Network Fundamentals

Questions and Answers

A MAN (Metropolitan Area Network) is typically smaller in geographic scope than a LAN (Local Area Network).

False (B)

In a client-server network, clients directly share resources with each other without a central server.

False (B)

A ring topology provides inherent redundancy through multiple paths between devices.

False (B)

IEEE 802.11 standards define wireless protocols that operate exclusively on the 5 GHz frequency band.

False (B)

Wireless routers only function as access points and do not include routing capabilities.

False (B)

WEP (Wired Equivalent Privacy) is considered the most secure protocol for wireless network security due to its advanced encryption methods.

False (B)

Cellular networks like 5G are designed for short-range communication, typically within a building.

False (B)

IPv4 addresses are 64-bit addresses, providing significantly more unique addresses than IPv6.

False (B)

DNS (Domain Name System) is responsible for translating IP addresses into human-readable domain names.

False (B)

HTTPS provides a secure version of HTTP by using encryption, ensuring data transmitted between the client and server is protected.

True (A)

Routers operate at the data link layer (Layer 2) of the OSI model, making forwarding decisions based on MAC addresses.

False (B)

Hubs are more efficient than switches in managing network traffic due to their ability to forward traffic only to the intended recipient.

False (B)

Availability, in the context of network security, ensures that data remains accurate and unaltered.

False (B)

A man-in-the-middle (MitM) attack involves overwhelming network resources to make them unavailable.

False (B)

Intrusion Detection Systems (IDS) actively block malicious activity, while Intrusion Prevention Systems (IPS) passively monitor network traffic.

False (B)

VPNs (Virtual Private Networks) create secure connections over public networks by encrypting data transmitted between devices.

True (A)

MAC address filtering is a highly effective security measure for wireless networks because MAC addresses cannot be spoofed.

False (B)

The first step in network troubleshooting should typically involve analyzing network traffic using packet sniffers.

False (B)

VLANs (Virtual LANs) physically separate devices within a network to improve security and performance.

False (B)

Content Delivery Networks (CDNs) improve network throughput by storing data closer to the source.

False (B)

Flashcards

What is a network?

A collection of interconnected devices that can exchange data.

What is Wireless Networking?

Enables devices to connect without physical cables using radio waves.

What is Network Security?

Protecting network resources and data from unauthorized access or attacks.

What is a Client-Server Network?

A network where dedicated servers provide resources to client devices.

What is a Peer-to-Peer Network?

A network where devices share resources directly with each other.

What are Network Topologies?

Describes the layout of connections in a network.

What is a Bus Topology?

A network layout using a single cable for all connections.

What is a Star Topology?

A network layout connecting devices to a central hub or switch.

What do wireless networks use?

Use radio waves to transmit data between devices.

What is IEEE 802.11?

Defines various Wi-Fi protocols such as 802.11a/b/g/n/ac/ax.

What are Wireless Access Points (APs)?

Serve as central connection points in wireless networks.

What is a Wireless Router?

Combines the functions of an AP, router, and modem.

What is the purpose of WPA2/WPA3?

Protect wireless networks from unauthorized access.

What is TCP/IP?

Foundational protocol suite for the Internet.

What are IP Addresses?

Unique identifiers assigned to devices on a network.

What do firewalls do?

Filters network traffic based on predefined rules.

What do Intrusion Detection Systems (IDS) do?

Monitor network traffic for malicious activity.

What do Virtual Private Networks (VPNs) do?

Create secure connections over public networks.

What is Network Segmentation?

Divides a network into smaller, isolated segments.

What are Network Monitoring Tools?

Tools that track network performance and identify issues.

Study Notes

• Networks facilitate communication and resource sharing between devices.
• Wireless networking enables devices to connect without physical cables, using radio waves.
• Network security involves protecting network resources and data from unauthorized access or attacks.

Network Fundamentals

• A network is a collection of interconnected devices capable of exchanging data.
• Networks can be classified based on size, such as LAN (Local Area Network), WAN (Wide Area Network), and MAN (Metropolitan Area Network).
• Network architecture can follow client-server or peer-to-peer models.
• Client-server networks have dedicated servers providing resources to clients.
• Peer-to-peer networks allow devices to share resources directly with each other.
• Network topologies describe the layout of connections, including bus, star, ring, and mesh topologies.
• A bus topology uses a single cable for all connections.
• A star topology connects devices to a central hub or switch.
• A ring topology connects devices in a circular path.
• A mesh topology provides redundant paths between devices for high availability.

Wireless Networking Technologies

• Wireless networks use radio waves to transmit data between devices.
• IEEE 802.11 standards define various Wi-Fi protocols, including 802.11a/b/g/n/ac/ax.
• Wi-Fi standards differ in frequency bands (2.4 GHz and 5 GHz), bandwidth, and range.
• Wireless Access Points (APs) serve as central connection points in wireless networks.
• Wireless routers combine the functions of an AP, router, and sometimes a modem.
• Wireless security protocols such as WEP, WPA, and WPA2 protect wireless networks from unauthorized access.
• WEP (Wired Equivalent Privacy) is an older, less secure protocol.
• WPA (Wi-Fi Protected Access) and WPA2 are more secure protocols using stronger encryption methods.
• WPA3 is the latest standard, offering improved security features.
• Bluetooth is a short-range wireless technology for connecting devices like headphones and keyboards.
• Cellular networks (3G, 4G, 5G) provide wide-area wireless connectivity using cell towers.

Network Protocols and Standards

• TCP/IP (Transmission Control Protocol/Internet Protocol) is the foundational protocol suite for the internet.
• IP addresses are unique identifiers assigned to devices on a network.
• IPv4 uses 32-bit addresses, while IPv6 uses 128-bit addresses.
• Subnet masks define the network and host portions of an IP address.
• DNS (Domain Name System) translates domain names to IP addresses.
• DHCP (Dynamic Host Configuration Protocol) automatically assigns IP addresses to devices.
• HTTP (Hypertext Transfer Protocol) is used for web browsing.
• HTTPS (HTTP Secure) is a secure version of HTTP that uses encryption.
• SMTP (Simple Mail Transfer Protocol) is used for sending email.
• POP3/IMAP are used for receiving email.
• FTP (File Transfer Protocol) is used for transferring files.
• SSH (Secure Shell) is a secure protocol for remote access to systems.

Network Hardware

• Network Interface Cards (NICs) enable devices to connect to a network.
• Routers forward data packets between networks.
• Switches connect devices within a local network.
• Hubs connect devices in a simple star topology (less efficient than switches).
• Modems convert analog signals to digital signals and vice versa for internet access.
• Firewalls protect networks from unauthorized access.
• Cables (Ethernet, fiber optic) are used for wired network connections.
• Ethernet cables include Cat5e, Cat6, and Cat6a.
• Fiber optic cables provide higher bandwidth and longer distances.

Network Security Principles

• Confidentiality ensures that data is accessible only to authorized users.
• Integrity ensures that data is accurate and unaltered.
• Availability ensures that network resources are accessible when needed.
• Authentication verifies the identity of users or devices.
• Authorization determines what resources a user is allowed to access.
• Accounting tracks user activity and resource usage.

Common Network Threats

• Malware includes viruses, worms, Trojans, and ransomware.
• Phishing attacks trick users into revealing sensitive information.
• Denial-of-Service (DoS) attacks overwhelm network resources, making them unavailable.
• Man-in-the-Middle (MitM) attacks intercept communication between two parties.
• SQL injection attacks exploit vulnerabilities in database-driven applications.
• Cross-Site Scripting (XSS) attacks inject malicious scripts into websites.
• Password attacks include brute-force, dictionary, and social engineering techniques.

Network Security Measures

• Firewalls filter network traffic based on predefined rules.
• Intrusion Detection Systems (IDS) monitor network traffic for malicious activity.
• Intrusion Prevention Systems (IPS) automatically block malicious activity.
• Virtual Private Networks (VPNs) create secure connections over public networks.
• Encryption protects data confidentiality by converting it into an unreadable format.
• Access controls restrict access to network resources based on user roles and permissions.
• Security audits assess the effectiveness of security measures.
• Regular software updates and patching address security vulnerabilities.
• Employee training educates users about security threats and best practices.
• Physical security measures protect network hardware from theft or damage.

Wireless Network Security Measures

• Enable WPA3 or WPA2 encryption on wireless routers.
• Use a strong and unique password for the wireless network.
• Change the default SSID (network name) to something less obvious.
• Disable SSID broadcasting to hide the network from casual searches.
• Enable MAC address filtering to restrict access to authorized devices.
• Regularly update the firmware on wireless routers.
• Use a guest network for visitors to isolate them from the main network.
• Monitor the wireless network for unauthorized devices.
• Place the wireless router in a secure location.

Network Troubleshooting

• Start by checking physical connections and power to devices.
• Verify IP addresses and network configurations.
• Use ping to test network connectivity.
• Use traceroute to identify the path packets take to reach a destination.
• Check firewall settings and access control lists.
• Analyze network traffic using packet sniffers like Wireshark.
• Review system logs for error messages.
• Update drivers and firmware on network devices.
• Consult online resources and documentation for troubleshooting tips.

Network Segmentation

• Network segmentation divides a network into smaller, isolated segments.
• Segmentation improves security by limiting the impact of breaches.
• It enhances performance by reducing network congestion.
• VLANs (Virtual LANs) logically separate devices within a physical network.
• Subnetting divides a network into smaller subnets based on IP address ranges.
• Firewalls can be used to control traffic between network segments.
• DMZs (Demilitarized Zones) are used to host publicly accessible services while protecting the internal network.

Cloud Networking

• Cloud networking involves using cloud-based resources to build and manage networks.
• Virtual networks in the cloud allow users to create isolated network environments.
• Cloud-based firewalls provide security for cloud resources.
• Load balancers distribute traffic across multiple servers in the cloud.
• VPN gateways connect on-premises networks to cloud networks.
• Content Delivery Networks (CDNs) cache content closer to users for faster delivery.

Network Monitoring

• Network monitoring tools track network performance and identify issues.
• SNMP (Simple Network Management Protocol) is used to collect information from network devices.
• Network monitoring systems can alert administrators to potential problems.
• Performance metrics include bandwidth utilization, latency, and packet loss.
• Security monitoring tools detect and respond to security threats.
• Log management systems collect and analyze security logs from various sources.
• SIEM (Security Information and Event Management) systems provide a centralized view of security events.