical nodes, 583
cross-site scripting, 494
crossover cables
crosstalk
cable categories, 62 , 107
description, 742
twisted-pair cable, 61
CSMA/CA (Carrier Sense Multiple Access with Collision Avoidance)
CSMA/CD (Carrier Sense Multiple Access with Collision Detection)
CSU/DSU (channel service unit/data service unit), 45 , 596 –597
customer premises equipment (CPE), 596
customer satisfaction in broadband services, 607
cyclic redundancy check (CRC)
D
DAP (Directory Access Protocol), 466
data acquisition servers, 806
data collection in forensics, 515 –516
data communication equipment (DCE), 45
data encapsulation. See encapsulation
Data Encryption Standard (DES), 452
Data field in Ethernet frames, 105
data frames in Data Link layer, 43
Data Link Connection Identifiers (DLCIs), 617 –618
Data Link layer
Ethernet specifications, 99 –106, 103 –104
OSI model, 42 –45, 43
switches and bridges, 166 –167, 166
Data Loss Prevention (DLP) software, 798
Data over Cable Service Interface Specifications (DOCSIS), 610
data packets in Network layer, 40
data terminal equipment (DTE), 45
data transport in forensics, 516
Datagram Transport Layer Security (DTLS), 447
datagrams
Protocol Data Units, 199
Simple Network Management Protocol, 785
DB-25 connectors, 72
dBd (decibel dipole) rating for antennas, 403
dBi (decibel isotropic) rating for antennas, 403
DCE (data communication equipment), 45
de-encapsulation, 199
dead zones in protocol switching, 554 , 555
deauthentication, wireless, 505
DEC (Digital Equipment Corporation), 354
decibel dipole (dBd) rating for antennas, 403
decibel isotropic (dBi) rating for antennas, 403
decimal conversions, 100 –103
dedicated lines, 599 –600
default administrative distances, 304 –305
default Border Gateway Protocol routes, 314
default gateways
IP routing, 283 , 287
troubleshooting, 756 –757
VLAN Trunking Protocol, 371
default passwords, 496
default subnet masks, 241 –242
definition files for anti-malware software, 535
degaussing media, 530
delay in Quality of Service, 811
delete option in route command, 661
delivery protocols for tunneling, 444
Delta (D) channels in ISDN, 614
deluge fire-suppression systems, 805
demarc/demarc extensions, 84
demarcation points, 597
demilitarized zones (DMZs)
denial of service (DoS) attacks
description, 486
distributed, 487 –489, 488
NTP refection, 492
permanent, 489
Ping of Death, 486
reflective/amplified, 491
Smurf, 489 –490, 490
Stacheldraht, 491
SYN flood, 490 –491, 491
unreachable gateways, 486 –487, 487
wireless networks, 423 –424
Dense Wavelength Division Multiplexing (DWDM), 604
DES (Data Encryption Standard), 452
desktops in virtual networking, 821
Destination Address (DA) field in Ethernet frames, 105
destination option for route command, 661
Destination Unreachable message, 195
destruction of assets, 530
detection policies, 531 –532
devices. See networking devices
DHCP. See Dynamic Host Configuration Protocol (DHCP)
DHCPv6, 227
diagrams. See schematics and diagrams
Differentiated Services Code Point (DSCP), 812
Diffie, Whitfield, 454
Diffie-Hellman algorithm, 453 –454
Diffusing Update Algorithm (DUAL), 312 –313
dig utility, 655
digital certificates. See certificates
Digital Equipment Corporation (DEC), 354
digital IDs in public-key encryption, 453
digital subscriber line access multiplexer (DSLAM), 608
Digital Subscriber Line (DSL) services
connections, 63
wide area networks, 607 –609, 608
Dijkstra algorithm
Direct Sequence Spread Spectrum (DSSS), 396
directed attacks, 507
directional antennas, 403
Directory Access Protocol (DAP), 466
dirty connectors in fiber cable, 744
disabled ports in STP, 356
disabling user accounts, 459 –460
disaster recovery, 579
discards statistic in netstat, 672
discontiguous networks, 309 –312, 309 –311
disk mirroring, 584 , 584
disk striping, 583 , 584
distance vector (DV) routing protocols
BGP, 314 –315, 314
EIGRP, 312 –314, 313
IP routing, 292 , 293
overview, 306 –307, 306 –307
RIP, 308 –309
variable length subnet masks, 309 –312, 309 –311
distances
administrative, 303 –305
cables, 74
fiber cable, 745
signal attenuation, 742
signal degradation, 410
subnets for, 239
wireless networks, 747
distinguished names (DNs) in X.500, 466
distortion, recording, 724
distributed DoS (DDoS) attacks, 487 –489, 488
distributed switching, 354 , 354
distributed WANs,
distribution access control lists, 550
distribution cable networks, 610
distribution systems (DSs) in wireless networks, 406 , 406
distributions, wiring, 82 –84, 83
diversity in wireless access points, 401
divide-and-conquer troubleshooting approach, 762
DLCIs (Data Link Connection Identifiers), 617 –618
DLP (Data Loss Prevention) software, 798
DMVPN (Dynamic Multipoint VPN), 621 , 621
DMZs (demilitarized zones)
DNAT (dynamic NAT), 269
DNS servers. See Domain Name Service (DNS) servers
DOCSIS (Data over Cable Service Interface Specifications), 610
documentation
asset management, 794
change management, 833 –834
in forensics, 515
IP address utilization, 795
schematics and diagrams
logical network diagrams, 793 , 794
overview, 786 –787
physical network diagrams, 790 –793, 791 –793
wiring schematics, 787 –790, 787 , 789
SNMP, 785 –786
standard business documents, 799
troubleshooting, 769 –770
vendors, 795
DoD model
domain components (DCs) in LDAP, 466
Domain Name Service (DNS) servers
amplification attacks, 491 –492, 492
dynamic, 153
external, 153 , 153
internal, 153 , 153
overview, 148 –153, 149 –153
poisoning, 503
process/application layer, 185 –186
third-party, 153 –154
troubleshooting, 757
wide area network issues, 628
domains
doors
access controls, 576 –577
emergency procedures, 804
locks, 520
DoS attacks. See denial of service (DoS) attacks
dotted-decimal notation for IP addresses, 211
double-blind tests, 586
downgrading vs. upgrading, 528 –529
downloading
downtime
change management, 834
high availability, 814
driver updates, 527 –528
drop cables, 788
dropped packets in Quality of Service, 811
dry pipe fire-suppression systems, 805
DSCP (Differentiated Services Code Point), 812
DSL (Digital Subscriber Line) services
connections, 63
wide area networks, 607 –609, 608
DSLAM (digital subscriber line access multiplexer), 608
DSSS (Direct Sequence Spread Spectrum), 396
DTE (data terminal equipment), 45
DTLS (Datagram Transport Layer Security), 447
DTP (Dynamic Trunking Protocol), 364
DUAL (Diffusing Update Algorithm), 312 –313
dual power supplies, 579
dual stacks in IPv6 addresses, 228 , 332
dumb terminals,
duplex command, 134 –135
duplex communication
description, 74
Ethernet specifications, 98 –99, 99
routers, 134 –135
troubleshooting, 755 –756
wide area networks, 625
duplicate IP addresses, 756
DV routing protocols. See distance vector (DV) routing protocols
Dynamic ARP inspection (DAI), 373
dynamic ARP table entries, 651
dynamic DNS, 153
Dynamic Frequency Selection (DFS), 397
Dynamic Host Configuration Protocol (DHCP)
DHCP relay, 145 –146, 146
overview, 141 –145, 142 –145
process/application layer, 186 –188
snooping, 372 –373
troubleshooting, 758 –760, 758
dynamic IP routing, 291 –293, 291 –293
Dynamic Multipoint VPN (DMVPN), 621 , 621
dynamic NAT (DNAT), 269
dynamic packet filtering in firewalls, 555 –556, 556
dynamic routing, 281
dynamic state lists, 556
Dynamic Trunking Protocol (DTP), 364
dynamic VLANs, 364
E
E3 connections, 603
EAP. See Extensible Authentication Protocol (EAP)
EAP Transport Layer Security (EAP-TLS), 432
EAP-FAST, 431
EDFAs (erbium-doped fiber amplifiers), 604
edge control, 476
eDiscovery, 515
.edu domain, 148
EGPs (exterior gateway protocols), 291 –293, 302
EIA/TIA-232-C standard, 619
EIA/TIA 568 B wiring standard, 787 , 789
EIA/TIA Ethernet specifications, 106
802.11 standards
2.4 GHz, 395 –396, 395 –396
2.4 GHz/5 GHz, 398 –399
5 GHz, 397 –399, 397
committees and subcommittees, 393 –394
comparing, 399 –401, 400
wireless access points, 401 –402, 401
EIGRP (Enhanced Interior Gateway Routing Protocol), 312 –314, 313 , 767
EIGRPv6, 333
Ekahau Site Survey tool, 421
electrical safety, 801 –802, 801
electromagnetic interference (EMI), 60 –61, 74 –75 , 743
electromechanical motion detectors, 531
Electronic Industries Alliance and Telecommunications Industry Association (EIA/TIA), 62
electrostatic discharge (ESD), 802
Emergency Alert System (EAS), 804
emergency procedures, 804 –805
EMI (electromagnetic interference), 60 –61, 74 –75 , 743
employees
exit interviews, 523
threats from, 500
Encapsulating Security Payload (ESP), 449 , 450
encapsulation
encryption
AES, 453
devices, 155 –156, 155 –156
media, 530
overview, 451 –452
PKI, 431 –432
public-key, 453 –455, 453 –454
symmetrical encryption keys, 452
unencrypted channels, 501
VPN concentrators, 571
end user awareness and training, 524 –525, 582 –583
endpoints
Digital Subscriber Line, 608
VoIP, 158
Enhanced Data Rates for GSM Evolution (EGPRS), 612
Enhanced Interior Gateway Routing Protocol (EIGRP), 312 –314, 313 , 767
environmental factors
SOHO networks, 168
wireless networks, 748
environmental monitors, 724 –725
equipment
access policies, 519
virtual networking, 825 –826, 826
erbium-doped fiber amplifiers (EDFAs), 604
error messages
errors
Link Control Protocol, 619
network monitoring, 721
Quality of Service, 811
errors statistic in netstat, 672
escalation in forensics, 515
ESP (Encapsulating Security Payload), 449 , 450
ESSIDs (extended service set identifiers), 746 –747
EtherChannel, 376
Ethernet cable, 60 –62, 62
Ethernet over MPLS (EoMPLS), 623
Ethernet specifications, 92
bit rates vs. baud rate, 97
broadband/baseband, 96
broadcast domains, 94 –95
collision domains, 94
CSMA/CD, 95 –96, 95
Data Link layer, 99 –106, 103 –104
duplex, 98 –99, 99
Ethernet over HDMI, 113 , 114
Ethernet over Power Line, 112 –113, 112 –113
exam essentials, 115
frames, 104 –106, 104
network basics, 92 –94, 93
Physical Layer, 106 –111, 106
review questions, 120 –123
summary, 114 –115
wavelength, 97 –98, 97
written lab, 115 –119
EUI-64 format, 226 –227, 226
European Telecommunications Standards Institute (ETSI), 391 , 612
events
evidence collection in forensics, 515 –516
evil twin access points, 506
Evolved High Speed Packet Access (HSPA+), 612 –613
exit interviews, 523
Expedited Forwarding (EF) in DSCP, 812
expiration
IP addresses, 757 –758
passwords, 465
exploits vs. vulnerabilities, 500
Export Administration Regulations (EAR), 451
export controls, 519 , 797
expressions in IPv6 addresses, 222 –224, 222
extended access control lists, 551
extended demarcs, 597
