Review questions, Network+

Well, this is the last of the first round of Network+ stuff for the VCE. I feel like I’m starting to learn what i’m doing and I’m enjoying learning networking. When I first approached networking I thought that I was absolutely never going to be able to get a Cisco cert and now I’m certain that at some point I would like to put the effort into it. And also an MCSE. But first I want to finish this security+ and pentest+. So it may be a while before I get to around to that. Regardless, it might be simply wishful thinking based around life circumstances.

anyway, lets umm do this thing.

 photo pat_zps8ufvg3k8.jpg

On some level, it makes sense to think it would be nat but its clearly wrong so, lets make a list!

  • NAT – Network address translation is a method of remapping one IP address space into another by modifying network address information in the IP header of packets while they are in transit across a traffic routing device.
  • PAT – Port Address Translation (PAT), is an extension to network address translation (NAT) that permits multiple devices on a local area network (LAN) to be mapped to a single public IP address. The goal of PAT is to conserve IP addresses.
  • STP – Spanning Tree Protocol (STP) is a network protocol that builds a loop-free logical topology for Ethernet networks. The basic function of STP is to prevent bridge loops and the broadcast radiation that results from them.
  • SNAT – Source Network Address Translation (source-nat or SNAT) allows traffic from a private network to go out to the internet. … The gateway has one arm on the public network and as part of SNAT, it replaces the source IP of the originating packet with its own public side IP.
  • ARP – address resolution protocol (arp) is a protocol used by the Internet Protocol (IP) [RFC826], specifically IPv4, to map IP network addresses to the hardware addresses used by a data link protocol. The protocol operates below the network layer as a part of the interface between the OSI network and OSI link layer.

Ok, so let me get this right, the P stands for port? ok…my bad.

 photo waf_zpstf8kstrg.jpg

I dont know what most of this is:

  • DLP – Data loss prevention software detects potential data breaches/data ex-filtration transmissions and prevents them by monitoring, detecting and blocking sensitive data while in use, in motion, and at rest. The terms “data loss” and “data leak” are related and are often used interchangeably
  • IDS – intrusion detection system (IDS) is a device or software application that monitors a network or systems for malicious activity or policy violations.
  • WAF – web application firewall (or WAF) filters, monitors, and blocks HTTP traffic to and from a web application. A WAF is differentiated from a regular firewall in that a WAF is able to filter the content of specific web applications while regular firewalls serve as a safety gate between servers.
  • WPA – Wi-Fi Protected Access (WPA)
  • TPM – Trusted Platform Module (TPM)

I guess that makes sense, not super clear though.

 photo dscp_zpspddm9e2t.jpg

I have no idea why i picked SIP and the other two don’t make sense but im not sure what DSCP is. Differentiated Services Code Point (DSCP) is a means of classifying and managing network traffic and of providing quality of service (QoS) in modern Layer 3 IP networks. It uses the 6-bit Differentiated Services (DS) field in the IP header for the purpose of packet classification. .

 photo pstn_zpsc94plfge.jpg

Is this really nessesary?

  • PSTN – public switched telephone network (PSTN) is the aggregate of the world’s circuit-switched telephone networks that are operated by national, regional, or local telephony operators, providing infrastructure and services for public telecommunication.
  • PRI – The Primary Rate Interface (PRI) is a telecommunications interface standard used on an Integrated Services Digital Network (ISDN) for carrying multiple DS0 voice and data transmissions between the network and a user. PRI is the standard for providing telecommunication services to enterprises and offices.
  • BRI – Basic Rate Access is an Integrated Services Digital Network (ISDN) configuration intended primarily for use in subscriber lines similar to those that have long been used for voice-grade telephone service.
  • E1/E2 – this seems out of scope
  • DSL – (Digital Subscriber Line

Not exactly sure why this is the answer, it sort of makes sense but there’s a large gap that will probably not be filled with basic research.

 photo virtual ip_zpsznregdyk.jpg

a reservation ensures that the IP iis static but the gateway term throws it off a bit. Anyway, i should look up virtual IP: A virtual IP address (VIP or VIPA) is an IP address that doesn’t correspond to an actual physical network interface. Uses for VIPs include network address translation (especially, one-to-many NAT), fault-tolerance, and mobility.

I think i just realized they where creating a fault tolerant gateway with the same IP on two physical devices and now my questions are cleared up.

 photo voip pbx_zpsicexahwp.jpg

Last question! Its late and i may come back to this but as for why i picked ICMP, i have no clue. Also, sip? why?I have question on this telcom stuff.

  • h. 323 – H.323 provides standards for equipment, computers and services for multimedia communication across packet based networks and specifies transmission protocols for real-time video, audio and data details. H.323 is widely used in IP based videoconferencing, Voice over Internet Protocol (VoIP) and Internet telephony.
  • RTP – Real-time Transport Protocol (RTP) is a network protocol for delivering audio and video over IP networks.

No idea about SIP in this situation though.

Well, that’s all for tonight

More test prep!

Some of this stuff seems really self explanatory if you know you what your doing. Unfortunately some of us, like me, don’t. So we have to put time and effort into learning how this stuff works so that in the off chance we are put in charge of a network we don’t make horrendous mistakes that cost people time and money and possibly even your job. I mean, I’m fully aware that someone who only read a Network+ book shouldn’t be solely responsible for an enterprise network. Given time and experience maybe we can get better before we completely ruin a bunch of very serious stuff though. Anyway, or if your in charge of that and aware that you shouldn’t be, sometimes its a good idea to walk away.

