Untitled Flashcards Set

Flashcards for Networking Concepts

1.1 Compare and contrast OSI and TCP/IP models

• OSI Model: 7 layers (Physical, Data Link, Network, Transport, Session, Presentation, Application)

• TCP/IP Model: 4 layers (Link, Internet, Transport, Application)

• OSI is theoretical, TCP/IP is practical and used in real-world networking.

1.2 Compare and contrast TCP and UDP protocols

• TCP: Connection-oriented, reliable, slower due to error-checking.

• UDP: Connectionless, faster but less reliable (no error-checking or re-transmission).

1.3 Infrastructure components in an enterprise network

• Firewalls: Filter traffic based on security rules.

• Access Points: Provide wireless connectivity.

• Wireless Controllers: Manage multiple access points.

1.4 Cloud resources in enterprise networks

• Traffic path to cloud services: Internal vs. external routing.

• Virtual services: Cloud-based alternatives to physical devices.

• Virtual network infrastructure: Uses VMs and cloud resources.

1.5 Collapsed core vs. Three-tier architecture

• Collapsed Core: Merges core and distribution layers, used in smaller networks.

• Three-Tier: Core, Distribution, Access layers; scalable, used in larger networks.

1.6 Network topologies

• Star: Central device connects all others.

• Mesh: Devices interconnected, high redundancy.

• Hybrid: Combination of topologies for optimization.

1.7 Cabling types

• Twisted Pair (Cat5e, Cat6): LANs, short distances.

• Fiber Optic: High-speed, long distances.

• Coaxial: Older, used for broadband.

1.8 Troubleshooting methodologies

• Fault isolation: Use tools like ping, tracert.

• Resolve or escalate: Fix if possible, escalate if needed.

• Verify and monitor: Ensure resolution and monitor network.

1.9 IPv4 addressing and subnetting

• IPv4: Unique device addresses.

• Subnetting: Divides network into smaller subnets.

1.10 IPv4 address types

• Unicast: One-to-one communication.

• Broadcast: One-to-all within local network.

• Multicast: One-to-many (interested receivers only).

1.11 Private IPv4 addressing

• Private IPs (e.g., 192.168.x.x) reduce need for public IPs.

1.12 IPv6 addressing schemes

• Larger address space, better routing, multiple addresses per interface.

1.13 IPv6 configuration and troubleshooting

• 128-bit addresses, hexadecimal format.

• Ensure proper communication settings.

1.14 IPv6 Stateless Address Auto Configuration (SLAAC)

• Automatic IPv6 address assignment without DHCP.

1.15 IPv6 address types

• Global Unicast: Public, routable on the internet.

• Unique Local: Private, internal use.

• Link Local: Valid only within local network segment.

• Multicast: One-to-many communication.

• Anycast: One-to-nearest communication.

2.1 Switching concepts

• MAC Learning & Aging: Switch learns MAC addresses.

• Frame Switching: Forwarding frames based on MAC table.

• Frame Flooding: Sending unknown destination frames to all ports.

2.2 Ethernet Frame Format

• Key fields: Preamble, MAC addresses, EtherType, Data, FCS.

2.3 Troubleshooting Interface & Cable Issues

• Collisions, CRC errors, Duplex & Speed mismatches can cause network issues.

2.4 VLANs and Trunking

• VLANs: Logical segmentation of networks.

• Trunks: Carry traffic for multiple VLANs.

• DTP, VTP, 802.1Q: VLAN trunking protocols.

2.6 Spanning Tree Protocol (STP)

• STP Modes: PVST+, RPVST+.

• Root Bridge Selection: Based on priority and MAC.

• PortFast, BPDU Guard: Enhancements for STP stability.

2.9 EtherChannel (Link Aggregation)

• Static, PAGP, LACP: Different methods of aggregation.

3.1 Routing Concepts

• Packet Handling: Uses routing tables for path determination.

• Forwarding Decisions: Based on best matching route.

3.2 Routing Table Components

• Prefix, Next Hop, Administrative Distance, Metrics define routing decisions.

