2.0 Networking - sections 14

Question 1

A Server

Answer 1

Can be configured to allow the clients on the network to access the network and be able to read and write to its disk(file share).

Question 2

Printer Server

Answer 2

Another server that could be a physical workstation or network infrastructure the provides printing functionality.

Question 3

Types of Printer Servers

Answer 3

Windows-based file and printer server, Linus/or Unix-based, IP-based File and Print Server/Cloud Printing.

Question 4

Windows-based file and print server runs which protocols.

Answer 4

Relies on the NetBIOS protocol or SMB.

Question 5

Linus/or Unix-based file and print server use what software

Answer 5

Uses Samba, Samba provides the ability for Linus or Unix server to be able to host files or printers that can then be used by windows clients running the SMB protocol.

Question 6

IP-based File and Printer Server / Cloud Printing

Answer 6

Allows for printing anywhare in the world.

Question 7

A Web Server

Answer 7

Any server that provides access to a website. Generally uses HTTP and HTTPS.

Question 8

A IIS web server

Answer 8

Internet Information Services(IIS): Extensible web server software, created by Microsoft(HTTP, HTTP/2, and HTTPS) commonly used for window servers.

Question 9

Apache software

Answer 9

Apache software is the most popular way to run a web server these days.

Question 10

NGINX Web server has/is

Answer 10

Reverse proxy, mail proxy, load balances, and HTTP cache. Developed for speed.

Question 11

URL

Answer 11

Uniform Resource Locator(URL): Combines the fully qualified domain name with a protocol at the beginning.

Question 12

Email Servers

Answer 12

Servers that are set up to compose a message and send it to another user.

Question 13

The four types of Email Servers

Answer 13

Simple Mail Transfer Protocol(SMTP), Post Office Protocol version 3(POP3), Internet Mail Application Protocol(IMAP), Microsoft Exchange.

Question 14

SMTP

Answer 14

Simple Mail Transfer Protocol(SMTP): Specifies how emails should be delivered from one mail domain to another. Think SEND mail Transfer protocol, port 25.

Question 15

POP3

Answer 15

Post Office Protocol(POP3): Older email protocol which operates over port 110. Older protocol to GET/RECEIVE emails.

Question 16

IMAP

Answer 16

Internet Mail Application(IMAP): Mail retrieval protocol. Operates over port 143 and can connect to a server and receive and read messages. Newer protocol to GET?RECEIVE emails.

Question 17

Micosoft Exchange

Answer 17

Mailbox server environment designed for Windows-based domain environments. Commonly seen and used in corporate environments.

Question 18

AAA Servers

Answer 18

Authentication, Authorization, Accounting(AAA) Servers: A server program that handles user request for access to computer resources. Provides authentication, Authorization, Accounting services for an enterprise.

Question 19

802.1X Authentication framework

Answer 19

Standardizard framework protocol used for port-based authentication on wired and wireless networks, and is used to run the Authentication protocols.

Question 20

Types of Authentication protocols

Answer 20

Active Directory(AD), Remote-Authentication Dial-in User Server(RADIUS), Terminal Access Controller Access-Control System Plus(TACACS+)

Question 21

AD Authenticaion protocol

Answer 21

Active Directory(AD): Used to organize and manage the network, including clients, servers, devices, users and groups.

Question 22

RADIUS Authenticaion protocol

Answer 22

Remote Authentication Dial-in User Service(RADIUS): Provides centralized administration of dial-up, VPN, and wireless authentication services for 802.1x and the EAP. Runs on application layer(OSI model), uses UDP for connections making it fast.

Question 23

TACACS+ Authentication protocol

Answer 23

Terminal Access Controller Access-Control System Plus(TACACS+): Proprietary version of RADIUS that can perform the role of an authenticator in 802.1x networks.

Question 24

Kerberos Authorization protocol

Answer 24

Kerberos: Authorization protocol used by windows to provide for two-way (mutual) authentication using a system of tickets. A domain controller can be single point of failure for Kerberos.

Question 25

Non-Repudiation Accounting protocol

Answer 25

Non-Repudiation: Occurs when you have proof that someone has taken an action.

Question 26

Remote Access Servers

Answer 26

A server that can run different protocols or services to remotely connect devices/users over a network.

Question 27

Remote Access Server Protocols

Answer 27

Telnet, SSH, RDP, VNC, TTY

Question 28

Telnet:

Answer 28

Sends text-based commands to remote devices and is very old networking protocol, port 23. Never use to connect to secure devices.

Question 29

SSH

Answer 29

Secure Shell(SSH): Encrypts everything that is being sent and received between the client and the server, port 22.

Question 30

RDP

Answer 30

Remote Desktop Protocol(RDP): Provides graphical interface to connect to another computer over a network connection, port 3389. Uses remote desktop gateway(RDG) to create a secure connection to tunnel into the RDP.

Question 31

VNC

Answer 31

Virtual Network Computing(VNC): Designed for thin client architectures, port 5900.

Question 32

TTY

Answer 32

Terminal Emulator(TTY): Any kind of software that replicates the TTY I/O functionality to remotely connect to a device.

Question 33

Network monitoring Servers

Answer 33

Servers that run protocols for tracking various aspects of a network and it devices, and logs.

Question 34

Syslog

Answer 34

Protocol that enables different appliances and software applications to transmit logs to a centralized server. Is the default(de facto) standard for logging events.

Question 35

Types of Syslog protocols

Answer 35

Old Syslog(syslog), New Syslog(syslog-ng, rsyslog)

Question 36

Old Syslog(syslog) uses what?

Answer 36

Relied on UDP, lacked security controls

Question 37

What is syslog-ng, rsyslog, and what does it use.

