Studied by 0 people
Network management
The process of administering and managing computer networks, including thought analysis, performance management, provisioning of networks and clients, and maintaining quality of service.
Network documentation
The documentation necessary to fully understand where a network resides and how it operates, including physical network diagrams, logical network diagrams, wiring diagrams, site survey reports, audit and assessment reports, and baseline configurations.
Physical network diagram
A diagram that shows the actual physical arrangement of the components of a network, including cabling and hardware, often resembling a floor plan or rack layout.
Logical network diagram
A diagram that illustrates the flow of data across a network and how devices are communicating with each other, including subnets, network objects and devices, routing protocols and domains, voice gateways, traffic flow, and network segments.
Wiring diagram
A diagram that shows the physical arrangement of cables in a network, often included as part of physical or logical network diagrams.
Site survey reports
Reports conducted to assess the wireless or wired environment of a network, including wireless access point locations and signal strength, or power, space, and cooling requirements for equipment installation.
Audit and assessment reports
Reports delivered after a formal assessment has been conducted, containing an executive summary, assessment scope and objectives, methods and tools used, findings, recommendations, and results of the audit.
Baseline configurations
The most stable versions of a device's configurations, documented and formally reviewed, which can only be changed through change control procedures.
Performance Metrics
Measurements used to assess network availability and monitor network performance, including latency, bandwidth, and jitter.
Latency
The measure of the time it takes for data to reach its destination across a network, usually measured as the round trip time from a workstation to the distant end and back.
Bandwidth
The maximum rate of data transfer across a given network, measured in terms of throughput, which is the actual measure of data being successfully transferred.
Jitter
The network condition that occurs when a time delay in the sending of data packets over a network connection is occurring, negatively affecting real-time applications like video conferences and voiceover IP.
Sensors
Devices used to monitor the performance of network devices, such as routers, switches, and firewalls, measuring temperature, CPU usage, and memory utilization.
Temperature Sensor
Measures the temperature inside network devices and sets off alarms when rising temperatures are detected, helping to prevent overheating and catastrophic failures.
CPU Usage
Measures the utilization of the central processing unit in network devices, indicating if the device is running normally or experiencing high utilization, which can lead to dropped packets or connection failures.
Memory Utilization
Measures the amount of memory being used by network devices, with high utilization indicating potential system hangs, crashes, or other issues.
Memory Utilization
The percentage of memory being used by a device or network.
Peak Times
The times when memory utilization may be at its highest, potentially reaching 80%.
Larger or More Powerful Device
An option for addressing high memory utilization is to install a device with greater capacity or processing power.
Network Attack
Memory utilization above 80% for an extended period could indicate a potential attack on the network.
Normal Network Operation
As networks operate in the real world, administrators will become familiar with what is considered normal for their specific network.
Temperature and Utilization Increase
Rising temperatures and increasing CPU and memory utilization can trigger alarms for network configuration or performance issues.
Investigating Root Cause
When abnormal network metrics are identified, administrators should investigate the underlying cause and resolve the issues to return to a normal baseline.
NetFlow Data
NetFlow is a protocol used for traffic flow analysis in networks.
Full Packet Capture
A method of capturing and logging every packet that enters or leaves a network, but it requires significant storage space.
NetFlow vs
NetFlow data provides network traffic statistics and metadata, saving storage space compared to full packet capture.
Flow Analysis
Flow analysis uses flow collectors to record metadata and statistics about network traffic, allowing for analysis of traffic patterns and trends.
Visualization and Reports
Flow analysis tools store information in a database, which can be queried to generate reports and graphs for network monitoring.
Anomalies and Baselines
Flow analysis can identify anomalies and deviations from expected network baselines, triggering alerts for potential network performance issues or incidents.
NetFlow
NetFlow is a Cisco-developed protocol for reporting network flow information to a structured database.
NetFlow Data Elements
NetFlow captures information about network protocols, IP addresses, ports, and other characteristics of traffic flows.
Zeek
Zeek is a hybrid tool that passively monitors network traffic and logs full packet captures based on predefined rules and parameters.
Zeek Data Normalization
Zeek normalizes captured data and stores it in a format compatible with other cybersecurity and network monitoring tools.
MRTG
The Multi Router Traffic Grapher is a tool used to create graphs showing network traffic flows based on SNMP data from routers and switches.
Visualizing Traffic Patterns
Graphs generated by MRTG help identify patterns and deviations from baselines in network traffic.
Interface Statistics
Interface statistics provide information about the status, traffic, and performance of network interfaces on routers, switches, and firewalls.
Link State
Link state indicates whether an interface has a connected cable and a valid protocol for communication.
Ethernet
A network protocol that allows frames to enter and leave an interface.
