BKS Recap Questions Flashcards

1
Q

how do network standarts affect price and features?

A

Standards force interoparability which leads to more competition which forces companies to lower prices or better features in order to gain a good market possition.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

what three aspects does a message have?

A
message order
message semantics (meaning)
message syntax (organization - structure)
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Name an example for the importance of message order outside of networking

A

Cooking recipee

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

distinguish between syntax and semantics

A

Syntax: How a message is organized (header, date field, trailer)
Semantics: meaning of the message (Pls give me, Here is the file…)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Describe message ordering in HTTP

A

Http is a simple request, response cycle.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

in http can a server transmit if nothing has been requested?

A

No, the server can not transmit without the client making a request first.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Describe the three step handshake in TCP connection openings

A

syn ->

ack

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

what kind of message does the destination host send if it does not recieve a segment during a tcp connection?

A

Data=HTTP request error

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

under what circumstance will the source host tcp process retransmit the segment?

A

If it did recieve a Data=http request error

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

describe the four step closing handshake in tcp

A

fin ->

ack

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

after a side initiates the close of a conection by sending a fin segment, will it send any more segments=

A

yes it can send one more segment, before the other side closes as well.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

what are the three general parts of a message?

A

header, data field, trailer

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

what does the data field contain?

A

Its the heart of the message and contains the content being delivere by the message.
In http it contains the the file for the response message.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Is there always a data field?

A

No, sometimes only a header is needed. For example when you only need the Ack flag.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

what is the definition of a trailer?

A

Everything that comes after the data field.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Distinguish between Header and header fiels

A

the header contains the header fields which then contain different information f.e. destination header adress field which contains information for switches and routers.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

distinguish between octets and byte

A

It is just different terminology. Both octets and byte are 8 bits. In networking we mostly speak of octets, because it kind of makes more sence (oct - 8)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

which is the dominant network standard in wired lans?

A

Ethernet, which is more like a assembly of standards

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

name the data link layer address used in Ethernet. What is the size?

A

Extended Unique Identifier - EUI48 address (former mac address)
It is 48 bit or 6 byte/octet in size

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

waht is the role of frame check sequence field in ipv4 segments?

A

The host checks if the segment numbers are the same in order to verify they are at the same segment.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

can ethernet correct an erroneous frame?

A

No it cannot correct the frame, it can only detect erronouse frames.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

why was tcp designed to be complex?

A

The ipv4 was a best effort syntax. TCP needed to be more complex in order to be more userfriendly, reliable and easier to see through.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

why is it important for network professionals to understand TCP?

A

complex internetwork transmission tasks are handled by it. So in order to understand networking you need to understand TCP.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

What are TCP Messages called?

A

They are called TCP Segments

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
Q

what is the role of sequence numbers in segmentation and reassembly?

A

Without segment numbers it wouldnt be possible to reasseble the packages in the right order. (in the wrong order they would be useless)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
26
Q

If a host wishes to acknowledge a connection request from another host which field will it use?

A

It will use the Flag fields in the Segment header. It will be set to 1 in the ACK bit.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
27
Q

How does an ACK number make tcp a reliable protocol?

A

because the ack number makes every segment unique,

Errors can be discarded, resend and reassbeled.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
28
Q

what type of port numbers do server use for common server programs?

A

SMTP->Port 25, HTTP-> port 80, FTP->20,21

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
29
Q

what type of port do clients use when they communicate with server programms

A

Clients generate a ephemeral port number (1024-4999) when talking to a server and are discarded after the connection.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
30
Q

what si the range of port numbers for each type

A

0-1023 for server ports

1024-4999 for ephemeral ports

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
31
Q

Why are some ports called ephemeral

A

because they will be discarded after each use

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
32
Q

what is the syntax of a socket?

A

The IP Address, a colon (:) and the port number. Example: 128.0.0.1:25

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
33
Q

Do HTTP request messages have a header, data field and trailer?

A

They have Header and a data fields but usualy no trailer.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
34
Q

On what layer is the convertion from bits to ascii?

