Objective 1

Question 1

NAS

Answer 1

(Network Attached Storage) Dedicated file storage device that provides centralized access to data across a network. NAS devices are commonly used for backup and file sharing

Question 2

SAN

Answer 2

(Storage Area Network) A dedicated high-speed network that makes storage devices accessible to servers by attaching storage directly to an operating system. It centralizes storage devices so they are easier to manage and communicate faster over media.

Question 3

AP

Answer 3

(Access Point) Device that allows wireless devices to connect to a wired network using WI-Fi, enabling Internet or network access in a specific location

Question 4

Controller

Answer 4

A device or software that centrally manages multiple wireless access points

Question 5

CDN

Answer 5

(Content Delivery Network) Network of distributed servers that delivers web content to users on the basis of their geographical location, optimizing speed and performance

Question 6

VPN

Answer 6

(Virtual Private Network) Creates a secure, encrypted connection over a less secure network, such as the Internet, allowing remote users to safely access private networks.

Question 7

QoS

Answer 7

(Quality of Service) Network feature that prioritizes specific types of traffic, such as voice and video, to ensure smooth performance and avoid latency.

Question 8

TTL

Answer 8

(Time To Live) Field in an IP packet that specifies the number of hops the packet can take before it is discarded, preventing routing loops.

Question 9

NFV

Answer 9

(Network Functions Virtualization) Replaces traditional hardware appliances with software-based VMs that perform network functions such as routing, switching, or firewalling.
Allows for flexibility in deploying and scaling network services without the need for physical hardware.

Question 10

VPC

Answer 10

(Virtual Private Cloud) Logically isolated section of a cloud provider’s network where users can deploy resources such as VM’s and databases.
Provides a private, secure environment within the larger public cloud.

Question 11

Network security groups

Answer 11

Act as virtual firewalls to control inbound and outbound traffic for cloud-based resources.
Define rules that specify allowed or denied traffic on the basis of IP address, protocol, or port.

Question 12

Network security lists

Answer 12

Define rules for controlling traffic to and from cloud resources but are generally used at the subnet level rather than at the instance level

Question 13

Internet Gateway

Answer 13

Virtual router that allows resources within a VPC to communicate with the internet

Question 14

NAT Gateway

Answer 14

(Network Address Translation Gateway) Allows instances within a private subnet to access the internet or other external services without exposing the instances to incoming traffic from the internet

Question 15

VPN

Answer 15

Allows secure access to a private network over the Internet by encrypting the connection between the user and the network.

Question 16

Cloud Gateways

Answer 16

Entry and exit points that let traffic move between a cloud network and something outside of it.
Example: Internet gateway, NAT gateway, VPN gateway, Transit gateway, and Application gateway/Loadbalancer

Question 17

Direct Connect

Answer 17

Provides a dedicated, private connection between an on-premises network and a cloud provider, offering higher bandwidth and lower latency compared to a VPN.

Question 18

Public Cloud

Answer 18

Cloud-computing model where resources are shared among multiple users and hosted by a third-party provider.
Cost-effective and scalable but less secure than private clouds.

Question 19

Private Cloud

Answer 19

Dedicated to a single organization, offering enhanced security and control.

Question 20

Hybrid Cloud

Answer 20

Combines Public and Private clouds, allowing data and applications to be shared between them.

Question 21

SaaS

Answer 21

(Software as a Service) Delivers software applications over the internet on a subscription basis.

Question 22

IaaS

Answer 22

(Infrastructure as a Service) Provides virtualized computing resources over the Internet, allowing users to manage and deploy VMs, storage, and networking components.

Question 23

PaaS

Answer 23

(Platform as a Service) Provides a platform allowing users to build, test, and deploy applications without managing underlying infrastructure.

Question 24

Scalability

Answer 24

System’s ability to increase or decrease resources as demand fluctuates.

Question 25

Elasticity

Answer 25

Ability of a cloud service to automatically adjust computing resources in real time to match demand.

Question 26

Multitenancy

Answer 26

Allows multiple customers to share the same physical cloud infrastructure while keeping their data isolated.

