2.4 Network Services Flashcards
Define a print server.
A server that could be either a physical workstation or network infrastructure that provides printing functionality
What protocol do Windows-based file and print servers rely on?
NetBIOS protocol or SMB
What does Samba software do?
Provides the ability for a Linux or Unix server to be able to host files or printers that can then be used by Windows clients running the SMB protocol
What sort of server allows for printing anywhere in the world?
IP-based file and printer sever/Cloud printing
Define a web server.
Any server that provides access to a website
What is Internet Information Services (IIS)?
Extensible web server software, created by Microsoft (HTTP, HTTP/2 and HTTPS)
What is the current most popular way to run a web server?
The Apache open-source cross-platform web server
What is the NGINX web server generally used for?
Reverse proxy, load balancer, mail proxy and HTTP cache
What does a web browser see when it connects to a server?
A digital certificate to create a random code
What does URL do?
Combines the fully qualified domain name with a protocol at the beginning
What mail protocol is specifically for retrieval?
IMAP
Which email protocol specifies how emails should be delivered from one mail domain to another?
SMTP
Give some options for authentication to an AAA server.
- Something you know
- Something you are
- Something you have
- Something you do
- Somewhere you are
What is 802.1x?
A standardised framework used for port-based authentication on wired and wireless networks
What is Lightweight Directory Access Protocol (LDAP)?
A database used to centralise information about clients and objects on the network.
Why would you use Active Directory (AD)?
To organise and manage the network, including clients, servers, devices, users and groups
What does RADIUS do?
Provides centralised administration of dial-up, VPN and wireless authentication services for 802.1x and the EAP
What layer does RADIUS operate at, and how does it utilise UDP?
It operates at the application layer and utilises UDP for making connections
What is TACACS+?
A proprietary version of RADIUS that can perform the role of an authenticator in 802.1x networks.
Contrast RADIUS and TACACS+.
RADIUS: Relies on UDP, combines authentication and authorisation, does not support all network protocols, has cross-platform capability
TACACS+: Relies on TCP, separates the three As, supports all network protocols, exclusive to Cisco devices
Define authorisation.
Giving a user access to a certain piece of data or certain areas of a building.
What is Kerberos?
An authentication protocol used by Windows to provide for two-way (mutual) authentication using a system of tickets
What can be a single point of failure for Kerberos?
A domain controller.
What is accounting?
Tracking data, computer usage and network resources
What is the term for when you have proof that someone has taken an action?
Non-repudiation.
Name the five types of remote access servers.
- Telnet Port 23
- Secure Shell (SSH) Port 22
- Remote Desktop Protocol (RDP) Port 3389
- Virtual Network Computing (VNC) Port 5900
- Terminal Emulator (TTY)
Which remote access server sends text-based commands to remote devices and should never be used to connect to secure devices?
Telnet Port 23
What does Secure Shell (SSH) Port 22 do?
Encrypts everything that is being sent and received between the client and the server.
Which remote access server is designed for thin client architectures?
Virtual Network Computing (VNC) Port 5900
Define a Terminal Emulator (TTY).
Any kind of software that replicates the TTY I/O to remotely connect to a device
What does RDP port 3389 do?
Provides graphical interface to connect to another computer over a network connection.
What does remote desktop gateway (RDG) do?
Creates a secure connection to tunnel into the RDP
What does syslog enable?
Different appliances and software applications to transmit logs to a centralised server
What parts does a syslog log include?
PRI code (priority code), header and message
Give the name for the TCP/IP protocol that aids in monitoring network-attached devices and computers
Simple Network Management Protocol (SNMP)
Define a ‘managed device’.
A computer or other network-attached device monitored through the use of agents by a network management system
Define an agent.
Software that is loaded on a managed device to redirect information to the network management system
Define ‘Network Management System’ (NMS)
Software running on one or more servers to control the monitoring of network-attached devices and computers
How should management of devices be conducted?
On an out-of-band network to increase security
Define a proxy server
A device that creates a network connection between an end user’s client machine and a remote resource (web server)
List three benefits of a proxy server
- Increased network speed and efficiency
- Increased security
- Additional auditing capabilities
What does a load balancer/content switch do?
Distributes incoming requests across a number of servers inside a server farm or cloud infrastructure.
What is one of the key defenses against a DoS or DDoS attack?
A load balancer
How does a DoS attack work?
Victim systems are continually flooded with requests for services, causing the system to crash. There is a single attacker.
How does a DDoS attack work?
Multiple machines simultaneously launch attacks on the server to force it offline.
What is blackholing/sinkholing?
Identifying any attacking IP addresses and routing their traffic through a Knoll interface
What would an Intrusion Prevention System (IPS) protect against?
Small-scale DoS attacks, by fighting back.
Why is unified threat management (UTM) so beneficial?
Because it provides the ability to conduct security functions within a single device or network appliance.
What is an access control list (ACL) and how is it implemented?
Rule sets placed on the firewalls, routers and other network devices in charge of controlling traffic; the actions are performed top-down (from specific to generic rules)
What does a firewall do?
Inspects and controls the traffic that is trying to enter or leave a network’s boundary.
List some ways a firewall filters traffic.
- Packet-filtering
- Stateful
- Proxy
- Dynamic packet-filtering
- Kernel proxy
List three disadvantages of a UTM.
- Single point of failure
- Lacks detail provided by a specialised tool
- Performance is not as efficient as single function devices
List three advantages of a UTM.
- Reduced number of devices to learn, operate, and maintain
- Lower upfront costs, maintenance, and power consumption
- Easier to install and configure
What is operational technology (OT)?
- Communications network designed to implement an ICS
- Technology that interacts with the real world
What does an industrial control system (ICS) do?
Provides the mechanisms for workflow and process automation by using embedded devices to control machinery
How is a distributed control system (DCS) created?
By joining together multiple ICSs
Define a fieldbus
Digital serial data communication protocol used in OT networks to link different PLCs
What is a programmable logic controller (PLC)?
A type of digital computer used in industrial settings that enables automation and assembly lines, autonomous field operations, robotics, and other applications
What is a human-machine interface (HMI)?
A local control panel or software that runs on a computer
What is supervisory control and data acquisition (SCADA)?
A type of ICS used to manage large scale multi-site devices and equipment in a geographic region from a host computer
List five different types of SCADA.
- Cellular
- Microwave
- Satellite
- Fiber
- VPN-based LAN
What is an embedded system?
A computer system that is designed to perform specific and dedicated functions; considered a static environment
Give the name for the type of digital computer used in industrial or outdoor settings, and how often it needs a patch.
Programmable Logic Computer (PLC)
The PLC patch is every six months or two years
What is a real-time operating system (RTOS)?
Where can you always find this?
A type of OS that prioritises deterministic execution of operations that ensure consistent response for time-critical tasks.
They are embedded in critical applications.
How does system-on-a-chip work?
The processor integrates the platform functionality of multiple logical controllers onto a single chip.
List the five elements included in system-on-a-chip.
- Processor
- Memory
- Storage
- Graphics processor
- Peripherals
Define a legacy system.
A computer system that is no longer supported by its vendor and no longer provided with security updates and patches.