A

the application layer

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
35
Q

why is there a need for encoding

A

because on every layer under the application layer everything is sent in bits.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
36
Q

what layers require ancoded messages?

A

the transport layer and lower (>=4)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
37
Q

convert 4 to binary

A

00100

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
38
Q

convert 00100 to decimal

A

4

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
39
Q

convert 11011 to decimal

A

27

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
40
Q

how is voice encoding carried out?

A

the analog signal is translated to a digital one by measuring th loudness of voice thousand times a minute. A digital circuit (encoder) translates it.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
41
Q

what is ecapsulation?

A

Encapsulation is the repacking of a segment/frame when going through another layer. a tcp segment has to be encapsulated in a ip packet to go through that layer.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
42
Q

Why is encapsulation necessary for there to be

communication between processes operating at the same layer but on different hosts, routers, or switches?

A

because other layers wouldn’t be able to understand the packet/segment. So it needs to be encapsulated in order to be understandable for the standard protocol

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
43
Q

explain the target breach

A

an employee recieved a spear fishing email which infected the his machine. That machine did send codes to the attacker which they used for login on the server. . they uploaded POS (Point of sale) maleware. so it was downloaded to all POS terminals in all target stores.
They collected data of all credit cards which they could sell to counterfeit card manufacturers.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
44
Q

Whose actions would you need to anticipate when managing network security?

A

Everyones. Every move of every user, hacker and goverment. There is no perfekt security solution.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
45
Q

How would you define a threat environment?

A

threat environment is when users dont upgrade their systems fast enough so there are vulnerabilitys on the system, which can be used to inject malware.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
46
Q

What is a vulnerability?

A

vulnerability is a flaw in a program that permits a specific attack or set of attacks against this program to succeed.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
47
Q

How can users eliminate vulnerabilities in their programs?

A

They have to install patches immediately.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
48
Q

What name do we give to attacks that occur before a patch is available?

A

Zero-day Attack

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
49
Q

How do viruses and worms differ?

A

A virus is attached to a program, worms are standalone products.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
50
Q

What is a propagation vector?

A

the type/way a worm/virus uses to spread/propagate

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
51
Q

Under what circumstances are scripts likely to be

dangerous?

A

There are scripts (mobile code) which gets downloaded to your device if opened. The script can then run on your device.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
52
Q

What is meant by payload

A

The tasks a malware has. F.E. deleting your harddisk.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
53
Q

What is social engineering?

A

it aims at human failure. a user is asked to compromise personal or corporate security by offering him something. (a nice download for example)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
54
Q

Distinguish between phishing and spear phishing.

A

spear fisihing aims at one particular person. the attacker learns a lot about that person and uses personal data to make the fishing more personal

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
55
Q

what si the def of hakcing?

A

intentionally using a computer resource without authorization or in excess authorization

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
56
Q

Describe the two stages that typically occur in an attack.

A

The exploit - the actual break in via tools

after break in - exploiting the ressource, gathering data and so on.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
57
Q

What is the purpose of a denial-of-service attack?

A

the shutdown of the attacked server (the denial of any service)

58
Q

What programs directly

attack the victim in a distributed denial-of-service attack?

A

they use botnets or hundreds of bots which send spam packets to the attacked server

59
Q

Explain “advanced” in the term advanced persistent theft

A

Attacks that are really hard and expensive to be carried out. Can take years and needs extreme precision.

60
Q

What type of adversary are most hackers today? b) Why is this type of attacker
extremely dangerous?

A

career hackers, looking for maximum damage or biggest use for them.

61
Q

Is it generally illegal to write malware in the United States? b) What actions
regarding malware are illegal?

A

It is not illegal to write, but to sell or release.

62
Q

What is a cipher?

A

an encryption method to create an encrypted message

63
Q

In tvvoway dialogues, how many keys are used in symmetric key encryption?

A

Both users use the same key. So its one key in two places.

64
Q

What is the minimum size for a strong key?

A

At least 100 bitsor greater.

65
Q

Distinguish between private networks and virtual private networks.

A

private network is on data link not connected to the internet and probably is an ethernet.
virtual private networks work through the internet but act like a private network.

66
Q

for what is ssl / tsl most widely used?