I’m back on the VCE questions tonight. Not really sure why but here we go. I mean, I do need to get them done.

 photo lacp_zpssnprsfmm.jpg
  • SIP – Session Initiation Protocol (SIP) is a signaling protocol used for initiating, maintaining, modifying and terminating real-time sessions that involve video, voice, messaging and other communications applications and services between two or more endpoints on IP networks.
  • BGP – BGP offers network stability that guarantees routers can quickly adapt to send packets through another reconnection if one internet path goes down. BGP makes routing decisions based on paths, rules or network policies configured by a network administrator. Each BGP router maintains a standard routing table used to direct packets in transit. This table is used in conjunction with a separate routing table, known as the routing information base (RIB), which is a data table stored on a server on the BGP router. The RIB contains route information both from directly connected external peers, as well as internal peers, and continually updates the routing table as changes occur. BGP is based on TCP/IP and uses client-server topology to communicate routing information, with the client-server initiating a BGP session by sending a request to the server.
  • LACP – Link Aggregation Control Protocol, In computer networking, the term link aggregation applies to various methods of combining multiple network connections in parallel in order to increase throughput beyond what a single connection could sustain, and to provide redundancy in case one of the links should fail
  • LLDP – Link Layer Discovery Protocol (LLDP) is a vendor-neutral link layer protocol used by network devices for advertising their identity, capabilities, and neighbors on a local area network based on IEEE 802 technology, principally wired Ethernet.

I feel like I should know what SIP is by now, I have no idea what I was thinking. However LACP does seem accurate.

 photo oh rocky_zpsjactce41.jpg

Of course I called this photo ‘oh rocky’! Anyway, as you see the VCE questions kick it up a notch in difficulty. The middle two don’t make sense to me so lets look at the top and bottom answers.

  • Time division multiplexing – (TDM) is a method of transmitting and receiving independent signals over a common signal path by means of synchronized switches at each end of the transmission line so that each signal appears on the line only a fraction of time in an alternating pattern. It is used when the bit rate of the transmission medium exceeds that of the signal to be transmitted. This form of signal multiplexing was developed in telecommunications for telegraphy systems in the late 19th century, but found its most common application in digital telephony in the second half of the 20th century.
  • Time division spread spectrum – spread-spectrum techniques are methods by which a signal (e.g., an electrical, electromagnetic, or acoustic signal) generated with a particular bandwidth is deliberately spread in the frequency domain, resulting in a signal with a wider bandwidth. These techniques are used for a variety of reasons, including the establishment of secure communications, increasing resistance to natural interference, noise and jamming, to prevent detection, and to limit power flux density (e.g., in satellite down links).

Ok, then. good to also know about spread spectrum.

 photo signature management_zps1rorvt90.jpg

Hummm….requires research lol. This is the closest thing The intrusion prevention system (IPS) compares traffic against signatures of known threats and blocks traffic when a threat is detected. Which, given its true and what the question is talking about,makes sense.

 photo xml and json_zpscpzely2z.jpg

Since OSI is starting to make sense I’m getting more comfortable with this. Layer 6 makes a hell of a lot of sense after, shocking, reading the book and learning the bits about encryption.

 photo atm cells_zpsr3pfizzn.jpg

https://en.wikipedia.org/wiki/Asynchronous_transfer_mode – In the ISO-OSI reference model data link layer (layer 2), the basic transfer units are generically called frames. In ATM these frames are of a fixed (53 octets or bytes) length and specifically called “cells”.

So I wasn’t clear on what that was but I guess I understand it now. Anyway, Its getting late and I guess that’s all for tonight. I think eventually I’m going to have to get back into the slides but you know, I have to say its very enjoyable to really learn the material. However, I do have a week off at the of the month and that’s what I plan to do with that time.

Chapter 1 book questions

Its kind of amazing that HTML editors with all their fancy tech don’t auto save your work. I suppose that’s how it goes. Humm, not sure I started this properly. I started writing this post a few days ago and left it up on my computer and every day since then I’ve thought ‘if that post is still up, then I’ll take odds on god actually existing’ and each day I failed to save it. Anyway, I’m going to sort of work through book questions. I think I should be moderately fun. I mean who knows. I might learn a thing or two. Do I think it will help me pass the test, not really, no. Will I actually learn the material and be in a better position to talk about it. For sure. So I guess I’ll go through these first few questions again that didn’t take long… and then get through the reset of them tonight. If its not too late when I’m finished I may even head out for a beer later.

 photo question 1_zpsbuxj6oqx.png

Honestly, this is already seeming like too much effort. It’s C, SSH

 photo 2_zpsdac1ujgo.png

I mean, honestly, there are various answers to this, Powershell remote being the primary example. Especially for core or nano installs. but they are looking for RDP. SNMP is like a monitoring thing (im really not sure how else to explain it).

 photo 3_zps7oq2hv65.png

It’s TCP, UDP just streams information, TCP checks to make sure it showed up.

