BKS Recap Questions Flashcards
how do network standarts affect price and features?
Standards force interoparability which leads to more competition which forces companies to lower prices or better features in order to gain a good market possition.
what three aspects does a message have?
message order message semantics (meaning) message syntax (organization - structure)
Name an example for the importance of message order outside of networking
Cooking recipee
distinguish between syntax and semantics
Syntax: How a message is organized (header, date field, trailer)
Semantics: meaning of the message (Pls give me, Here is the file…)
Describe message ordering in HTTP
Http is a simple request, response cycle.
in http can a server transmit if nothing has been requested?
No, the server can not transmit without the client making a request first.
Describe the three step handshake in TCP connection openings
syn ->
ack
what kind of message does the destination host send if it does not recieve a segment during a tcp connection?
Data=HTTP request error
under what circumstance will the source host tcp process retransmit the segment?
If it did recieve a Data=http request error
describe the four step closing handshake in tcp
fin ->
ack
after a side initiates the close of a conection by sending a fin segment, will it send any more segments=
yes it can send one more segment, before the other side closes as well.
what are the three general parts of a message?
header, data field, trailer
what does the data field contain?
Its the heart of the message and contains the content being delivere by the message.
In http it contains the the file for the response message.
Is there always a data field?
No, sometimes only a header is needed. For example when you only need the Ack flag.
what is the definition of a trailer?
Everything that comes after the data field.
Distinguish between Header and header fiels
the header contains the header fields which then contain different information f.e. destination header adress field which contains information for switches and routers.
distinguish between octets and byte
It is just different terminology. Both octets and byte are 8 bits. In networking we mostly speak of octets, because it kind of makes more sence (oct - 8)
which is the dominant network standard in wired lans?
Ethernet, which is more like a assembly of standards
name the data link layer address used in Ethernet. What is the size?
Extended Unique Identifier - EUI48 address (former mac address)
It is 48 bit or 6 byte/octet in size
waht is the role of frame check sequence field in ipv4 segments?
The host checks if the segment numbers are the same in order to verify they are at the same segment.
can ethernet correct an erroneous frame?
No it cannot correct the frame, it can only detect erronouse frames.
why was tcp designed to be complex?
The ipv4 was a best effort syntax. TCP needed to be more complex in order to be more userfriendly, reliable and easier to see through.
why is it important for network professionals to understand TCP?
complex internetwork transmission tasks are handled by it. So in order to understand networking you need to understand TCP.
What are TCP Messages called?
They are called TCP Segments
what is the role of sequence numbers in segmentation and reassembly?
Without segment numbers it wouldnt be possible to reasseble the packages in the right order. (in the wrong order they would be useless)
If a host wishes to acknowledge a connection request from another host which field will it use?
It will use the Flag fields in the Segment header. It will be set to 1 in the ACK bit.
How does an ACK number make tcp a reliable protocol?
because the ack number makes every segment unique,
Errors can be discarded, resend and reassbeled.
what type of port numbers do server use for common server programs?
SMTP->Port 25, HTTP-> port 80, FTP->20,21
what type of port do clients use when they communicate with server programms
Clients generate a ephemeral port number (1024-4999) when talking to a server and are discarded after the connection.
what si the range of port numbers for each type
0-1023 for server ports
1024-4999 for ephemeral ports
Why are some ports called ephemeral
because they will be discarded after each use
what is the syntax of a socket?
The IP Address, a colon (:) and the port number. Example: 128.0.0.1:25
Do HTTP request messages have a header, data field and trailer?
They have Header and a data fields but usualy no trailer.
On what layer is the convertion from bits to ascii?
the application layer
why is there a need for encoding
because on every layer under the application layer everything is sent in bits.
what layers require ancoded messages?
the transport layer and lower (>=4)
convert 4 to binary
00100
convert 00100 to decimal
4
convert 11011 to decimal
27
how is voice encoding carried out?
the analog signal is translated to a digital one by measuring th loudness of voice thousand times a minute. A digital circuit (encoder) translates it.
what is ecapsulation?
Encapsulation is the repacking of a segment/frame when going through another layer. a tcp segment has to be encapsulated in a ip packet to go through that layer.
Why is encapsulation necessary for there to be
communication between processes operating at the same layer but on different hosts, routers, or switches?
because other layers wouldn’t be able to understand the packet/segment. So it needs to be encapsulated in order to be understandable for the standard protocol
explain the target breach
an employee recieved a spear fishing email which infected the his machine. That machine did send codes to the attacker which they used for login on the server. . they uploaded POS (Point of sale) maleware. so it was downloaded to all POS terminals in all target stores.
They collected data of all credit cards which they could sell to counterfeit card manufacturers.
Whose actions would you need to anticipate when managing network security?
Everyones. Every move of every user, hacker and goverment. There is no perfekt security solution.
How would you define a threat environment?
threat environment is when users dont upgrade their systems fast enough so there are vulnerabilitys on the system, which can be used to inject malware.
What is a vulnerability?
vulnerability is a flaw in a program that permits a specific attack or set of attacks against this program to succeed.
How can users eliminate vulnerabilities in their programs?
They have to install patches immediately.
What name do we give to attacks that occur before a patch is available?
Zero-day Attack
How do viruses and worms differ?
A virus is attached to a program, worms are standalone products.
What is a propagation vector?
the type/way a worm/virus uses to spread/propagate
Under what circumstances are scripts likely to be
dangerous?
There are scripts (mobile code) which gets downloaded to your device if opened. The script can then run on your device.
What is meant by payload
The tasks a malware has. F.E. deleting your harddisk.
What is social engineering?
it aims at human failure. a user is asked to compromise personal or corporate security by offering him something. (a nice download for example)
Distinguish between phishing and spear phishing.
spear fisihing aims at one particular person. the attacker learns a lot about that person and uses personal data to make the fishing more personal
what si the def of hakcing?
intentionally using a computer resource without authorization or in excess authorization
Describe the two stages that typically occur in an attack.
The exploit - the actual break in via tools
after break in - exploiting the ressource, gathering data and so on.