3.5 Static vs. Dynamic Routing

• Static Routing: Manually set routes, predictable.

• Dynamic Routing: Automatically adjusted, scalable.

3.6 Distance Vector vs. Link-State Routing

• Distance Vector: Based on hop count (RIP).

• Link-State: Maintains full network topology (OSPF).

3.7 Interior vs. Exterior Routing Protocols

• IGP (OSPF, EIGRP): Inside an organization.

• EGP (BGP): Between organizations.

3.8 IPv4 & IPv6 Static Routing

• Default Route: 0.0.0.0/0 (IPv4), ::/0 (IPv6).

• Network & Host Routes: Specific network/host paths.

3.9 OSPF Routing

• OSPFv2: IPv4 link-state routing.

• OSPFv3: IPv6 version.

3.11 EIGRP Routing

• Cisco proprietary hybrid protocol (distance vector + link-state features).

4.1 Network Security Concepts

• AAA (Authentication, Authorization, Accounting) ensures secure access control.

• MAC Filtering: Restricting network access to known MAC addresses.

• 802.1X Authentication: Port-based network access control.

4.2 Common Network Attacks

• DDoS: Overloading a network with traffic.

• Man-in-the-Middle (MITM): Intercepting communication.

• Phishing: Social engineering attacks.

4.3 Wireless Security

• WPA2/WPA3: Secure wireless encryption standards.

• Rogue Access Points: Unauthorized APs in a network.

• Evil Twin Attack: Fake AP mimicking a legitimate one.

Flashcards

5.1 Describe DNS Lookup Operation

• DNS (Domain Name System): Resolves domain names into IP addresses.

• Query: Client sends a DNS request to a DNS server.

• Resolution: Recursive (server resolves fully) or Iterative (server queries others).

• Response: DNS server returns the IP address to the client.

• Caching: Results stored to reduce lookup time.

5.2 Troubleshoot Client Connectivity Issues Involving DNS

• Common Issues:

  • DNS server unreachable.

  • Incorrect DNS configuration.

  • DNS resolution failure.

  • Firewall blocking DNS traffic.

• Tools: nslookup, dig, ping.

5.3 Configure and Verify DHCP on a Router

• Server: Router assigns IPs to clients.

• Relay: Forwards DHCP requests if server is on another network.

• Client: Devices obtain IPs from the DHCP server.

• Options: TFTP (file transfer), DNS (name resolution), Gateway (default route).

5.4 Troubleshoot Client- and Router-Based DHCP Issues

• Client-Side: Check auto IP config, DHCP server reachability, and IP settings.

• Router-Side: Verify DHCP pool and binding, confirm response to requests.

5.5 Configure, Verify, and Troubleshoot Basic HSRP

• Priority: Highest priority router is active.

• Preemption: Higher priority router takes over when online.

• Version: HSRPv1 vs. HSRPv2 (more features, larger groups).

5.6 Configure, Verify, and Troubleshoot Inside Source NAT

• Static NAT: One-to-one mapping of private to public IP.

• Pool NAT: Uses multiple public IPs for private network devices.

• PAT (Port Address Translation): Multiple devices share one public IP with different ports.

5.7 Configure and Verify NTP in Client/Server Mode

• Server: Provides time synchronization.

• Client: Requests time updates.

• Commands: ntp server <ip> (configure), show ntp status (verify).

6.1 Configure, Verify, and Troubleshoot Port Security

• Types:

  • Static (manual MACs), Dynamic (learned MACs), Sticky (stored in config).

• Max MACs: Limits number of allowed devices.

• Violation Actions: Protect (drops packets), Restrict (logs violation), Shutdown (disables port).

6.2 Describe Common Access Layer Threat Mitigation Techniques

• 802.1x: Authentication before network access.

• DHCP Snooping: Blocks rogue DHCP servers.

• Nondefault Native VLAN: Reduces VLAN hopping attacks.

6.3 Configure, Verify, and Troubleshoot ACLs for Traffic Filtering

• Standard ACL: Filters by source IP.