Question 27

ICMP

Answer 27

(Internet Control Message Protocol) Network protocol used to send error messages and operational information.

Question 28

TCP

Answer 28

(Transmission Control Protocol) Connection-oriented protocol that ensures reliable transmission of data by checking for errors and retransmitting lost packets.

Question 29

UDP

Answer 29

(User Datagram Protocol) Connectionless protocol that is faster but less reliable than TCP.

Question 30

GRE

Answer 30

(Generic Routing Encapsulation) Tunneling protocol that encapsulates packets to send them across different types of networks

Question 31

IPSec

Answer 31

(Internet Protocol Security) Protocol suite for securing IP communications by encrypting and authenticating packets.

Question 32

AH

Answer 32

(Authentication Header) Authenticates the origin of packets. Used with IPSec protocol

Question 33

ESP

Answer 33

(Encapsulating Security Payload) Provides encryption, ensuring the contents of a packet are secure. Used with IPSec protocol

Question 34

IKE

Answer 34

(Internet Key Exchange) Sets up a security association (SA) in IPSec for exchanging cryptographic keys.

Question 35

Unicast

Answer 35

Data sent from a single source to a single destination.

Question 36

Multicast

Answer 36

Data sent from a single source to multiple destinations that belong to a specific group.

Question 37

Anycast

Answer 37

Data sent to multiple destinations but delivered to the closest destination on the basis of routing metrics.

Question 38

Broadcast

Answer 38

Data sent from a single source to all devices in a network or subnet.

Question 39

Single-mode fiber

Answer 39

Uses a small core to carry light signals over long distances with minimal signal loss (Laser Beam)

Question 40

Multi-mode fiber

Answer 40

Has a larger core and is used for shorter distances (LED)

Question 42

CAT 5

Answer 42

100BASE-T (Fast Ethernet) 100 Mbps 100 Meters Max 100 MHz Frequency

Question 43

CAT 5e

Answer 43

1000Base-T (Gigabit Ethernet) 1 Gbps 100 Meters Max 100 MHz

Question 44

CAT 6 (100 Meters or less)

Answer 44

1000BASE-T (Gigabit Ethernet) 1 Gbps 100 Meters Max 250 MHz

Question 45

CAT 6 (55 Meters of less)

Answer 45

10GBASE-T (10-Gigabit Ethernet) 10 Gbps 55 Meters or less

Question 46

CAT 6a

Answer 46

10GBASE-T (10- Gigabit Ethernet) 10 Gbps 100 Meters Max 500 MHz Frequency

Question 47

CAT 7

Answer 47

10GBASE-T (10 Gigabit Ethernet) 10 Gbps 100 Meters Max 600 MHz Frequency

Question 48

CAT 8

Answer 48

10GBASE-T, 25GBASE-T, 40GBASE-T 40 Gbps Max 30 Meters Max 2000 MHz/2 GHz Frequency

Question 49

Plenum Cables

Answer 49

Plenum Cables have a fire resistant jacket and are used in spaces with air circulation, such as ceilings or raised floors.

Question 50

Non-Plenum Cable

Answer 50

They lack fire resistance and are used in less critical areas

Question 51

Transceivers

Answer 51

Devices that can transmit and receive signals over a network, converting data from electrical signals to optical signals (& vice versa) when using fiber optics

Question 52

Transceivers Protocol: Ethernet

Answer 52

Common transceiver protocol used in LANs for wired communication

Question 53

Transceiver Protocol: Fibre Channel (FC)

Answer 53

High speed protocol used primarily in SANs to connect servers to storage devices

Question 54

SFP

Answer 54

(Small Form-factor pluggable) Compact, hot-swappable transceiver used in networking equipment such as switches and routers, for both fiber-optic and copper connections.

Question 55

QSFP

Answer 55

(Quad Small Form Factor Pluggable) Higher capacity version of SFP that supports 4 channels, enabling faster speeds and higher data rates.