 photo 4_zps7mcpzfbc.png

/

So its worth noting that I was super tired the first time I started into this. However I’m mostly remembering what I was thinking at the time. Anyway, I was looking up alternatives to tracert and still had the link up in google.

 photo 5_zpsjfrhc3xe.png

I was surprised to learn that this was B, the Presentation layer. Most of the time when people explain the OSI model, I get hella confused because there is so much detail missing. However when I check out specific concepts I start to get a clearer picture of what exactly is going on.

 photo 6_zpssbnacyr6.png

I have several questions about why this is and how this differs from making vlans and at the end of the day I’m willing to bet this is like an arbitrary thing. Humm, I just noticed that the PDF I had open in a web browser, of the book, is not open. I guess I should load that. Anyway, here is what the book has to say about that subject and honestly, when realizing that VLANS increase broadcast domains, I’m starting to understand.

 photo vlans_zpshxajxi19.jpg
 photo 7_zps15dghlvr.png

1500 for regular frames, 9000 for jumbo frames

 photo 8_zpskwxpiixb.png

Generic mac has to be B. However, I’m not sure what IGMP is, The Internet Group Management Protocol (IGMP) is a communications protocol used by hosts and adjacent routers on IPv4 networks to establish multicast group memberships. IGMP is an integral part of IP multicast.. I guess now I have an idea.

 photo 9_zpsqozi6yvm.png

So this one is C, it is vendor neutral however I’m not sure how it interfaces with the Cisco tech for trunking and if you use that do you seriously only get to use Cisco stuff in your network. I guess I could do some research, however you could also look up the damn tech in the question for your self haha

 photo 10_zpsec51spgy.png

Humm, don’t really know this one. Time to hit the book again. It’s amazing that the book has answers in it. Lets see what it says about this one.

 photo root bridge_zpscypeq8kj.jpg

So its the lowest bridge ID, got it….

 photo 11_zpsm9eomyqs.png

By process of elimination this should be easy. Usually you can rule out the smart ass answers of lower power or buy more. I mean, they want to talk about features of these babys :::slaps roof::: anyway, lets find out what LLDP does.

 photo lldp_zpstjp8sftf.jpg

I’m highly confused as to how this works but kind of amazed that it does. Must be some sort of wizard smoke power converter.

 photo 12_zpsxghgjyov.png

Honestly, a little confused by this one for various reasons. Well, perhaps uneducated would be a better thought to convey. So, this is kind of complicated and I highly doubt that google will provide an obvious answer so I’m going to hit the book.

 photo dynamic_zps45vvwg4q.jpg

Reading the question, I understand what they are getting at but I’m not quite sure this sentence really conveys whats going on here.

 photo 13_zps9uyttczi.png

Ok, half way through. Watching this Pantera live video, you can check it out on YouTube. Its the one that starts with the backdrop from Trend kill. Anyway, its BGP and the answer text, which will be at the end of the post, does a great job of explaining this.

 photo 14_zpsyxzuhf2f.png

Apparently, you cant :: twice, so D.

 photo 15_zpslltygxaq.png

MMMkay, im starting to think ‘fuck my life’ but to be honest I picked C as a guess and I was right because they always start with FF.

 photo 16_zps18uzsrr5.png

This one, no clue. Lol, ok so its D which is actually a part of A. However, there was a complicated explanation and I think I might have mostly understood it. Possibly as a result of … study.

 photo 17_zpsfj25xaqm.png

lets make a list

  • RSTP – Rapid Spanning Tree Protocol
  • VRRP – The Virtual Router Redundancy Protocol (VRRP) is a computer networking protocol that provides for automatic assignment of available Internet Protocol (IP) routers to participating hosts. This increases the availability and reliability of routing paths via automatic default gateway selections on an IP subnetwork.
  • HSRP – Cisco proprietary redundancy protocol for establishing a fault-tolerant default gateway
  • VLSM – Variable Length Subnet Mask

Ok so its VRRP

 photo 18_zpsn0q0ddk3.png

I’m no good with subnets to be honest and I’m not going to learn every thing it takes to understand this one tonight but the answer is B.

 photo 19_zpsom5clqg3.png

Jesus, Mary and Joseph thats a long question! Anyway, its for sure on APIPA so it can’t contact the DHCP server. So, D.

 photo 20_zpswnhsz3xn.png

Really? I’m not looking this up but apparently its B.

 photo 21_zpszpivp5wf.png

This one is interesting and I’m not sure of the answer! I read it and said ‘oh wow’ because I’m a huge nerd. The answer is A. I love a good fun fact.

 photo 22_zpswoinz0hj.png

I’m taking at stab at this and saying C, lets check the answer. Turns out I was right.

 photo 23_zpscbeqbhn1.png

again, man, that’s a ton of effort and like, im on some serious coffee at this point so I’m reading the answer in the back which is C.

 photo 24_zps7grzljcp.png

Well, its servers so that would be infrastruture, A

 photo 25_zpsstrnlis4.png

You would make a reservation, C

And now we are caught up to page 200 in a 500 page book and we have gone through chapter 1. Did I mention there is stuff after the last chapter in the book too? Anyway, that’s all for tonight. I had fun going on a learning journey and I hope you did too! Now I’m off to say and do things that totally contradict my fake ass ideology.

