108 Networks Flashcards
Define and uses Host/Client:
any node that can be connected to a network, and allow users to interact with it and utilize its resources (i.e. a
computer or other networking device).
Define and uses Application Server:
a server with the specific purpose of providing services to users from a centralized source.
Define and uses Hub:
a layer 1 network device that allows for computers to be connected to share data. This device does not separate
collision domains.
Define and uses Switch:
layer 2 network device that allows for computer to be connected to share data. This device separates each host onto
its own collision domain allowing for fast, reliable communication between hosts.
Define and uses Router:
layer 3 network device that interconnects two or more computer networks together. A router is a networking device
whose software and hardware are customized to the tasks of routing and forwarding information and has two or more
network connections to allow cross-network communication to occur.
Define and uses WAP:
Wireless Access Point, a layer 2 network device that functions similarly to a switch.
Define and uses Proxy Server:
allows for multiple hosts to share a single internet connection. Has the ability to filter web traffic, as well as
cache commonly used internet pages to speed up internet activity.
Define and uses Firewall:
can be either layer 4 or layer 7, and can be comprised of either hardware or software, or a combination of both.
Firewalls are frequently used to prevent unauthorized Internet users from accessing private networks connected to the
Internet, especially intranets.
Define and uses VPN Concentrator:
built specifically for creating a remote-access VPN. They provide high availability, high performance
and scalability and include components, called scalable encryption processing (SEP) modules that enable users to easily
increase capacity and throughput.
Define and uses Back-up:
refers to making copies of data so that these additional copies may be used to restore the original after a data loss
event (i.e. natural disaster or compromise).
Define and uses Repeater:
a layer 1 device used to amplify signals transmitted between network nodes.
Define the following layers of routing and common devices associated with each. ACCESS
consists of hubs, repeaters, switches and bridges (layer 1 and layer 2).
Define the following layers of routing and common devices associated with each. DISTRIBUTION
LAN-based routers and layer 3 switches to interconnect separate networks.
Define the following layers of routing and common devices associated with each. CORE
the network back-bone. Designed to be fault tolerant, have high data transfer rates, and low latency periods.
a. Topology (Bus/Star/Ring/Mesh):
the logical layout of the network.
b. LAN:
Local Area Network, a computer network covering a small area and contained behind a router.
c. WAN:
Wide Area Network, a computer network that covers a broad area or services multiple groups of people by linking LANs together.
d. MAN:
Metropolitan Area Network, a large computer network that usually spans a city or a large campus. Utilizes multiple access point to allow users over a large geographical area or location to connect to the same network and use its resources.
e. GAN:
Global Area Network, a computer network that spans the globe.
a. OSI Model: a logical layout of the interoperability of devices, systems, and applications. (From layer 1 to layer 7)
- Physical – media, signal, binary
- Data-Link – physical addressing (Media Access Control or Logical Link Control)
- Network – logical addressing
- Transport – end-to-end connections
- Session – inter-host communications
- Presentation – data presentation and encryption
- Application – network process to application
b. TCP/IP Model: a logical layout of the interoperability of devices, systems, and applications that utilize networking
Link Layer: Frame Header | Frame Data | Frame Footer
Internet Layer: IP Header | IP Data
Transport Layer: TCP Header | TCP Data
Application Layer: Data
a. NIPRNET:
Non-classified Internet Protocol Router Network, is used to exchange sensitive but unclassified information between “internal” users as well as providing user’s access to the Internet.
