Advanced Network Security

Question 1

What is the name of the Internet precursor and the first packet-switched network?

Answer 1

ARPANet or (Advanced Research Project Agency Network)

Question 2

What does the term “Best effort Communications” refer to?

Answer 2

This makes reference to the internet that made use of packet switching as each packet was handled on the bases of best effort.

Question 3

Explain the difference between packet switching and circuit switching.

Answer 3

packet-swtched network enable a proper use of network resources and can cater for multiple connections. circuit switching depends a two points to maintain the network connection. any new connection would need to wait.

Question 4

What is the full meaning of ARPANet?

Answer 4

Advanced Research Project Agency Network

Question 5

what is a Network Topology ?

Answer 5

a network’s structure.

Question 6

Define are host nodes

Answer 6

Host Nodes are sources and destinations of messages.

Question 7

Communication nodes

Answer 7

routers through which messages flow through.

Question 8

Physical Connections

Answer 8

Define the channels through which messages travel.

Question 9

List the three Network Topologies you know.

Answer 9

LAN, WAN,ASs

Question 10

What is the full meaning of LAN and what is it ?

Answer 10

Local Area Network. This is a network composed of a group of computers in relatively close proximity.

Question 11

What is the full meaning of WAN and what is it ?

Answer 11

Wide Area network. This network is composed of many machines and smaller networks spread out over greater distances.

Question 12

What is the full meaning of ASs ?

Answer 12

these are controlled by a single organisation entity (business or university) which determines how packets will be routed among the nodes in the AS.

Question 13

What is the meaning of an ISP ?

Answer 13

Internet Service provider

Question 14

How many tiers of ISPs in the Internet structure

Answer 14

up to tier 3 or local ISP, tier 2 ISP , tier 3 ISP

Question 15

What is a Network protocol?

Answer 15

A protocol defines the rules of communication between computers.

Question 16

The are two classifications of protocols, list them

Answer 16

Connectionless and Connection-oriented protocols

Question 17

Explain Connectionless protocols

Answer 17

sends data out as soon as there is enough data to be transmitted. (UDP)

Question 18

Explain connection-oriented protocols

Answer 18

reliable connection stream between two nodes. consists of setup, transmission, and tear down phases.
creates virtual circuit switched network (TCP)

Question 19

What does a packet consist of

Answer 19

Control information for addressing the packet: header and footer
Data: payload

Question 20

What is the Network Model and describe it?

Answer 20

The Network Model is a stack of layers.
1. The Higher layers use the services of the lower layer via encapsulation.
2. A layer can be implemented with either Software or hardware.
3. The bottommost layer must be hardware.

Question 21

How many Layers does a network device implement?

Answer 21

a network device can implement several layers.

Question 22

What is the protocol number for HTTP?

Answer 22

80

Question 23

What is the protocol number for UDP?

Answer 23

17

Question 24

what is the protocol number for ICMP?

Answer 24

1

Question 25

What is the protocol number for TCP?

Answer 25

6

Question 26

What is the protocol number for IGMP?

Answer 26

2

Question 27

What is the protocol number for SSH?

Answer 27

22

Question 28

What is the protocol number for SMTP?

Answer 28

25

Question 29

What is the protocol number for DNS?

Answer 29

53

Question 30

What is the protocol number for DHCP?

Answer 30

67

Question 31

Explain the Internet Packet Encapsulation

Answer 31

Data Link Frame -> IP packets -> TCP or UDP packets -> App Packet

Question 32

List a few Network attacks you know.

Answer 32

DOS, DDOS, Eavesdropping, repudiation, Masquerading

Question 33

List some tools related to monitoring and initiating attacks

Answer 33

SCAPY, NMAP, WIRESHARK, DOCKER, KALI LINUX, TCPDUMP.

Question 34

List examples of protocols in each layer of the TCP/IP model.

Answer 34

Application layer -

Question 35

What is a network interface device used for?

Answer 35

A network interface device is used to connect a computer to a network.

Question 36

What are other names for a network interface device?