 photo wontyoube_zpsfst1132i.jpg

Network+ book review pt. 2

It’s a great Friday afternoon and I’m sitting at my desk with a load of questions. It’s the same questions that I normally have to ask throughout my life but this time I’m mostly worried about passing this test and hoping to get that sys admin job. I’m not too worried about much else. Any way, sitting here at my desk killing time before I meet with my trainer at 7. I irresponsibly forgot my gym bag on Wednesday. Not sure if that cost me one of my 4 sessions this month but I would assume. Regardless, lets talk about some of this stuff from the book that I didn’t know about before I started studying.

 photo collision domains pt 1_zpskmtbrwhm.png

As previously mentioned this one is a bit confusing. Either because the question was confusing or because it is actually confusing. The thing about this is it defines a word I already understood while having no clue what a collision domain actually is. The thing about this is, studying independently, I never know if its just me or if its actually confusing. I guess I should go to YouTube:

I’m still kind of unclear but I guess I’ll move on. Honestly, the video was helpful though.

 photo broadcast domains 2_zpsejldtrhn.png

These two concepts are often lumped together and I still have no idea what’s going on here. I basically understand that its a mass sent signal but im reminded of unicast and broadcast in image deployment. You know, I realize that I could probably pass the test without really learning this stuff but if I am given the opportunity to learn CCNA stuff it might be good to have a strong baseline. So lets go to YouTube again:

Oh man, there is all sorts of stuff:

Ok, now I’m maybe starting to figure this out. I mean honestly, probably not and there’s a guy that sits behind me at work that could possibly explain this but he might also fail to verbalize it. Thats the thing about some of this stuff.

 photo csma-cd-ca 3_zpswrr8lfy4.png

Yeah, ok that’s helpful and straight forward.

 photo pdu - osi movement part 4_zps7ckafafg.png

At this point the only thing helpful here is the first definition. I have no idea how stuff moves through layers, which is asked on the test. I’m also starting to realize I like this method of independent learning using test questions and then looking back through the book to kind of hone my understand of the book and what I’m actually studying. Maybe that’s interesting. Ok, its not interesting but it is interesting to me haha

 photo vlan part 5_zpsomaszpq1.png

Conceptually, I understand VLANs but I have many questions. The questions are all based around exactly how they work but vaguely get the concept. To be honest, with server stuff, I’m fully aware of how far the rabbit hole goes and I’m willing to kind of call a stopping place. However, with VLANs, its like ‘its a logical network segment’ but clearing up the exact differences between subnets and VLANs is confusing.

This is mostly helpful but I’m not entirely sure what exactly is going on but we are getting close to a comfort zone.

 photo spanning tree part 6_zpsjwoornd7.png

I should have highlighted this one because the definition was right under the photo. I think I get the idea in that its sort of like preventing packets from being routed in a circle that goes on and on. There are also different kinds of this with newer features. That is covered in the book but I didn’t take a photo of that for some reason.

 photo DMZ part 7_zpso3dzefhs.png

This seems to be a somewhat antiquated term these days as every one is using ‘web application proxy’ to mean a DMZ. It’s for sure testable but simply making the note.

 photo ARP table part 9_zpsckcdhkwe.png

This is true but generally it has DHCP information and basically all network configuration information for a server. At least, when I’ve tried to use it. This is also helpfulARP table

 photo RIP part 10_zpsichfipc8.png

Pretty much all of this is important and I’ve seen it on the test prep questions. Given that I’ve never really seen or had to use it I’m kind of limited to how much I am aware of its existence, so its time to hit YouTube.

That’s all for now. I may go back to and do the last two sets of slides as while this is helpful it get’s tiring. Who knows. May get in the mood to do more of this type of review.

Network+ “light house” book preview!

I decided to take a gander at a book. Possibly a good idea. Looking things up on the internet is helpful but if you have read a few of these ‘light house’ books your aware that they are helpful in providing general information but dont really prepare you for the test. That said, I’m slightly burnt out on running through slides at the moment. However, I do have two sets of posts ready to go based on slides. Anyway, lets get a little arm chair coaching on these books in while making some comments like ‘oh man, that is actually helpful information’ type comments. By the way, you can get this book, as well as many other books, from humble bundle at the time of this posting here. but only for a few more days and after that the linke will for sure be broken.

Ok, so lets get into these images and realistic expectations.

 photo its easy_zpscqwf36ao.png

LOL, lets go ahead and set those not realistic expectations that after you skim through this book you will be able to pass this test. Just go throw money at CompTIA and get your feelings hurt because ‘you didnt think it would be that hard’, news flash bro, this shit is not easy. Honestly though, its kind of funny to set false expectations though? Not sure if this comment is nessesary to be honest.

 photo isthisbookforyou 2_zpsmum9yyy6.png

LOL. are you studying for Network +? Honestly, if you purchased this book your probably studying for a test called Network+.

 photo ok this is helpful 3_zpsyxlzuvfh.png

Honestly, this is critical to understanding this. If I understood how there’s where set up, I would maybe be better prepared to get the maximum amount of understanding out of them because I have a feeling that, while being slightly sarcastic, they may contain real world information that is very helpful.

 photo exam objectives prt4_zpspbqokqsg.png

Again, if you are aware of what ‘might be ahead’ this is helpful information.

