Answer Description

Tracert and traceroute6 (a Linux trace route using Ipv6) are both good answers, but are not the best. Pathping is essentially tracert/traceroute but with the ping command sent each time between hops. Pathping has an advantage when troubleshooting latency on a network because it is longer and provides more information regarding network latency. Traceroute is best for simply identifying hops between two devices.

Wikipedia

The PathPing command is a command-line network utility included in Windows NT operating systems since Windows 2000 that combines the functionality of ping with that of tracert. It is used to locate spots that have network latency and network loss.

Answer Description

Banner grabbing is used by administrators and intruders. They use this technique to check for open/exploitable ports.

Wikipedia

Banner grabbing is a technique used to gain information about a computer system on a network and the services running on its open ports. Administrators can use this to take inventory of the systems and services on their network. However, an intruder can use banner grabbing in order to find network hosts that are running versions of applications and operating systems with known exploits. Some examples of service ports used for banner grabbing are those used by Hyper Text Transfer Protocol (HTTP), File Transfer Protocol (FTP), and Simple Mail Transfer Protocol (SMTP); ports 80, 21, and 25 respectively. Tools commonly used to perform banner grabbing are Telnet, Nmap and Netcat. For example, one could establish a connection to a target web server using Netcat, then send an HTTP request. The response will typically contain information about the service running on the host: This information may be used by an administrator to catalog this system, or by an intruder to narrow down a list of applicable exploits. To prevent this, network administrators should restrict access to services on their networks and shut down unused or unnecessary services running on network hosts. Shodan is a search engine for banners grabbed from port scanning the Internet.

Answer Description

When using the Dynamic Host Configuration Protocol (DHCP) a client network device is given a lease on an IP address for a certain amount of time. The lease time is set by the DHCP server.

Wikipedia

The Dynamic Host Configuration Protocol (DHCP) is a network management protocol used on Internet Protocol (IP) networks for automatically assigning IP addresses and other communication parameters to devices connected to the network using a client–server architecture.The technology eliminates the need for individually configuring network devices manually, and consists of two network components, a centrally installed network DHCP server and client instances of the protocol stack on each computer or device. When connected to the network, and periodically thereafter, a client requests a set of parameters from the server using DHCP. DHCP can be implemented on networks ranging in size from residential networks to large campus networks and regional ISP networks. Many routers and residential gateways have DHCP server capability. Most residential network routers receive a unique IP address within the ISP network. Within a local network, a DHCP server assigns a local IP address to each device. DHCP services exist for networks running Internet Protocol version 4 (IPv4), as well as version 6 (IPv6). The IPv6 version of the DHCP protocol is commonly called DHCPv6.

Answer Description

On WiFi networks the term roaming is used to describe the ability for multiple Wireless Access Points (WAP) on a single network to serve as one seemingly continuous access point. These points will generally share a single SSID and authentication mechanisms, allowing users to move freely without disconnecting or having to reauthenticate.

Answer Description

A smart jack is a Network Interface Device (NID) placed between two networks to provide diagnostic data. Typically used by Internet Service Providers (ISP) to help troubleshoot issues on a customer's network.

Wikipedia

In telecommunications, a network interface device (NID; also known by several other names) is a device that serves as the demarcation point between the carrier's local loop and the customer's premises wiring. Outdoor telephone NIDs also provide the subscriber with access to the station wiring and serve as a convenient test point for verification of loop integrity and of the subscriber's inside wiring.

Answer Description

A file hash or checksum is a semi-unique value generated after running an algorithm against a file. This same algorithm can be used on the file later on to verify it's contents have not changed. If the checksum or hash value is different, it is possible the hosting server has been hacked or that a man-in-the-middle attack has occurred on the network. Some websites offer the checksum prior to downloading so that users van verify the file's integrity after downloading.

Wikipedia

File verification is the process of using an algorithm for verifying the integrity of a computer file, usually by checksum. This can be done by comparing two files bit-by-bit, but requires two copies of the same file, and may miss systematic corruptions which might occur to both files. A more popular approach is to generate a hash of the copied file and comparing that to the hash of the original file.

Answer Description

Netstat will show open connections by IP and port. Nslookup will resolve domains to IP addresses (DNS). Ipconfig /all will show you the default gateway and your MAC addresses but not the MAC of another network device. arp -a will show the Address Resolution Protocol (ARP) table, which will include the ARP for your default gateway.

Wikipedia

The Address Resolution Protocol (ARP) is a communication protocol used for discovering the link layer address, such as a MAC address, associated with a given internet layer address, typically an IPv4 address. This mapping is a critical function in the Internet protocol suite. ARP was defined in 1982 by RFC 826, which is Internet Standard STD 37. ARP has been implemented with many combinations of network and data link layer technologies, such as IPv4, Chaosnet, DECnet and Xerox PARC Universal Packet (PUP) using IEEE 802 standards, FDDI, X.25, Frame Relay and Asynchronous Transfer Mode (ATM). In Internet Protocol Version 6 (IPv6) networks, the functionality of ARP is provided by the Neighbor Discovery Protocol (NDP).