extended service set identifiers (ESSIDs), 746 –747
extended service sets (ESSs), 406 –407, 407
Extensible Authentication Protocol (EAP)
description, 474
PKI, 431 –432
PPP, 620 –621
Remote Access Services, 455
exterior gateway protocols (EGPs), 291 –293, 302
external DNS, 153 , 153
extranet VPNs, 446
F
F-type connectors, 58 –59
fail close door systems, 804
Fast Ethernet, 107
fault tolerance
fax servers,
FDM (frequency-division multiplexing), 47
FDMA (Frequency-Division Multiple Access) standard, 393
FDPs (fiber distribution panels), 67
feasible successors in EIGRP, 313
Federal Communications Commission (FCC), 391
feeder cable, 83
FHRPs (first hop redundancy protocols), 319 –320, 320 , 325
FDPs (fiber distribution panels), 67
fiber-optic cable
APV vs. UPC, 65 , 66
connectors, 66 –67, 66 –67
issues, 744 –745
multimode, 65
overview, 64 –65
single-mode, 65
small form factor connectors, 68 –69, 68 –69
transceivers, 67 , 67
fiber to coaxial media converters, 70 , 71
fiber to the premises, 605
Fibre-Channel (FC), 69 , 822
Fibre-Channel over Ethernet (FCoE), 822
file servers,
File Transfer Protocol (FTP)
downloading files, 679 –681
encryption, 451
firewall proxies, 558
overview, 677 –678
port attacks, 508
process/application layer, 180
scanning services, 561
server login, 678 –679
uploading files, 681 –682
virtual networking, 824
files
downloading, 679 –681
hashing, 528
integrity monitoring, 524
uploading, 681 –682
viruses, 497 –498
filters
fingerprints, 576
fire escape plans, 804
fire-suppression systems, 805
firewalls
access control lists, 442 , 549 –551, 549
application layer, 558 –559
challenges, 560
content filtering, 562
context awareness, 563
demilitarized zones, 552 –553, 552
dynamic packet filtering, 555 –556, 556
host-based, 548
misconfigured, 510 –511
need for, 507
network-based, 548
network layer, 559 –560
NGFW/Layer , 159 , 560
overview, 136 –137, 137 , 547
port security, 551
protocol switching, 553 –555, 555
proxy services, 556 –558, 557
scanning services, 561 –566, 563 –565
security policies, 520
signature identification, 563
stateful and stateless, 559 –560
troubleshooting, 760
virtual networking, 820
virtual wire vs. routed, 563 , 563
zones, 564 –566, 564 –565
.firm domain, 148
firmware
first generation cellular (1G), 612
first hop redundancy protocols (FHRPs), 319 –320, 320 , 325
first responders, 514 –515
5 GHz standard, 397 –399, 397
flat networks, 359
flicker, voltage event recorders for, 724
flood guard, 373 , 374
floors in site surveys, 421
flow control in Transport layer, 35 –37, 36
fluoroethylenepropylene (FEP) cable covering, 58
forensic concepts, 514 –516
40 MHz Channels, 398
forward chains in iptables, 646
forward/filter decisions in switches, 351 –352, 351
forward/filter tables in switches, 349 –350, 349 –350
forwarding ports in STP, 356
four-post racks, 828 , 829
fourth generation cellular (4G), 612
fox and hound wire tracers, 720 –721, 720
FQDNs (fully qualified domain names)
DNS servers, 148
process/application layer, 185
Frame Check Sequence (FCS) field
data encapsulation, 199
Ethernet frames, 105
packets, 284
Frame Relay
committed information rate, 616 –617
DLCI, 617 –618
overview, 615 –616, 615
virtual circuits, 617
frames
freestanding racks, 830 , 830
frequency
cables, 75
wireless networks, 746
frequency-division multiplexing (FDM), 47
Frequency Hopping Spread Spectrum, 605
friendly distributed DoS attacks, 489
FTP. See File Transfer Protocol (FTP)
FTP PORT command, 508
full-duplex communication
description, 74
Ethernet specifications, 98 –99, 99
routers, 135
Session layer, 33
fully qualified domain names (FQDNs)
DNS servers, 148
process/application layer, 185
G
gateway option in route command, 662
gateways
description,
encryption, 155
IP routing, 283 , 287
troubleshooting, 756 –757
unified communications, 813
unreachable, 486 –487, 487
VLAN Trunking Protocol, 371
GB (gigabytes), 601
GBICs (gigabit interface converters), 744 , 768
general logs, 709 –710, 710
General Packet Radio Services (GPRS), 612
General Protection Fault messages, 739
Generic Routing Encapsulation (GRE) tunnels, 329 , 448 –449, 448
geographical distances, subnets for, 239
geostationary satellite orbits, 606
GET messages in SNMP, 704 –705, 704
Gigabit Ethernet adapters, 69
gigabit interface converters (GBICs), 744 , 768
Gigabit Media Independent Interface (GMII), 107
Gigabit wiring, 79 , 80
gigabytes (GB), 601
glass in single-mode fiber, 65
global addresses in NAT, 269
Global System for Mobile Communications (GSM), 393 , 425 , 427 , 612
global unicast addresses, 224
GMII (Gigabit Media Independent Interface), 107
goodput in .4 GHz, 396
GoToMyPC tool, 639
.gov domain, 148
GPRS (General Packet Radio Services), 612
GRE (Generic Routing Encapsulation) tunnels, 329 , 448 –449, 448
grounding, electrical, 801 , 801
groups, configuration, 510
GSM (Global System for Mobile Communications), 393 , 425 , 427 , 612
guards
benefits, 577
security policies, 521
guest networks, 475
guests
user accounts, 460
virtual networking, 818 , 818
H
H.323 protocol
description, 183
video teleconferencing, 807
half-duplex communication
description, 74 , 390
Ethernet specifications, 98 –99, 99
routers, 135
Session layer, 33
half-open scanning, 697
Halon fire extinguishers, 805
handshakes
connection-oriented communication, 34 –35
Transmission Control Protocol, 188
hardware addresses
hardware installation for wireless networks, 412 –417, 413–414, 416 –417
hardware problems vs. software, 738 –739
hardware tools
butt sets, 721 –722, 721
cable strippers, 723 , 723
cable testers, 712 –713, 713
certification testers, 716 –717
continuity testers, 715
environmental monitors, 724 –725
exam essentials, 725 –726
loopback adaptors, 714 , 714
metrics, 721
multimeters, 718 –719, 719
OTDRs, 717 –718, 718
protocol analyzers, 715 –716
punch-down tools, 722 , 722
review questions, 727 –730
security devices, 545 –546, 546
spectrum analyzers, 719 , 719
summary, 725
time-domain reflectometers, 717
tone generators, 720 –721, 720
voltage event recorders, 723 –724
wire-map testers, 714 –715, 715
written lab, 726
hashes
authentication, 474
files, 528
HDLC (High-Level Data Link Control)
HDMI, Ethernet over, 113 , 114
HDSL (High Bit-Rate Digital Subscriber Line), 609
headends in cable networks, 610
headers in Internet Protocol, 194 , 194
heat
environmental monitors, 724 –725
heating and air-conditioning systems, 805
heat maps for site surveys, 421 , 421
heating and air-conditioning (HVAC) systems, 805
Hellman, Martin, 454
Hello messages in HSRP, 321
hello packets in link state routing protocols, 316
hello timers in HSRP, 324 , 324
helper-address command, 146
heuristic scanning in anti-malware software, 534
hexadecimal notation
hierarchical IP addresses, 211 –218, 212
high availability
high-bandwidth applications, 809 –810
High Bit-Rate Digital Subscriber Line (HDSL), 609
High-Level Data Link Control (HDLC)
histories, password, 465
history logs, 709 –710, 710
hold timers in HSRP, 325
honeypots
intrusion detection systems, 568 –569, 569
network segmentation, 807
hooks in Internet layer protocols, 193
hop counts
distance vector routing protocols, 307 –308
Network layer, 41
routing protocols, 303
Hops message in ICMP, 195
Host (A) records, 149
host addresses, 212
host based anti-malware software, 533
host-based firewalls, 548 , 760
host-based IDSs (HIDSs), 137 , 569
Host-to-Host layer protocols, 188
DoD model, 178
key concepts, 190 –191
port numbers, 191 –192, 191
Transmission Control Protocol, 188 –189, 189
User Datagram Protocol, 189 –190, 190
host-to-host VPNs, 446
hostname command, 657
hosts
CARP, 816
description,
forward/filter tables, 350 , 350
overview,
router advertisements, 327
virtual networking, 818 , 818
HOSTS file, 148
Hosts table, 656 –657
hot aisles, 802 , 803 , 827
hot sites, 580
hot spots, 409 –410, 409
Hot Standby Router Protocol (HSRP)
hotfixes
downloading, 527
overview, 525 –526
Windows Update, 526 –527, 526
HSRP. See Hot Standby Router Protocol (HSRP)
hubs
humidity
environmental monitors, 724 –725
SOHO networks, 168
hybrid clouds, 824
hybrid firewalls, 558
hybrid IP routing, 293 , 293
hybrid protocols, 305 –306, 312
hybrid topologies, 15 , 18 , 18
Hypertext Transfer Protocol (HTTP)
description, 184
proxies for firewalls, 557 –558
scanning services, 561
Hypertext Transfer Protocol Secure (HTTPS), 184 , 472
hypervisors in virtual networking, 818 –819, 819
I
IaaS (infrastructure as a service), 824
IBSSs (independent basic service sets), 405 –406, 406
ICA (Independent Computing Architecture), 457
ICMP. See Internet Control Message Protocol (ICMP)
ICSs (Industrial control systems), 806
IDCs (insulation displacement connectors), 722
IDFs (intermediate distribution frames), 82 , 825 –826, 826
IDSs. See intrusion detection systems (IDSs)
IEEE 802 .1Q standard, 366 –367, 367
IEEE 802 .1X standard, 473
IEEE 802 .3 standards, 107 –111
IEEE (Institute of Electrical and Electronics Engineers) wireless network standards, 391
ifconfig tool, 646
IGMP (Internet Group Management Protocol), 185
IGPs (interior gateway protocols), 291 –292, 302
iLO (Integrated Lights-Out) technology, 457 , 458
IMAP (Internet Message Access Protocol), 182
impedance mismatches in cables, 743
inbound access control lists, 551
incident response
incorrect channels in wireless networks, 746
independent basic service sets (IBSSs), 405 –406, 406
Independent Computing Architecture (ICA), 457
Individual/Group (I/G) address bit, 103
Industrial control systems (ICSs), 806
Industrial, Scientific, and Medical (ISM) bands, 391 –392
infected computers, fixing, 536
InfiniBand standard, 822
.info domain, 148
information gathering
site surveys, 418
troubleshooting, 750
Information technology – Security Techniques – Code of practice for information security controls , 800
infrared motion detectors, 531
infrared (IR) wireless, 395 , 411
infrastructure as a service (IaaS), 824
infrastructure implementations in wireless networks, 410 –412
infrastructure mode for wireless networks, 107 , 406 –408, 406
input chains in iptables, 646
input queues in wide area networks, 626
inside addresses in NAT, 270
insider threats, 500
installation safety practices, 802 –804, 803
Institute of Electrical and Electronics Engineers (IEEE) wireless network standards, 391
insulation displacement connectors (IDCs), 722
.int domain, 148
Integrated Lights-Out (iLO) technology, 457 , 458
Integrated Services Digital Network (ISDN), 613 –615, 806
