Help
Options
Didn't know it?
click below
click below
Knew it?
click below
click below
Don't Know
Remaining cards (0)
Know
retry
shuffle
restart
0:00
Embed Code - If you would like this activity on your web page, copy the script below and paste it into your web page.
Normal Size Small Size show me how
Normal Size Small Size show me how
CompTIA Security+
Security+
| Term | Definition |
|---|---|
| 3 basic steps to isolate network problem | Is the connection to the machine down? (layer 1); Is the network down? (layer 3); Is a service on a specific machine down? (layer 7) |
| 3 blocks for private IP addresses | 10.0.0.0 - 10.255.255.255; 172.16.0.0 - 172.31.255.255; 192.168.0.0 - 192.168.255.255 |
| 3 types of IPv6 address | unicast; multicast; anycast |
| 6to4 prefix | A technique that enables IPv6 hosts to communicate over the IPv4 Internet |
| 10Base2 | ThinNet 10Mbps over coax; up to 185 m |
| 10Base5 | ThickNet 10Mbps over coax; up to 500 m |
| 10BaseF | 10Mbps over multimode fiber-optic cable |
| 10BaseFL | 10Mbps over 850 nm multimode fiber-optic cable |
| 10BaseT | 10Mbps over twisted-pair |
| 10GBaseT | Another name for 10GE when over copper |
| 10GE | 10Gb Ethernet |
| 64 bytes | Minimum length of an Ethernet frame |
| 100BaseFX | 100Mbps over fiber |
| 100BaseT | Fast Ethernet. 100Mbps over twisted-pair |
| 802.11a | Wireless standard; 54Mbps; 75 ft; 5Ghz |
| 802.11ac | Latest wireless standard; single-station data transfer rates of 500Mbps; 5Ghz |
| 802.11b | Wireless standard; 11Mbps; 100-150 ft; 2.4GHz |
| 802.11g | Wireless standard; 54Mbps; 150 ft; 2.4GHz |
| 802.11i | WLANs standard providing improved data encryption for 802.11a - 802.11b - and 802.11g |
| 802.11n | Wireless standard; 4 x 802.11g speeds (200+Mbps); 2.4GHz or 5GHz |
| 802.11r | WLAN standard is designed to speed hand-offs between access points/cells & critical for VoIP |
| 1000BaseFX | 1000Mbps over fiber |
| 1000BaseT | Gigabit Ethernet - 1000Mbps over twisted-pair |
| 1518 bytes | Maximum length of an Ethernet frame |
| absorption | Light interaction with the atomic structure of the fiber material; also involves the conversion of optical power to heat |
| access lists (ACLs) | A basic form of firewall protection |
| access point | A transceiver used to interconnect a wireless and a wired LAN |
| ACR | Compares the signal level from a transmitter at the far end to the crosstalk measured at the near end |
| ad hoc | Another term used to describe an independent network |
| address resolution protocol (ARP) | The protocol used to map an IP address to its MAC address |
| aging time | The length of time a MAC address remains assigned to a port |
| Alien crosstalk (AXT) | Unwanted signal coupling from one permanent link to another |
| anycast address | IPv6 address obtained from a list of addresses but is only delivered to the nearest node |
| Application layer | Interacts with application programs that incorporate a communication component such as your Internet browser and email (HTTP FTP SMTP). 7th OSI layer |
| arp -a | Command to view ARP cache |
| ARP cache | Temporary storage of MAC addresses recently contacted |
| ARP table | Another name for the ARP cache |
| Association | Term describing when a wireless connection has been obtained with a network |
| Attenuation | The amount of loss in the signal strength as it propagates down a wire or fiber strand |
| attenuator | Used to reduce the received signal level (RSL) |
| Authentication Header (AH) | IPsec security protocol guaranteeing packet authenticity (via MD5 or SHA-1) |
| auto-negotiation | Protocol used by interconnected electronic devices to negotiate a link speed |
| Backbone cabling | Cabling that interconnects telecommunication closets; equipment rooms; and cabling entrances in the same building and between buildings |
| Backbone | Main fiber distribution |
| backscatter | Refers to the reflection of the radio waves striking the RFID tag and reflecting back to the transmitter source |
| Balanced mode | Neither wire in the wire pairs connects to ground |
| Basic Service Set (BSS) | Term used to describe an independent network; fundamental topology of WLAN |
| beacon | Used to verify the integrity of a wireless link; transmits SSID |
| Beamforming | A technique used to direct transmission of the radio signal to a specific device |
| bottlenecking | Another name for network congestion |
| bridge | A layer 2 networking device that uses the MAC address to forward data and segment/interconnect two LANs |
| Broadband gateway | Combines a modem and router in one unit. Also referred to as a broadband modem |
