4 Network

Question 1

protocols at layer 2

FRAMES

Answer 1

802.2 LLC
TokenRing
Ethernet
FDDI Fiber Distributed Data Interface
l2TP
PPP
PPTP
ARP
802.11 WLAN

Question 2

protocols at layer 2

FRAMES

Answer 2

802.2 LLC
TokenRing
Ethernet
FDDI Fiber Distributed Data Interface
l2TP
PPP
PPTP
ARP
802.11 WLAN
Frame Relay
PPP

Question 3

protocols at layer 4

SEGMENT

Answer 3

TCP
UDP
SSL/TLS

Question 4

protocols at layer 4

SEGMENT

Answer 4

TCP

UDP

Question 5

protocols at layer 5

DATA

Answer 5

SSL/TLS
SQL
RPC
DNS
NFS
iSCI

Question 6

protocols at layer 7

USER DATA

Answer 6

SNMP
SET
S-RPC
FTP
TFTP
SSH
IMAP
POP
HTTP
TELNET

Question 7

firewall layers

Answer 7

GEN I stateless: Layer 3
GEN III stateful: Layer 5
GEN V: Application (Proxy): Layer 7

Question 8

FCoE

Answer 8

Fibre Channel over Ethernet
Layer 3
encapsulates FC communications over Ethernet
payload of Layer 2
-> not location independent

Question 9

iSCI

Answer 9

Layer 5, based on TCP

Location independent file storage over LAN/Internet

Question 10

MPLS

Answer 10

not limited to IP

saves time by using short path labels instead of long addresses

Question 11

802.11

Answer 11

wireless

Question 12

802.15

Answer 12

bluetooth

Question 13

WEP

Answer 13

weak IV in clear text

RC4

Question 14

WPA

Answer 14

based on LEAP and TKIP (Key Integrity Protocol - weak). RC4
backward compatible
Radius support (Enterprise)

Question 15

WPA2

802.11i

Answer 15

CCMP (Counter Mode CBC) based on AES-128
not backward compatible
Radius support (Enterprise)

Question 16

802.1X

Answer 16

port pased NAC (Layer 2)
includes EAP Framework
allows use of Radius, Tacacs

Question 17

types of EAP

Answer 17

LEAP: Cisco, weak

EAP-TLS: encapsulates EAP in TLS, uses PKI, client + server cert required, very secure but complex

EAP-TTLS: encapsulates EAP in TLS, only server cert, secure and less complex

PEAP: encapsulates EAP in TLS, like EAP-TTLS, only server cert, secure and less complex (RSA,Microsoft,Cisco)

Question 18

FDDI

Fibre Distributed Data Interface

Answer 18

token with two rings

before Ethernet

Question 19

802.3

Answer 19

Ethernet

Question 20

Email-Sec

Answer 20

S/MIME - offers CIA
PKI

MOSS - offers CIA + nonrep
MD5,RSA,DES
PKI

PEM - offers CIA + nonrep
RSA,DES,X.509
PKI

PGP - offers CIA + nonrep
IDEA,RSA, Web of trust, independently

Question 21

PPP authentication

Answer 21

CHAP - use this!
offers encryption, authentication, reauthentication

PAP -. weak!
user/pw in cleartext, no encryption

Question 22

SWIPE

Answer 22

Software IP Encryption
Layer 3
offers CIA

Question 23

SSL

Secure Socket Layer

Answer 23

offers CI
replaced by TLS
Layer 4
128Bit key
SSL-VPNs easier to use than IPSEC, no privileges required, easy to firewall

Question 24

SSL

Secure Socket Layer

Answer 24

offers CI
replaced by TLS
Layer 5
128Bit key
SSL-VPNs easier to use than IPSEC, no privileges required, easy to firewall

Question 25

TLS

Transport Layer Security

Answer 25

Layer 5
two way authentication using certificates
used by OpenVPN, easy

Question 26

Radius

Answer 26

encrypts only PW
combines authentication and authorization
based on UDP 1645/1646 OR 1812/1813

Question 27

TACACS+

Answer 27

supports two factor auth
encrypt entire payload
separates authentication and authorization
based on TCP 49

Question 28

VPNa

Answer 28

PPTP - weak - no native encryption

l2F - weak - no native encryption

L2TP - ok - no native encryption, Tacacs + Radius possible

IPSEC - safe - native encryption - multiple simultaneous connections possible

Question 29

virtual circuit

Answer 29

logical pathway over siwtched network
PVC - permanent
SVC - startet when needed

Question 30

VoIP attacks

Answer 30

caller ID spoofing
vishing
SPIT Spam over IP-Telephony
switch hopping

Question 31

Network attacks

Answer 31

Smurf: uses ICMP-directed broadcast with faked sender IP on Layer 3 —> block distributed broadcasts on routers!

Fraggle: similar to Smurf, but UPD Layer 4

Land: source and dest in packet are equal —> circular

Ping of death: ping that violates MTU

Tear drop: sending malformed packet, the system cannot reassemble (Layer 3)

Ping Flooding: overwhelming a system with lots of pings

Question 32

Network attacks

Answer 32

Smurf: uses ICMP-directed broadcast with faked sender IP on Layer 3 —> block distributed broadcasts on routers!

Fraggle: similar to Smurf, but UPD Layer 4

Land: source and dest in packet are equal —> circular

Ping of death: ping that violates MTU

Tear drop: sending malformed packet, the system cannot reassemble (Layer 3)

Loki: ICMP-tunneling

Ping Flooding: overwhelming a system with lots of pings

Question 33

SSH

Answer 33

includes SFTP (SSH FTP) and SCP
Port 22

Question 34

Frame Relay

Answer 34

Layer 2 WAN
no error recovery
multiplexes multiple logical connections over single physical -> virtual circuit

PVC/SVC

Question 35

DNP3

Answer 35

open standard offering interoperability between SCADA and mart grid apps
multilayer, carried over IP
PKI

Question 36

SRTP

Answer 36

Secure Real Time Transport for VoIP
AES, SHA1
offers CIA

Question 37

PPP

Answer 37

Layer 2
provides confidentiality, integrity, authentication
uses CHAP

Question 38

Remote Desktop

Answer 38

VNC:5900
RDP:3389

Question 39

802.5

Answer 39

Token Ring