integrity in CIA triad, 800
Inter-Switch Link (ISL), 366
interface command, 134
interface configurations for routers, 133 –136
interface errors
troubleshooting, 757
wide area networks, 624 –627
interfaces in Network layer, 41
interference
cables, 60 –61, 74 –74 , 743
electromagnetic, 60 –61, 74 –75 , 743
radio frequency, 60 , 743
signal degradation, 410
wireless networks, 745
interior gateway protocols (IGPs), 291 –292, 302
intermediate distribution frames (IDFs), 82 , 825 –826, 826
Intermediate System-to-Intermediate System (IS-IS), 318 –319, 319 , 767
internal DNS, 153 , 153
International Computer Security Association (ICSA), 518
international export controls, 519 , 798
Internet connectivity in wide area networks, 624 , 624
Internet Control Message Protocol (ICMP)
error messages, 640
IP routing, 283 , 287 –288
maximum transmission units, 768
overview, 194 –195, 195
Internet Engineering Task Force (IETF), 177
Internet Group Management Protocol (IGMP), 185
Internet layer protocols
ARP, 195 –197, 196
DoD model, 178 , 192 –193
ICMP, 194 –195, 195
Internet Protocol, 193 –194, 194
RARP, 197 , 197
Internet Message Access Protocol (IMAP), 182
Internet of Things (IoT), 412
Internet Protocol (IP)
addressing. See IP addresses
data encapsulation, 198 –201, 198 , 200
DoD model, 193 –194, 194
exam essentials, 202
history, 177
review questions, 204 –207
routing. See IP routing
summary, 202
TCP/IP. See Transmission Control Protocol/Internet Protocol (TCP/IP)
written lab, 203
Internet Protocol Control Protocol (IPCP), 619
Internet Protocol Security (IPSec), 571
Internet Security Association and Key Management Protocol (ISAKMP), 450
Internet Small Computer System Interface (iSCSI), 821 –822, 822
Internetwork Packet Exchange (IPX), 448 , 553
internetworking models, 28
internetworks
description, ,
devices, 39 –40
routers, 132 , 161 –163, 163
Intra-Site Automatic Tunnel Addressing Protocol (ISATAP) tunneling, 331
intranets
description,
virtual private networks, 446
intrusion detection security policies, 520
intrusion detection systems (IDSs)
description, 137
host-based, 569
network-based, 567 –569, 567 –569
overview, 566 –567, 567 , 695 –696, 696
unified threat management, 570 –571
vulnerability scanners, 570
wireless networks, 424
intrusion prevention systems (IPSs)
inverse multiplexing, 614
inverters for power management, 827
ip address command for routers, 136
IP address management (IPAM) tools, 146
IP addresses, 93 –94
access points, 416 –417
APIPA, 218
ARP, 651 –654
DHCP servers, 144
exam essentials, 230 –231
FHRPs, 320 , 320
hierarchical, 211 –218, 212
Hosts table, 656 –657
IPv4, 218 –220
IPv6. See IPv6 addresses
name resolution. See Domain Name Service (DNS) servers
NAT, 268 –272, 268 , 270 –271
network addresses, 212 –216
nslookup, 654 –656
private, 216 –217
review questions, 233 –236
routers, 136
Smurf attacks, 489 –490, 490
spoofing, 494
subnets. See subnets
summary, 230
switches, 369 –371
terminology, 210 –211
troubleshooting, 756 –758
utilization documentation, 795
virtual, 217 –218
written labs, 231 –232
IP exclusions in DHCP servers, 141
ip helper-address command, 146
IP proxies for firewalls, 557
ip route command, 282
IP routing
basics, 280 –283, 281
exam essentials, 294
example, 289 –291, 289 –290
process, 283 –289, 283 , 285
review questions, 296 –299
static and dynamic, 291 –293, 291 –293
summary, 294
written lab, 294 –295
IP Security (IPSec), 449 –450, 450
IP video systems, 576
IPAM (IP address management) tools, 146
ipconfig command, 642 –645, 645
ipconfig /all command
IP address troubleshooting, 263 , 762 , 762
problem resolution, 765 , 765
working with, 643 –644
ipconfig /release command, 637 , 645
ipconfig /renew command, 637 , 645
IPCP (Internet Protocol Control Protocol), 619
IPSec (Internet Protocol Security), 571
IPSs (intrusion prevention systems)
iptables utility, 646 –647
IPv4 addresses
broadcasts, 219
multicast, 219 –220
overview, 218 –219
unicasts, 219
ipv6 address autoconfig command, 327
IPv6 addresses
6to4 tunneling, 228 –229, 229
benefits and uses, 221 –222
DHCPv6, 227
dual stack, 228 , 332
EIGRPv6, 333
expressions, 222 –224, 222
migrating to, 227 –228
need for, 220 –221
neighbor discovery, 328 –329, 328
OSPFv3, 333 –334
overview, 220
RIPng, 333
router advertisements, 326 –327, 327 –328
routing protocols, 332 –334
special, 225
stateless autoconfiguration, 226 –227, 226
tunneling, 329 –332
types, 224 –225
ipv6 unicast-routing command, 332
IPX (Internetwork Packet Exchange), 448 , 553
IR (infrared) wireless, 395 , 411
iris scans, 576
IS-IS (Intermediate System-to-Intermediate System), 318 –319, 319 , 767
ISAKMP (Internet Security Association and Key Management Protocol), 450
iSCSI (Internet Small Computer System Interface), 821 –822, 822
ISDN (Integrated Services Digital Network), 613 –615, 806
ISL (Inter-Switch Link), 366
ISM (Industrial, Scientific, and Medical) bands, 391 –392
ISO 17799 standard, 800
ISO 19770 standards, 794
ISO/IEC 27002 standard, 800
isotropic antennas, 403
J
J3 connections, 603
.ja domain, 148
jamming process, 96 , 510
Jerusalem virus, 497
jitter
cables, 743
Quality of Service, 811
jumbo frames in storage area networks, 822
K
Kardach, Jim, 411
Kerberos authentication
key fobs, 576
key pairs, 432
keypads, 577
keys
devices, 528
encryption, 451 –452
symmetrical, 452
L
L2F (Layer Forwarding) technology, 447 –448
L2TP (Layer Tunneling Protocol), 447 –448
labeling devices, 831 –832
LACP (Link Aggregation Control Protocol), 375 –376
LAN Manager servers, 344
LAN Speed Test, 702
LANs (local area networks)
lasers for single-mode fiber, 65
last mile, 608
latched SC connectors, 66
latency
Asynchronous Transfer Mode, 623
cables, 742 –743
sensitivity, 809
wireless networks, 747 –748
Layer 2 broadcasts, 219
Layer 2 Forwarding (L2F) technology, 447 –448
Layer 2 switches, 346 –347
address learning, 348 –350, 349 –350
vs. bridges, 348
distributed switching, 354 , 354
forward/filter decisions, 351 –352, 351
limitations, 347 –348
loop avoidance, 352 –353, 353
Layer 2 Tunneling Protocol (L2TP), 447 –448
Layer 3 broadcasts, 219
Layer 7 firewalls, 560
layers
LBSs (location-based services), 427
lcd command in File Transfer Protocol, 680
LCP (Link Control Protocol), 618 –619, 618
LDAP (Lightweight Directory Access Protocol), 184 –185, 466
learning ports in Spanning Tree Protocol, 356
leased lines, 599 –600
LEDs (light-emitting diodes)
checking, 736 –737
network interface cards, 129 –130
single-mode fiber, 65
legacy systems
network segmentation, 807
security, 501
legal holds in forensics, 516
Length field in Ethernet frames, 105
licensing restrictions, 519 , 798
lifting equipment, 802
light-emitting diodes (LEDs)
checking, 736 –737
network interface cards, 129 –130
single-mode fiber, 65
Lightweight Access Point Protocol (LWAPP), 408 , 408 , 423
Lightweight Directory Access Protocol (LDAP), 184 –185, 466
line testers, 715
line voltage event recorders, 723 –724
Link Aggregation Control Protocol (LACP), 375 –376
Link Control Protocol (LCP), 618 –619, 618
link-establishment phase in PPP, 620
link-local addresses
IPv6, 224
neighbor discovery, 328
link state (LS) routing protocols
link status for wide area networks, 625
listening ports in STP, 356
LLC (Logical Link Control), 43 , 43
LMHOSTS file, 667
load balancers, 147
load balancing
optimization, 814
round-robin, 306
routing protocols, 303
load balancing/failover (LBFO), troubleshooting, 769
local addresses in NAT, 270
local area networks (LANs)
local authentication, 466
Local Connector (LC), 68
Local/Global bits (L/G), 104
local groups configuration, 510
local loops, 598 , 608
location-based services (LBSs), 427
location devices in site surveys, 421
lockouts for passwords, 464
locks
cipher, 577
security policies, 520
logic bombs, 497
logical addresses, 193
Logical Link Control (LLC), 43 , 43
logical network diagrams, 793 , 794
logical security configurations, 577 –578, 577 –578
logical topologies, 11 –12
login procedures, checking, 735 –736
LogMeIn.com tool, 639 , 639
logs
Long Term Evolution (LTE), 613
Looking Glass (LG) servers, 709 , 709
loop avoidance for switches, 352 –353, 353
loopback adaptors, 714 , 714
low-polar satellite orbits, 606
ls command in FTP, 680
LS routing protocols. See link state (LS) routing protocols
LTE (Long Term Evolution), 613
LWAPP (Lightweight Access Point Protocol), 408 , 408 , 423
M
mac address-table command, 351
MAC addresses, 93 –94
2.4 GHz/5 GHz, 398
ARP, 651 –654
DHCP, 144 –145
Ethernet specifications, 99 –106, 103 –104
FHRPs, 320
flood guard, 373
forward/filter decisions, 351 –353
HSRP, 322 –323, 323
IP routing, 284
IPv6, 226 , 226
neighbor discovery, 328
port security, 372
switches, 132
troubleshooting, 757
VLANs, 364
MAC forward/filter tables for switches, 349 –350, 349 –350
MAC (Media Access Control)
Data Link layer, 43 , 43
filters, 443
wireless networks, 426 –427
Mac operating system viruses, 498
macro viruses, 498
magnetic fields, 803
magnetic flux, 75
mail exchanger (MX) records, 150
mail relay security policies, 521
mail scanning services, 561
mail servers
description,
security policies, 520 , 521
main distribution frames (MDFs), 82 , 825 –826, 826
mainframes,
maintenance accounts, 461
maintenance window in change management, 834
malicious employees, 500
malicious users, 501 –502
malware, 497 . See also viruses
man-in-the-middle attacks, 509 , 509
managed switches, 370
management
changes. See change management
documentation
asset management, 794
IP address utilization, 795
logical network diagrams, 793 , 794
physical network diagrams, 790 –793, 791 –793
schematics and diagrams overview, 786 –787
SNMP, 785 –786
vendors, 795
wiring schematics, 787 –790, 787 , 789 –790
exam essentials, 835 –836
network monitoring. See network monitoring
overview, 784
review questions, 837 –840
subnets for, 239
summary, 834 –835
written lab, 836
Management Frame Protection (MFP), 424
Management Information Bases (MIBs), 704
mantraps, 574 –575, 575
manual IPv6 tunneling, 330
masks, subnet
route command, 661 –662
subnets, 240 –241
troubleshooting, 757
variable length, 309 –312, 309 –311
master hosts in CARP, 816
master license agreements (MLAs), 799
Materials Safety Data Sheets (MSDSs), 803
maximum transmission units (MTUs), 756 , 768
MD5 Message-Digest Algorithm, 473 –474
MDFs (main distribution frames), 82 , 825 –826, 826
mean time between failures (MTBF), 581
mean time to repair (MTTR), 581
mechanical transfer registered jacks (MT-RJs), 68