• Extended ACL: Filters by source/destination, protocol, port.

• Named ACL: Uses a descriptive name instead of a number.

6.4 Verify ACLs Using APIC-EM Path Trace Tool

• Function: Traces network traffic to analyze ACL impact.

6.5 Configure, Verify, and Troubleshoot Basic Device Hardening

• Authentication: Local username/password.

• Secure Passwords: Encrypt stored passwords.

• Access Controls: Restrict IP-based access, use SSH over Telnet.

• Login Banner: Displays security warnings.

6.6 Describe Device Security Using AAA with TACACS+ and RADIUS

• AAA: Authentication, Authorization, Accounting.

• TACACS+: Encrypts full packet, separates authentication/authorization.

• RADIUS: Encrypts only passwords, combines authentication/authorization.

7.1 Configure and Verify Device-Monitoring Protocols

• SNMPv2: Community strings, bulk data retrieval.

• SNMPv3: Secure authentication, encryption, access control.

• Syslog: Logs events with severity levels (0-7).

7.2 Troubleshoot Network Connectivity Using ICMP Echo-based IP SLA

• Function: Measures response time, detects delays, packet loss.

7.3 Configure and Verify Device Management

• Backup/Restore: TFTP, FTP, SCP.

• Discovery Protocols: CDP (Cisco), LLDP (Open Standard).

• Licensing: Feature-based access control.

• Logging: Centralized event monitoring.

• Time Zone: Sync with NTP.

• Loopback Interface: Always-up virtual interface.

7.4 Configure and Verify Initial Device Configuration

• Tasks: Set hostname, IPs, routing, security settings.

• Verification: Ping, traceroute, logs.

7.5 Perform Device Maintenance

• IOS Upgrades: SCP, FTP, TFTP; use MD5 for integrity.

• Password Recovery: Bypass startup config with register settings.

• File Management: dir, copy commands.

7.6 Use Cisco IOS Tools for Troubleshooting

• Ping/Traceroute: Test connectivity.

• Terminal Monitor: View live logs.

• Log Events: System diagnostics.

• SPAN: Monitors network traffic.

  Here are your flashcards formatted for easy studying:

  ---

  ### 7.7 Describe Network Programmability in Enterprise Network Architecture

  #### 7.7.1 Function of a Controller

  📝 Definition: A network controller is a central component in software-defined networking (SDN) that manages and configures network devices via software.

  ✅ Key Points:

  - Provides a centralized view of the network.

  - Allows for dynamic changes based on policies.

  #### 7.7.2 Separation of Control Plane and Data Plane

  📝 Traditional Networking: The control plane (routing decisions) and data plane (traffic forwarding) are integrated into each device.

  📝 SDN Networking: The control plane is centralized and separated from the data plane.

  ✅ Benefits:

  - More flexibility in network management.

  - Easier automation and programmability.

  #### 7.7.3 Northbound and Southbound APIs

  📝 Northbound APIs: Allow the controller to communicate with applications (e.g., network monitoring, automation tools).

  📝 Southbound APIs: Allow the controller to communicate with network devices (e.g., switches, routers).

  ✅ Importance:

  - Enable automation of network management.

  - Allow for dynamic and scalable networks.

  ---

  ### 8.1 Installation, Configuration, and Management

  #### 8.1.1 Windows Workstation Software

  💻 Installation:

  - Methods: Bootable USB, network installations, WDS.

  - Ensure system meets minimum requirements (CPU, RAM, storage).

  ⚙ Configuration:

  - Set up user accounts (local or Microsoft).

  - Configure network settings (IP, DNS, domain membership).

  - Adjust security settings (firewall, Windows Defender, BitLocker).

  🛠 Management:

  - Use Group Policy for centralized configuration.

  - Windows Admin Center for remote management.

  - Patch management to apply security updates.

  #### 8.1.2 Windows Server Software

  💻 Installation:

  - Install from ISO, DVD, or network boot.

  - Choose server role (Domain Controller, Web Server, File Server).

  ⚙ Configuration:

  - Set up Active Directory for managing users & devices.

