Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

exam prep > Appendix B > Flashcards

Appendix B Flashcards

1
Q

What are the IPv4 private network ranges for internal use

A

Class A : 10.0.0.0/8

10.0.0.0 - 10.255.255.255
Addresses: 16,777,216

Class B : 172.16.0.0/12

172.16.0.0 - 172.31.255.255
Addresses: 1,048,576

Class C : 192.168.0.0/16

192.168.0.0 - 192.168.255.255
Addresses: 65,536

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

How many bits in length is IPv4

A

32 - 4 octets of 8

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What was introduced to help alleviate address exhaustion

A

NAT

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What Protocol number is IPv4

A

4

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What Protocol number is IPv6

A

41

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What Protocol number is ICMP for IPv6

A

58

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

How long is an IPv6 address

A

128 bits - 8 octets of 16 bits

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

How can IPv6 addresses be abbreviated

A

One or more leading zeroes from any groups of hexadecimal digits are removed; this is usually done to either all or none of the leading zeroes. For example, the group 0042 is converted to 42.

Consecutive sections of zeroes are replaced with a double colon (::). The double colon may only be used once in an address, as multiple use would render the address indeterminate. RFC5952 recommends that a double colon must not be used to denote an omitted single section of zeroes.

An example of application of these rules:
Initial address:
2001:0db8:0000:0000:0000:ff00:0042:8329
After removing all leading zeroes: 2001:db8:0:0:0:ff00:42:8329
After omitting consecutive sections of zeroes: 2001:db8::ff00:42:8329

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What is significant about the 169.254.0.0/16 range?

A

This is the “link local” block. As described in RFC3927, it is allocated for communication between hosts on a single link. Hosts obtain these addresses by auto-configuration, such as when a DHCP server cannot be found.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What does TCP stand for

A

Transmission Control Protocol

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

How is a TCP connection established

A

Three Way Handshake to establish the session (SYN - SYN/ACK - ACK) then uses acknowledgments to confirm data has been received.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What is TCP windowing?

A

The key to networking efficiency.

Files are broken up into packets of up to 1500 bytes and sent to the recipient. Increases the number of packets sent at once until it starts dropping packets (This is why time estimates on windows file copying change drastically when copying large files).

Uses sequence numbers to confirm file transmission. Ack numbers are always greater than syn numbers.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What does UDP stand for?

A

User Datagram Protocol

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Why is UDP considered to be “Unreliable”

A

Unlike TCP there is no acknowledgement that data has been received (Connectionless)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

What is UDP typically used for

A

Services which do not require acknowledgement such as VOIP, DNS and TFTP

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

What is a Fraggle attack

A

A Fraggle attack is the same as a Smurf attack but rather than ICMP, the UDP protocol is used.
The prevention of these attacks is almost identical to the Smurf attack.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

What is a Smurf attack

A

In a smurf attack, an attacker will spoof the source address of the ICMP packet and send a broadcast to all computers on that network. If networking devices do not filter this traffic, then they will be broadcasted to all computers in the network. The victim’s network gets congested by this much traffic, which brings down the productivity of the entire network.

To mitigate the risk of a smurf attack it is advised that the following actions are taken :

Put filters on routers and firewall to counteract address spoofing. An IP address should be assigned to a LAN segment, and if the IP address of the source machine is not in the range of IP address that is assigned to the segment, then the traffic should be dropped.

Put filters on L3 devices to not reply for broadcast address.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

What does ICMP stand for

A

Internet Control Message Protocol

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

What is ICMP used for

A

Used primarily for network diagnostics.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

What Protocol number is ICMP

A

1

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

What ICMP type is a ping

A

8

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

What ICMP type is a traceroute

A

30

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

What does UTP stand for

A

Unshielded Twisted Pair, often referred to as a CAT 5 cable

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

When would you use a straight through cable

A

When connecting hosts unlike each other
ie
Switch - Computer

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
Q

When would you use a crossover cable

A

When connecting like devices.
ie
PC - PC
Switch - Switch

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
26
Q

How does fibre transmit data?