Question 56

DAC

Answer 56

(Direct Attach Copper Cable) High speed cable used to connect devices in a data center

Question 57

Twinaxial Cable

Answer 57

Specific type of DAC cable used for short range, high speed interconnections in SANs and data centers.

Question 58

SC

Answer 58

Subscriber Connector Fiber-optic connector with a push-pull locking mechanism, commonly used in high speed networks

Question 59

LC

Answer 59

Local Connector Smaller, high-performance fiber-optic connector used in dense networking environments

Question 60

ST

Answer 60

Straight tip Bayonet-style fiber-optic connection used primarily in industrial and military applications

Question 61

MPO

Answer 61

Multi-fiber push on High density connector used to connect multiple fibers in data centers

Question 62

RJ11

Answer 62

Registered Jack 11 Connector used for telephone wiring

Question 63

RjJ45

Answer 63

Registered Jack 45 Standard connector for Ethernet cabling in LANs

Question 64

F-type

Answer 64

Coaxial cable connector used in television and broadband Internet connections

Question 65

BNC

Answer 65

Bayonet Neill-Concelman Quick connect radio frequency (RF) connector used in professional video and RF equipment

Question 66

Mesh

Answer 66

Each device is connected to every other device

Question 67

Hybrid

Answer 67

Combination of multiple topologies in a single network

Question 68

Star/hub & Spoke

Answer 68

Devices are connected to a central hub or switch

Question 69

Spine & Leaf

Answer 69

High speed data center topology where leaf switches connect to end devices (servers) and spine switches provide high-bandwidth inter-connectivity between leaf switches

Question 70

Point to point

Answer 70

Direct connection between two devices or nodes

Question 71

Three-tier hierarchical model

Answer 71

Network design that divides devices into three layers-Core, distribution, and access-allowing for scalability and organization.

Question 72

Core Layer: Distribution layer: Access layer:

Answer 72

1. High speed backbone of the network, connecting distribution layers 2. Connects access layer to core, providing routing, filtering, & access control 3. Where end devices, such as desktops and printers, connect to the network

Question 73

Collapsed Core

Answer 73

Simplified version of the three-tier model where the core and distribution layers are combined into a single layer, typically used in smaller networks

Question 74

North-South

Answer 74

Between the data center and external clients, typically involving traffic that enters and leaves the network

Question 75

East-West

Answer 75

Between devices within the same data center or network, such as communication between servers

Question 76

APIPA

Answer 76

Automatic Private IP Addressing Automatically assigns an IP address from the 169.254.X.X range when a DHCP server is not available

Question 77

RFC1918

Answer 77

Defines private IP address ranges that are used within a local network Class A: 10.0.0.0 - 10.255.255.255 Class B: 172.16.0.0 - 172.31.255.255 Class C: 192.168.0.0 - 192.168.255.255

Question 78

Loopback/Localhost

Answer 78

127.0.0.1. Is used to test network functionality on a local machine.

Question 79

VLSM

Answer 79

Variable Length Subnet Mask Allows different subnets to have different subnet masks, enabling more efficient use of IP addresses

Question 80

CIDR

Answer 80

Classless Inter-Domain Routing Method of IP address allocation that eliminates the traditional class based addressing

Question 81

IPv4 address classes

Answer 81

Class A: 16 million Hosts. 1.0.0.0 - 126.0.0.0 Class B: 65,000 Hosts. 128.0.0.0 - 191.255.0.0 Class C: 254 Hosts. 192.0.0.0 - 223.255.255.0 Class D: Multicast traffic. 224.0.0.0 - 239.255.255.255 Class E: Experimental. 240.0.0.0 - 255.255.255.255

Question 82

SDN & SD-WAN

Answer 82

SDN: Software-Defined Network SD-WAN: Software-Defined WAN They provide a flexible, programmable approach to managing network infrastructure. They allow for dynamic routing and traffic optimization based on real-time network conditions, making them ideal for evolving network environments.