media. See physical media ; transmission media
Media Access Control (MAC)
Data Link layer, 43 , 43
filters, 443
wireless networks, 426 –427
media converters
Media Gateway Control Protocol (MGCP), 183
Media Independent Interface (MII), 107
medianets, 806
medium dependent interface/medium dependent interface crossover (MDI/MDI-X) port settings, 741
meet-in-the-middle attacks, 452
megabytes (MB), 601
memberships in VLANs, 363
memoranda of understanding (MOU), 799
mesh topologies, 15 –16, 15
Message Analyzer packet sniffer, 693
Message Integrity Check (MIC), 424
meters, 718 –719, 719
metrics
Network layer, 41
network monitoring, 721
route command, 662
metropolitan-area Ethernet, 611
MFP (Management Frame Protection), 424
MGCP (Media Gateway Control Protocol), 183
MIBs (Management Information Bases), 704
Michelangelo virus, 498
Microsoft Challenge Handshake Authentication Protocol (MS-CHAP), 455 , 474
microwave radio relay, 605 –606
migrating to IPv6 addresses, 227 –228
MII (Media Independent Interface), 107
.mil domain, 148
Mills, David, 184
MILNET, 178
MIMO (multiple-input, multiple-output)
2.4 GHz/5 GHz, 398 –399
5 GHz, 399
minimum length of passwords, 462
Miredo tunneling, 229
misconfiguration issues, 510 –511
mismatches
cables, 743 –744
wireless network channels, 746
missing routes, troubleshooting, 767
misuse-detection IDSs (MD-IDSs), 566 , 567
MLAs (master license agreements), 799
MLSs (multilayer switches), 147
mobile devices, on-boarding and off-boarding, 796
mobile hot spots, 409 –410, 409
mobility, IPv6 addresses for, 221
modems
modulation
OSI model, 46 –47
wide area networks, 601
modules, troubleshooting, 768
molniya satellite orbits, 606
monitor security policies, 520
monitoring
Monkey B virus, 498
monlist command, 492
motion detection, 531
MOU (memoranda of understanding), 799
MPLS (MultiProtocol Label Switching)
description, ,
wide area networks, 623
MS-CHAP (Microsoft Challenge Handshake Authentication Protocol), 455 , 474
MSDSs (Materials Safety Data Sheets), 803 –804
MT-RJs (mechanical transfer registered jacks), 68
MTBF (mean time between failures), 581
Mtr command, 657 –658
MTTR (mean time to repair), 581
MTUs (maximum transmission units), 756 , 768
multicast addresses, 219 –220
multicasts
IPv6 addresses, 224
real-time services, 810
multifactor authentication, 467
multilayer switches (MLSs), 147
multilink in Link Control Protocol, 619
multimeters, 718 –719, 719
multimode fiber (MMF), 65
multimode fiber to Ethernet media converters, 69 , 70
multipartite viruses, 498 –499, 499
multiple approaches in troubleshooting, 761 –762
multiple barrier systems, 574 , 574
multiple floors in site surveys, 421 , 421
multiple-input, multiple-output (MIMO)
2.4 GHz/5 GHz, 398 –399
5 GHz, 399
multiple problems, troubleshooting, 754
MultiProtocol Label Switching (MPLS)
description, ,
wide area networks, 623
MX (mail exchanger) records, 150
My traceroute command, 657 –658
N
NaaS (network as a service), 821
NAC (Network Access Control), 472 –473, 475 –476, 796 –797
NAC (Network Admission Control), 796
name resolution
names
conventions, 832
maintenance accounts, 461
NAT, 269 –270
NAS (network-attached storage), 823 , 823
NAT. See Network Address Translation (NAT)
National Fire Protection Association (NFPA), 58
National Security Agency (NSA), 451 , 518
native hypervisors, 819
nbtstat utility, 663 , 663
-A switch, 665
-a switch, 663 –665, 664
-c switch, 665 –666, 666
-n switch, 666 , 666
-R switch, 667
-r switch, 666 –667, 667
-S switch, 668 , 668
-s switch, 668 , 668
NCP (Network Control Protocol)
PPP, 618 –620, 618
TCP/IP replacement for, 177
NDAs (nondisclosure agreement), 798
near-end/far-end crosstalk, 62 , 742
near-field communication (NFC), 411 –412
neighbor discovery
neighbor solicitation messages, 328 , 328
neighbor tables
EIGRP, 313
link state routing protocols, 316
Nessus scanners, 570 , 585 , 585
.net domain, 148
netstat utility, 669 –671
-a switch, 670 –672, 671
-e switch, 672 –673
-n switch, 675 –676
-p switch, 673 –674
-r switch, 673
-s switch, 673
NetWare servers, 344
Network Access Control (NAC), 472 –473, 475 –476, 796 –797
Network Access layer in DoD model, 178
Network Access Protection, 797
Network Address Translation (NAT)
advantages and disadvantages, 269
firewalls, 557
names, 269 –270
operation, 270 –272, 270 –271
overview, 268 –269, 268
private IP addresses, 216
types, 269
wireless access points, 402
network addresses
Class A, 213 –214
Class B, 214 –215
Class C, 215 –216
Class D and E, 216 , 219 –220
classes overview, 212 –213, 212
defined, 211
Network layer, 40
special purposes, 216
subnets. See subnets
Network Admission Control (NAC), 796
network as a service (NaaS), 821
network-attached storage (NAS), 823 , 823
network-based firewalls, 548
network-based IDSs (NIDSs), 567 –569, 567 –569
Network Basic Input/Output System (NetBIOS), 185 , 663
network closets, 575
Network Control Protocol (NCP)
PPP, 618 –620, 618
TCP/IP replacement for, 177
network controllers, 472
network interface cards (NICs)
overview, 129 –130, 129
virtual networking, 820 , 820
wireless networks
configuration, 413 –415, 414
overview, 402 –403, 402
network interface devices (NIDs), 84
network interface units (NIUs), 84 , 597
Network layer
firewalls, 559 –560
OSI model, 40 –42, 41 –42
network management stations (NMSs), 704
Network Mapper (Nmap) utility
Network Monitor tool, 637
network monitoring, 703 –704
baselines, 795 –796
exam essentials, 835 –836
mobile devices, 796
Network Admission Control, 796 –797
network segmentation, 805 –808
policies and procedures, 797 –799
regulations, 799 –801
review questions, 837 –840
safety practices, 801 -805, 801, 803
server logs, 709 –710, 710
SIEM, 707 –708
SNMP, 704 –705, 704
summary, 834 –835
syslog, 705 –707, 705
utilization, 710 –711, 711 –712
written lab, 836
network monitors, 693 –695, 694
Network Policy and Access Services (NPAS), 475
network reconnaissance, 508
network scanners, 693
bandwidth speed testers, 701 –702
IDP software, 695 –696, 696
packet sniffers, 693 –695, 694
port scanners, 697 –699, 698 –699
Wi-Fi analyzers, 700 –701, 700 –701
network segments, 20 –21, 21
implementing, 805 –808
Protocol Data Units, 198
SOHO networks, 160
troubleshooting, 740
User Datagram Protocol, 190 , 190
Network Time Protocol (NTP)
process/application layer, 184
refection attacks, 492
network traffic, subnets for, 239
networking devices
access points, 138 , 138
analog modems, 156 –157, 156
bridges, 131 , 131
common, 128 –129
contention methods, 139 –141
DHCP servers, 141 –146, 142 –146
DNS servers, 148 –154, 149 –153
encryption, 155 –156, 155 –156
exam questions, 169 –170
firewalls, 136 –137, 137
hardening, 376
host-based IDSs, 137
hubs, 130 –131, 130
IDS/IPS, 137
internetwork, 39 –40
IP address management tools, 146
keys, 528
load balancers, 147
media converters, 158 , 158
multilayer switches, 147
network interface cards, 129 –130, 129
NGFW/Layer firewalls, 159
packet shapers, 157 , 157
placement optimization, 827 –832, 828 –830
proxy servers, 154 –155, 154
review questions, 171 –174
routers, 132 –136, 133
saturation in wireless networks, 745
SOHO networks. See SOHO networks
summary, 169
switches, 131 –132, 132
unified communications, 813
VoIP endpoints, 158
VoIP PBX, 158
VPN concentrators, 157 , 157
wireless range extenders, 138
written lab, 170
networks overview
architecture, –10
client-server, 11 , 11
peer-to-peer, 10 , 10
backbones, 20 , 21
campus area networks, 21
components
hosts,
servers, –7,
workstations,
exam essentials, 22
LANs, –5, –4
network description, –3,
review questions, 23 –26
segments. See network segments
storage area networks, 21
summary, 21 –22
topologies
wide area networks, –9, –9
written lab, 22
next-generation firewalls (NGFWs), 159 , 560
next-hop attributes in OSPFv3, 334
NEXT (near-end crosstalk), 62 , 742
NFC (near-field communication), 411 –412
NGFWs (next-generation firewalls), 159 , 560
nibbles, 100
NIC Teaming, troubleshooting, 769
NICs. See network interface cards (NICs)
NIDSs (network-based IDSs), 567 –569, 567 –569
Nimda virus, 497
Nmap utility
no shutdown command, 136
noise immunity in cables, 74 –75
non-unicast statistic in netstat, 672
nonces
nondisclosure agreement (NDAs), 798
nonpersistent agents in NAC, 475 –476
notifications
change management, 833 –834
NIDSs, 568
security policies, 519
SIEM, 708
Novell networks, 344
NPAS (Network Policy and Access Services), 475
NS records, 151
NSA (National Security Agency), 451 , 518
nslookup utility, 654 –656
NTP (Network Time Protocol)
process/application layer, 184
refection attacks, 492
O
obvious causes, troubleshooting, 754 –762, 758 –761
octets, 100 , 210
OFDM (Orthogonal Frequency Division Multiplexing), 396
off-boarding mobile devices, 796
off site virtual networking, 817
omni directional antennas, 403 –404
on-access scans, 536
on-boarding mobile devices, 796
on-demand scans, 535 –536
on site virtual networking, 817
100Basex networks, 107 –109
110 blocks, 83 , 83
1000BaseT wiring, 79 , 80
1000Basex networks, 108 , 110
one-to-many addresses in IPv6, 224
open access, 426
open impedance cable mismatches, 743
open ports
description, 500 –501
misconfigured, 511
Open Shortest Path First (OSPF) protocol, 316 –318, 318 , 767
Open Systems Interconnection (OSI) model
acknowledgments, 38 –39, 39
Application layer, 32
connection-oriented communication, 34 –35, 34
Data Link layer, 42 –45, 43
encapsulation, 45 –46
exam essentials, 48
flow control, 35 –37, 36
internetworking models overview, 28 –30
layers overview, 30 –32, 30 –31
modulation, 46 –47
Network layer, 40 –42, 41 –42
Physical layer, 45
Presentation layer, 33
review questions, 50 –53
Session layer, 33
summary, 47
Transport layer, 33 –40, 34 , 36 , 38 –39
windowing, 37 , 38
written lab, 48 –49
operating modes for access points, 415
operating systems, unpatched, 511
operator errors (OEs), 738
optical carrier (OC) levels in SONET, 603
optical line termination (OLT) in PONs, 605
optical network units (ONUs) in PONs, 605
optical time-domain reflectometers (OTDRs), 717 –718, 718
optimization
archives and backups, 815 –816
benefits, 808 –809
cable management, 826
caching engines, 815
CARP, 816 –817
change management, 832 –834
Class of Service, 812 –813
device placement, 827 –832, 828 –830
exam essentials, 835 –836
fault tolerance, 815
high availability, 814 –815
high-bandwidth applications, 809 –810
labeling, 831 –832
latency, 809
load balancing, 814
power management, 826 –827
