108: Networks

Question 1

108.1a
Define Host/Client

Answer 1

architecture that allows multiple users to connect and share resources on the same server

Question 2

108.1b
Define application server

Answer 2

a server that is designed for running specific applications for individual clients to keep resources available for other tasks

Question 3

108.1c
Define hub

Answer 3

central connection point for network connections that receives a packet at one port and copies it unmodified to all other ports (OSI layer 1)

Question 4

108.1d
Define switch

Answer 4

central connection point for network connections that receives a packet at one port, filters it based on the MAC address, and forwards it to the intended destination (OSI layer 2)

Question 5

108.1e
Define router

Answer 5

a networking device that forwards packets between networks by determining the best path to the destination; work at the network layer (OSI layer 3)

Question 6

108.1f
Define WAP

Answer 6

wireless access point
physical wireless device for accessing the internet

Question 7

108.1g
Define proxy server

Answer 7

a server that acts as an intermediary for requests from clients seeking resources from other users

Question 8

108.1h
Define firewall

Answer 8

a network component placed to help eliminate undesired access; 1st line of defense for the network

Question 9

108.1i
Define VPN concentrator

Answer 9

broadcast point for hidden IPs

Question 10

108.1j
Define backup

Answer 10

making data copies that can be restored after a data loss event

Question 11

108.1k
Define repeater

Answer 11

device that receives a signal, cleans it of unnecessary noise, regenerates it, and retransmits it at a higher power level (OSI layer 1)

Question 12

108.2a
Define the access layer of routing

Answer 12

located at customer sites such as branch offices that don’t need hierarchical routing of their own

Question 13

108.2b
Define the distribution layer of routing

Answer 13

aggregate traffic from multiple access routers either at the same site or to collect the data and send it to a major enterprise location

Question 14

108.2c
Define the core layer of routing

Answer 14

provide a “collapsible backbone” interconnecting distribution tier routers from multiple buildings

Question 15

108.3a
Explain topology

Answer 15

the physical arrangement of an area network’s components
- bus: common backbone to connect all devices
- star: features a central connection point
- ring: every device has exactly two neighbors
- mesh: all nodes are connected to each other

Question 16

108.3b
Explain LAN

Answer 16

local area network
privately owned network(s) within a single building or campus of up to a few kilometers

Question 17

108.3c
Explain WAN

Answer 17

wide area network
publicly owned group of networks over a large geographical area

Question 18

108.3d
Explain MAN

Answer 18

metropolitan area network
slightly larger than LAN; covers a group of buildings or city and can be publicly or privately owned

Question 19

108.3e
Explain GAN

Answer 19

global area network
used to support mobile communications across a number of wireless LANs, satellite coverage areas, etc

Question 20

108.3f
Explain VLAN

Answer 20

virtual local area network
enables devices from multiple networks to be combined to a single logical network

Question 21

108.4a
Identify the functions, by layer, of the OSI Model

Answer 21

(picture bottom up)
7. Application Layer - app2app comms
6. Presentation Layer - data rep and encryption
5. Session Layer - interhost comms
4. Transport Layer - end2end connections
3. Network Layer - path determination and IP addressing
2. Data Link Layer - physical addressing (MAC & LLC)
1. Physical Layer - media, signal and binary transmission

Question 22

108.4b
Identify the functions, by layer, of the TCP/IP Model

Answer 22

(picture bottom up)
4. Application Layer - Telnet, FTP, SMTP
3. Transport Layer - TCP, UDP
2. Internet Layer - IP
1. Network Access Layer - Ethernet, Token ring

Question 23

108.5
State the difference between IPv4 and IPv6

Answer 23

IPv4 utilizes 32 bits for addressing
IPv6 utilizes 128 bits for addressing (allowing for more possible address combinations)

Question 24

108.6a
Define NIPRNET and how its used

Answer 24

Nonclassified Internet Protocol Router Network
used to exchange sensitive but unclassified information between internal users as well as provide internet access

Question 25

108.6b Define SIPRNET and how its used

Answer 25

Secret Internet Protocol Router Network interconnected computer networks used to transmit classified information via the TCP/IP protocol suite