Answer Description

During a power outage, an Uninterruptible Power Supply (UPS) will allow the user time to safely save progress and power down the system.

Answer Description

Dynamic ARP Inspection (DAI) inspects the packets and validates them before forwarding them. This is used to prevent many Address Resolution Protocol (ARP) attacks.

Answer Description

The OSI model from 1-7: Physical, Data Link, Network, Transport, Session, Presentation, Application

Wikipedia

The Open Systems Interconnection model (OSI model) is a conceptual model from the International Organization for Standardization (ISO) that "provides a common basis for the coordination of standards development for the purpose of systems interconnection". In the OSI reference model, the communications between a computing system are split into seven different abstraction layers: Physical, Data Link, Network, Transport, Session, Presentation, and Application.The model partitions the flow of data in a communication system into seven abstraction layers to describe networked communication from the physical implementation of transmitting bits across a communications medium to the highest-level representation of data of a distributed application. Each intermediate layer serves a class of functionality to the layer above it and is served by the layer below it. Classes of functionality are realized in all software development through all and any standardized communication protocols. Each layer in the OSI model has its own well-defined functions, and the functions of each layer communicate and interact with the layers immediately above and below it, unless the layer does not have layers below or above. The Internet protocol suite has a separate model, the layers of which are mentioned in RFC 1122 and RFC 1123. That model combines the physical and data link layers of the OSI model into a single link layer, and has a single application layer for all protocols above the transport layer, as opposed to the separate application, presentation and session layers of the OSI model. In comparison, several networking models have sought to create an intellectual framework for

Answer Description

A .exe file means that file is an executable file. The others are text/photo files which are less likely to be dangerous.

Wikipedia

.exe is a common filename extension denoting an executable file (the main execution point of a computer program) for Microsoft Windows, OS/2, and DOS.

Answer Description

Class B begins at 128 and ends with 191.255.255.255. While answer B is class A, then class C, and D respectively.

Wikipedia

Classless Inter-Domain Routing (CIDR ) is a method for allocating IP addresses and for IP routing The Internet Engineering Task Force introduced CIDR in 1993 to replace the previous classful network addressing architecture on the Internet Its goal was to slow the growth of routing tables on routers across the Internet, and to help slow the rapid exhaustion of IPv4 addressesIP addresses are described as consisting of two groups of bits in the address: the most significant bits are the network prefix, which identifies a whole network or subnet, and the least significant set forms the host identifier, which specifies a particular interface of a host on that network

Answer Description

A Packer Shaper is a device that optimizes network traffic, often by giving priority of some types over others. This is similar to Quality of Service (QoS) and traffic policing. A Load Balancer does not prioritize traffic but instead distributes it among multiple common servers. For example, a Load Balancer would be used to distribute traffic between multiple web servers serving the same web site. A Packet Shaper would manipulate all traffic entering or leaving a network.

Wikipedia

Traffic shaping is a bandwidth management technique used on computer networks which delays some or all datagrams to bring them into compliance with a desired traffic profile. Traffic shaping is used to optimize or guarantee performance, improve latency, or increase usable bandwidth for some kinds of packets by delaying other kinds. It is often confused with traffic policing, the distinct but related practice of packet dropping and packet marking.The most common type of traffic shaping is application-based traffic shaping. In application-based traffic shaping, fingerprinting tools are first used to identify applications of interest, which are then subject to shaping policies. Some controversial cases of application-based traffic shaping include bandwidth throttling of peer-to-peer file sharing traffic. Many application protocols use encryption to circumvent application-based traffic shaping. Another type of traffic shaping is route-based traffic shaping. Route-based traffic shaping is conducted based on previous-hop or next-hop information.

Answer Description

Star topology is the most common. This is often a switch, with multiple computers connected through that switch.

Wikipedia

A star network is an implementation of a spoke–hub distribution paradigm in computer networks. In a star network, every host is connected to a central hub. In its simplest form, one central hub acts as a conduit to transmit messages. The star network is one of the most common computer network topologies. The hub and hosts, and the transmission lines between them, form a graph with the topology of a star. Data on a star network passes through the hub before continuing to its destination. The hub manages and controls all functions of the network. It also acts as a repeater for the data flow. The star topology reduces the impact of a transmission line failure by independently connecting each host to the hub. Each host may thus communicate with all others by transmitting to, and receiving from, the hub. The failure of a transmission line linking any host to the hub will result in the isolation of that host from all others, but the rest of the network will be unaffected.The star configuration is commonly used with twisted pair cable and optical fiber cable. However, it can also be used with coaxial cable as in, for example, a video router.

Answer Description

Link Aggregation Control Protocol (LACP) will combine multiple physical ports into one logical one. This is used to provide redundancy and minimize downtime.

