Final Exam Study Set Switches and Routers

What is a Standard ACL?

Filters based on source IP only; placed closest to the destination.

What is an Extended ACL?

Filters source/destination IP, ports, and protocols; placed closest to the source.

What is a Named ACL?

An ACL identified by name instead of number; easier to manage.

Which ACL do you use for VTY line filtering?

Extended ACL applied with access-class on VTY lines.

What is implicit deny?

A hidden rule at the end of all ACLs that blocks all traffic not explicitly permitted.

What is a trusted network?

A secure internal network.

What is an untrusted network?

External networks like the Internet.

What is a DMZ?

A semi-secure area for public-facing servers such as web or DNS servers.

What is NAT?

A method to translate private IPs into public IPs for internet access.

How is NAT similar to CIDR?

Both help conserve IPv4 address space.

What is the intention of NAT?

To conserve public IPs and add basic security by hiding internal networks.

Most common network attacks today

Phishing, malware, DDoS, MITM, SQL injection, ransomware.

Advantages of NAT

Conserves IP addresses, hides internal network, allows multiple devices to share a public IP.

Disadvantages of NAT

Breaks end-to-end connectivity, adds overhead, harder to trace IPs.

What is Static NAT?

One private IP to one public IP mapping.

What is Dynamic NAT?

Private IPs mapped to a pool of public IPs.

What is PAT?

Port Address Translation; many private IPs share one public IP using unique port numbers.

Why do we run NAT?

IP conservation, security, multiple device connectivity.

What is an IDS?

Intrusion Detection System; monitors and alerts.

What is an IPS?

Intrusion Prevention System; actively blocks malicious traffic.

What is NGFW?

Next-Generation Firewall; performs deep inspection, app control, IDS/IPS, URL filtering.

What is a DoS attack?

A single source overwhelms a system or service.

What is a DDoS attack?

Multiple sources (botnet) overwhelm a system, harder to mitigate.

What is CDP?

Cisco Discovery Protocol; Cisco-proprietary neighbor discovery.

What is LLDP?

Link Layer Discovery Protocol; vendor-neutral alternative to CDP.

What is NTP?

Network Time Protocol; synchronizes time across devices.

Three SNMP message types

Get, Set, and Trap.

What is Syslog?

A logging system for centralizing device logs and alerts.

SSH vs Telnet

SSH is encrypted; Telnet is unencrypted and insecure.

What is NetFlow?

A traffic analysis tool to track bandwidth, flows, and anomalies.