Question 26

108.6c Define JWICS and how its used

Answer 26

Joint Worldwide Intelligence Communications Systems interconnected computer networks used to transmit classified information via packet switching over TCP/IP

Question 27

108.6d Define CENTRIXS and how its used

Answer 27

Combined Enterprise Regional Information Exchange System used to connect with select allied countries transmits classified information via a secure TCP/IP infrastructure

Question 28

108.7a Explain CANES and where its employed

Answer 28

Consolidated Afloat Network Enterprise Services newest network architecture/system in the fleet consolidates 4 legacy afloat networks

Question 29

108.7b Explain DoDIN (GIG) and where its employed

Answer 29

DoD Information Network (formerly Global Information Grid) globally connected, end2end set of information capabilities for managing information on demand

Question 30

108.7c Explain DISN and where its employed

Answer 30

Defense Information System Network DoD's worldwide enterprise level telecommunications infrastructure providing end2end information transfer

Question 31

108.7d Explain NMCI and where its employed

Answer 31

Navy/Marine Corps Intranet developed to procure and manage IT for the Navy at the enterprise level partnership between the Navy and the industry

Question 32

108.7e Explain ONENET and where its employed

Answer 32

Navy-wide initiative to install a common and secure IT infrastructure to OCONUS navy locations based on NMCI infrastructure architecture and designed to be interoperable

Question 33

108.7f Explain IT21/ISNS and where its employed

Answer 33

IT21: secret version of CANES idependently administered but centrally governed by the CNO ISNS: Integrated Shipboard Network System legacy predecessor to CANES

Question 34

108.8a Describe Machine Language

Answer 34

the natural language of a computer, defined by its hardware design consists of strings of numbers (1s and 0s)

Question 35

108.8b Describe Assembly Language

Answer 35

English-like abbreviations used by programmers that represent elementary operations

Question 36

108.8c Describe High-Level Language

Answer 36

programming languages such as C, C++, and Java

Question 37

108.8d Describe Operating System

Answer 37

software that controls a computer and provides an interface for the user

Question 38

108.8e Describe Application

Answer 38

computer software designed to perform a singular task or multiple related tasks

Question 39

108.9a Describe a virus and the risks associated

Answer 39

malicious code written with the intention to damage the computer can attach to other files or boot sectors

Question 40

108.9b Describe a worm and the risks associated

Answer 40

self-replicating malware uses a computer network to send copies of itself to other nodes does not need to attach itself to an existing program

Question 41

108.9c Describe a trojan and the risks associated

Answer 41

malware that appears to perform a desirable function but instead facilitates unauthorized access to the computer system

Question 42

108.9d Describe a backdoor and the risks associated

Answer 42

a gap in the security of a computer intentionally left open to permit continuous access without restrictions hackers may do this after a system is compromised

Question 43

108.9e Describe phishing and the risks associated

Answer 43

type of social engineering where users are baited into giving up sensitive information

Question 44

108.10a Describe network enumeration and the risks associated

Answer 44

discovery of hosts and devices on a network in an effort to further identify the function of the remote host, solicit information, and identify the host's vulnerabilities

Question 45

108.10b Describe buffer overflow and the risks associated

Answer 45

attack on a system where a program writing to memory buffer exceeds the bounds of memory control causes erratic program behavior, computer crashes, DoS, etc

Question 46

108.10c Describe SQL injection and the risks associated

Answer 46

attack on a system where malicious code is attempted to be run by exploiting an incorrectly filter input statement malicious code is injected and executed at the same time

Question 47

108.10d Describe a dictionary attack and the risks associated

Answer 47

repeatedly and systematically feeding a system keys and passcodes that are likely to be valid this is not a brute force attack

Question 48

108.10e Describe privilege escalation and the risks associated

Answer 48

a user gaining access to resources they would not normally be granted

Question 49

108.10f Describe brute force attack and the risks associated

Answer 49

feeding a system all possible passphrases, checking every possible combination of characters

Question 50

108.10g Describe social engineering and the risks associated

Answer 50

an attack which deceives people into performing actions or divulging information by preying on social norms, expectations, or other psychological tricks human2human