Quality of Service, 811 –812
real-time services, 810
review questions, 837 –840
subnets for, 239
summary, 834 –835
traffic shaping, 813 –814
unified communications, 813
uptime, 811
virtual networking, 817 –825, 818 –820 , 822 –823
written lab, 836
.org domain, 148
organizational unit (OU) attributes, 466
organizationally unique identifiers (OUIs), 103
Orthogonal Frequency Division Multiplexing (OFDM), 396
OSI model. See Open Systems Interconnection (OSI) model
OSPF (Open Shortest Path First) protocol, 316 –318, 318 , 767
OSPFv3, 333 –334
OTDRs (optical time-domain reflectometers), 717 –718, 718
out-of-band management, 457 –458
out-of-band switches, 370
out-of-order delivery in Quality of Service, 812
outbound access control lists, 551
output chains in iptables, 646
output queues in wide area networks, 626
outside addresses in NAT, 270
overcapacity in wireless networks, 747 –748
overflow, buffer, 503
overhead in connection-oriented communication, 34
overlapping channels in wireless networks, 746
overloading NAT, 269 , 271
overvoltage thresholds, 724
overwriting media, 530
P
PaaS (platform as a service), 824
packet filtering in firewalls, 555 –556, 556 , 558 –559
packet sniffers, 502 , 502 , 508 , 693 –695, 694
packet switching
Frame Relay, 615
routers, 161
wide area networks, 600
packets
abuse, 493 , 493
IP routing, 283 –288, 285
man-in-the-middle attacks, 509 , 509
Protocol Data Units, 199 –201
Quality of Service, 811
shapers, 157 , 157
PAgP (Port Aggregation Protocol), 375 –376
PANs (personal area networks), 605
PAP (Password Authentication Protocol)
CHAP replacement for, 474
credentials transmission, 501
PPP, 620
paper documentation, 786
Parameter Request List option in DHCP, 144 , 144
partial mesh topologies, 16
passive attacks, 424 –426
passive detection, 513
passive infrared (PIR) motion detection systems, 531
Passive Optical Networks (PONs), 605
Password Authentication Protocol (PAP)
CHAP replacement for, 474
credentials transmission, 501
PPP, 620
passwords
access points, 415
automatic account lockouts, 464
brute force attacks, 494
expiration and histories, 465
FTP, 679
minimum length, 462
policies, 520 , 798
security issues, 496
single sign-on, 465 –466
special characters, 463 –464
strong, 461 –462
wireless networks, 430 , 746
PAT (Port Address Translation), 269 , 271 , 271
patch cables, 788
patch panel labeling, 832
patches and upgrades
device keys, 528
downloading, 527
drivers, 527 –528
file hashing, 528
firmware, 527
issues, 796
overview, 525 –526
security policies, 521
upgrading vs. downgrading, 528 –529
Windows Update, 526 –527, 526
pathping tool, 641 , 657 –658
payload protocols in tunneling, 444
Payment Card Industry Data Security Standard (PCI DSS), 808
PBX (private branch exchange)
virtual networking, 821
VoIP PBX, 158
PCP (Priority Code Point), 812
PDSL (Power Line Digital Subscriber Line), 112 –113, 112 –113
PDUs (Protocol Data Units)
PEAP (Protected Extensible Authentication Protocol), 432
peer-to-peer networks, 10 , 10
penetration
performance optimization. See optimization
permanent denial of service attacks, 489
permanent virtual circuits (PVCs), 617
persistent agents in NAC, 475 –476
personal area networks (PANs), 605
PGP (Pretty Good Privacy), 451 , 454 –455, 454
phishing, 511 –512
photoelectric motion detectors, 531
physical attacks, 489
physical carrier sense in CSMA/CA, 139
physical conditions, troubleshooting, 772
physical destruction of media, 530
Physical layer
Ethernet specifications, 106 –111, 106
hubs, 167 –168, 168
OSI model, 45
physical media, 57
cable properties, 73 –75
coaxial cable, 58 –60, 58 –59
Ethernet cable, 60
exam essentials, 85
fiber-optic cable, 64 –69, 66 –69
media converters, 69 –70, 69 –71
review questions, 87 –90
serial cables, 71 –72, 72 –73
summary, 84 –85
twisted-pair cable, 60 –64, 63 –64
wiring standards. See wiring standards
written lab, 85 –86
physical network diagrams, 790 –793, 791 –793
physical security
barriers, 573 –574, 574
door access controls, 576 –577
exam essentials, 587 –588
firewalls. See firewalls
hardware and software devices, 545 –546, 546
intrusion detection systems, 566 –571, 569 –570
logical security configurations, 577 –578, 577 –578
mantraps, 574 –575, 575
network closets, 575
overview, 545 , 572 –573
review questions, 589 –592
risk-related concepts. See risk-related concepts
security zones, 574
summary, 586 –587
video monitoring, 576
VPN concentrators, 571 –572, 571
written lab, 588
physical topologies, 11 –12
bus, 12 –13, 12
hybrid, 18 , 18
mesh, 15 –16, 15
point-to-multipoint, 17 –18, 17 –18
point-to-point, 16 –17, 17
ring, 14 , 15
star, 13 –14, 13
PIDSs (protocol-based IDSs), 137 , 569
Ping of Death attacks, 486
ping utility
ICMP, 195
IP address troubleshooting, 261 –262
working with, 647 –650
pinouts for cables, 741
PIR (passive infrared) motion detection systems, 531
PKI (Public Key Infrastructure), 431 –432, 468 –469, 468 –469
plain old telephone service (POTS), 61 , 598
planned downtime, 814
platform as a service (PaaS), 824
PLCs (programmable logic controllers), 806
PLCSC (Power Line Communication Standards Committee), 111 –113, 112 –113
plenum, 58
plugs, loopback, 714 , 714
point-to-multipoint antennas, 403
point-to-multipoint topologies, 17 –18, 17 –18
point-to-point antennas, 403
point-to-point connections, 599 –600
point-to-point links in star topologies, 14
Point-to-Point Protocol (PPP)
authentication, 620 –621
Link Control Protocol, 618 –619
overview, 618 –619, 618
remote access, 456
session establishment, 620 , 620
wide area networks, 600
Point-to-Point Protocol over Ethernet (PPPoE), 456 –457
point-to-point topologies, 16 –17, 17
Point-to-Point Tunneling Protocol (PPTP), 447 –448
pointer (PTR) records, 149
points of presence (POPs), 598
policies and procedures
access control lists, 524
asset disposal, 530
asset tracking tags, 531 –532
audits, 517
breaking, 522
clean-desk, 518
common, 519 –522
detection, 531 –532
exit interviews, 523
file integrity monitoring, 524
implementing, 522 –523
international export controls, 519
licensing restrictions, 519
overview, 516 –517, 796 –797
patches and upgrades, 525 –529, 526
policies, 797 –798
privileged user accounts, 524
procedures, 798 –799
recording equipment, 518 –519
role separation, 524
standard business documents, 799
tamper detection, 532 , 532
training, 524 –525
wide area networks, 629
polyvinyl chloride (PVC) cable covering, 58
PONs (Passive Optical Networks), 605
POPs (points of presence), 598
popularity of broadband services, 607
Port Address Translation (PAT), 269 , 271 , 271
Port Aggregation Protocol (PAgP), 375 –376
port bonding in VTP, 375 –376, 375
port channeling in VTP, 376
port mirroring in switches, 379 –380, 379 –380
port numbers
port protection in switches, 372 –374, 372
port states in STP, 355 –356
port sweeping, 697
ports
cables, 742
filters, 443
firewalls, 551
labeling, 831
misconfigured, 511
open, 500 –501
redirection attacks, 508
routers, 135
scanners, 508 , 697 –699, 698 –699
troubleshooting, 755 , 760 , 760
VLANs, 364 –365
positive acknowledgment with retransmission, 38
.post domain, 148
Post Office Protocol (POP)
description, 181
scanning services, 561
postdeployment site surveys, 418
posture assessment in NAC, 475
potential impact factors in change management, 833
POTS (plain old telephone service), 61 , 598
power and power management
optimization, 826 –827
risk mitigation, 579
troubleshooting, 769
voltage event recorders, 723 –724
wireless networks, 747
power converters, 827
power injectors, 377 –378, 378
Power Line Communication Standards Committee (PLCSC), 111 –113, 112 –113
Power Line Digital Subscriber Line (PDSL), 112 –113, 112 –113
Power over Ethernet (PoE and PoE+) technology, 376 –379, 377 –378
power switches, checking, 737 –738
powers of , 240
PPP. See Point-to-Point Protocol (PPP)
PPPoE (Point-to-Point Protocol over Ethernet), 456 –457
PPTP (Point-to-Point Tunneling Protocol), 447 –448
Pre-Shared Key, 430 –431, 431
preaction fire-suppression systems, 805
Preamble field in Ethernet frames, 105
predeployment site surveys, 418
prefix information in router advertisements, 327
prefix routing in RIP, 308
presence in real-time services, 810
Presentation layer in OSI model, 33
Pretty Good Privacy (PGP), 451 , 454 –455, 454
preventative measures, 769
Primary Rate Interface (PRI), 613
principle of least privilege, 502
print option in route command, 661
print servers,
priorities in troubleshooting, 771
Priority Code Point (PCP), 812
private branch exchange (PBX)
virtual networking, 821
VoIP PBX, 158
private clouds
description, 823
virtual networking, 817
private domains in SIP trunks, 622
private IP addresses, 216 –217
private networks in network segmentation, 807
private side firewalls, 136
privileged user accounts, 524
privileged user agreements, 798
proactive defense, 513 –514
probable causes, troubleshooting, 754 –762, 758 –761
probes, 720 –721, 720
problem identification
networks, 750 –754, 752 –753
troubleshooting, 734 –738
procedures. See policies and procedures
process/application layer protocols
DHCP and BootP, 186 –188
DNS, 185 –186
DoD model, 178
FTP, 180
H.323, 183
HTTP, 184
HTTPS, 184
IGMP, 185
IMAP, 182
LDAP, 184 –185
MGCP, 183
NetBIOS, 185
NTP, 184
POP, 181
RDP, 182
RTP, 183
SFTP, 180
SIP, 182
SMB, 185
SMTP, 181
SNMP, 183
SSH, 184
Telnet, 180
TFTP, 181
TLS and SSL, 182
processes, 796
programmable logic controllers (PLCs), 806
Project 802 , 44 –45
Protected Extensible Authentication Protocol (PEAP), 432
protocol analyzers, 637 –638, 637 , 715 –716
protocol-based IDSs (PIDSs), 137 , 569
Protocol Data Units (PDUs)
protocol switching in firewalls, 553 –555, 555
protocols
proximity readers, 576
proxy ARP, troubleshooting, 768
proxy cache servers for firewalls, 558
proxy servers
PSTNs (Public Switched Telephone Networks), 61 , 159 , 596 , 598 –599
public clouds
description, 823
virtual networking, 817
public domains in SIP trunks, 622
public-key encryption, 453 –455, 453 –454
Public Key Infrastructure (PKI), 431 –432, 468 –469, 468 –469
public networks in network segmentation, 807
public side firewalls, 136
Public Switched Telephone Networks (PSTNs), 61 , 159 , 596 , 598 –599
punch-down tools, 722 , 722
purging assets, 530
PVCs (permanent virtual circuits), 617
pwd command in File Transfer Protocol, 680
Q
Quad Small Form Factor (QSFF) tranceivers, 69
Quality of Service (QoS)
optimization, 811 –812
VLANs, 362 –363
quarantine networks, 476
