Hardware/Software/VOCAB

Layer 3 switch

Able to operate like a router by using a routing table implemented into the switch

Remote Procedure Call (RPC)

Used by the session layer, allows a program to execute code on a remote system as if it were local.

used to manage communication sessions between networked devices

Round robin

A load balancing algorithm

Distributes traffic equally among all available servers (regardless of their current load)

Alternate Port

Typical state is set to block

Provides a backup path to the root bridge and transitions to the to the forwarding state ONLY if the primary path fails

Round Trip Time (RTT)

MOST CRUCIAL for identifying latency issues in a network

Measures the time it takes for a packet to travel from the sources to the destination and back

Dynamic Frequency Selection (DFS)

part of 802.1h

has longer connection times due to channel scanning

requires the network to scan for radar signals before selecting a channel (delaying connection process)

Raised Floor systems

enables better airflow control by isolating hot and cold air zones

reduces likelihood of hot spots and improves temperature management

Network Monitoring Dashboard

best suited for providing a continuous, real time view of network performance metrics

allows admins to visualize and monitor various metrics (bandwidth utilization, latency, packet loss) in real time

Out of band management

provides a way to access network devices even if the primary network is down (using a separate connection like a serial or cellular link)

Ex: connecting to a remote server that has lost its primary network connection

In band management

Relies on the same network used for data traffic, which wouldn’t be accessible if the primary connection is lost

Hardware Security Module (HSM)

most appropriate method for secure key storage

provides high level of physical and logical security

ensures keys are protected from unauthorized access and tampering

Network Security Groups (NSGs)

Enhance the security of cloud resources by defining rules that restrict access based on IP addresses and ports

allows for granular control over the traffic that is allowed to reach network resources

Routing Information Protocol (RIP)

Distance vector routing protocol, typically used in smaller networks

uses HOP COUNT as its metric

each hop represents a router the data must pass through to reach its destination

Session Initiation Protocol (SIP)

Supports VoIP communications by setting up and managing VoIP call sessions

handles initiation, modification, and termination of these sessions

Ethernet Bridge

Designed to connect separate network segments

allows them to communicate as if they were part of the same network

does not affect performance

creates separate collision domains

Shadow IT

unauthorized devices that are connected to the corporate network and are used to access corporate resources

represents a vulnerability as they are not managed by the IT department

802.11k and 802.11v standards

encourages clients to connect to AP with the strongest signal

a way to deal with “sticky clients” that dont move to the AP with the strongest signal

provide better information to clients about the network environment

NetFlow collector and NetFlow analyzer

system that analyzes traffic flows in real time, generates alerts for unusual patterns

Collector aggregates flows from multiple exporters

Analyzer interprets the information and generates alerts and detailed reports

False Rejection Rate (FRR)

the amount of times an authorized user is being denied access

False Acceptance Rate (FAR)

the amount of times an unauthorized access occurs

Netflow data

an effective way for detecting traffic anomalies caused by DDOS attacks

provides detailed information about the flow of traffic across the network

allows admins to spot unusual spikes in traffic and identify patterns that indicate a DDOS attack

Packet Scheduling

a QoS technique used to ensure that high priority traffic is sent before lower priority traffic

determines order in which packets are transmitted based on their priority levels

Network Intrusion Detection System (NIDS)

designed to monitor and analyze network traffic for signs of malicious activity or policy violations. It operates passively, capturing packets as they traverse the network without altering them

OSPF

link state routing protocol

calculates best path by building a complete map of the network

uses algorithms like Dijkstras algorithm

BGP

path vector protocl

used for inter domain routing on the internet (other routing protocols are not used for internet traffic)

Data Loss Prevention (DLP)

effective way to detect and block transmission of sensitive data

can be used for email as well

Feasible Successor

used in EIGRP

the backup route that is immediately available if the primary route (successor) fails

ensures fast convergence and minimal downtime in the network

Dynamic Trunking Protocol (DTP)

developed by Cisco Systems to automate the negotiation of trunk links between VLAN-aware switches

It simplifies the configuration by allowing switches to dynamically establish trunk links.

Can also allow attackers to perform VLAN hopping attacks by allowing them to perform trunk links where not authorized

Extensible Authentication Protocol (EAP)

specifically designed to support multiple authentication mechanisms

Passwords, digital certificates, smart cards, and token based authentication

BNC connector

twist on beyonet-style coupling mechanism

VLAN trunking protocol (VTP)

allows VLAN assignments to be dynamically managed in a network

automates the distribution and management of VLAN configurations across multiple switches