All Appendix 44 Flashcards
HTTP / HTTPS OSI Layer
Application Layer
FTP OSI Layer
Application Layer
SMTP OSI Layer
Application Layer
POP3 OSI Layer
Application Layer
DNS OSI Layer
Application Layer
DHCP OSI Layer
Application Layer
SNMP OSI Layer
Application Layer
Telnet OSI Layer
Application Layer
SSH OSI Layer
Application Layer
NTP OSI Layer
Application Layer
TFTP OSI Layer
Application Layer
SIP OSI Layer
Application Layer
RDP OSI Layer
Application Layer
SSL OSI Layer
Presentation Layer
TLS OSI Layer
Presentation Layer
NetBIOS OSI Layer
Session Layer
RPC OSI Layer
Session Layer
TCP OSI Layer
Transport Layer
UDP OSI Layer
Transport Layer
IP OSI Layer
Network Layer
ICMP OSI Layer
Network Layer
IPSec OSI Layer
Network Layer
RIP OSI Layer
Network Layer
OSPF OSI Layer
Network Layer
ARP OSI Layer
Network Layer
Ethernet OSI Layer
Data Link Layer
MAC OSI Layer
Data Link Layer
WiFI OSI Layer
Physical Layer
USB OSI Layer
Physical Layer
Bluetooth OSI Layer
Physical Layer
What does SMS stand for
Systems Management Server
What does SCCM stand for
System Centre Configuration Manager
What does SMS do
SMS is a system management software product by Microsoft for managing large groups of Windows-based computers
What does SMS provide
Remote control, patch management, OS deployment, hardware/software inventory
What does SUS stand for
Software Update Services
What does SUS do
SUS is a tool for centralising the update of Windows systems in a network, the SUS server downloads updates for specified versions of Windows then client can download updates from the internal SUS server, superseded by WSUS
What does WSUS stand for
Windows Server Update Services
What does WSUS do
WSUS builds on SUS, by allowing automatic download of hotfixes, updates, service packs, device drivers and feature packs to clients from a local central server
What does MBSA stand for
Microsoft Baseline Security Analyser
What does MBSA do
A software tool by Microsoft to assess missing security updates and less-secure security settings
How many IP’s in a Class A network
16,777,214
How many IP’s in a Class B network
16534
How many IP’s in a Class C network
254
How to identify through subnet mask a Class A network
255.0.0.0
How to identify through subnet mask a Class B network
255.255.0.0
How to identify through subnet mask a Class C network
255.255.255.0
What is CAT5/Fibre
It is a twisted pair high signal integrity cable commonly used in networks, it is more secure and less susceptible to obtaining traffic from emitted signals
What is Wireless (802.11)
IEEE 802.11 is a set of standards carrying out wireless local area network communications
What is a VLAN
A VLAN is a group of hosts with a comon set of requirements that communicate as if they were attached to the same broadcast domain
What is the most common VLAN number
VLAN 1
What is VLAN Hopping
Allowing to break out of a VLAN
What does PGP use for message authentication
RSA or DSA
What is the X xxx for digital certificates
X. 509
What is the WEP key length
40 bit key
What is the bit length of an IV
24 bit
What does IV stand for (WEP)
Initialisation Vector
What is the purpose of an IV
To prevent and repetition, however a 24-bit IV is not long enough to ensure this on a busy network
What does GCOS stand for
General Comprehensive Operating System
What does the GCOS store and where
User information in the /etc/passwd file such as full name, phone number, etc.
What is a simple understanding of Cipher Blocks
A letter you want to send securely, it is broken up into equal chunks and those chunks are then encrypted and sent
What does CFB stand for
Cipher Feedback Mode
What does CBC stand for
Cipher Block Chaining
What does CFB do
Each plaintext block is XORed with the previous cipher text block before encryption
Where is the IV used
In the CBC cipher block
How is the IV used
In the CBC cipher block it is used for the first block to ensure any identical plaintext blocks don’t produce the same output
What is CBC vulnerable to
If the IV is reused or predictable it can compromise encryption, susceptible to padding Oracle attacks
What does ECB stand for
Electronic Codebook Mode
Vulnerability in ECB
Uses the same key for all blocks, same text will be the same output
What is an FTP Bounce attack
An attacker uses and FTP server to open a communication to 3rd party systems bypassing security controls, can be used to port scan or obscure attack sources
What is a TEARDROP attack
Involves sending fragmented packets to a target machine, when the target tries to reassemble the packets it crashes due to overlapping fragments, DoSing the machine
What is a SMURF attack
Type of DDOS where an attacker sends ICMP ping requests to a network’s broadcast address, spoofing the source IP as the victim’s IP, the entire network resposne to the victim causign a DDOS
Why does a SMURF attack work
It works as the network broadcast address is designed to send the request to all devices in the network which will all reply to the victim
What is the length characteristics of a MAC Address
6 blocks separated by hypen/colon with 2 char in each block = 12 char
How to identify a multicast MAC address
01 in the first octet