| broadcast domain | Any network broadcast sent over the network will be seen by all networking devices in this domain |
| broadcast storm | Excessive amounts of broadcasts; results in degraded network performance |
| broadcast | Transmission of data by a hub to all devices connected to its ports |
| brute force attack | Uses every possible combination of characters for the password to log in to an account |
| Building entrance | The point where the external cabling and wireless services interconnect with the internal building cabling. Also called the entrance facilities. |
| bus topology | The computers share the media (coaxial cable) for data transmission |
| campus area network (CAN) | Interconnected LANs within a limited geographic area (college campus; military base; group of commercial buildings) |
| CAT6 | Class E twisted-pair cables capable of up to 1000Mbps/1Gbps up to a length of 100 m |
| CAT6a | An improved version of CAT6 that supports 10GB Ethernet. Class Ea. |
| CAT7/7a and CAT6a | UTP cable category standards that support 10GB data rates for a length of 100 meters |
| Challenge Handshake Authentication Protocol (CHAP) | An encrypted authentication method that uses the MD5 hashing algorithm |
| CIDR block | The grouping of two or more class networks together; also called supernetting |
| cladding | Material surrounding the core; which must have a lower index of refraction to keep the light in the core |
| Class A networks | Governments - very large networks. Range from 0.0.0.0 to 126.255.255.255. Example: 44.x.x.x |
| Class B networks | Midsize companies. universities and so on. Range from 128.0.0.0 to 191.255.255.255. Example: 128.123.x.x |
| Class C networks | Small networks. Range from 192.0.0.0 to 223.255.255.255 Example: 192.168.1.x |
| Class D networks | Reserved for multicast groups. Range from 224.0.0.0 to 239.255.255.255. Example: 224.x.x.x |
| Class E networks | Experimental. Not used on the Internet. Range from 240.0.0.0 to 254.255.255.255 |
| classful network | Term for when the IP and subnet addresses are within the same network |
| color map | The specification of which wire color connects to which pin on the connector |
| connection-oriented protocol | Establishes a network connection. manages the delivery of data and terminates the connection (Ex: TCP) |
| connectionless protocol | Protocol that doesn't establish a connection or acknowledge packet arrival (Ex: UDP) |
| Content Addressable Memory (CAM) | A table of MAC addresses and port mapping used by the switch to identify connected devices |
| cross-connect | A space where you are going to take one or multiple cables and connect them to one or more cables or equipment |
| Crossover | Transmit and receive signal pairs are switched |
| Crosstalk | Signal coupling in a cable |
| CSMA/CA | Carrier sense multiple access/collision avoidance. Used in 802.11 |
| CSMA/CD | The Ethernet LAN media-access method. carrier sense multiple access with collision detection |
| cut-through | The data packet is forwarded to the destination as soon as the destination MAC address has been read |
| Data link layer | Handles error recovery. flow control (synchronization). and sequencing (MAC; Ethernet) - Second OSI layer |
| Delay skew | The difference in arrival time between the fastest and the slowest signal in a UTP wire pair |
| denial of service (DoS) | A service is being denied to a computer. network. or server |
| dense wavelength division multiplexing (DWDM) | Incorporates the propagation of several wavelengths in the 1550 nm range for a single fiber |
| deterministic network | Each station connected to the network is ensured access for transmission of its messages at regular or fixed time intervals |
| dictionary attack | Uses known passwords and many variations to try to log in to an account |
| Diffie-Hellman | A key exchange algorithm used to generate a shared session secret key to encrypt the key exchange |
| direct sequence spread spectrum (DSSS) | A technique used in 802.11 to spread transmitted data over a wide bandwidth |
| directed broadcast | The broadcast is sent to a specific subnet |
| dispersion | Broadening of a light pulse as it propagates through a fiber strand |
| DMZs | "Zone used to isolate the ""outside"" servers" |
| dynamic assignment | Name for when a switch assigns MAC addresses to a port at the time a host is connected |
| dynamic or private ports | Ports 49152-65535 |
| EAP | Protocol where the access point sends a message requesting the user's identity |
| EIA/TIA 568-B | The standard that defines the six subsytems of a structured cabling system. |
| EIA/TIA-568-B.1 | Commercial cabling standard; master document |