A

Pulses of light

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
27
Q

What types of fibre exist

A

Multi Mode Fibre (MMF)

Single Mode Fibre (SMF)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
28
Q

What colours do MMF and SMF cabling tend to be

A

MMF : Orange/Aqua

SMF : Yellow

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
29
Q

What speeds and distances are typical of MMF

A

100 Mbit/s up to 2000m
1 GB/s up to 1000m
10 GB/s up to 550m

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
30
Q

What is a VCSEL

A

Vertical-Cavity Surface-Emitting Laser. The VCSEL is a semiconductor laser diode which emits lasers used in MMF

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
31
Q

Where is MMF typically used

A

Multimode fiber is used for signal transmission over short distances.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
32
Q

Where is SMF typically used

A

Singlemode fiber is used for long distance transmission.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
33
Q

What speeds and distances are typical of SMF

A

DWDM (Dense Wavelength Division Multiplexing) allows singe-mode fiber to transmit data at speeds up to 400GB/s

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
34
Q

How does DWDM work?

A

DWDM works by transmitting multiple signals simultaneously at different wavelengths on the same fiber, turning one fiber into multiple virtual fibers.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
35
Q

What are they key differences of SMF and MMF

A

Multi-mode has a larger core diameter.
Multi-mode has higher “light-gathering” capacity than single-mode.
Multi-mode allows the use of cheaper electronics such as LED and VSCELs
Single-mode bandwidth-distance limit is higher
Single-Mode is used for long distance transmission, Multi-Mode is used for short distance transmission.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
36
Q

What are the speeds associated with 10/100/1000Base T

A

10 Mbps
100 Mbps
1 Gbps

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
37
Q

What is 100 Base T otherwise known as

A

Fast Ethernet

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
38
Q

What is 1000 Base T otherwise known as

A

Gigabit Ethernet

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
39
Q

What are the standards associated with 10/100/1000Base T

A

10 BASE-T - known as 802.3i
100BASE-T - known as 802.3u
1000BASE-T - known as IEEE 802.3ab

40
Q

What type of cabling tends to be used for 10 Base T

A

10BASE-2 (Thinwire coaxial cable with a maximum segment length of 185 meters)

41
Q

What type of cabling tends to be used for 100 Base T

A

100BASE-T4 (four pairs of telephone twisted pair wire)
100BASE-TX (two pairs of data grade twisted-pair wire)
100BASE-FX (a two-strand optical fiber cable)

42
Q

What type of cabling tends to be used for 1000 Base T

A

1000Base-T uses four pairs of Category 5 unshielded twisted pair cables to achieve gigabit data rates.

43
Q

How does a token ring network work

A

Token Ring is another networking topology, where hosts are organised into a ring. One advantage of token ring over legacy Ethernet networks was that bandwidth could be shared fairly, with each host in the ring only being able to send data while it held the ‘token’, once it had sent a set amount of data, the token was passed around the ring to the next host.

Originally speeds were 4 or 16Mbit/sec however newer implementations supported 100Mbit/sec. It has mainly been replaced by switched Ethernet however may still be found in financial institutions.

Cabling is generally IBM “Type-1” shielded twisted pair, with unique hermaphroditic connectors, commonly referred to as IBM data connectors. The connectors have the disadvantage of being quite bulky, requiring at least 3 x 3 cm panel space, and being relatively fragile.

44
Q

What standard is a token ring network

A

(ANSI)/IEEE standard 802.5

45
Q

What are the differences between Encoding and Encryption

A

Encoding is for maintaining data usability and can be reversed by employing the same algorithm that encoded the content, i.e. no key is used.

Encryption is for maintaining data confidentiality and requires the use of a key (kept secret) in order to return to plaintext.

46
Q

What are the differences between Asymmetric and Symmetric encryption

A

Symmetric uses one key to both encrypt and decrypt, and asymmetric uses one key to encrypt and another to decrypt.

Symmetric is one way, and asymmetric is a two way function. Symmetric uses one key to both encrypt and decrypt, and asymmetric uses one key to encrypt and another to decrypt. Symmetric encryption is strong and asymmetric encryption is weak. Symmetric does not use a key, and asymmetric makes use of keys.

47
Q

What is a Stream cipher

A

A stream cipher is a symmetric key cipher where plaintext digits are combined with a pseudorandom cipher digit stream (keystream). In a stream cipher, each plaintext digit is encrypted one at a time with the corresponding digit of the keystream, to give a digit of the ciphertext stream.