Question 83

Application aware

Answer 83

SDN & SD-WAN can dynamically optimize traffic on the basis of the type of application being used

Question 84

Zero-touch provisioning

Answer 84

Automates the setup and configuration of network devices without manual intervention, reducing errors and deployment time. (Plug it in-it configures itself)

Question 85

Transport agnostic

Answer 85

SD-WAN can route traffic over various transport options, such as multiprotocol label switching (MPLS), broadband, or LTE, without being tied to a specific technology, allowing for better flexibility and cost savings.

Question 86

Central policy management

Answer 86

SDN allows centralized management of network policies, enabling administrators to define, deploy, and enforce policies across the entire network.

Question 87

VXLAN

Answer 87

Virtual Extensible Local Area Network A network virtualization technology that extends layer 2 networks over layer 3 infrastructure, typically used in data center environments to scale and manage networks more effectively.

Question 88

DCI

Answer 88

Data center interconnect VXLAN allows multiple data centers to be connected over layer 3 networks while maintaining layer 2 services.

Question 89

Layer 2 Encapsulation

Answer 89

VXLAN encapsulates layer 2 Ethernet frames in UDP packets, allowing them to travel over layer 3 networks.

Question 90

ZTA

Answer 90

Zero trust architecture A security model that assumes no user, device, or application should be trusted by default, even if they are inside the network perimeter. Instead, access must be continuously verified.

Question 91

Policy-based authentication

Answer 91

Access is granted on the basis of strict policies, ensuring users and devices are authenticated each time they access resources.

Question 92

Authorization

Answer 92

Access is controlled on the basis of roles, ensuring users only have access to the data or systems they need.

Question 93

Least privilege access

Answer 93

Users are given the minimum level of access necessary to perform their job functions, reducing the risk of unauthorized access.

Question 94

SASE

Answer 94

Secure Access Secure Edge Combines SD-WAN capabilities with cloud-based security services, including firewall as a service (FWaaS), secure web gateways (SWG), and cloud access security brokers (CASB)

Question 95

SSE

Answer 95

Security Service Edge Focuses on the security aspect of SASE, ensuring secure access to resources through identity based policies.

Question 96

IaC

Answer 96

Infrastructure as code Automates the provisioning, management, and configuration of infrastructure using code. IaC allows for consistent and repeatable deployments, improving operational efficiency.

Question 97

Playbooks/templates/reusable tasks

Answer 97

Automating routine tasks, such as configuring network devices or deploying VMs with predefined scripts or templates

Question 98

Configuration drift/compliance

Answer 98

Automatically detecting and correcting deviations from desired configurations, ensuring network devices stay compliant with security and operational policies.

Question 99

Upgrades

Answer 99

Automating firmware or software updates across network devices to ensure all systems are running the latest, most secure versions.

Question 100

Dynamic inventories

Answer 100

Automatically tracking and managing network assets, ensuring accurate and up-to-date records

Question 101

Version control

Answer 101

Tracking changes to configuration files over time, allowing rollbacks and auditing of network changes.

Question 102

Central repository

Answer 102

Storing all network configurations, playbooks, and templates in a centralized location, making it easy for teams to access and collaborate.

Question 103

Conflict identification

Answer 103

Detecting configuration conflicts during collaborative work to prevent errors or outages.

Question 104

Branching

Answer 104

Using separate branches in version control to develop, test, and deploy network configurations without affecting production systems.

Question 105

IPv6 addressing

Answer 105

IPv6 addressing is essential in modern networks to mitigate the exhaustion of IPv4 addresses and ensure continued scalability.

Question 106

Mitigating address exhaustion

Answer 106

IPv6 provides a vastly larger address space than IPv4, using 128-bit addresses compared to IPv4's 32 bit addresses.

Question 107

Compatibility requirements: Tunneling

Answer 107

Allows IPv6 traffic to be encapsulated inside IPv4 packets for transmission over IPv4 networks, ensuring compatibility between the two protocols.

Question 108

Compatibility requirements: Dual Stack

Answer 108

Allows devices to run both IPv4 and IPv6 protocols simultaneously, ensuring seamless communication in mixed network environments.

Question 109

NAT 64

Answer 109

Enables IPv6-only devices to communicate with IPv4 services by translating IPv6 addresses to IPv4.