Answer 36

ethernet card, wifi adapter

Question 37

Most Local Area Networks (including Ethernet and Wifi) _____________________________.

Answer 37

Broadcast frames.

Question 38

Explain the difference between regular mode and promiscuous mode of network interfaces.

Answer 38

In regular mode, each network interface receives the frame intended for it. in promiscuous mode, traffic sniffing can be accomplished by configuring the network interface to read all frames.

Question 39

What is Ethernet?

Answer 39

Ethernet refers to both the physical medium (cable) and the link layer protocol.

Question 40

What are Frames?

Answer 40

Frames are transmitted on an Ethernet cable and received by other machines on the same logical connection on the same local area network.

Question 41

Another name for “Logical connection”.

Answer 41

Network Segment.

Question 42

What is a Hub?

Answer 42

Hubs logically connect multiple devices, allowing them to act as a single network segment. Hubs forward all frames to all devices attached.

Question 43

What is a Switch?

Answer 43

A switch forwards the frame along the cable it knows is connected to the destination.

Question 44

When does a switch act like a hub?

Answer 44

when a MAC flooding attack is in progress causing a DOS to which the switch defaults to fail open mode.

Question 45

Most network interfaces come with a pre-defined Mac address. True or False.

Answer 45

True

Question 46

What is the Full meaning of MAC address

Answer 46

Media Access Controll address.

Question 47

What is A MAC ADDRESS?

Answer 47

A MAC Address is a 12-hex digit or 48-bit number that can be used to identify a computer in a network. They can be reset by the network interface driver.

Question 48

What is ARP?

Answer 48

ARP stands for Address Resolution protocol. it connects the network layer with the data link layer.
It does this by broadcasting requests and caching responses for future use.

Question 49

What is ARP Spoofing and how explain the types? of attack that can occur from it.

Answer 49

ARP Spoofing is an arp attack that preys on the vulnerability of the stateless ARP protocol. it receives ARP responses even it there is no ARP Request. The ARP protocol is susceptible to unknown ARP announcement broadcasts. Attacks that can occur include Traffic Sniffing - passive attacks and Modifying traffic information - Active attacks (MITM). Other attacks include the MAc address flooding which can in turn result in the Denial of Services.

Question 50

What is DHCP?

Answer 50

Dynamic Host Configuration Protocol is a protocol used the automatically assign IP addresses to network devices.

Question 51

What are the ARP Spoofing Countermeasures?

Answer 51

Using static ARP entries, Dynamic Host Configuration Protocol, and Identifying Cloned Mac addresses.

Question 52

What is packet sniffing?

Answer 52

Packet sniffers read information that traverses a network. packet sniffer intercept packets.

Question 53

What is a port?

Answer 53

a port is not a physical connection but a logical connection that programs and services use to exchange information.

Question 54

What is the range of network ports?

Answer 54

0 - 65535

Question 55

What is packet sniffing?

Answer 55

Packet sniffing is usually a passive attack. reading and sniffing information for possible future attacks (active)

Question 56

What are the ways to stop packet sniffers?

Answer 56

Packet encryption- encrypting packets securely.

Question 57

Define the several ranges of ports and explain them

Question 58

What is Wireshark?

Answer 58

Wireshark is a packet sniffing and protocol analyzer

Question 59

What does an IP packet header include

Question 60

What does DHCP mean and what is it ?

Answer 60

Dynamic Host Configuration Protocol is used to automatically assign IP addresses.

Question 61

How can a host Ip address be configured

Answer 61

Statically or Dynamically.

Question 62

What is a DHCP Client?

Answer 62

A DHCP Client is a client that interacts with a DHCP server to get the IP address information.

Question 63

What are the forms of a DHCP Server?

Answer 63

A DHCP server can be a router, home access point or firewall.

Question 64

Explain the DHCP 4-way handshake

Answer 64

Discovery, Offer, Request, Acknowledge

Question 65

IP Vulnerabilities

Answer 65

Unencrypted transmission, No source authentication, No integrity Checking.