| EIA/TIA-568-B.2 | Standard for twisted-pair media |
| EIA/TIA-568-B.3 | Optical fiber cabling standard |
| Encapsulating Security Payload (ESP) | IPsec security protocol providing confidentiality via encryption (DES; 3DES; AES) |
| Entrance facilities (EF) | Another name for the building entrance |
| Equipment room (ER) | A room set aside for complex electronic equipment such as the network servers and telephone equipment |
| Ethernet | LAN protocol created in 1972 and standardized in 1980 using CSMA/CD. |
| Extended Service Set (ESS) | The use of multiple access points to extend user mobility |
| Extensible Authentication Protocol (EAP) | Collects the user authentication data and validates it against an auth server like a RADIUS server |
| F/UTP | Foil over twisted pair |
| Fiber cross-connect | Optical patch panel used to interconnect fiber cables |
| firewall | Device/software that protects the network; prevent unauthorized access |
| flooding | The term describing what happens when a switch doesn't have the destination MAC address stored in CAM |
| Frame header | Consists of the preamble; start frame delimiter destination and source addresses; and length/type field |
| Frame | Contains the header; data; and trailer (the padding and 4-byte CRC frame check sequence) |
| frequency hopping spread spectrum (FHSS) | A technique used in 802.11 where the transmit signal frequency changes based on a pseudorandom sequence |
| Full channel | Consists of all the link elements from the wall plate to the hub or switch |
| full duplex | Transmit and receive at the same time |
| full IPv6 address | All 32 hexadecimal positions contain a value other than 0 |
| gateway | The networking device that enables hosts in a LAN to connect to networks/hosts outside the LAN |
| graded-index fiber | Fiber type where the index of refraction is gradually varied with a parabolic profile. Provides longer lengths and higher bandwidths |
| hand-off | When the user's computer establishes an association with another access point with a stronger signal |
| hopping sequence | The name for the specific order of frequency changes used in FHSS |
| Horizontal cabling | Cabling that extends out from the telecommunications closet into the LAN work area |
| Horizontal cross-connect | The connection between the building distributors and the horizontal cabling to the work area/outlet. Also called the floor distributors (FD). |
| Host address | Another name for the host number |
| Host number | The portion of the IP address that defines the location of the networking device connected to the network; also called the host address |
| hotspots | A limited geographic area that provides wireless access for the public |
| hub | A multiport repeater device used at the center of a star topology |
| Hybrid echo cancelation unit | Removes the transmitted signal from the receive signal |
| IANA | The agency that assigns IP addresses to computer networks |
| IEEE 802.3an-2006 10GBASE-T | The standard to 10Gb Ethernet; 500 MHz bandwidth and up to 100 m |
| infrared light | Light extending from 680 nm up to the wavelengths of the microwaves |
| inquiry procedure | Identifies and allows discovery of Bluetooth devices |
| Insertion loss | Another name for attenuation |
| Intermediate cross-connect | The building's connection point to the campus backbone. Also called the building distributor (BD). |
| Internet Control Message Protocol (ICMP) | Protocol used to control the flow of data. report errors. and perform diagnostics |
| Internet Control Message Protocol | What ICMP stands for. verifies that messages are being delivered |
| Internet Group Message Protocol (IGMP) | Protocol used when one host needs to send data to many destination hosts (i.e. to multicast) |
| Internet Protocol (IP) | Protocol that defines the addressing used to identify the source and destination addresses of data packets |
| Intranet | An internal network that provides file and resource sharing but is not accessed from the Internet |
| intrusion prevention system (IPS) | Monitors and analyzes the network traffic in real time to identify misuse and anomalies |
| IP address | Unique 32-bit address that identifies on which network the computer is located as well as differentiates the computer from all other devices on the same network |
| IP internetwork | A network that uses IP addressing for identifying devices connected to the network |
| IP tunnel | An IP packet encapsulated in another IP packet. secure VPN connection between 2 endpoints |
| ipconfig /all | Enables the MAC address information to be displayed from the command prompt |