Question 51

108.10h Describe the rainbow table and the risks associated

Answer 51

precompiled table of hashes where a hacker can simply look up a hash to decrypt a password these are extremely large

Question 52

108.10i Describe denial of service (DoS) and the risks associated

Answer 52

interruption in an authorized user's access by malicious intent

Question 53

108.10j Describe distributed denial of service (DDoS) and the risks associated

Answer 53

DoS where multiple systems flood the bandwidth or resources of a targeted system

Question 54

108.11 Describe the functionality of PKI

Answer 54

Public Key Infrastructure secures the electronic transfer of information by using a set of rules, policies, and procedures to manage digital certificates

Question 55

108.12 State the purpose of a Domain Controller, Exchange Server, and DNS

Answer 55

domain controller is the server which responds to security authentication requests exchange server is a Microsoft email server which is usually joined to a trusted domain DNS is authoritative to its single named IP space

Question 56

108.13a Explain FTP and its specific port(s)

Answer 56

File Transfer Protocol Ports 20/21

Question 57

108.13b Explain SSH and its specific port(s)

Answer 57

Secure Shell Port 22

Question 58

108.13c Explain Telnet and its specific port(s)

Answer 58

Telecommunications Network Port 23

Question 59

108.13d Explain SMTP and its specific port(s)

Answer 59

Simple Mail Transfer Protocol Port 25

Question 60

108.13e Explain DNS and its specific port(s)

Answer 60

Domain Naming Service Port 53

Question 61

108.13f Explain DHCP and its specific port(s)

Answer 61

Dynamic Host Configuration Protocol Ports 67/68

Question 62

108.13g Explain HTTP/HTTPS and its specific port(s)

Answer 62

Hypertext Transfer Protocol Port 80 Hypertext Transfer Protocol (Secure) Port 443

Question 63

108.13h Explain POP3 and its specific port(s)

Answer 63

Post Office Protocol Port 110

Question 64

108.13i Explain IMAP4 and its specific port(s)

Answer 64

Internet Message Access Protocol Port 143

Question 65

108.14 Explain TCP and UPD internet protocols

Answer 65

Transmission Control Protocol provides reliable connection over timely connection User Datagram Protocol provides timely connection over reliable connection

Question 66

108.15a Define/discuss Mandatory Access Controls (MAC)

Answer 66

a system wide security policy which decrees who has access based on regulation at a central authority

Question 67

108.15b Define/discuss Discretionary Access Controls (DAC)

Answer 67

an individual user can set a mechanism to allow or deny access

Question 68

108.15c Define/discuss Role Based Access Controls (RBAC)

Answer 68

permissions needed to perform duties associated with a specific role or job

Question 69

108.15d Define/discuss Separation of Duty

Answer 69

having more than one person required to complete a sensitive task to reduce the chance of conflict of interest, fraud, error, or abuse

Question 70

108.15e Define/discuss least privilege

Answer 70

the principle of only allowing access to information and resources necessary to complete a task or job

Question 71

108.16 Define/discuss VOIP and VOSIP

Answer 71

Voice Over IP and Voice Over Secure IP both are identical hardware/software that converts an analog signal into an IP datagram for transmission VOSIP is when VOIP is used over a secured network

Question 72

108.17a Define/discuss Network Address Translation (NAT)

Answer 72

remapping internal IP address space to another external IP while the traffic is in transit 3 Types: one tone one to many (PAT) many to many

Question 73

108.17b Define/discuss Port Address Translation (PAT)

Answer 73

"IP masquerading" and "NAT overload" dynamic translation and tracking of outbound IP traffic tracks port number and virtually reassigns all traffic making it seem like it came from the gateway instead then forwards that traffic to the intended host

Question 74

108.17c Define/discuss demilitarized zone (DMZ)

Answer 74

a logical section of the network that is exposed (not protected by the local firewall) to allow services to an untrusted network

Question 75

108.17d Define/discuss virtualization

Answer 75

the act of creating an emulated environment (not using the original hardware) to boost efficiency

Question 76

108.18 State the purpose of active directory

Answer 76

Microsoft's implementation of security domains for centralized management purposes