queues in wide area networks, 626
R
rack-mounted switches, 789 , 790
racks
installation, 802
monitoring, 832
security, 832
systems and components, 828 –830, 829 –830
radio frequency identification (RFID), 412 , 427
radio frequency interference (RFI), 60 , 743
Radio Resource Management (RRM), 423
RADIUS. See Remote Authentication Dial In User Service (RADIUS)
RAID (Redundant Array of Independent Disks), 583 –584, 584 –585
random back-off algorithms
range comparisons in 802 .11 standards, 400 –401, 400
Rapid Spanning Tree Protocol (RSTP), 357 –358
RARP (Reverse Address Resolution Protocol), 197 , 197
RAS (Remote Access Services), 455 , 456
rate limiting in traffic shaping, 814
RDC (Remote Desktop Connection), 456
RDNs (relative distinguished names) in X.500, 466
RDP (Remote Desktop Protocol)
real-time services optimization, 810
Real-time Transport Protocol (RTP), 183
received signal strength indicator (RSSI), 420
recording equipment policies, 518 –519
recovery sites, 580
redirection port attacks, 508
reduced network traffic, subnets for, 239
redundancy
redundancy groups, 816
Redundant Array of Independent Disks (RAID), 583 –584, 584 –585
reference models
reflection in wireless networks, 748
reflective/amplified attacks, 491
refraction in wireless networks, 749
registered jack (RJ) connectors
diagrams, 787 , 787
Ethernet specifications, 106
overview, 62 –64, 63
regulations, 799 –801
relative distinguished names (RDNs) in X.500, 466
reliable data delivery in OSI model, 38 –39, 39
reliable networking, 33
Reliable Transport Protocol (RTP), 312
remanence, data, 530
remote access
console routers, 457
ICA, 457
out-of-band management, 457 , 458
overview, 455
PPP, 456
PPPoE, 456 –457
RAS, 455 , 456
RDP, 456
SSH, 457
VNC, 458
VPNs, 446
Remote Access Services (RAS), 455 , 456
Remote Authentication Dial In User Service (RADIUS)
AAA, 470
misconfiguration, 495 –496
PPPoE, 457
VPN concentrators, 571
wireless networks, 427 –428, 428
Remote Desktop Connection (RDC), 456
Remote Desktop Protocol (RDP)
Remote Frame Buffer (RFB) protocol, 458
Remote SPAN, 379 –380, 379 –380
remote terminal units (RTUS), 806
repeaters, 597
replay attacks, 429
reports in forensics, 516
Request to Send, Clear to Send (RTS/CTS), 395
requests in change management, 833
reserved IP addresses, 214 , 216
resolution plans, troubleshooting, 764 –766, 765
retina scans, 576
Reverse Address Resolution Protocol (RARP), 197 , 197
reverse lookup zones in DNS servers, 151
RF emanation, 501
RFB (Remote Frame Buffer) protocol, 458
RFI (radio frequency interference), 60 , 743
RG-58 cable, 58
rights, checking, 735 –736
Rijndael standard, 453
ring topologies, 14 , 15
RIP (Routing Information Protocol)
vs. OSPF, 316 –318
overview, 308 –309
routing loops, 767
RIP Version (RIPv2), 308 –309
RIPng, 333
risk-related concepts
battery backups, 582
business continuity, 579 –580
critical assets, 583
critical nodes, 583
disaster recovery, 579
end user awareness and training, 582 –583
MTBF, 581
mTTR, 581
penetration testing, 586
power management, 579
recovery sites, 580
redundancy, 583 –584, 584 –585
service level agreements, 581
single points of failure, 583
snapshots, 581
standards and policies, 585
vulnerability scanning, 585 , 585
Rivest, Ron, 474
Rivest, Shamir, and Adleman (RSA) encryption
description, 454
Secure Shell protocol, 446
VPN concentrators, 571
RJ (registered jack) connectors
diagrams, 787 , 787
Ethernet specifications, 106
overview, 62 –64, 63
rogue access points, 422 , 505
rogue DHCP servers, 758 –759, 758
role separation, 524
rollback process for change management, 833
rolled cable, 80 , 80
Root Guard, 374 –375
rootkits, 507
round-robin load balancing, 306
route aggregation, 312
route command
examples, 662
options, 661 –662
overview, 659 –660
route redistribution in EIGRP, 314
route-update packets in Network layer, 40 , 41
routed firewalls, 563 , 563
routed protocols, 40
router advertisements (RAs) in IPv6 addresses, 326 –327, 327 –328
router solicitation (RS) requests, 327
routers
access control lists, 442 , 442
description, , ,
HSRP, 321 , 322
Network layer, 40 –42, 41 –42
overview, 132 –136, 133
remote access, 457
SOHO networks, 160 –166, 161 , 163 –165
virtual networking, 820
wide area networks, 628 –629
routes, troubleshooting, 767
routing. See IP routing
routing by rumor, 306
Routing Information Base (RIB), 315
Routing Information Protocol (RIP)
vs. OSPF, 316 –318
overview, 308 –309
routing loops, 767
routing loops, 767
routing problems, 767 –768
routing protocols
administrative distances, 303 –305
basics, 302 , 303
classes, 305 –306
description, 280
distance vector, 306 –315, 306 –307 , 309 –311 , 313 –314
enabling, 304
exam essentials, 334
high availability, 319 –326, 320 , 322 –324
IPv6. See IPv6 addresses
link state, 315 –319, 318 –319
review questions, 336 –339
summary, 334
written lab, 335
routing tables
description, 281
distance vector routing protocols, 307 , 307
EIGRP, 312 , 313
IP routing, 285
routers, 161 –162
RS-232 cable, 72 , 72
RSA (Rivest, Shamir, and Adleman) encryption
description, 454
Secure Shell protocol, 446
VPN concentrators, 571
RSSI (received signal strength indicator), 420
RSTP (Rapid Spanning Tree Protocol), 357 –358
RTP (Real-time Transport Protocol), 183
RTP (Reliable Transport Protocol), 312
RTS/CTS (Request to Send, Clear to Send), 395
RTUS (remote terminal units), 806
.ru domain, 148
running-config command, 134
running services, unnecessary, 500
S
S-HTTP (Secure Hypertext Transfer Protocol), 472
SaaS (software as a service), 821 , 824
safety practices, 801
electrical, 801 –802, 801
emergency procedures, 804 –805
heating and air-conditioning systems, 805
installation, 802 –804, 803
SANs (storage area networks)
description, 21
virtual networking, 821 –823, 822 –823
Sarbanes-Oxley Act (SOX), 800
SATAN (Security Administrator Tool for Analyzing Networks), 513
satellite communications, 606 , 606
SCADA (Supervisory Control and Data Acquisition), 806
scanners
scanning services in firewalls, 561 –566, 563 –565
scans for viruses, 535 –536
schematics and diagrams
logical network diagrams, 793 , 794
overview, 786 –787
physical network diagrams, 790 –793, 791 –793
wiring schematics, 787 –790, 787 , 789
scope options in DHCP servers, 142 , 143
SDH (Synchronous Digital Hierarchy), 603
SDN (software-defined networking), 821
SDSL (Symmetric Digital Subscriber Line), 609
second generation cellular (2G), 612
Secure File Transfer Protocol (SFTP), 180
Secure Hash Algorithm (SHA), 475
Secure Hypertext Transfer Protocol (S-HTTP), 472
Secure Shell (SSH) protocol
certificate troubleshooting, 759 , 759
credentials transmission, 501
process/application layer, 184
remote access, 457
vs. Telnet, 683
Secure Sockets Layer (SSL)
description, 182
overview, 446 –447, 447
VPN concentrators, 571
securing the area in forensics, 515
security
audits, 463 , 517
authentication. See authentication and access control
broadband services, 607
cables, 74 –75
logs, 709
network segmentation, 808
physical. See physical security
policies and procedures. See policies and procedures
racks, 832
threats. See threats and mitigation
virtual networking, 824 –825
VLAN Trunking Protocol, 372 –374, 372 , 374
wireless networks, 746
ad hoc networks, 423
denial of service, 423 –424
open access, 426
overview, 422
passive attacks, 424 –426
Pre-Shared Key, 430 –431, 431
RADIUS, 428 –429, 428
rogue access points, 422
TKIP, 428 –429
WEP, 426 –427
Security Administrator Tool for Analyzing Networks (SATAN), 513
security filtering, 441
security information and event management (SIEM), 707 –708
security zones, 574
segmentation. See network segments
selecting topologies, 19 –20
sensors in SCADA, 806
serial cables, 71 –72, 72 –73
server based anti-malware software, 533
Server Message Block (SMB), 185
server rail racks, 828
servers
logs, 709 –710, 710
overview, –7,
problems, 739 –740
Teredo, 332
virtual networking, 818 –819, 818
VLAN Trunking Protocol, 369
service-level agreements (SLAs), 581 , 800
service packs, 527
service set identifiers (SSIDs)
access points, 415 , 417
basic service sets, 406 –407
war driving, 504
wireless networks, 426 –427, 746 –747
services
troubleshooting, 760 –761, 761
unified communications, 813
session establishment in PPP, 620 , 620
session hijacking attacks, 494
Session Initiation Protocol (SIP)
process/application layer, 182
trunks, 621 –622, 622
video teleconferencing, 807
Session layer in OSI model, 33
session secrets in wireless networks, 429
severity levels in syslog, 705 –707
SFTP (Secure File Transfer Protocol), 180
SHA (Secure Hash Algorithm), 475
shared keys for access points, 415
shared secrets in CHAP, 473
shielded twisted-pair (STP) cable, 60
shortened IPv6 addresses, 223 –224
Shortest Path Bridging (SPB), 334
shortest path first protocols. See link state (LS) routing protocols
Shortest Path First (SPF) algorithm, 316
shorts in cables, 743
show controllers command, 626
show int command, 627
show ip arp command, 286
show ip route command, 282 , 285 , 629
show running-config command, 134
show spanning-tree command, 358
shunning in NIDSs, 568
side channel attacks, 453
sidejacking sessions, 494
SIEM (security information and event management), 707 –708
signal degradation in wireless networks, 410
signal strength in wireless networks, 747
signal-to-noise ratio (SNR) in wireless networks, 420 , 749
signaling channels in ISDN, 614
signature analysis, 576
signature identification in firewalls, 563
Simple Mail Transfer Protocol (SMTP)
description, 181
firewall proxies, 558
scanning services, 561
Simple Network Management Protocol (SNMP)
documentation, 785 –786
overview, 704 –705, 704
process/application layer, 183
simplex mode, 33
single-mode fiber (SMF), 65
single-mode fiber to Ethernet media converters, 69 , 69
single-mode to multimode fiber media converters, 70 –71, 70
single points of failure, 583
single sign-on, 465 –466
SIP (Session Initiation Protocol)
process/application layer, 182
trunks, 621 –622, 622
video teleconferencing, 807
site surveys for wireless networks
site-to-site VPNs, 446
6to4 tunneling, 228 –229, 229 , 329 –331
66 blocks, 83
SLAs (service-level agreements), 581 , 799
slash notation (/) for subnets, 241 –242
small form-factor pluggable (SFP), 744 , 768
small form factor (SFF) connectors, 68 –69, 68 –69
small stuff
checking, 735 –738
troubleshooting, 770
smart antennas, 398
smart intrusion detection systems, 566
smart jacks, 84 , 597
SmartDraw program, 791 –792, 792 –793