A

browser - webserver connections

67
Q

What does a firewall do when a provable attack packet arrives?

A

discard it and write content to log file

68
Q

Does a firewall

drop a packet if it probably is an attack packet?

A

no, only if proven attack

69
Q

c) Why is it important to read firewall

logs daily?

A

to understand the attacks which are incomming

70
Q

Distinguish between ingress and egress filtering.

A

ingress is incomming and

egress is outgoing

71
Q

describe the Plan, Protect, Respond Cycle

A

Planing the security with risk analysis, minimum permission, in depth defense.
Most budged spend on: Protect- access control, firewall cryptography.
Respond - to attacks and breaches and minimize damage

72
Q

Name the four Quality of Service metrics

A

Speed (Speed of transmission), Errors (Amount of bad packets, Availability (%time network is ava.) Latency (time delay)

73
Q

distinguish between rated speed and throughput

A

rated speed is what the technology is capable of

throughput is what the user really gets

74
Q

what is SNMT

A

SimpleNetworkManagementTools

75
Q

what does UTP mean?

A

unshielded twisted pair (of copper cable)

76
Q

what is the distance of UTP and Optical Fibre?

A

UTP 100m, Fibre: 200-500

77
Q

Name the 4 UTP ethernet standards incl speed, quality and max length

A

100base tx - 100mbps -5e or higher - 100m
1000base t - 1000mbps - 5e or higher - 100m
10000base t - 10000mbps - 6 or higher - 55m
10000base t - 10000mbps - 6a or higher - 100m

78
Q

name the 2 optical fibre quality standards

A

OM 3 length 550m@1gbps, 300@10, 100@100

OM4 lenght 1000@1, 440@10, 150@100

79
Q

What is Modulation?

A

Modulation is the process in which a digital computer singlan converts into a form that can travel down an ordinary analog telephone line

80
Q

What is Amplitude Modulation and how does it work?

A

It is the change of power in the wave (aplitude graph) which can be low and high. A low amplitude = “0” (Bit) and a high amplitude = “1”

81
Q

Which messurement are amplitude waves using?

A

They use Hertz (Hz), which is the amount of cycles in one second

82
Q

what is phase modulation (PM)?

A

the phase gets inverted. (statt erst hoch, erst tief..)

inverted = 0 , normal = 1

83
Q

What is spread spectrum transmission?

A

uses wider bandwidth in order to send three parts of the same frame, if one gets lost the date is still transmitted

84
Q

whats the most used wifi standard?

A

802.11(i)

85
Q

what does SSID mean? whats ESS?

A

Service Set ID

extended service set - with more access points

86
Q

What is CSMA /CA+ACK

A

1 Carrier sense multiple access - the sender listens for traffic and sends when when no one else does.
2Collision Avoidance - whaits random amount of time to avoid collision (in case it would send asap)
and 3 Acknowledgment sends a send request which has to be acknowledged

87
Q

is CSMA/CA+ACK efficient?

A

No because it has to wait and request and then wait for ack again and then send.

88
Q

What is RTS-CTS?

A

Request to send, Clear to send
host sends CTS message
accesspoint sends CTS when rdy

89
Q

name the 802.11 WiFi Standards

A
  1. 11g - 54mbps (2,4ghz)
  2. 11a - 54mbps (5ghz)
  3. 11n - 100-600 (150-300 common) (most used) (2,5 and 5ghz)
  4. 11ac - 433-6930 (433-1300 common) (most soled today) (5ghz)
90
Q

what is a spatial stream?

A

Access point sending two signals in the same channel one from antenna a and one from antenna b

91
Q

Explain PSK

A

PSK means pre shared key. Everyone with the key can access the network.

92
Q

Explain USK

A

Host has PSK but also needs the Unshared session key from the access point. Which is encrypted and only shared with one client (each unique).

93
Q

802.11i security is not enough, what threads are there?

A

except from human failure or internal setup:
rogue access point
evil twin access point

94
Q

What is “rogue access point”

A

a rogue access point is one that is unsecure (e.g. set up by an employee). A hacker can access it.