 photo acronyms part 5_zps4cuvdddv.png

Wow, more helpful information up front and as you can see we are already 1/10th of the way through the book. Amazing. Its kind of funny because people think these books are huge and take forever to get through but you learn to speed read and pick up the important information.

 photo acronyms part 5_zps4cuvdddv.png

Now we are on page 59 and finally, the book is starting. Oh Lighthouse, you rascal you haha

 photo acronyms part 5_zps4cuvdddv.png

Oh here comes more filer, after an apendex that could have been in the back of the book, we now start into actual words. Fuck, did I write this. No, my blog is way better orfganized than this. Oh look he threw in a personal story as if any one cares at all about you as an indvidual lol

 photo this is confusing part 8_zpsb6rhjtxx.png

And right away we get into the confusing information where they throw way too many TCPS, NATs, FTPS and port numbers at you and to be honest, I’m assuming its for the sake of memeing. Dont get me wrong there is helpful information here but to be honest, I feel this is too soon and its mostly confusing jargon designed to make you feel like “ok easy” “omg WTF!” which, to be honest, works well and anyone with half a brain might actually enjoy.

 photo get-a-brain-morans-1083600_zpswrjtzulu.png

 photo this is confusing part 8_zpsb6rhjtxx.png
 photo UDP part 9_zpsmzmzhkz9.png

Hey hey, we actually covered this in a previous blog post about a protocol that was connection and connectionless oriented. Ok, this is actually a picture of me learning something from a book

 photo TCP part 10_zps12pso36s.png

Really solid info! Man, I like reading these books, drama, action and learning! Man, I feel like Judy Bloome or one of The Boxcar Children!

 photo connection less dns part 8_zpsqo30praf.png

But as we can see there is no mention of this specifically, however if we paid lots of attention and learned the differences between TCP and UDP then we may have picked this up.

Anyway, I might say more about this book but I do intend on reading a lot of it. Sometimes its more helpful to do some homework before reading the book which searves as like a massive review while pointing out new details. You know, like you really enjoyed the movie so you want to read the book type of thing. Maybe if you study really hard and learn every thing then one day you too can be a riviting tech author!

 photo jurassic park_zpsxp30hiqg.png

Easy stuff, slightly opinion oriented

Happy Monday! I hope every one had a wonderful weekend and is super excited about Monday! I know I am! I’m ready to listen to people and learn today. Maybe say a few things myself but unlikely as you can tell my platform for expressing my self isn’t exactly popular haha. Any way, lets get into the usual stuff.

 photo multimode_zpssndbwxtw.jpg

So I’m starting to get this whole cabling thing but if you don’t know any thing about it, its gets a little confusing. Much like encryption types on the Security+ which I started studying for and decided to do this one first. Really I could have gone for the A+ too but I wasn’t really sure it was worth the money to be honest. Anyway lets take a look at the distance ratings for these cables.

  • Cat 5e – The maximum length you can run Cat5, Cat5e, Cat6 and Cat6a cable is 100 meters or 328 feet
  • Cat 6e – unclear based on google results but it does appear to be 328 feet
  • Multimode – Typical transmission speed and distance limits are 100 Mbit/s for distances up to 2 km (100BASE-FX), 1 Gbit/s up to 1000 m, and 10 Gbit/s up to 550 m
  • Coaxial – Using coaxial cable increases this distance to 500m (1640.4 feet)

I mean, you could use coax according this but we can go with multimode fiber.

 photo collision domain_zpssudjvh4n.jpg

This one is a little more confusing to me. I also cant prove that the 4 port hub is one domain and that 12+2+1=14 somehow. I guess maybe we don’t count the hub? That’s the most logical explanation but I’m still not sure.

 photo docsis_zpszoiyzzyw.jpg

I think all i need to do is define docsis: Data Over Cable Service Interface Specification, or DOCSIS. Ok, easy.

 photo transceiver types_zpsr36asy0z.jpg

This is a list question.

  • MDF – Short for main distribution frame, a cable rack that interconnects and manages the telecommunications wiring between itself and any number of IDFs. Unlike an IDF, which connects internal lines to the MDF, the MDF connects private or public lines coming into a building with the internal network
  • MT-RJ – MT-RJ stands for Mechanical Transfer Registered Jack. MT-RJ is a fiber-optic Cable Connector that is very popular for small form factor devices due to its small size. Housing two fibers and mating together with locating pins on the plug, the MT-RJ comes from the MT connector, which can contain up to 12 fibers.
  • BNC – coax connector
  • GBIC – A gigabit interface converter (GBIC) is a transceiver that converts electric currents (digital highs and lows) to optical signals, and optical signals to digital electric currents. The GBIC is typically employed in fiber optic and Ethernet systems as an interface for high-speed networking.
  • F-type – BNC (Bayonet Neill-Concelman) RF connectors make it easy to connect coaxial cables with radio-frequency equipment like radios and TVs, composite video on commercial video devices, and ethernet networks. … And they come in handy when you need to combine them with, say, an RCA connector on the end of the coaxial cable

Ok, that makes sense with the assumption that GBIC is super fast.

 photo plenum cat 5_zpsfyzosl4p.jpg

Honestly, I’m not sure why cat6 is needed but ok. However, so that we are aware: Plenum rated cable has a special insulation that has low smoke and low flame characteristics. Plenum cable is mandated to be installed in any “air handling” space. For example, most large office buildings use the ceiling to return air to the AC unit.

That’s all for tonight! Fairly simple stuff.

Moderately complicated stuff

Blogging, its a ton of fun. I mean, if I’m being honest, I rather enjoy it and I feel like I learn a lot. It can be taxing on me to simply go through and memorize answers plus I actually learn the material like this and anyone that looks at this blog realizes exactly how much effort it takes to really learn the material for obtaining certs. I’m critical of test content at times but all in all I really enjoy acquiring them. I mean, like its one of my favorite things. Why? I honestly enjoy working my brain to solve puzzles.

 photo ngfw_zps7tlqkcnx.jpg

Im aware of what NGFW is, sort of, im not exactly sure what makes it ‘Next Generation’ but I have my theory and im sticking with it. No I wont stand for any of your technical jargon:

 photo download 2_zpsqnykunwj.jpeg

So this may take some research. I have no idea if they mean internally or externally but wouldnt some sort of logging need to be turned on regardless? Like SIEM logging? Which is separate from the NGFW?

In addition to be clear lets talk about the VPN concentrator and the IDS/IPS, assume everyone knows what a proxy server is

  • VPN Concentrator – type of networking device that provides secure creation of VPN connections and delivery of messages between VPN nodes. It is a type of router device, built specifically for creating and managing VPN communication infrastructures.
  • NGFW
  • IDS/IPS – Intrusion Detection Systems (IDS) and Intrusion Prevention Systems (IPS) are both parts of the network infrastructure. … IDS systems compare the current network activity to a known threat database to detect several kinds of behaviors like security policy violations, malware, and port scanners

Without further specificity on ‘internet applications’ im getting that a WAF is more appropriate in this scenario but I could be wrong. Or the question is old.

 photo bgp_zpsajep54no.jpg

I have no idea what this is getting at so lets look for a definition of BGP. Hybrid is mentioned no where, I guess I’ll just go with it.

 photo port aggrigation_zpsb7srvweh.jpg

I’m not 100% on this stuff, so lets cover it again!

  • Spanning tree – The Spanning Tree Protocol (STP) is a network protocol that builds a loop-free logical topology for Ethernet networks. The basic function of STP is to prevent bridge loops and the broadcast radiation that results from them.
  • Clustering – A computer cluster consists of a set of loosely or tightly connected computers that work together so that, in many aspects, they can be viewed as a single system. Unlike grid computers, computer clusters have each node set to perform the same tasks, which are controlled and scheduled by software. Weird. Like a lan party?
  • Port aggregation – Port aggregation lets you combine two Gigabit Ethernet ports on the Nighthawk router to improve the aggregated file transfer speed. If a device supports Ethernet aggregation like a NAS or managed network switch, you can use the Ethernet aggregate ports 1 and 2 to cable the device to your router.
 photo protocol_zpsfmhdhyeq.jpg

You know, I’m sure there is some truth to this but I’m betting its hard to prove. Or maybe not

I would say we should investigate the others but ports feel a bit overwhelming at the moment to be honest, so lets not.

 photo static to dynamic_zpssilvtqwq.jpg

Highly confused, lets start with VLSM Variable-Length Subnet Masking (VLSM) amounts to “subnetting subnets,” which means that VLSM allows network engineers to divide an IP address space into a hierarchy of subnets of different sizes, making it possible to create subnets with very different host counts without wasting large numbers of addresses.

  • OSPF – Variable-Length Subnet Masking (VLSM) amounts to “subnetting subnets,” which means that VLSM allows network engineers to divide an IP address space into a hierarchy of subnets of different sizes, making it possible to create subnets with very different host counts without wasting large numbers of addresses.
  • IS-IS – OSPF supports virtual link, whereas IS-IS does not support. OSPF elects a DR and BDR, whereas IS-IS elects only a single DR called DIS. OSPF defines a backbone area called area 0 for inter-area advertisements, whereas IS-IS categorizes the domain into two layers
  • RIPv1 – RIPv1 is a classful protocol. RIP supports up to six equal-cost paths to a single destination. Equal-cost path are the paths where the metric is same (Hop count).
  • BGP – (previously explained
  • VRRP – a computer networking protocol that provides for automatic assignment of available Internet Protocol (IP) routers to participating hosts. This increases the availability and reliability of routing paths via automatic default gateway selections on an IP subnetwork.

This is complicated by the fact that it seems like you could use one or the other and the idea of using them together isn’t exactly clear.

Had some kind of tough ones tonight. Any way, I’m getting a little sleepy and I think its bed time!

Lots to learn about Networking part 5

I feel like this is going pretty good. I didn’t get to look at any questions last night but we did do this cross fit type of work out at the gym and like I was absolutely dead. I’m really enjoying this whole feeling sore thing and seeing results. Its great fun and is doing wonders for dad bod. I mean, I guess it didn’t really work out for me and you know, at some point id like to look and feel healthy while fitting into skinny jeans. Which I suppose is possible. You forgot that I also used this as a personal diary didn’t you? Have you seen the new Bill Gates doc? I haven’t either but I might watch it tonight. Also, my trainer keeps saying things like so uha what are you doing this weekend and like “I’m not doing anything” “I really like working out with you,” is she trying to get me to ask her out? Unclear at this time but I cant say I’m not prepared for a personal relationship like that. lol, who knows, maybe. But like gah, im so damn busy.

 photo otdr_zpsyeqxgycz.jpg

You know that part where I’m all “I don’t know what these answers are so I should make list” and herereere we goooo:

  • OTDR – Optical Time Domain Reflectometer, an instrument that analyzes the light loss in an optical fiber in optical network trouble shooting. An OTDR injects a short, intense laser pulse into the optical fiber and measures the backscatter and reflection of light as a function of time.
  • Light meter – optical power meter (OPM) is a device used measure the power in an optical signal
  • Tone generator – Networks tone generator to apply a tone signal to a wire pair or single conductor, and trace with an amplifier probe. When used with the amplifier probe, the tone generator allows technicians to identify a wire within a bundle, at a cross connect or at a remote end.
  • CSU/DSU – A CSU/DSU (channel service unit/data service unit) is a digital-interface device used to connect data terminal equipment (DTE), such as a router, to a digital circuit, such as a Digital Signal 1 (DS1) T1 line.

Given this information the light meter still seems plausible but its only measuring power and it says the levels are within range which leaves me questioning what exactly light loss is if its not related to the power of the signal. Assuming I’ll understand this eventually.

 photo snmp_zpsznpejdxk.jpg

In the last post we learned what trap messages are in SNMPv3 monitoring and now we are seeing them again. Wondering if SOC Analysts use this a lot? Who knows. Maybe if I keep studying I will find out. Would be cool to pick up a SOC spot one day. Honestly, just trying to get in where I fit in. Sys Admin jobs would be cool as well but it seems like a hard field to break into due to a lot of old heads in the field. I have to clearly make out another list of definitions here:

  • SNMP traps – (we covered this but you know) alert messages sent from a remote SNMP-enabled device to a central collector, the “SNMP manager”. A Trap might tell you that a device is overheating, for example.
  • SNMP polling – involves retrieving Management Information Base (MIB) variables from devices in order to determine faulty behavior or connection problems. … During remote ping polling, enterprise-specific device MIBs are used to verify the status of the path between devices
  • SNMP polling vs traps – initiated by the server and the router or switch responds to the server. An SNMP trap is initiated by the router or switch when it has information to send (usually some event happened) and does not want to wait for the server to ask for information.
  • snmpwalk – is an SNMP application that uses SNMP GETNEXT requests to query a network entity for a tree of information. An object identifier (OID) may be given on the command line. This OID specifies which portion of the object identifier space will be searched using GETNEXT requests.
  • SNMP version – Three versions of SNMP exist: version 1 (SNMPv1), version 2 (SNMPv2), and version 3 (SNMPv3). SNMPv1 represents the initial implementation of SNMP that functions within the specifications of the Structure of Management Information (SMI) and operates over protocols, such as User Datagram Protocol (UDP) and IP.

Given that snmpwalk seems like its user initiated this question absolutely makes sense. Which is really nice haha, even if you poll after hours its still going to use resources when you could get real time trap messages that alert you to errors much faster.

 photo pan_zps4ulr0wul.jpg

To be honest, after seeing this once I remembered the answer but I have no idea what a PAN is, the other ones im aware of. personal area network (PAN) is a computer network for interconnecting devices centered on an individual person’s workspace.

 photo tenor 3_zpsoct8yjsu.gif
 photo plunium rated cabels_zpscxynqv1z.jpg

This is a question requiring a list

  • Single-mode fiber – really, this, entire page is very helpful
  • Cat 5e – Category 5e (Category 5 enhanced) Ethernet cables are newer than category 5 cables and support faster, more reliable data transmission through networks.
  • Cat 6 – now with 6 wires
  • Plenum-rated cabling – Cable that is run in the plenum spaces of buildings. In building construction, the plenum (pronounced PLEH-nuhm) is the space that is used for air circulation in heating and air conditioning systems, typically between the structural ceiling and the suspended ceiling or under a raised floor.

I’ve probably gone through all of that before but I want to be sure that I know it in case I encounter a new question on the test related to cable types.

 photo voip_zpsyqj7emd0.jpg

Is this a common port usage? I’m not really sure, I could find out I suppose. SIP can be carried by several transport layer protocols including Transmission Control Protocol (TCP), User Datagram Protocol (UDP), and Stream Control Transmission Protocol (SCTP).[12][13] SIP clients typically use TCP or UDP on port numbers 5060 or 5061 for SIP traffic to servers and other endpoints. Port 5060 is commonly used for non-encrypted signaling traffic whereas port 5061 is typically used for traffic encrypted with Transport Layer Security also noted several times that its commonly used with VOIP

Any way, lets list these out for good measure

  • TCP 443 – is mainly used by web servers providing HTTPS
  • UDP 1720 – Port 1720 is used by the H.323 teleconferencing protocol (most commonly encountered in Microsoft NetMeeting) during call setup negotiation.
  • TCP 8080 – is a place to host a secondary or alternate web server. It is commonly used for proxy and caching
  • TCP 8181 – TCP is one of the main protocols in TCP/IP networks. TCP is a connection-oriented protocol, it requires handshaking to set up end-to-end communications. Only when a connection is set up user’s data can be sent bi-directionally over the connection.