108.5 State the difference between IPv4 and IPv6.
- IPv4 uses only 32 bits and has no unique identifiers; IPv6 uses a 128-bit address where the last 48 bits is the device’s full MAC address
- IPv4 uses numeric addresses (205.x.x.x); IPv6 uses hexadecimal address (2001:0D45:FF00::0)
- IPv4 octets are separated by a dot(.); IPv6 octets are separated by a colon(:)
b. SIPRNET:
Secret Internet Protocol Router Network, is a system of interconnected computer networks to transmit classified information up to and including SECRET.
c. JWICS:
Joint Worldwide Intelligence Communications System, is a system of interconnected computer networks cleared up to Top Secret and SCI.
d. CENTRIXS:
Combined Enterprise Regional Information Exchange System is a collection of classified coalition networks, called enclaves, that enable information sharing using email and Web services, instant messaging or chat, the Common Operational Picture service, and Voice over IP. CENTRIXS supports combatant commands throughout the world, including the U.S. Pacific, Central and European commands. Also known as Secret Releasable
a. CANES:
Consolidated Afloat Networks and Enterprise Services (CANES) provide a common computing network and common operating system for command, control, communications, computers, and intelligence (C4I) systems onboard Navy ships.
b. DoDIN (GIG):
Department of Defense Information Network, is defined as a “globally interconnected, end-to-end set of information capabilities for collecting, processing, storing, disseminating, and managing information.”
c. DISN:
Defense Information Systems Network, has been the United States Department of Defense’s enterprise network for providing data, video and voice services for 40 years.
d. NMCI:
Navy/Marine Corps Intranet, is an Information System provided by a contracting company (HP) to allow interoperability between CONUS Navy and Marine commands.
e. ONENET:
OCONUS Navy Enterprise Network; OCONUS version of NMCI.
f. IT21/ISNS:
Shipboard network. Legacy has been getting replaced by canes
a. Machine Language:
is a system of instructions and data executed directly by a computer’s central processing unit. Machine code may be regarded as a primitive programming language or as the lowest-level representation of a compiled and/or assembled computer program.
b. Assembly Language:
is a type of low-level language for programming computers, microprocessors, microcontrollers, and other integrated circuits. They implement a symbolic representation of the numeric machine codes and other constants needed to program a particular CPU architecture.
c. High-Level Language:
is a programming language with strong abstraction from the details of the computer. In comparison to low-level programming languages, it may use natural language elements, be easier to use, or be more portable across platforms.
d. Operating System:
is a set of system software programs in a computer that regulate the ways application software programs use the computer hardware and the ways that users control the computer.
e. Application:
is computer software designed to help the user to perform singular or multiple related specific tasks.
a. Virus
: is a computer program that can copy itself and infect a computer using a host (typically benign looking) file. Requires user interaction to propagate across systems.
b. Worm:
is a self-replicating malware program that uses a computer network to send copies of itself to other nodes. Unlike a virus, it does not need to attach itself to an existing program.
c. Trojan:
is malware that appears to perform a desirable function for the user prior to executing, but instead facilitates unauthorized access of the user’s computer system.
d. Backdoor:
is a method of bypassing normal authentication, securing remote access to a computer, obtaining access to plaintext, and so on, while attempting to remain undetected.
e. Phishing:
is the criminally fraudulent process of attempting to acquire sensitive information such as usernames, passwords and credit card details by masquerading as a trustworthy entity in an electronic communication.
b. Buffer Overflow:
is a Denial-of-Service attack that overloads a system’s input capacity, thereby crashing the program, system, or preventing the user from accessing its resources.
a. Network Enumeration:
is the process of scanning and compiling pertinent information of the layout of a network, its users, and its resources.
c. SQL Injection:
overloads the input sector of an SQL database and allows the ability to execute arbitrary code forcing the database to divulge its contents or access privileges.
d. Dictionary Attack:
attempts to crack passwords based on a list of words or values.
e. Privilege Escalation:
the ability to escalate privileges to a level allowing the intruder to access or execute programs or data higher than the original intrusion perspective.
f. Brute Force Attack:
physically inputting a user’s PII until access is granted to a system when credentials are unknown.
g. Social Engineering:
the ability to get a user to divulge their credentials or other useful information about themselves or their organization by impersonating someone of authority.
h. Rainbow Table:
precomputed table for caching the output of cryptographic hash functions, usually for cracking password hashes. Usually through brute force or dictionary attack.
i. Denial of Service (DOS):
cyber-attack in which the perpetrator seeks to make a machine or network resource unavailable to its intended users by temporarily or indefinitely disrupting services of a host connected to the Internet.
j. Distributed Denial of Service (DDOS):
malicious attempt to disrupt the normal traffic of a targeted server, service or network by overwhelming the target or its surrounding infrastructure with a flood of Internet traffic.