Wikipedia

In computer networking, link aggregation is the combining (aggregating) of multiple network connections in parallel by any of several methods. Link aggregation increases total throughput beyond what a single connection could sustain, and provides redundancy where all but one of the physical links may fail without losing connectivity. A link aggregation group (LAG) is the combined collection of physical ports. Other umbrella terms used to describe the concept include trunking, bundling, bonding, channeling or teaming. Implementation may follow vendor-independent standards such as Link Aggregation Control Protocol (LACP) for Ethernet, defined in IEEE 802.1AX or the previous IEEE 802.3ad, but also proprietary protocols.

Answer Description

Presentation layer compresses to reduce the number of bits needed to transmit over the network.

Answer Description

The Port-based Network Access Control (PNAC) provides an authentication mechanism for any system attempting to connect to a LAN or WAN.

Wikipedia

IEEE 802.1X is an IEEE Standard for port-based network access control (PNAC). It is part of the IEEE 802.1 group of networking protocols. It provides an authentication mechanism to devices wishing to attach to a LAN or WLAN. IEEE 802.1X defines the encapsulation of the Extensible Authentication Protocol (EAP) over wired IEEE 802 networksand over 802.11 wireless networks, which is known as "EAP over LAN" or EAPOL. EAPOL was originally specified for IEEE 802.3 Ethernet, IEEE 802.5 Token Ring, and FDDI (ANSI X3T9.5/X3T12 and ISO 9314) in 802.1X-2001, but was extended to suit other IEEE 802 LAN technologies such as IEEE 802.11 wireless in 802.1X-2004. The EAPOL was also modified for use with IEEE 802.1AE ("MACsec") and IEEE 802.1AR (Secure Device Identity, DevID) in 802.1X-2010 to support service identification and optional point to point encryption over the internal LAN segment.

Answer Description

A hypervisor hosts multiple guest operating systems as virtual machines. A Keyboard Video Monitor (KVM) switches a set of peripherals between devices. A cloud PC is a term we just made up. A virtual switch is a software based switch that can direct traffic, but does not host other virtual systems.

Wikipedia

A hypervisor (also known as a virtual machine monitor, VMM, or virtualizer) is a type of computer software, firmware or hardware that creates and runs virtual machines. A computer on which a hypervisor runs one or more virtual machines is called a host machine, and each virtual machine is called a guest machine. The hypervisor presents the guest operating systems with a virtual operating platform and manages the execution of the guest operating systems. Unlike an emulator, the guest executes most instructions on the native hardware. Multiple instances of a variety of operating systems may share the virtualized hardware resources: for example, Linux, Windows, and macOS instances can all run on a single physical x86 machine. This contrasts with operating-system–level virtualization, where all instances (usually called containers) must share a single kernel, though the guest operating systems can differ in user space, such as different Linux distributions with the same kernel. The term hypervisor is a variant of supervisor, a traditional term for the kernel of an operating system: the hypervisor is the supervisor of the supervisors, with hyper- used as a stronger variant of super-. The term dates to circa 1970; IBM coined it for the 360/65 and later used it for the DIAG handler of CP-67. In the earlier CP/CMS (1967) system, the term Control Program was used instead.

Answer Description

The addressing used in the OSI model layer 2 (Data link layer) is MAC addressing. The ARP (Address Resolution Protocol) resolves layer 3 addressing (IP addresses) to layer 2 addresses (MAC addresses). ARP Poisoning involves spoofing ARP data to redirect traffic to an incorrect address, typically to steal data.

Wikipedia

In computer networking, ARP spoofing, ARP cache poisoning, or ARP poison routing, is a technique by which an attacker sends (spoofed) Address Resolution Protocol (ARP) messages onto a local area network. Generally, the aim is to associate the attacker's MAC address with the IP address of another host, such as the default gateway, causing any traffic meant for that IP address to be sent to the attacker instead.ARP spoofing may allow an attacker to intercept data frames on a network, modify the traffic, or stop all traffic. Often the attack is used as an opening for other attacks, such as denial of service, man in the middle, or session hijacking attacks.The attack can only be used on networks that use ARP, and requires attacker have direct access to the local network segment to be attacked.

Answer Description

When two channels overlap, this degrades the signal and causes interference. The Federal Communications Commission (FCC) is in charge of regulating all communication frequencies.

Wikipedia

Wireless LAN (WLAN) channels are frequently accessed using IEEE 802.11 protocols, and equipment that does so is sold mostly under the trademark Wi-Fi. Other equipment also accesses the same channels, such as Bluetooth. The radio frequency (RF) spectrum is vital for wireless communications infrastructure. The 802.11 standard provides several distinct radio frequency bands for use in Wi-Fi communications: 900 MHz, 2.4 GHz, 3.6 GHz, 4.9 GHz, 5 GHz, 5.9 GHz, 6 GHz and 60 GHz. Each range is divided into a multitude of channels. In the standards, channels are numbered at 5 MHz spacing within a band (except in the 60 GHz band, where they are 2.16 GHz apart), and the number linearly relates to the centre frequency of the channel. Although channels are numbered at 5 MHz spacing, transmitters generally occupy at least 20 MHz, and standards allow for channels to be bonded together to form wider channels for faster throughput. Countries apply their own regulations to the allowable channels, allowed users and maximum power levels within these frequency ranges. The ISM band ranges are also often used.