SmartGridCity pilot project, 112
SMB (Server Message Block), 185
SMTP (Simple Mail Transfer Protocol)
description, 181
firewall proxies, 558
scanning services, 561
Smurf attacks, 489 –490, 490
snapshots, 581
sniffers, 502 , 502 , 508
snips, 723 , 723
SNMP (Simple Network Management Protocol)
documentation, 785 –786
overview, 704 –705, 704
process/application layer, 183
snooping, DHCP, 372 –373
Snort utility, 697
SNR (signal-to-noise ratio) in wireless networks, 420 , 749
social engineering, 511 –512
software addresses in Internet Protocol, 193
software as a service (SaaS), 821 , 824
software-defined networking (SDN), 821
software problems vs. hardware, 738 –739
software tools
SOHO networks
Data Link layer, 166 –167, 166
environmental considerations, 168
Physical layer, 167 –168, 168
requirements, 159 –166
solution implementation in troubleshooting, 766 –769
SONET (Synchronous Optical Network), 603
Source Address (SA) field in Ethernet frames, 105
SOWs (statements of work), 799
SPAN (Switch Port Analyzer), 379 –380, 379 –380
spanning-tree algorithm (STA), 355
spanning-tree command, 358
Spanning Tree Protocol (STP)
spatial multiplexing, 399
SPB (Shortest Path Bridging), 334
special characters in passwords, 463 –464
special IP addresses, 225
spectrum analyzers, 719 , 719
speed
broadband services, 607
cables, 73 –74
ports, 135
troubleshooting, 755
wide area networks, 600 –601, 625
speed command for ports, 135
speed tests
SPF (Shortest Path First) algorithm, 316
split horizon, 627 –628
split MAC, 407
split mirror snapshots, 581
split pairs
cables, 743
wire-map testers, 715
splitters, 609
spoofing IP addresses, 494
SRV records, 151
SSH protocol. See Secure Shell (SSH) protocol
SSIDs. See service set identifiers (SSIDs)
SSL (Secure Sockets Layer)
description, 182
overview, 446 –447, 447
VPN concentrators, 571
STA (spanning-tree algorithm), 355
Stacheldraht attacks, 491
stand-alone APs, 408 , 408
standard access control lists, 550
standard business documents, 799
standards and policies
risk-related concepts, 585
wireless networks, 747
standby routers, 321 , 322
standby timers, 325
star topologies, 13 –14, 13
Start of Frame Delimiter (SOF)/Synch field in Ethernet frames, 105
state tables in dynamic packet filtering, 556
state transitions in Physical layer, 45
stateful firewalls, 559 –560
stateless autoconfiguration of IPv6 addresses, 226 –227, 226
stateless firewalls, 559 –560
statements of work (SOWs), 799
static, electrostatic discharge, 802
static ARP table entries, 651
static IP addressing, 187
static IP routing, 281 , 291 –293, 291 –293
static NAT (SNAT), 269 , 271
static VLANs, 363
status indicators, checking, 736 –737
Stealth Boot virus, 498
Stoned virus, 498
storage area networks (SANs)
description, 21
virtual networking, 821 –823, 822 –823
.store domain, 148
STP (shielded twisted-pair) cable, 60
STP protocol. See Spanning Tree Protocol (STP)
straight-through cable, 77 –78, 77
straight tip (ST) fiber-optic cable connectors, 66 , 66
Stuxnet virus, 806
subnets
basics, 238 –239
Class A addresses, 888 –893
Class B addresses, 253 –260
Class C addresses, 243 –253, 246 –247
Classless Inter-Domain Routing, 241 –243
creating, 239
exam essentials, 272 –273
masks
route command, 661 –662
subnets, 240 –241
troubleshooting, 757
variable length, 309 –312, 309 –311
review questions, 274 –278
summary, 272
written labs, 273
subscriber (SC) fiber-optic cable connectors, 66 , 66
successor routes in EIGRP, 313
super simple stuff
checking, 735 –738
troubleshooting, 770
Supervisory Control and Data Acquisition (SCADA), 806
supplicants in IEEE 802 .1X standard, 473
surge protectors, 724
SVCs (switched virtual circuits), 617
swipe mechanisms, 520
Switch Port Analyzer (SPAN), 379 –380, 379 –380
switch port protection in VTP, 372 –374, 372 , 374
switched virtual circuits (SVCs), 617
switches
address learning, 348 –350, 349 –350
benefits, 165
vs. bridges, 348
Data Link layer, 166 –167, 166
description,
distributed switching, 354 , 354
exam essentials, 381
forward/filter decisions, 351 –352, 351
history, 343 –346, 344 –346
IP addresses, 369 –371
limitations, 347 –348
loops
multilayer, 147
overview, 131 –132, 132
port mirroring, 379 –380, 379 –380
Power over Ethernet technology, 376 –379, 377 –378
PSTNs, 598
rack-mounted, 789 , 790
review questions, 383 –386
services, 346 –347, 347
SOHO networks, 160 , 160 , 163 –164, 164
STP, 354 –358, 355 , 357
summary, 380 –381
virtual networking, 819
VLANs, 360 , 360
wireless networks, 748
written lab, 381 –382
Symmetric Digital Subscriber Line (SDSL), 609
symmetrical encryption keys, 452
symptoms in troubleshooting, 752 –754, 752 –753
SYN flood attacks, 490 –491, 491
Synchronous Digital Hierarchy (SDH), 603
Synchronous Optical Network (SONET), 603
syslog servers, 705 –707, 705
system labeling, 831
system life cycle, 798
system logs, 709
T
T-series connections, 601 –603
T1 connections
crossover cable, 80 –81, 81
overview, 602
T3 connections, 603
T568A vs. T568B wiring standards, 75 –77, 76
TACACS+ (Terminal Access Controller Access-Control System Plus) protocol
tamper detection, 532 , 532
tapping cables, 74
target tests, 586
TCP. See Transmission Control Protocol (TCP)
TCP/IP. See Transmission Control Protocol/Internet Protocol (TCP/IP)
tcpdump utility, 676 –677
TDM (time-division multiplexing)
TDMA (Time-Division Multiple Access), 393
TDRs (time-domain reflectometers), 717
Teflon cable covering, 58
teleconferencing, 806 –807
telemetry systems in SCADA, 806
telephony servers,
Telnet utility
clear text, 501
enabling, 682 –683
limitations, 683
overview, 682 , 682
process/application layer, 180
temperature
environmental monitors, 724 –725
SOHO networks, 168
TEMPEST standards, 501
Temporal Key Integrity Protocol (TKIP), 428 –429
10Base2, 58
10Basex networks, 107 , 109 –110
10GBasex networks, 108 –109
Tequila virus, 499
Teredo relay, 332
Teredo tunneling, 229 , 331 –332
Terminal Access Controller Access-Control System Plus (TACACS+) protocol
terminal adapters (TAs) in ISDN, 614
Terminal Services Client (TSC), 456
terminal windows in Remote Desktop Protocol, 456
terminating sessions in NIDSs, 568
testing
network segmentation, 807
penetration, 586
security policies, 520
troubleshooting theories, 762 –764, 762 –764
TFN (Tribal Flood Network) techniques, 491
TFTP (Trivial File Transfer Protocol), 181
thick AP, 407
thicknet, 59
thin AP, 407
thin computing, 821
thin Ethernet, 58 –59, 58
thin protocols, 189
third-party DNS, 153 –154
thrashing MAC tables, 353
threats and mitigation, 485
active detection, 513
anti-malware software, 532 –536
ARP cache poisoning, 492 –493
attackers and tools, 506 –510, 509
authentication issues, 495 –496
brute force attacks, 494
denial of service attacks, 486
distributed DoS attacks, 487 –489, 488
DNS amplification attacks, 491 –492, 492
exam essentials, 537
forensic concepts, 514 –516
incident response, 514
insider threats, 500
misconfiguration issues, 510 –511
NTP refection attacks, 492
packet/protocol abuse, 493 , 493
passive detection, 513
physical attacks, 489
Ping of Death attacks, 486
policies and procedures. See policies and procedures
proactive defense, 513 –514
recognizing, 485 –486
reflective/amplified attacks, 491
review questions, 539 –542
session hijacking attacks, 494
Smurf attacks, 489 –490, 490
social engineering, 511 –512
spoofing, 494
Stacheldraht attacks, 491
summary, 537
SYN flood, 490 –491, 491
unreachable gateways, 486 –487, 487
viruses, 496 –499, 496 , 499
VLAN hopping, 494 –495, 495
vulnerabilities, 500 –506, 502
wireless networks, 422 –426
wireless threats, 503 –506
written lab, 537 –538
three-way handshakes, 188
throttling in traffic shaping, 814
throughput testers, 638 –639, 638
Time-Division Multiple Access (TDMA), 393
time-division multiplexing (TDM)
time-domain reflectometers (TDRs), 717
time issues with certificates, 759
Time to Live (TTL) periods
DHCP servers, 143
DNS poisoning, 503
time-outs, 640
timers
TKIP (Temporal Key Integrity Protocol), 428 –429
TLS (Transport Layer Security), 182 , 446
tokens for door access controls, 576
toll networks, 598
tone generators, 720 –721, 720
top-down troubleshooting approach, 761 –762
top-level domains, 148
topologies
topology tables
EIGRP, 312 –313, 313
link state routing protocols, 316
TPC (Transmit Power Control), 397 –398
traceroute tool
ICMP, 195
IP address troubleshooting, 263
working with, 640 –642
Tracert command, 263
tracking security policies, 520
traffic shaping, 813 –814
traffic spikes, 488 –489
training
end users, 582 –583
security, 524 –525
transceiver mismatch in cables, 742
transceivers for fiber-optic cable, 67 , 67
transients, voltage, 724
Transmission Control Protocol (TCP)
Transmission Control Protocol/Internet Protocol (TCP/IP)
transmission media
overview, 603
PONs, 605
WDM, 604 –605
wired connections, 603 –604
wireless technologies, 605 –607, 606
transmission speed of cables, 74
Transmit Power Control (TPC), 397 –398
transparent bridging in Data Link layer, 167
transparent mode in VLAN Trunking Protocol, 368 –369
Transport layer
acknowledgments, 38 –39, 39
connection-oriented communication, 34 –35, 34
flow control, 35 –37, 36
OSI model, 33 –34, 34 , 36 , 38 –39
port numbers, 200 –201, 200
windowing, 37 , 38
Transport Layer Security (TLS), 182 , 446
traps in SNMP, 785
.travel domain, 148
Tribal Flood Network (TFN) techniques, 491
Triple Data Encryption Standard (3DES), 452
Trivial File Transfer Protocol (TFTP), 181
Trojan horses, 499
troubleshooting
IP addresses
networks
cabling, 740 –745
documentation, 769 –770
exam essentials, 774
hardware vs. software, 738 –739
multiple approaches, 761 –762
overview, 734
probable causes, 754 –762, 758 –761
problem identification, 734 –738, 750 –754, 752 –753
resolution plans, 764 –766, 765
review questions, 776 –779
segments, 740
solution implementation, 766 –769
steps overview, 749
summary, 773
theory testing, 762 –764, 762 –764
tips, 770 –773
unbounded media, 745 –749
verify system functionality, 769
workstations vs. servers, 739 –740
written lab, 774 –775
tools
ARP, 650 –654
connectivity software, 639 –640, 639
exam essentials, 684 –685
FTP, 677 –682
Hosts table, 656 –657
ifconfig, 646
ipconfig, 642 –645, 645
iptables, 646 –647
Mtr, 657 –658
nbtstat, 663 –668, 663 –664 , 666 –668
netstat, 669 –676, 671
Nmap, 658 –659, 659
nslookup, 654 –656
overview, 636
ping, 647 –650
protocol analyzers, 637 –638, 637
review questions, 686 –689
route, 659 –662, 660