108.11 Describe the functionality of PKI.
Public Key Infrastructure is a set of hardware, software, policies, and procedures needed to create, manage, distribute, use, store, and revoke digital certificates to provide encryption and data security in computer networks.
a. Domain controllers -
On Microsoft Servers, a domain controller (DC) is a server that responds to security authentication requests (logging in, checking permissions, etc.) within a Windows domain. A domain is a concept introduced in Windows NT whereby a user may be granted access to a number of computer resources with the use of a single username and password combination.
b. Exchange -
Microsoft Exchange Server is a calendaring and mail server developed by Microsoft that runs exclusively on the Microsoft Windows Server product line.
c. Domain Name System or (SERVICE) -
translates URLs to IP addresses, and vice versa. It allows users to input an easy to remember domain name and be directed to the appropriate website.
a. FTP -
PORT 20/21- File transfer Protocol
b. SSH -
PORT 22- Secure Shell
c. Telnet-
PORT 23 - Unsecure
d. SMTP
PORT 25 – Simple Mail Transfer
e. DNS
PORT 53 - Translates Domain name to IP
f. DHCP
PORT 67/ 68 - Dynamic Host Configuration, used to assign IPs
g. HTTP
PORT 30- Hypertext Transfer, used for internet connection
h. HTTPS
PORT 443- HTTP combined with SSL ot TLS
i. POP3
PORT 110- Retrieve Mail
j. IMAP
PORT 143- POP3 with more support for remote mailboxes
a. TCP:
It is a connection-oriented protocol. Reads data as streams of bytes, and the message is transmitted to segment boundaries.
b. UDP:
It is a connectionless protocol. Messages contain packets that were sent one by one. It also checks for integrity at the arrival time.
a. Mandatory Access Controls (MAC):
The operating system or database constrains the ability of a subject or initiator to access or generally perform some sort of operation on an object or target.
b. Discretionary Access Controls (DAC):
Defined by the Trusted Computer System Evaluation Criteria “as a means of restricting access to objects based on the identity of subjects and/or groups to which they belong.
c. Role Based Access Controls (RBAC):
restricting system access to only authorized users
d. Separation of Duty:
divides critical functions among different staff members in an attempt to ensure that no one individual has enough information or access privilege to perpetrate damaging fraud.
108.16 Define/Discuss VOIP and VOSIP
Voice over Internet Protocol, also called IP telephony, is a method and group of technologies for the delivery of voice communications and multimedia sessions over Internet Protocol networks
e. Least Privilege:
must be able to access only the information and resources that are necessary
a. Network Address Translation (NAT):
the translation of private IP address to a public IP address
b. Port Address Translation (PAT):
an extension of Network Address Translation (NAT) that permits multiple devices on a LAN to be mapped to a single public IP address to conserve IP addresses.
c. Demilitarized Zone (DMZ):
demilitarized zone is a perimeter network that protects an organization’s internal local-area network (LAN) from untrusted traffic
d. Virtualization:
: process of creating a software-based, or virtual, representation of something, such as virtual applications, servers, storage and networks. It is the single most effective way to reduce IT expenses while boosting efficiency and agility
108.18 State the purpose of Active Directory.
“Provides Domain Services, Rights Management Services, Federation Services, Certificate Services, and Lightweight Directory Services. Integrated with Windows Server, gives out-of-the-box functionality needed to centrally configure and administer system, user, and application settings