95
Q

What is an Evil Twin AP (Access Point) operation?

A
An attacker computer impersonates an access point. Opens connection to client and access point separately. Acts as Man in the middle.
Uses Decryption (Key1) to read message and reencrypts (Key2) A after sending trough.
96
Q

Explain the hierachi of IPv4

A
123.456.789.012
Network Part (Maybe not only 8 bits e.g. 123.456)
Subnet Part (maybe not only 8 bits)
Host Part (maybe not only 8 bits)
97
Q

What is the job of a border router?

A

It connects the Internet on one side to the corporate network on the other side.

98
Q

Why are Subnetmasks needed?

A

You cannot tell where an IPv4 Package has to go on its own, so we need subnetmaks.

99
Q

how do subnetmasks work?

A

Masks are applied to the IPv4 address.
if the mask bit is “0” the result is 0.
if the mask bit is “1” the result is the IP address bit in that position.

100
Q

What does a Subnetmask look like?

A

A mask is a series of initial ones followed by a series of final zeros, for a total of 32 bits.
11111111 11111111 00000000 00000000
255.255.0.0
/16 (because 16 of the 32 bits are “1”)

101
Q

explain the difference between ethernet switching and ip routing

A

Ethernet switches are organized in a hierarchy. There is only one possible port to send a frame out and so only one row per address.
Routers are arrenged in meshes with multiple alternative routes. A router may send a packet out to more than one interface (port) and still get the packet to its destination.

102
Q

explain routing ranges

A
A router has a routing table (with IP ranges) which it uses to make routing decisions. 
There may be more than one option:
- chooses closest one
if similar
- chooses better metric cost (less hops)
103
Q

Whats the Problem with ip packet routing

A

The Router knows the nexthoprouter ip but not teh data link layer (EUI48) adress.
To solve this it uses the address resolution protocol (ARP).

104
Q

What is in the first row of an IPv4 packet?

A

Its the header which contains:

  • version = the version of IP packet used.
  • header lenght = tells the size of header
  • ECN Explicit congestion notification = Reduces speed in case of congestion
  • total lenth = tells size of the whole packet
105
Q

What is in the second row of an IPv4 Packet?

A

The second row is used for reassebling, but IP fragmentation is extremely rare.

106
Q

what is in the third row of an IPv4 package?

A
  • TTL (time to live
  • Protocol which is used (1=ICMP, 6=TCP. 17=UDP)
  • Header checksum, to find errors and maybe discard packet. No retransmission. Internetlayer is not reliable.
107
Q

What is in and after the 4th layer of an IPv4 Packer?

A

The source address
the destination address
options (not common, may indicate malicious packet

108
Q

Why do we need IPv6 addresses?

A

Because IPv4 contains only 4b addresses which, considering that ranges are given to corporations, is not enough. So from now on we need to give out IPv6.

109
Q

explain the properties of IPv6

A
  • 128 bits long

- hexadezimal (2001:0027:fe56:0000:0000:0000:cd3f:0fca)

110
Q

Explain how to shorten IPv6 addresses

A

segments which start with zeros can be shortened
2001:0027:fe56:0000:0000:0000:cd3f:0fca
2001:27:fe56::::cd3f:fca
only outer colons are keept
2001:27:fe56::cd3f:fca
if there is more then one full 0 segment, only shorten the LONGEST one (other one keeps all colons.
if they have the same lenght, shorten first one.

111
Q

does an IPv6 Packet have a header checksum?

A

No, the transport layer already takes care of that.

112
Q

what is the “next header” in an IPv6 Packer?

A

always leads to the next header

113
Q

explain the difference between TCP and UDP

A

UDP doenst use acknowledgments which makes it way faster but also less reliable.
Used for applications which need speed over reliability (voice chat, video calls)

114
Q

Whats the Three Step Opening of TCP Sessions?

A

syn->

115
Q

normal 4 step tcp close

A

fin->

116
Q

whats the abrupt tcp close?

A

closes the connection immediatly by sending
RST ->
no ack from other side

117
Q

in IP Subnetting, how do you calculate how many hosts and subnets a firm can have?