48
Q

What is a Block cipher

A

A block cipher is an encryption method that applies a deterministic algorithm along with a symmetric key to encrypt a block of text, rather than encrypting one bit at a time as in stream ciphers. For example, a common block cipher, AES, encrypts 128 bit blocks with a key of predetermined length: 128, 192, or 256 bits.

49
Q

What does DES stand for

A

Data Encryption Standard

50
Q

What type of cipher is DES

A

DES is a block cipher

51
Q

What are the size of keys and blocks used in DES

A

Key sizes 56 bits (+8 parity bits)

Block sizes 64 bits

52
Q

What are the DES modes

A 
Four modes
The Electronic Codebook (ECB) mode
The Cipher Block Chaining (CBC) mode
The Cipher Feedback (CFB) mode
The Output Feedback (OFB) mode
53
Q

What are the key points of ECB

A 
Electronic Codebook (ECB)
The same plaintext value will always result in the same ciphertext value.

Electronic Code Book is used when a volume of plaintext is separated into several blocks of data, each of which is then encrypted independently of other blocks. In fact, Electronic Code Book has the ability to support a separate encryption key for each block type.

54
Q

What are the key points of CBC

A

Cipher block chaining (CBC)

One of its key characteristics is that it uses a chaining mechanism that causes the decryption of a block of ciphertext to depend on all the preceding ciphertext blocks. As a result, the entire validity of all preceding blocks is contained in the immediately previous ciphertext block.

In cipher block chaining, each plaintext block is XORed with the immediately previous ciphertext block, and then encrypted.

55
Q

What are the key points of CFB

A 
Cipher Feedback (CFB)
A block cipher implementation as a self-synchronizing stream cipher.

CFB mode allows data to be encrypted in units smaller than the block size

CFB mode generates a keystream based upon the previous ciphertext (the initial key comes from an Initialization Vector [IV]). In this mode, a single bit error in the ciphertext affects both this block and the following one.

56
Q

What are the key points of OFB

A 
Output Feedback (OFB)
A block cipher implementation conceptually similar to a synchronous stream cipher.

OFB prevents the same plaintext block from generating the same ciphertext block by using an internal feedback mechanism that generates the keystream independently of both the plaintext and ciphertext bitstreams.

In OFB, a single bit error in ciphertext yields a single bit error in the decrypted plaintext.

57
Q

What is 3DES

A

Also referred to as 3DES, a mode of the DES encryption algorithm that encrypts data three times. Three 64-bit keys are used, instead of one, for an overall key length of 192 bits (the first encryption is encrypted with second key, and the resulting cipher text is again encrypted with a third key).

58
Q

What are the keying options available to 3DES

A

Keying option 1
All three keys are independent. Sometimes known as 3TDEA or triple-length keys.
This is the strongest, with 3 × 56 = 168 independent key bits. It is still vulnerable to meet-in-the-middle attack, but the attack requires 22 × 56 steps.

Keying option 2
K1 and K2 are independent, and K3 = K1. Sometimes known as 2TDEA or double-length keys.
This provides a shorter key length of 112 bits and a reasonable compromise between DES and Keying option 1, with the same caveat as above. This is an improvement over “double DES” which only requires 256 steps to attack. NIST has deprecated this option.

Keying option 3
All three keys are identical, i.e. K1 = K2 = K3.
This is backward compatible with DES, since two operations cancel out. ISO/IEC 18033-3 never allowed this option, and NIST no longer allows it.

59
Q

What is AES

A

The Advanced Encryption Standard, or AES, is a symmetric block cipher chosen by the U.S. government to protect classified information and is implemented in software and hardware throughout the world to encrypt sensitive data.

60
Q

How does AES encrypt

A

AES comprises three block ciphers: AES-128, AES-192 and AES-256. Each cipher encrypts and decrypts data in blocks of 128 bits using cryptographic keys of 128-, 192- and 256-bits, respectively.