| ipconfig | Command used to display the computer's address |
| IPsec | Where each packet is encrypted prior to transmission across the network link. used in VPNs |
| isolating the collision domains | Term for breaking a network into segments where a segment is a portion of the network where data traffic from one part of the network is isolated from the other networking devices |
| isolator | An inline passive device that allows optical power to flow only in one direction |
| jamming | Attack where the wireless network is overwhelmed with wireless traffic. preventing use/access |
| Layer 2 Forwarding Protocol (L2F) | Cisco tunneling protocol on UDP port 1701. requires special hardware. passes PPP auth to corporate server |
| layer 2 switch | An improved network technology that provides a direct data connection for network devices in a LAN |
| Layer 2 Tunneling Protocol (L2TP) | IETF tunneling protocol on UDP port 1701. no special hardware initiated directly from the client |
| LEAP | An 802.1x authentication system used by Cisco requiring a password to access the network |
| Link integrity test | Protocol that verifies a communication link between two Ethernet devices has been established |
| Link light | Indicates that the transmit and receive pairs are properly aligned |
| Link pulses | Sent by connected devices via twisted-pair when data is not being transmitted to indicate that the link is still up |
| link-local address | Address designed to be used for and limited to communications on the local link |
| Link | Point from one cable termination to another |
| MAC address | A unique 6-byte/48-bit address assigned by the vendor of the network interface card displayed in 12 hex digits |
| macrobending | Loss due to light breaking up and escaping into the cladding |
| Main cross-connect | Typically the central telecommunications connection point for a campus or building. Also called the main distribution frame (MDF). main equipment room. or campus distributor (CD). |
| managed switch | Allows the network administrator to monitor. configure. and manage select network features |
| mechanical splice | Two fibers joined together with an air gap. requires an index-matching gel to provide a good splice |
| media converter | Used to adapt a layer 1 (physical layer) technology to another layer 1 technology (Think AUI to Ethernet) |
| mesh topology | All networking devices are directly connected to each other. allows for full redundancy |
| microbending | Loss caused by very small mechanical deflections and stress on the fiber |
| MIMO | A space-division multiplexing technique where the data stream is split into multiple parts called spatial streams |
| multicast address | IPv6 addresses that start with FF00::/8 |
| multicast addresses | The reserved addresses used to send a multicast data packet |
| multicast | Messages are sent to a specific group of hosts on the network |
| multilayer switch | Device that operates at layer 2 but functions at the higher layers |
| Multilevel encoding | Technique used to reduce the bandwidth required to transport data |
| multimode fiber | A fiber that supports many optical waveguide modes |
| multiport bridge | Another name for a layer 2 switch |
| multiport repeater | The data it receives is broadcast and seen by all devices connected to its ports. A hub. |
| Multiuser MIMO (MUMIMO) | Use of MIMO technology with eight spatial streams |
| near-end crosstalk (NEXT) | A measure of the level of crosstalk or signal coupling in a cable. A high (dB) value is desirable |
| netstat -a | Windows command to display currently open ports and who is connected |
| netstat -b | Windows command to display what app is connected/listening to a port |
| network congestion | A slowdown on network data traffic movement |
| Network layer | Accepts outgoing messages and combines messages or segments into packets; adding a header that includes routing information (IP; IPX). 3rd OSI layer |
| Network number | The portion of the IP address that defines which network the IP packet is originating from or being delivered to |
| nmap | A Linux port scanner |
| non-Internet routable IP addresses | IP addresses not routed on the Internet. Private address ranges; blocked by ISPs. |
| Normal velocity of propagation | Some percentage of the velocity of light that measures the speed of a signal in a cable |
| numerical aperture | A measure of a fiber's ability to accept light |
| Numerics | A numerical representation (used to describe the data rates for the twisted-pair/coaxial media) |