summary, 684
tcpdump, 676 –677
Telnet, 682 –683, 682
throughput testers, 638 –639, 638
traceroute, 640 –642
written lab, 685
wide area networks
company security policies, 629
DNS issues, 628
interface errors, 624 –627
Internet connectivity, 624 , 624
overview, 623 –624
router configurations, 628 –629
split horizon, 627 –628
trunk lines, 599
trunk ports in VLANs, 365 , 366
trust-exploitation attacks, 508 –509
trusted networks, 546
trusted users, threats from, 502
TSC (Terminal Services Client), 456
TTL (Time to Live) periods
DHCP servers, 143
DNS poisoning, 503
time-outs, 640
tunneling
6to4, 228 –229, 229 , 329 –331
DTLS, 447
GRE, 329 , 448 –449, 448
IP Security, 449 –450, 450
ISAKMP, 450
ISATAP, 331
L2TP, 447 –448
overview, 443 –444, 444
PPTP, 448
SSL and SSL VPNs, 446 –447, 447
Teredo, 331 –332
VPNs, 445 –446, 445
25-pair cable, 83
twisted-pair cable, 60 –64, 63 –64
two-factor authentication, 467
2.4 GHz standard, 395 –396, 395 –396
2.4 GHz/5 GHz standard, 398 –399
two-post racks, 828 , 829
TX/RX reverse in cables, 744
TXT (DKIM) records, 150
TXT (SPF) records, 150
Type field in Ethernet frames, 105
Type I hypervisors, 819 , 819
Type II hypervisors, 819 , 819
U
U-NII (Unlicensed National Information Infrastructure) band, 392 , 392
UDP. See User Datagram Protocol (UDP)
.uk domain, 148
ultra Physical Contact (UPC), 65 , 66
unbounded media, troubleshooting, 745 –749
unencrypted channels, 501
unicast packets statistic in netstat, 672
unicasts
IPv4 addresses, 219
IPv6 addresses, 224
real-time services, 810
unified communications (UC), 813
unified threat management (UTM), 570 –571
unified voice services, 472
unintentional distributed DoS attacks, 489
uninterruptible power supplies (UPSs), 582 , 827
unique local IP addresses, 224
Universal/Local (U/L) bit, 226
Universal Serial Bus (USB), 73 , 72 –73
unknown unicast flood blocking (UUFB), 373
unknown unicast flood rate-limiting (UUFRL), 373
Unlicensed National Information Infrastructure (U-NII) band, 392 , 392
unmanaged switches in VTP, 370
unnecessary running services, 500
unpatched firmware, 511
unpatched systems, 501
unplanned downtime, 814
unreachable gateways, 486 –487, 487
unreliable protocols, 190
unresponsive services, troubleshooting, 760 –761, 761
unshielded twisted-pair (UTP) cable
connections, 62 –64, 63
description, 60
Ethernet specifications, 106
untagged VLANs, 367
untested updates, 747
untrusted networks, 546
untrusted users, 502
UPC (ultra Physical Contact), 65 , 66
update packets in Network layer, 40 , 41
updates
anti-malware software, 534 –535
wireless networks, 747
uploading files, 681 –682
UPSs (uninterruptible power supplies), 582 , 827
uptime optimization, 811
USB (Universal Serial Bus), 72 –73, 73
user accounts, 458 –459
anonymous, 460
connection limitations, 460 –461
disabling, 459 –460
maintenance, 461
passwords. See passwords
privileged, 524
security policies, 520
User Datagram Protocol (UDP)
DNS servers, 152
Host-to-Host layer, 189 –190, 190
key concepts, 190 –191
port numbers, 191 –192, 191
usernames in FTP, 678 –679
users, malicious, 501 –502
utilization, monitoring, 710 –711, 711 –712
UTM (unified threat management), 570 –571
UTP Gigabit wiring, 79, 80
UTP (unshielded twisted-pair) cable
connections, 62 –64, 63
description, 60
Ethernet specifications, 106
UUFB (unknown unicast flood blocking), 373
UUFRL (unknown unicast flood rate-limiting), 373
V
variable length subnet masks (VLSMs)
distance vector routing protocols, 309 –312, 309 –311
subnets, 241
VDSL (Very High Bit-Rate Digital Subscriber Line), 609
vendors documentation, 795
video applications, 810
video monitoring, 576
video teleconferencing (VTC), 806 –807
Virtual Box, 819
virtual circuits
connection-oriented communication, 34
Frame Relay, 617
virtual IP addresses
virtual local area networks (VLANs)
access ports, 364 –365
basics, 359 –362, 360 –361
dynamic, 364
hopping attacks, 494 –495, 495
identifying, 364 –367, 366 –367
memberships, 363
overview, 358 –359
quality of service, 362 –363
static, 363
troubleshooting, 756
VLAN trunking protocol. See VLAN Trunking Protocol (VTP)
virtual MAC addresses in HSRP, 322 –323, 323
virtual network cards (vNICs), 820 , 820
Virtual Network Computing (VNC), 458
virtual networking
cloud concepts, 823 –824
components, 818 –821, 818 –820
connectivity methods, 824
equipment, 825 –826, 826
overview, 817
security, 824 –825
on site vs. off site, 817
storage area networks, 821 –823, 822 –823
Virtual Private Cloud (VPC), 824
virtual private networks (VPNs)
concentrators, 157 , 157 , 571 –572, 571
DMVPN, 621 , 621
security, 445 –446, 445
SSL, 446 –447, 447
virtual networking connections, 824
Virtual Router Redundancy Protocol (VRRP), 325 –326
virtual routers, 321
virtual terminals, 370
virtual wire firewalls, 563 , 563
viruses
anti-malware software. See anti-malware software
boot-sector, 498
file, 497 –498
logic bombs, 497
macro, 498
malware, 497
multipartite, 498 –499, 499
overview, 496 –497, 496
ransomware, 497
signature identification, 563
troubleshooting, 773
zero-day attacks, 499
Visio program, 791
VLAN Management Policy Server (VMPS) service, 364
VLAN Trunking Protocol (VTP)
device hardening, 376
IP addresses, 369 –371
modes of operation, 368 –369, 369
overview, 367 –368
port bonding, 375 –376, 375
switch port protection, 372 –374, 372 , 374
VLANs. See virtual local area networks (VLANs)
VLSMs (variable length subnet masks)
distance vector routing protocols, 309 –312, 309 –311
subnets, 241
VMware remote console, 824
VMware Workstation, 819
VNC (Virtual Network Computing), 458
vNICs (virtual network cards), 820 , 820
voice access ports, 365
Voice over Internet Protocol (VoIP), 810
VoIP Gateway devices, 159
voltage event recorders, 723 –724
VPC (Virtual Private Cloud), 824
VPNs. See virtual private networks (VPNs)
VRRP (Virtual Router Redundancy Protocol), 325 –326
VTC (video teleconferencing), 806 –807
VTP. See VLAN Trunking Protocol (VTP)
vulnerabilities
buffer overflow, 503
DNS poisoning, 503
vs. exploits, 500
malicious users, 501 –502
open ports, 500 –501
RF emanation, 501
scanners, 570 , 585 , 585
unencrypted channels, 501
unnecessary running services, 500
unpatched systems, 501
wireless threats, 503 –506
W
walls in signal degradation, 410
WANs. See wide area networks (WANs)
WAPs (wireless access points). See access points (APs)
war chalking, 504
war driving, 425 , 504
warm sites, 580
wave motion detectors, 531
wavelength
Ethernet specifications, 97 –98, 97
fiber cable mismatches, 744
Wavelength Division Multiplexing (WDM), 604 –605
web proxy servers
description, 154 –155
firewalls, 557 –558
web scanning services, 561
web servers,
web services authentication, 472
WECA (Wireless Ethernet Compatibility Alliance), 430
well-known port numbers, 191 –192
WEP (Wired Equivalent Privacy)
access points, 415
cracking, 504
wireless networks, 426 –427
wet pipe fire-suppression systems, 805
Wi-Fi, description, 398 –399
Wi-Fi Alliance standards, 391 –393
Wi-Fi analyzers, 700 –701, 700 –701
Wi-Fi Protected Access (WPA)
access points, 415
cracking, 505
TKIP, 428 –429
Wi-Fi Protected Setup (WPS) attacks, 505
wide area networks (WANs)
ATM, 622 –623
bandwidth and speed, 600 –601
broadband services, 607 –611, 608 , 610
connection types, 599 –600, 599
DMVPN, 621 , 621
exam essentials, 630 –631
Frame Relay, 615 –618, 615 –616
ISDN, 613 –615
MPLS, 623
overview, –9, –9 , 595 –596
PPP, 618 –621, 618 , 620
PSTNs, 598 –599
review questions, 632 –634
SIP trunks, 621 –622, 622
summary, 629 –630
T-series connections, 601 –603
terminology, 596 –598, 597
transmission media, 603 –607, 606
troubleshooting
company security policies, 629
DNS issues, 628
interface errors, 624 –627
Internet connectivity, 624 , 624
overview, 623 –624
router configurations, 628 –629
split horizon, 627 –628
wireless technologies, 611 –613
written lab, 631
WiMAX (World Wide Interoperability for Microwave Access), 613
windowing in OSI model, 37 , 38
Windows Internet Naming Service (WINS), 148
Windows Update, 526 –527, 526
windump utility, 676
WINS (Windows Internet Naming Service), 148
wire crimpers, 723 , 723
wire-map testers, 714 –715, 715
wire tracers, 720 –721, 720
wired connections in wide area networks, 603 –604
Wired Equivalent Privacy (WEP)
access points, 415
cracking, 504
wireless networks, 426 –427
wireless access points (WAPs). See access points (APs)
wireless controllers, 408 –409, 408 –409
Wireless Ethernet Compatibility Alliance (WECA), 430
wireless LAN controllers (WLCs), 423
wireless networks
802.11 standards, 393 –399, 395 –397
access point configuration, 414 –417, 416 –417
ad hoc mode, 405 –406, 405
antennas, 403 –404
exam essentials, 433 –434
hardware installation, 412 –417, 413–414, 416 –417
history, 392 , 392
infrastructure implementations, 410 –412
infrastructure mode, 406 –408, 407
introduction, 390 –393, 392
mobile hot spots, 409 –410, 409
network interface cards
range extenders, 138
review questions, 435 –438
security
ad hoc networks, 423
denial of service, 423 –424
open access, 426
overview, 422
passive attacks, 424 –426
Pre-Shared Key, 430 –431, 431
RADIUS, 427 –428, 428
rogue access points, 422
TKIP, 428 –429
WEP, 426 –427
signal degradation, 410
site surveys, 418 –421, 419 –421
standards, 391
summary, 433
threats, 503 –506
troubleshooting, 745 –749
wide area networks, 605 –607, 606 , 611 –613
wireless controllers, 407 –408, 408
written lab, 434
Wireshark packet sniffer, 502 , 502 , 693
wiring schematics, 787 –790, 787 , 789 –790
wiring security policies, 520
wiring standards, 75
crossover cable, 78 –82, 78 –81
distributions, 80 , 80
rolled cable, 77 –78, 77
straight-through cable, 77 , 77
T568A vs. T568B, 75 –77, 76
UTP Gigabit wiring, 79 , 80
WLAN Association (WLANA) standards, 391
WLCs (wireless LAN controllers), 423
workgroups, ,
workstation problems vs. server problems, 739 –740
workstations,
World Wide Interoperability for Microwave Access (WiMAX), 613
worms, 497
WPA (Wi-Fi Protected Access)
access points, 415
cracking, 505
Pre-Shared Key, 430 –431, 431
TKIP, 428 –429
X
X.500 standard, 466
X.509 certificates, 182 , 466 –467
x DSL technologies, 608 –609
Y
Z
Z-Wave protocol, 412
zero-day attacks, 499
zeros in IPv6 addresses, 223 –224
Zimmerman, Phil, 454 –455
zones
firewalls, 564 –566, 564 –565
security, 574
updates for DNS servers, 152
..................Content has been hidden....................
You can't read the all page of ebook, please click
here login for view all page.