61
Q

What is RSA

A

RSA (Rivest–Shamir–Adleman) - Asymmetric

RSA is one of the first practical public-key cryptosystems and is widely used for secure data transmission. In such a cryptosystem, the encryption key is public and it is different from the decryption key which is kept secret (private)

62
Q

What is RC4

A

RC4 is a stream cipher. While remarkable for its simplicity and speed in software, multiple vulnerabilities have been discovered in RC4, rendering it insecure.

63
Q

What is SHA hashing

A

SHA-1 produces a 160-bit (20-byte) hash value known as a message digest.

64
Q

What is MD5 hashing

A

The MD5 algorithm is a widely used hash function producing a 128-bit hash value. Although MD5 was initially designed to be used as a cryptographic hash function, it has been found to suffer from extensive vulnerabilities. … Like most hash functions, MD5 is neither encryption nor encoding.

65
Q

What is HMAC

A

HMAC (keyed-hash message authentication code ) is a computed “Signature” often sent along with some data.

The HMAC is used to verify (authenticate) that the data has not been altered or replaced.

66
Q

What levels of the OSI model are associated with SSL

A

TLS & SSL belong to the level that encrypts the application level data.

This level is the Presentation layer or level 6

67
Q

What does PKI stand for

A

Public Key Infrastructure (PKI)

68
Q

What are the 5 basic components for PKI

A 
Trust
Certification Authorities
Private and public keys
Certificate enrollment
Digital certificates
69
Q

How does the SSL Handshake work

A

The client uses the server’s public key to encrypt the symmetric key and send it securely to the server, and the server uses its private key to decrypt it.

70
Q

What does IPSec do

A

nternet Protocol security (IPsec) uses cryptographic security services to protect communications over Internet Protocol (IP) networks.
IPsec supports network-level peer authentication, data-origin authentication, data integrity, data confidentiality (encryption), and replay protection.

71
Q

What are the two modes of IPSec

A

Transport mode

IPSec Transport mode is used for end-to-end communications, for example, for communication between a client and a server or between a workstation and a gateway (if the gateway is being treated as a host). A good example would be an encrypted Telnet or Remote Desktop session from a workstation to a server.

Tunnel mode.

IPSec tunnel mode is the default mode. With tunnel mode, the entire original IP packet is protected by IPSec. This means IPSec wraps the original packet, encrypts it, adds a new IP header and sends it to the other side of the VPN tunnel (IPSec peer).

72
Q

What is SA

A

A Security Association (SA) is the establishment of shared security attributes between two network entities to support secure communication.

An SA may include attributes such as: cryptographic algorithm and mode; traffic encryption key; and parameters for the network data to be passed over the connection.

73
Q

What 3 parameters identify a SA session

A

Security Parameter Index (SPI) - 32-bit string used by the receiving station

Destination IP Address - Must be unicast and is the final destination

Security Protocol ID - Either an AH or ESP assocaiation

74
Q

What are the two protocols of IPSec

A

Authentication Header (AH) - Provides integrity, authentication and non-repudiation

Encapsulating Security Payload (ESP) - Provides confidentiality and limited authentication

75
Q

What 3 methods are used for IKE authentication

A

Main Mode

IKE Phase 1 operating in main mode works with both parties exchanging a total of 6 packets, that’s right 6 packets is all it takes to complete phase 1.

Aggressive Mode

IKE Phase 1 operating in aggressive mode only exchanges 3 packets compared to the 6 packets used in main mode. One downside in aggressive is the fact it not as secure as main mode.

Perfect Forward Secrecy PFS

Perfect Forward Secrecy PFS, if PFS is configured on both endpoints the will generate a new DH key for phase 2/quick mode.

76
Q

What port is used for IKE

A

UDP/500

77
Q

What port is used by SSH

A

TCP/22

78
Q

What layer does SSH operate at?

A

Application layer (Layer 7)

79
Q

What does SSH provide

A

SSH provides a secure channel over an unsecured network in a client-server architecture, connecting an SSH client application with an SSH server.

80
Q

What is PGP

A

Pretty Good Privacy

PGP uses a faster encryption algorithm to encrypt the message and then uses the public key to encrypt the shorter key that was used to encrypt the entire message.

81
Q

What are the three groups of Linux file permissions

A

owner - The Owner permissions apply only the owner of the file or directory, they will not impact the actions of other users.

group - The Group permissions apply only to the group that has been assigned to the file or directory, they will not effect the actions of other users.

all users - The All Users permissions apply to all other users on the system, this is the permission group that you want to watch the most.