| open authentication | A null authentication that can enable any client to authenticate to an AP as long as they know the SSID |
| Open system interconnect | What OSI stands for |
| optical spectrum | Light frequencies from the infrared on up |
| Organizationally unique identifier (OUI) | The first 3 bytes of the MAC address that identifies the manufacturer of the network hardware |
| orthogonal frequency division multiplexing (OFDM) | Technique used in 802.11 that divides the signal bandwidth into smaller subchannels over which data is transmitted in parallel |
| OSI model | The seven layers describing network functions |
| Overloading | Technique where NAT translates the home network's private IP addresses to a single public IP address |
| packet filtering | Firewall technique that limits the information that can enter the network or move between segments |
| packet sniffing | A technique in which the contents of data packets are watched |
| paging procedure | Used to establish and synchronize a connection between two Bluetooth devices |
| Passkey | Used in Bluetooth Security to limit outsider access to the pairing |
| Password Authentication Protocol (PAP) | A simple; clear-text (unencrypted) authentication method; superseded by CHAP |
| password cracking | The attacker tries to guess the user's password |
| Patch cable | A short cable used to make the physical connection between networking equipment |
| penetration testing | A way to evaluate the security of the user's network by trying to exploit vulnerabilities |
| perimeter firewall | A firewall physically placed between the public Internet and its internal networks |
| Physical layer | Provides the electrical and mechanical connection to the network (cabling; NICs) - First OSI Layer |
| Piconet | An ad hoc network of up to eight Bluetooth devices |
| Ping | ICMP command used to test that a device on the network is reachable |
| Port Address Translation (PAT) | A port number is tracked with the client computer's private address when translating to a public address |
| PPP | The de facto protocol of the dial-up networking |
| PPTP | Uses a modified GRE tunnel to carry its encapsulated packet for IP transmission |
| Presentation layer | Accepts and structures the messages for the application (ASCII; JPEG). 6th OSI layer |
| Private addresses | IP addresses set aside for use in private intranets |
| Propagation delay | The amount of time it takes for a signal to propagate from one end of the cable to the other |
| protocol | The set of rules established for users to exchange information |
| proxy server | Server clients go through to communicate with secure systems |
| pulse dispersion | Stretching of received pulse width because of multiple paths taken by the light. Limits distance and rate of data transmission |
| RADIUS | Authentication service that prevent unauthorized users from connecting and keeps authorized users from connecting to rogue access points |
| range extender | Device that relays the wireless signals from an access point or wireless router into areas with a weak signal/no signal |
| refractive index | Ratio of the speed of light in free space to its speed in a given material |
| registered ports | Ports 1024-49151 on file with ICANN |
| remote access VPN | VPN type used to let remote users log in to network. The client usually initiates the connection |
| Return loss | The ratio of power transmitted into a cable to the amount of power returned or reflected |
| RJ-45 | The 8-pin modular connector used with CAT6/5e/5 cable |
| Roaming | Term describing the ability to maintain network connectivity while moving |
| router interface | The physical connection where the router connects to the network; the ports |
| routing table | Keeps track of the routes to use for forwarding data to its destination |
| scattering | Caused by refractive index fluctuations; accounts for 96 percent of attenuation loss |
| secure address | Name for when a switch port will automatically disable itself if a device with a different MAC address connects to the port |
| segment | A section of a network separated by bridges; switches; and routers |
| sequence number | Used to keep track of packets transferred between 2 hosts |
| Service Set Identifier (SSID) | Wireless network name |
| Services provided by WLAN adapter | Delivery of the data;Authentication; Privacy |
| Session layer | Provides the control functions necessary to establish; manage; and terminate the connections (NSF; SQL). 5th OSI layer |
| shared key authentication | Authentication method where both the client and the access point share a key called a pre-shared key (PSK) |
| single-mode fiber | Fiber cables with core diameters of about 7-10 µm; light follows a single path |
| site survey | Performed to determine the best location(s) for placing the access point(s) to provide maximum RF coverage |
| site-to-site VPN | VPN used to create a virtual link from one site to another. Network hardware makes the connection |
| Slotted Aloha | A wireless network communications protocol/technique used in RFID similar to the ethernet protocol |
| social engineering | A way for an intruder to obtain enough information from people to gain access to the network |
| star topology | Twisted-pair cables connect the devices to a central hub or switch |
| stateful firewall | A firewall that keeps track of the data packet flow |
| Stateful Packet Inspection (SPI) | Firewall technique that inspects incoming data packets to make sure they correspond to an outgoing request |
| Stateless address autoconfiguration (SLAAC) | Allows a server-less basic network configuration of the IPv6 computers |
| static addressing | Name for when a switch manually assigns a MAC address to a port |
| store-and-forward | The entire frame of data is received before any decision is made regarding forwarding the data packet to its destination |
| Straight-through | Transmit and receive signal pairs are aligned end-to-end |
| subnetting | A technique used to break down (or partition) networks into subnetworks |
| supernets | The grouping of two or more class networks together - also called CIDR blocks. |
| supernetting | Technique allowing multiple networks to be specified by one subnet mask |
| switch latency | The length of time a data packet takes from the time it enters a switch until it exits |
| switch | Device used at the center of a star topology that forwards a frame it receives directly out the port associated with its destination address |
| T568A | Color map that begins with green |
| T568B | Color map that begins with orange |
| Telecommunications closet | The location of the cabling termination points that includes the mechanical terminations and the distribution frames. Also called telecommunications room (TR) or telecommunications enclosure (TE). |
| Telecommunications outlet (TCO) | The wall plate where the fiber or twisted-pair cable terminates in the room. Can include non-computer network comms |
| Terminated | Where the cable connects to a jack in a wall plate; a patch panel; or an RJ-45 modular plug |
| ThinNet | The coaxial cable used in a bus network. |
| TIA/EIA 568-A | The first major standard describing a structured cabling system for computer networks in 1995 |
| topology | The network architecture used to interconnect the networking equipment |
| transceiver | A transmit/receive unit |
| translation bridge | Used to interconnect two LANs that use two different networking protocols |
| transparent bridge | Interconnects two LANs running the same type of protocol |
| transport layer protocols | Protocols that define the type of connection established between hosts & how acknowledgements are sent |
| Transport layer | Concerned with message integrity between source and destination (TCP; UDP) - Fourth OSI layer. |
| Uplink port | Allows the connection of a switch to another switch without having to use a crossover cable |
| Virtual Private Network (VPN) | Establishes a secure network connection; a way to protect your LAN's data from being observed by outsiders |
| virus | A piece of malicious computer code that can damage your hardware; software or other files |
| well-known ports | Ports 1-1023; reserved by ICANN |
| Wi-fi Protected Setup (WPS) | Simplifies Wi-Fi configuration but vulnerable to brute force attacks |
| Wi-Fi | Wi-Fi Alliance—an organization that tests and certifies wireless equipment for compliance with the 802.11x standards |
| WiMAX | A broadband wireless system based on the IEEE 802.16e standard |
| window size | The number of data packets can be transferred without an acknowledgement |
| Wired network | Uses cables and connectors to establish the network connection |
| Wireless network | Uses radio signals to establish the network connection |
| wireless router | Device used to interconnect wireless networking devices and to give access to wired devices and establish the broadband Internet connection to the ISP |
| work area outlet (WO) | Used to connect devices to the cable plant. Also called the TCO. |
| Work area | The location of the computers and printers patch cables; jacks; computer adapter cables; and fiber jumpers |
| worm | A type of virus - typically proliferates by itself; and can deny service to networks |
Created by:
10219763622623451
Popular Computers sets