701 - Chapter 3 Flashcards
What are the seven layers of the OSI model starting from lowest to highest?
Physical, data link, network, transport, session, presentation, application
This layer is where the network switches reside, it format, data, and data frames and routes it between systems using their media access control addresses?
Data link
This layer introduces IP addresses. At this layer, routers use IP addresses to send information between systems that are not located on the same local network. The Internet protocol is the primary protocol at this layer.
Network
This layer is all about the basic equipment of networking, copper, wires, fiber, optic cables, and radio waves?
Physical
This layer provides Aunt and communication services for applications. TCP and UDP exist at this layer.
Transport
This layer establishes, manages, and terminates sessions between applications, running on different devices, allowing them to communicate and exchange data
Session
This layer translates data into a standard format that can be understood by the application layer and provides encryption compression and other data transformation services
Presentation
This layer provides network services to applications, allowing them to communicate with other applications over the network
Application
This protocol provides connection oriented traffic with guaranteed delivery. It uses a three-way handshake….
TCP
This protocol provides connection sessions without a three-way handshake. It also makes a best effort to deliver data without using extra traffic to ensure delivery…
UDP
Many network based denial of service attacks, use what protocol?
UDP
This protocol identifies hosts in a TCP/IP network and delivers traffic from one host to another using IP addresses
IP
This protocol tests basic connectivity and includes tools like ping and tracert?
Internet control message protocol ICMP
True or false blocking ICMP prevents attackers from discovering devices on a network
True
It is not common to block ICMP at firewall and routers
False, because I often ICMP is used in attack. It has become common to block IMCP.
This protocol resolves IPV four addresses to Mac addresses
Address Resolution protocol ARP
Name the three protocols that are now insecure and should no longer be used to transfer data over a network?
FTP, trivial file transfer protocol TFTP, secure socket layer SSL
What is the designated secure replacement for SSL?
Transport layer security TLS
This protocol is used to encrypt IP traffic?
IPSec
This protocol encrypt data in transit and can be used to encrypt other protocols, such as FTP… what port does it use?
Secure shell SSH, port 22
This protocol is based on SSH and is used to copy encrypted files over a network?
Secure copy SCP
This protocol is a secure implementation of FTP and uses SSH to encrypt traffic?
Secure file transfer protocol SFTP
This protocol is another secure implementation of FTP, it uses TLS to encrypt FTP traffic?
File transfer protocol secure, FTPS
What is the secure version of email protocol SMTP (port 25)? And what protocol and port does it use?
Simple mail transfer protocol secure SMTPS, it uses TLS encryption and uses TCP port 587
What is the secure version email protocol POP3 (port 110)? And what port does it use?
POP3, it uses port 995
This email protocol is used to store email on a Mail server and it allows users to organize and manage Mail and folders on the server? And what is the secure port used for this protocol?
Internet message access protocol IMAP (port 143)…secure port is 993.
What is the secure version of HTTP (port 80)? And what port does it use?
HTTPS, port 443
What are the three email authentication methods that help prevent email fraud and abuse by verifying the authenticity of the sender’s domain and ensure that the emails not been modified during transit?
Sender policy framework SPF, domain keys identified mail DKIM, domain based message authentication reporting and conformance DMARC
Which email authentication method uses DNS records to define which IP addresses are authorized to send emails on behalf of a domain?
SPF
Which email authentication method uses public key cryptography to sign and verify and email domain and content?
DKIM
Which email authentication method builds on top of SPF and DKIM by allowing domain owners to set policies for how to handle emails that fail authentication checks and provide reporting mechanisms to monitor monitor and improve email authentication performance
DMARC
What network device or software applications act as a barrier between an organizations, internal email system and the external Internet, filtering, incoming and outgoing emails for spam malware, and other types of threats?
Email gateway
What is the Microsoft directory service that provides authentication and authorization services for a network?
Active directory domain services AD DS
What does a AD DS use for its operations?
LDAP encrypted with TLS when querying the directory
What port does LDAP use? And what port does LDAPS use?
389 and 636
What protocol delivers audio and video over IP networks? And what is its secure counterpart?
Real time, transport protocol, RTP and secure real time transport protocol SRTP
This protocol is used to initiate maintain and terminate voice video and messaging sessions?
Session initiation protocol SIP
What are the three ways that administrators can connect to servers remotely?
SSH, RDP, a VPN
What port does RDP use?
TCP port 3389
What is the name of the suite of tools that simplifies the use of SSH to connect to remote servers securely?
Open SSH
What is the SSH command to create a public private key pair? And what is the SSH command that copies the public key to a remote server?
ssh-keygen…ssh-copy-id
What is the most commonly used protocol for time synchronization?
Network time protocol NTP
What are the three IP ranges that are private and can be used to allocate with a private network? And what do routers on the Internet do when they see any traffic that’s coming from or going to a private IP address?
10.x.y.z, 172.16.y.z - 172.31.255.255, 192.168.y.z… they have rules to drop that traffic
What was created in response to exhausting all IPv4 addresses? And what is used for local addresses?
IPV6…fc00