82
Q

What are the three permission types in Linux

A

read (r) - The Read permission refers to a user’s capability to read the contents of the file.

write (w) - The Write permissions refer to a user’s capability to write or modify a file or directory.

execute (x) - The Execute permission affects a user’s capability to execute a file or view the contents of a directory.

83
Q

How would you view file permissions in Linux

A

ls -h. The -h option changes the way file sizes are displayed.

ls -a. To display hidden files (files with names that start with a period), use the -a option.

ls -l. - To get more information about the files in a directory, use the -l option with ls, as shown in the following example.

84
Q

What are the linux permission numbers

A 
0 = ---
1 = --x
2 = -w-
3 = -wx
4 = r-
5 = r-x
6 = rw-
7 = rwx
85
Q

Breakdown the file permissions in Linux

A

d rwx rwx rwx

d - file type
rwx - User permssions
rwx - Group permissions
rwx - Other users (not part of the group)

86
Q

What can be determined by the following Linux File permissions :

-rw-rw-r– 1 me me

A

Owned by me and part of the membership group me

User - read/write
Group - read/write
Everyone - read only

87
Q

What can be determined by the following Linux File permissions :

-rwxr-xr-x 1 root root

A

Owned by root and membership group is root

User - read/write and execute
Group - Execute and write
Everyone - Execute

88
Q

What are the permissions of each of these files?

-rw——
-rwxr-xr-x
-rw-rw-rw
drwxr-xr-x
drwxrwx—
drwxr-x—

A
  • rw——-: A file that is only accessible by its owner
  • rwxr-xr-x: A file that is executable by every user on the system. A “world-executable” file
  • rw-rw-rw-: A file that is open to modification by every user on the system. A “world-writable” file

drwxr-xr-x: A directory that every user on the system can read and access

drwxrwx—: A directory that is modifiable (including its contents) by its owner and group

drwxr-x—: A directory that is accessible by its group

89
Q

How does chmod work

A

chmod is the command and system call which may change the access permissions to file system objects (files and directories). It may also alter special mode flags. The request is filtered by the umask.

90
Q

What permissions are available in linux?

A

Permissions:
1 – can execute
2 – can write
4 – can read

The octal number is the sum of those free permissions, i.e.
3 (1+2) – can execute and write
6 (2+4) – can write and read
7 - can execute, read and write (super permissions)

Position of the digit in value:
1 – what owner can
2 – what users in the file group(class) can
3 – what users not in the file group(class) can

i.e 755 - owner rwx, group x,r, everyone x,r

chmod 700 file – owner can read, write and execute
chmod 666 file – all can read and write
chmod 777 file – all can read, write and execute

91
Q

What permissions are granted by chmod 600

A

only owner can read and write

92
Q

What types of File System are used in Windows

A

2008 Windows Server 2008 NTFS
2008 Musix GNU/Linux ext4
2008 Nexenta OS ZFS
2009 Windows 7 NTFS

93
Q

What are the 7 Windows File permissions

A
  1. Full Control

Allows: 1, 2, 3, 4, 5, 6, 7

  1. Modify

Allows: 2, 3, 4, 5, 6

  1. Read & Execute

Allows: 3, 4

  1. List Folder Contents

Allows: 4 (but cannot run programs)

  1. Read

Allows: 5 (Implies: 4)

  1. Write

Allows: 6 (Implies:4 )

  1. Special Permissions

Allows: Combinations

94
Q

What is an ACL

A

1 - ACL is a table which tells OS what access rights each user to files.
2 - ACLs provide access control to Active Directory through ADSI (Service Interfaces).

95
Q

What is an ACE

A

ACLs contain a list of Access Control Entities (ACE).

96
Q

What are the two types of ACL

A

standard access lists – with standard access lists, you can filter only on the source IP address of a packet. These types of access list are not as powerful as extended access lists, but they are less processor intensive for the router.

extended access lists – with extended access lists, you can be more precise in your filtering. You can evaluate source and destination IP addresses, type of layer 3 protocol, source and destination port

exam prep (11 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions