mod 7
mod 8
mod 9
mod 10
mod 11
100

Managed vs unmanaged switches (STP, BPDU guard) 

managed:

-configured via a command-line interface or a web-based management GUI

-has Assigned IP addresses to continue managing

unmanaged:

-provides plug-and-play capability with minimal configuration

-no IP address, capabilities are limited

Spanning Tree Protocol 

prevents traffic loops and chooses the most efficient paths  

BPDU guard: 

-STP information is transmitted between switches via BPDUs

-enhance security by preventing a rogue switch or computer connected to one of these ports from hijacking the network’s STP paths 

100

Subnet Masks

Subnet masks are used to divide IP networks into different sections, often called subnets

Subnetting divides an IP address into two parts, namely network address and host address

helps solve the fundamental problem with classful addressing

Using subnets, instead of all devices on the same network being visible to attackers, they would only have access to other devices on the same subnet

100

what is the difference between static and dynamic routing 

Static routing: A network administrators configures a routing table to direct messages along specific paths                                                                  

Ex. a static route between a small business and its ISP (Internet Service Provider)


Dynamic routing: A router automatically calculates the best path between two networks and maintains this information in a routing - The router can detect problems with failed/congested routes and reroute the messages

-dynamic routing ensures that a new router’s routing tables are updated.

CHECK ANALOGY PAGE FA DIS JOINT IT'LL HELP

100

Types of hackers(3)

white hat: is an IT security expert hired by organizations to identify security vulnerabilities

• They are sometimes called an ethical hacker 

black hat: are groups or individuals that cause damage, steal data, or compromise privacy 

grey hat: abide by a code of ethics all their own

• They might engage in illegal activity, but their intent is to educate and assist




100

Zero trust

A security model where everything in the network is considered untrustworthy until proven otherwise.

200

Virtualization (2)

Virtualization is a virtual, or logical, version of something rather than the actual, or physical, version 

hypervisor types >>>

type 1 - installs on a computer before any operating system (OS) ... installed directly on the host machine’s physical hardware, not through an operating system. 

Type 2 – You install it on the machine, where it runs as an application... negotiates with the operating system to obtain underlying system resources.

200

Network Segmentation

Segmentation divides a computer network into smaller parts. The purpose is to improve network performance and security. 

-Enhance security
-Improve performance

-Simplify troubleshooting


200

Distance vector vs. Link state protocols

Distance vector: calculate path based on distance to the destination

-focus more on the number of hops 

Link-state routing protocols: enables routers to communicate beyond neighboring routers so they can independently map the network and determine da best path

-focus more on the state of a connection.

CHECK ANALOGY PAGE FA DIS JOINT IT'LL HELP

200

Social engineering 

is a strategy to gain a user’s password

Common types of social engineering:

• Phishing

• Baiting

• Quid pro quo

• Tailgating

• Piggybacking

• Shoulder surfing

200

ACL !!

access control list:

a set of rules that control who can access a network or system, and what they can do with that access

A list of statements used by a router or other device to permit or deny the forwarding of traffic on a network based on one or more criteria.

300

Pros and cons of virtualization  

pros:

Efficient use of resources  

Cost and energy savings  

Fault and threat isolation  

Simple backups, recovery, and replication 

cons:

Compromised performance 

 Increased complexity
 Increased licensing costs
 Single point of failure 

300

VLSM

 Variable Length Subnet Mask:

allows subnets to be further subdivided into smaller
and smaller groupings until each subnet is about the same size as the necessary IP address space


300

Types of WAN connections (5)

1.DSL(Digital Subscriber Line) :

-operates over the PSTN (public switched telephone network) 

-supports multiple data and voice channels over a single line

-uses advanced data modulation techniques

2. Cable: standardized coaxial cable wiring used for TV signals

cable modem> modulates and demodulates signals for transmission and reception via cable wiring >

3. Fiber: Internet backbone runs on fiber

4. Satellite: used for transmitting consumer voice, video, music, and data

5. Cellular

-initially designed for analog phone service

300

Types of malware (5)

Malware is a generalized term that refers to many kinds of malicious software
1. Virus 

a program that replicates itself with the intent to infect more computers
2. Trojan horse (Trojan)

 a program that disguises itself as something useful but actually
harms your system
3. Worm 

a programs that runs independently and travels between computers and across
networks
4. Bot 

a program that runs automatically without requiring a person to start or stop it
5.Ransomware 

a program that locks a user’s data or computer system until a ransom is
paid

300

AAA

 (authentication, authorization, and accounting)

A category of protocols that authenticate a client’s identity, authorize a user for certain privileges on a system or network, and keep an account of the client’s system or network usage.

400

Cloud Service Models  

1. On-premises – All hardware, software, and everything else is located and managed at the organization’s location.

2. Infrastructure as a Service – Hardware services and network infrastructure devices are provided virtually

3. Platform as a Service – Includes the OS, runtime libraries or modules the OS provides to applications, and the hardware on which the OS runs (reword this jawn its confusing)

4. Software as a Service – Applications are provided. 

Online email services such as Gmail and Yahoo! are good examples of SaaS

5. Anything as a Service – The cloud can provide any combination of functions depending on the client’s exact needs. In this broader model, the “X” represents an unknown, just as it does in algebra

CHECK ANALOGY PAGE FA DIS JOINT IT'LL HELP

400

VLAN

virtual local area network:
groups ports on a switch so that some of the local
traffic on the switch is forced to go through a router

Reasons for using VLANs include the following:

• Identify groups of devices whose data should be given priority handling

• Isolate connections with heavy or unpredictable traffic patterns

• Isolate groups of devices that rely on legacy protocols incompatible with the majority of

the network’s traffic

• Separate groups of users who need special security or network functions

• Configure temporary networks

• Reduce the cost of networking equipment




400

Interior vs Exterior Gateway Protocols

IGPs: routing protocols used by core routers and edge
routers WITHIN autonomous systems 

- grouped according to the algorithms they
use to calculate best paths

EGPs: used by edge routers and exterior routers to distribute data OUTSIDE of autonomous systems

• The only EGP currently in use is BGP

CHECK ANALOGY PAGE 4 DIS JOINT IT'LL HELP



400

Physical security 

Physical access to critical components must be restricted and controlled

400

 SSO

single sign-on:

A form of authentication in which a client signs on once to access multiple systems or resources.

500

Cloud deployment models (4)

Public cloud 

Service provided over public transmission lines such as the Internet.  

EX:  An online retail giant rocks public cloud services to handle its e-commerce platform

Private cloud  

Service established on an organization’s own servers in its own data center 

EX: Financial institutions or healthcare providers create strict control and data security compliance, they keep their critical info locked down

Community cloud 

 Service shared between multiple organizations but not available publicly. 

Hybrid cloud 

A combination of the other service models into a single deployment and a combination of public and private cloud resources.

EX: retailers go through crazy ups and downs during holiday seasons. They take the hybrid cloud route to handle all that chaos without breaking the bank. When things get wild and need extra power, they burst their workloads into a public cloud. 

500

(mod. 12) Qos

method to implement, traffic policing/shaping, and importance?

Quality of Service

method to implement:

traffic prioritization which involves assigning different priorities to different types of network traffic

_______________

why important?

it guarantees that voice packets receive the necessary bandwidth to deliver a reliable communication experience

_______________

Traffic policing> helps the service provider predict how much capacity it must purchase from its network provider.

Traffic shaping> involves manipulating packets, data stream, or connections to manage the type and amount of traffic traversing network or interface

500

(mod.12) Incident Response Steps (6)

• Step 1: Preparation

• Step 2: Detection and identification

• Step 3: Containment

• Step 4: Remediation

• Step 5: Recovery

• Step 6: Review




500

(mod.12) Baseline

is a report of the network’s normal state of operation and might include a range of acceptable measurements

500

(mod.12) SNMP Versions

Simple Network Management Protocol

SNMPv1 is the original version and is rarely used today
SNMPv2 improved on SNMPv1 with increased performance and slightly better security
 SNMPv3 is similar to SNMPv2 and adds authentication, validation, and encryption for
messages exchanged between managed devices and the network management console