  - Configure DNS & DHCP for name resolution and IP allocation.

  - Install IIS (Internet Information Services) for web hosting.

  🛠 Management:

  - Use Server Manager for role management.

  - PowerShell scripting for automation.

  - Monitor performance using Task Manager and Event Viewer.

  #### 8.1.3 Linux Software

  💻 Installation:

  - Use ISO images and install via USB or network boot.

  - Partition disks, configure user accounts, and select packages.

  ⚙ Configuration:

  - Set network settings (static/dynamic IP, DNS).

  - Install packages using apt (Ubuntu/Debian) or yum (CentOS/RedHat).

  - Configure firewall settings (iptables or firewalld).

  🛠 Management:

  - Use top, htop, syslog for system monitoring.

  - Automate tasks with cron jobs.

  - SSH for secure remote management.

  #### 8.1.4 Network Services

  🖧 Installation and Configuration:

  - DNS: Use BIND (Linux) or Microsoft DNS (Windows Server).

  - DHCP: Configure with isc-dhcp-server (Linux) or Windows DHCP Server.

  - Web Services: Set up Apache or Nginx for hosting.

  - VPN: Use OpenVPN or WireGuard for secure remote access.

  📊 Management:

  - Monitor network uptime & performance (Nagios, Zabbix, SolarWinds).

  - Analyze traffic with Wireshark or tcpdump.

  - Backup network configurations regularly.

  #### 8.1.5 Virtualized Environments

  💻 Installation:

  - Use VMware vSphere, Hyper-V, or VirtualBox for virtualization.

  - Choose Type 1 or Type 2 hypervisor based on needs.

  ⚙ Configuration:

  - Set up virtual machines (VMs) with required OS and apps.

  - Allocate CPU, memory, and storage properly.

  - Configure virtual networks (vSwitches).

  🛠 Management:

  - Use vCenter Server (VMware) or Hyper-V Manager (Windows).

  - Monitor using vSphere Client or System Center Virtual Machine Manager.

  - Implement snapshots for backup and recovery.

  ---

  ### 9.1 Converse Effectively and Correctly with a Customer

  📝 Active Listening:

  - Let the customer fully explain the issue.

  - Ask clarifying questions if needed.

  📝 Empathy & Professionalism:

  - Show understanding and acknowledge their concerns.

  - Maintain a calm and polite tone.

  📝 Clear Communication:

  - Avoid technical jargon when possible.

  - Explain solutions in simple and clear terms.

  ---

  ### 9.2 Speak Clearly and to the Point About Products and Solutions

  📢 Be Concise:

  - Keep explanations short and focused.

  🎯 Emphasize the Solution:

  - Explain how the product/solution meets the customer’s needs.

  🔍 Use Clarity Over Complexity:

  - Use analogies or examples to simplify technical details.

  ⏳ Set Expectations:

  - Be upfront about timelines and next steps.

  ---

  ### 9.3 Verify Customer Information

  📌 Why Repeat Name, Location, and Phone Number?

  ✅ Ensures accuracy of records.

  ✅ Shows attentiveness and builds trust.

  ✅ Helps with future follow-ups.

  ---

  ### 9.4 Take the Needed Actions to Fix the Customer’s Problem

  🔍 Diagnose the Issue:

  - Ask targeted questions and perform necessary checks.

  📜 Provide Clear Instructions:

  - Explain step-by-step what needs to be done.

  📢 Follow Through:

  - If additional steps are needed, inform the customer and own the resolution.

  📈 Escalate When Necessary:

  - If unresolved, escalate to specialized teams and inform the customer.

  ---

  ### 9.5 Close the Conversation Positively

  ✔ Reassure the Customer:

  - Confirm that their issue is resolved or being handled.

  ✔ Thank the Customer:

  - Express appreciation for their time and business.

  ✔ Encourage Future Contact:

  - Let them know they can reach out again for assistance.

  ✔ End on a Positive Note:

  - Example: "I’m glad we could resolve this today. Let us know if you need anything else