Answer 37

New syslog(syslog-ng, rsyslog): Uses TCP, TLS, MD5, and SHA1

Question 38

SNMP

Answer 38

Simple Network Management Protocol(SNMP): TCP/IP protocol that aids in monitoring network-attached devices and computers. Has three parts/components Managed devices, agent, and network management system,port 161, 162.

Question 39

Managed devices component of SNMP

Answer 39

Computers and other network-attached devices monitored through the use of agents by a network management system.

Question 40

Agent component of SNMP

Answer 40

Software that loaded on a managed devices to redirect informatoin to the network management system.

Question 41

Network Management System(NMS) component of SNMP

Answer 41

Software running on one or more servers to control the monitoring of network-attached devices and computers.

Question 42

The two ways SNMP sends data

Answer 42

In-band, Out-of-band

Question 43

In-band(syslog data)

Answer 43

Less secure, over the network you are using

Question 44

Out-of-band(syslog data)

Answer 44

A create/or configure a managed out-of-band network to increase security.

Question 45

Proxy Servers

Answer 45

Devices that create a network connection between an end user’s client machine and a remote resource (web server). Can be hardware or software.

Question 46

Proxy servers provide

Answer 46

Increased network speed and efficiency, increased security, and additional auditing capabilities.

Question 47

Load balancer/Content switch

Answer 47

Distributes incoming requests across a number of servers inside a server farm or a cloud infrastructure. Key to defending against DoS attack or DDoS attack

Question 48

DoS

Answer 48

Denial of Service(DoS): Involves a continual flodding of victim systems with request for services, causing the system to crash (single attacker).

Question 49

DDoS

Answer 49

Distributed Denial of Service(DDoS): Mulitple machines simultaneously launch attacks on the server to force it offline(multiple attackers).

Question 50

Load Balancer Security techniques

Answer 50

Blackholing/Sinkholing, Intrusion Prevention System(IPS), Elastic Cloud

Question 51

Blackholing/Sinkholing

Answer 51

A load balancer security technique that identifies any attacking IP addresses and routes their traffic through a null interface.

Question 52

Intrusion Prevention System(IPS)

Answer 52

A load balancer security technique that works for small-scale attacks against DoS.

Question 53

Elastic Cloud

Answer 53

A load balancer security technique that allows to scale up the demands as needed. ISP will charge you for scaling up.

Question 54

UTM

Answer 54

Unified Threat Management(UTM): Provides the ability to conduct security functions( antivirus, content filtering, email and web filtering, anti-spam) within a single device or network appliance. UTM devices are placed between your LAN and the connection to the internet.

Question 55

Access Control List(ACL)

Answer 55

Rule sets placed on the firewall, routers, and other network devices that permit or allow traffic through a particular interface.

Question 56

The two actions in ACL

Answer 56

Top is specific rules, bottom is generic. Always performed top-down.

Question 57

The two interface configurations for ACL-UTM

Answer 57

Web-based interface, Text-based interface

Question 58

Firewall(s)

Answer 58

Inspects and controls the traffic that is trying to enter or leave a network’s boundary.

Question 59

Firewall types

Answer 59

Packet-filtering, Dynamic packet-filtering, Stateful, Proxy, Kernel proxy.

Question 60

NGFW

Answer 60

Next-Generation Firewall(NGFW): Use a single more efficient engine, perferred over UTM if network speed and efficiency are your primary concern.

Question 61

IT stands for

Answer 61

Information Technology(IT): Includes computers, servers, networks, and cloud platforms.

Question 62

Two types of OT

Answer 62

ICS, and SCADA

Question 62

What is OT

Answer 62

Operational technology(OT): Communications network designed to implement an ICS. Technology that interacts with the real world.

Question 63

ICS opertional Technology

Answer 63

Industrial Control System(ICS): Provides the mechanisms for workflow and process automation by controlling machinery using embedded devices.

Question 64

What is a DCS opertational technology

Answer 64

Distributed Control System(DCS): Multiple ICSs can create a Distributed control system.

Question 65

The three technologies in ICS

Answer 65

Fieldbus, Programmable Logic Controller(PLC), Human-Machine Interface(HMI).

Question 66

SCADA Opertional Technology

Answer 66

Supervisory Control and Data Acquisition systems(SCADA): Is still technically ICS, but used to manage the large scale multi-site devices and equipment in a geographic region from a host computer. Needs wide-area network to work for large scale sites with cellular, microwave, satellite, fiber, VPN-based LAN.

Question 67

Embedded Systems

Answer 67

Embedded Systems: Computer systems that is designed to perform specific and dedicated functions. Are static enviroments, where frequent changes are not allowed. Made to do one thing/operation/action.

Question 68

PLC

Answer 68

Programmable Logic Controller(PLC): Type of digital computer used industrial or outdoor settings. the computer inside the machine/device).

Question 69

Types of Embedded systems

Answer 69

Real-time Operating System(RTOS), System-on-a-chip

Question 70

RTOS Embedded system

Answer 70

Real-time Operating System(RTOS): Type of OS that prioritizes deterministic execution of operations that ensure consisten response for time-critical tasks.

Question 71

System-on-a-chip

Answer 71

Processor integrates the platform functionality of mulitple logical controllers onto a single chip.

Question 72

Componets of System-on-a-chip

Answer 72

An integrated circuit that contains all the components of a computer, Processor, Memory, Storage, Graphics Processor, Peripherals.

Question 73

Legacy System

Answer 73

Computer system that is no longer supported by its vendor and no longer provided with security updates and patches. Need to identify legacy systems and put mitigations in place to keep operating systems.

Question 74

Proprietary System

Answer 74

System that is owned by its developer or vendor.