Awesome to remind my self what those do. I mean, I had a vague idea but to be honest I’m not the best at direct memorization.

Friday was off to a somewhat slow start at work with lots of hardware dispatches so thankful to have a little free time to get this knocked out. Its a great day.

So much fiber!

Its been a little while since I posted something and its kind of a slow day at work, waiting on images to finalize and so forth.  I would say I’ve been personally busy but really I’ve kind of been taking a small break. Test prep is coming along though. I think I should be good to test nov-dec hopefullly. Honestly there are a lot more questions than I assumed. So I guess, maybe I could try to be more lively in this blog. Perhaps thats what was holding me up. Not really sure. So anyway, heres some questions!

 photo vlan hoping_zpsdwolylag.jpg

I think I sort of understand this but not really. I mean, the question is purely definitional so lets do that.

  • VLAN Hopping – The idea is obvious but I’m not really sure how it works. However there are two methods for doing this, 1. In a switch spoofing attack, an attacking host imitates a trunking switch[1] by speaking the tagging and trunking protocols (e.g. Multiple VLAN Registration Protocol, IEEE 802.1Q, Dynamic Trunking Protocol) used in maintaining a VLAN. Traffic for multiple VLANs is then accessible to the attacking host. 2. In a double tagging attack, an attacker connected to an 802.1Q-enabled port prepends two VLAN tags to a frame that it transmits. The frame (externally tagged with VLAN ID that the attacker’s port is really a member of) is forwarded without the first tag because it is the native VLAN of a trunk interface. The second tag is then visible to the second switch that the frame encounters. This second VLAN tag indicates that the frame is destined for a target host on a second switch. The frame is then sent to the target host as though it originated on the target VLAN, effectively bypassing the network mechanisms that logically isolate VLANs from one another.[3] However, possible replies are not forwarded to the attacking host (unidirectional flow).
  • Session Hijacking – In computer science, session hijacking, sometimes also known as cookie hijacking is the exploitation of a valid computer session—sometimes also called a session key—to gain unauthorized access to information or services in a computer system.

Now that I’ve actually done the research instead of memorizing the answer, this seems to be a running joke, I kind of understand whats going on with these two things now though. Honestly, there is always so much to learn and its an on going process that I love.

 photo csma-cd_zps2npubd5b.jpg
  • CSMA/CD – Short for Carrier Sense Multiple Access / Collision Detection, a set of rules determining how network devices respond when two devices attempt to use a data channel simultaneously (called a collision). Standard Ethernet networks use CSMA/CD to physically monitor the traffic on the line at participating stations.
  • CSMA/CA – is a protocol for carrier transmission in 802.11 networks. Unlike CSMA/CD (Carrier Sense Multiple Access/Collision Detect) which deals with transmissions after a collision has occurred, CSMA/CA acts to prevent collisions before they happen.
  • MPLS – Multiprotocol Label Switching (MPLS) is a protocol-agnostic routing technique designed to speed up and shape traffic flows across enterprise wide area and service provider networks.
  • OSPF – is a routing protocol for Internet Protocol (IP) networks. It uses a link state routing (LSR) algorithm and falls into the group of interior gateway protocols (IGPs), operating within a single autonomous system (AS). It is defined as OSPF Version 2 in RFC 2328 (1998) for IPv4.

Learning that CD stands for collision detection

 photo hqdefault 2_zpsfu8cuugz.jpg

Ok, so this one is actually hard. By layer 1, I’ve figured out that they mean physical stuff. So, that’s a plus I suppose. However I have no idea what some of this stuff is and the more I look at it the more it looks like its kind of subject to interpretation. The old armchair coaching thing.

  • Pinout Tester – this is basically an RJ45 cable tester, helpful link rj45 testing
  • OTDR – An Optical Time Domain Reflectometer (OTDR) is an important instrument used by organizations to certify the performance of new fiber optics links and detect problems with existing fiber links.
  • OC – Optical Carrier (fiber)
 photo multimode jibber_zpszm0egsyh.jpg

There are a few things going on here that I don’t know what they are so lets start with the first thing that it seems like I should have figured out by now.

So its like a thing that sends signals but its like small. Cool! The question, not completely convinced that it makes sense how however fiber jumper (cable) would seem to be the issue if it works at the point it comes in and then not at the next point. Why it would need to be single mode is beyond me. Maybe in the future I’ll figure that out.

 photo SNMPv3_zpsdsd7osps.jpg

What the hell is SNMPv3, assuming a dashboard? Honestly, this is one of those amazingly specific things that its not necessarily questionable but probably really hard to know unless you have seen this specific scenario.

  • Trap message – SNMP Traps are alert messages sent from a remote SNMP-enabled device to a central collector, the “SNMP manager”. A Trap might tell you that a device is overheating, for example.
  • SNMPv3 – Simple Network Management Protocol version 3 (SNMPv3) is an interoperable, standards-based protocol that is defined in RFCs 3413 to 3415. This module discusses the security features provided in SNMPv3 and describes how to configure the security mechanism to handle SNMP packets.
  • Management information base – so that answer (i realize I’m miss formatting this) looks like its sending an error to a generic repository

That’s all for this afternoon. Going to the gym later and then will probably go through some questions.

Blog at WordPress.com.

Up ↑