MAC address
A unique identifier assigned to a network interface.
IP address
A numerical label assigned to a device on a network.
MTU size
Maximum Transmission Unit size, the maximum size of a data packet that can be transmitted over a network.
Bandwidth
The maximum data transfer rate of a network connection, measured in kilobits or megabits per second.
Reliability
The measure of the number of packets divided by the total number of frames, indicating the stability of the connection.
txload
Indicates how busy the router is transmitting frames over the connection.
rxload
Indicates how busy the router is receiving frames over the connection.
ARPA
Advanced Research Projects Agency, the standard Ethernet protocol used for encapsulating Ethernet frames.
Keepalive
A packet sent by a router to check if connected devices are still active and online.
Full-duplex
A mode of communication where data can be transmitted and received simultaneously.
100BaseTX/FX
Indicates the interface type and bandwidth being used (100 megabits per second) for fast Ethernet connections.
ARP type
Address Resolution Protocol type, indicating the protocol used for mapping IP addresses to MAC addresses.
Timeout
The duration for which an ARP cache will remember a binding before it is cleared.
Input queue
The number of packets in the input queue and the maximum size of the queue.
Drops
The number of packets that have been dropped.
Flushes
Selective Packet Discards that occur when the router needs to shed some load and starts dropping packets selectively.
SPD
Selective Packet Discard, a protocol that drops low priority packets when the CPU is busy to prioritize higher priority packets.
Output drops
The number of packets dropped from the output queue due to network congestion.
FIFO
First In, First Out, a queuing strategy for quality of service.
Output queue size
The current size and maximum size of the output queue.
Minute input/output rates
The average rates at which packets are being received and transmitted.
Packet input
The number of packets received and the size of the data processed.
Receive broadcast
The number of broadcast frames received.
Runts
Ethernet frames smaller than the minimum size of 64 bytes.
Giants
Ethernet frames larger than the maximum size of 1,518 bytes.
Throttles
Occur when the interface fails to buffer incoming packets, indicating quality of service issues.
Input errors
The number of frames received with errors, such as runts, giants, CRC errors, etc.
CRC
Cyclic Redundancy Check, the number of packets received that failed the CRC check.
Frame
The number of packets received with a CRC error and a non-integer number of octets.
Overrun
The number of times the interface was unable to receive traffic due to insufficient hardware buffer.
Ignored
The number of packets ignored due to low internal buffers on the hardware interface.
Watchdog counter
The number of times the watchdog timer has expired.
Input packets with dribble condition detected
Slightly longer than default frames received by the interface.
Packet output
The number of packets sent and the size of the transmissions in bytes.
Underrun
The number of times a sender has operated faster than the router can handle, causing buffer or dropped packets.
Output errors
The number of collisions and interface resets that occurred during transmission.
Interface reset
The number of times an interface had to be completely reset since the last reboot.
Unknown protocol drops
The number of packets dropped where the protocol is unknown.
Babbles
Frames transmitted that are larger than 1,518 bytes.
Late collisions
The number of collisions that occur after the interface starts transmitting a frame.
Deferred
The number of frames transmitted successfully after waiting due to busy media.
Loss carrier
The number of times the carrier was lost or not present during transmission.
No carrier
The number of times the carrier was not present during transmission.
Output buffer failures
The number of times a packet was not output due to a shortage of shared memory.
Output buffer swapped out
The number of packets stored in main memory when the queue was full.
Interface statistics
Information about the link state, speed, duplex status, traffic statistics, cyclic redundancy check statistics, protocol packet and byte counts, CRC errors, giants, runts, and encapsulation errors of a network interface.
Troubleshooting
The process of identifying and resolving issues or problems with a device or system.
Half-duplex
A communication mode where data can be transmitted in both directions, but not simultaneously.
Full-duplex
A communication mode where data can be transmitted in both directions simultaneously.
Bandwidth
The maximum amount of data that can be transmitted over a network connection in a given period of time.
Collisions
A situation where two devices on the same network transmit data at the same time, causing the data to collide and become corrupted.
CRC errors
Cyclic Redundancy Check errors, which occur when data is corrupted during transmission.
Environmental sensors
Sensors used to monitor physical conditions such as temperature, humidity, electrical power status, and flooding in network environments.
HVAC system
Heating, Ventilation, and Air Conditioning system used to control temperature and airflow in a building or room.
Humidity
The amount of moisture present in the air.
Power sensors
Sensors used to monitor power levels and detect surges, spikes, brownouts, blackouts, or dirty power in network equipment.
Flooding sensors
Sensors used to detect the presence of water or flooding in non-human occupied spaces such as telecommunication closets.
Note 
Flashcard (39)