A

They apply and get assigned a certain network part. Lets say 16 bit is pre assigned. 16 bits remain for firm to assign. could be 8/8 or 6/10 and so on.
number of hosts OR subnets is 2^numberHere -2 (example 2^8-2=254)

118
Q

what is NAT and how does it work?

A

Network Address Translation. Is a firewall which translates the internal IP to an external IP and saves it into a translation table.
NAT makes it possible to hide the real internal IP address in the internet.

119
Q

What is a Domain?

A

Any group of resources (routers, single networks, hosts, etc) under the control of an organization.

120
Q

how does DNS work?

A

Client asks local dns server for IP.
local dns server asks the authoritive dns server for that name.
authoritive dns server send the IP address of given name.
local dns sends dns response message with ip address

121
Q

how many dns root servers do exist?

A

13

122
Q

what are the two types of top level domains?

A

Country top level domains (.de, .nl)

generic top level domains (.com, .edu….)

123
Q

What is a VPN

A

Virtual Private Network.

Really, its just encrypted communication through an untrusted network

124
Q

what are the two types of VPNs?

A

Remote Access VPNs:
connect a remote user to a corporate site.

Site-to-Site VPNs:
Euch site has a key to encrypt outgoing traffic and a key for dycrypting incomming traffic.

125
Q

what are the two ways IPsec can operate in? What are the pros and cons

A

Transport Mode
host to host, with digital authentication
better security, higher cost
Tunnel Mode
only through internet, unportected at site.
less secure, cheaper

126
Q

Characterisctics of IPsec VS SSL/TSL

A

IPsec is on layer 3
SSL on layer 4

IPsec not build into browsers and co
SSL build in

IPsec can protect any application
SSL cant protect any app.

IPsec excellent security
SSL good security

127
Q

why is IPsec not enough?

A

application cannot tell if its being protected so apps often require SSL/TSL.

128
Q

How do you calculate the 64 Bit unicast interface ID?

A
  • Display EUI-48 address
  • remove dashes
  • convert to lower case
  • devide in half
  • insert fffe in the middle
  • in the second nibble, invert the second last bit. (e. g. 1101 -> 1111)
129
Q

how is the DNS record for IPv6 called?

A

DNS AAAA Record

130
Q

How do routers get there routing tables?

A

They constantly exchange information

several dynamic routing protocols

131
Q

name the routing protocols

A

OSPF - Open shortest path first
EIGRP Enhanced interior gateway routing protocol
BGP Border gateway protocol

132
Q

explain what ICMP is/does

A

ICMP (Internet Control Message Protocol) is an error-reporting protocol network devices like routers use to generate error messages to the source IP address when network problems prevent delivery of IP packets. ICMP creates and sends messages to the source IP address indicating that a gateway to the Internet that a router, service or host cannot be reached for packet delivery. Any IP network device has the capability to send, receive or process ICMP messages.

133
Q

differentiate between LAN,MAN, WAN

A

Local access network, Metropolitan Area Network, Wide Area Network
Lan is cheap, Man medium and WAN expensive.
LAN fast, MAN medium, WAN slow
Diversity of tech LAN low, MAN medium and WAN high

134
Q

basic concept of a wan network?

A

Sites are connnected to the WAN core which is then connected to the ISP

135
Q

what is the PSTN?

A

Public Switched Telephone Network

136
Q

What is ADSL?

A

Asynchronous Digital Subscriber Line.

Uses adnvanced technology to delive date over telephone UTP lines. is inexpensive.

137
Q

What is Cabel Modem Service

A

Coaxial cable that brought tv where there was no reception. Now also Internet Data.

138
Q

Explain cellular technology

A

Antenna towers creating cellsites, broken into cells with each reusing multiple channels to serve enough users.
Traveling through cells will hand you off to next one. Antennas are connected to PSTN.

139
Q

Leased Linie data network

PSDN Public switched data network

A

remeber the names brah.

140
Q

nenne drei definierende eigenschaften von single switched networks

A

1 - nur eine übertragungstechnilogie
2 - kontrollierter addressraum
3 - nachrichten sind frames, nicht pakete