Block 4 Flashcards
The segment format which is used as the Connectionless transport protocol in the TCP/IP stack?
(UDP) user datagram protocol
What is the type of protocol that just sends out packets to the receiving system and do not check to see if it was received
Connectionless-Oriented
Which protocol is best used to send small amounts of data
(UDP) user datagram protocol
What layer is responsible for logical addressing and routing of data packets from from the source to destination
Network layer
Network later protocols are divided into two categories.. What are they?
Routed and routing
Which category in the network layer protocol provides enough info to allow a segment/packet/frame to be forwarded from one host to another based on the addressing scheme through the router.
Routed protocols
Commonly routed protocol … It is Connectionless, unreliable, best effort delivery system protocol used on the internet
Internet Protocol (IP)
Which network layer protocol provides mechanisms for sharing routing information?
Messages move between routers in this protocol.
Routing protocol
What are the two classes of routing protocols?
Interior and Exterior Gateway Protocols.IGPs and EGPs
Routed packets inside a local network.. Examples are RIP IGRP OSPF
Interior routing protocols
Used to link several LANS /MANS together.
Example is a BGP
Exterior routing protocol
What is a (BGP) Border Gateway Protocol?
Exchange information between autonomous systems while guaranteeing loop free path selection.
Which layer controls the electrical impulse that enter and leave the network cable?
Data link layer
Which layer is responsible for the link between two devices on the same network via MAC address and broken down into LLC and MAC
Data link layer
Which later is responsible for transmitting bits from one computer to another
Physical Layer
Two types of media access techniques
Centralized access control
Distributed access control
Which media access technique is commonly found in mainframe-access apps where a front end communications controller polls terminals and gives each authority to transmit
Centralized access control
Which method under distributed control access operates like a group discussion?
Random access methods
Which method under distributed access control guarantees each station a turn at the transmission media even if they don’t have anything to transmit
Deterministic access methods
What is the United Nations agency formed to develop and standardize communication around the world
international telecommunications union (ITU)
What’s set standards for consumer products and electronic components?
EIA Electronics Industries Alliance
Which organization is responsible for overseeing the development of internet standards and protocols
IAB Internet Architecture Board
A standard developed by a company for that company’s product only
Proprietary or closed standard
Widely accepted standard designed to apply to equipment and Software regardless of the manufacturer.
Non-proprietary or Open
Product Is widely used and it becomes a standard without any formal path of implementation.
De Facto
A standard that has been officially approved by a recognized standards committe
De jure
What standards added enhancements to the open systems interconnection (OSI) model that all internet systems are based on
802
Defines wireless network standards (LAN)
802.11
Defines wireless personal are networks (WPAN)
802.15
Defines broadband wireless standards
802.16
Standard for mobile wireless
802.20
Sometimes called media converters… Required when going from one type of media to another
Converters
Both transmits and receives analog or digital signal
Transceiver
A printed circuit board that enables a PC to be attached to some sort of network cabling by providing a physical connection point and electrical signal conversion.
Network interface card (NIC)
Any digital device at the user end, which transmits and receives data and issues communication equipment for data transfer
DTE Data Terminal Equipment
Devices connected to a comm line for the purpose of transferring data from one point to another.
They establish maintain and terminate the connection.
DCE data communications equipment
Layer 1 device that does not manage any data that goes threw it. Any packet that enters a port is broadcast out on all other ports.
Hub
Layer one device that is added to a network to extend the length of the cable. Used for digital signals.
Repeater
Layer two device that connects two or more LAN segments to effectively make those segments one logical network. Switches in software.
Bridge
Layer two device that switches in hardware and interconnect LANs of different bandwidth.
Maintain MAC address tables.
Switches
Convert protocols languages and architecture to allow communications between different systems but do not alter the original data in any way.
Gateways
Connects two or more network segments and support dynamic path assignment. Gateway for entry to and from a network
Routers
Most advanced encryption and authentication available.
VPN Concentrators
VPN concentrator creates a virtual private network by creating a secure connection across a TCP/IP network called?
Tunneling
Creates more space for cables where there isn’t much floor space
Distribution racks and rack shelves
Most accurate time and frequency standard known… Used as primary standards for international time distribution services
Atomic clock
A space based positioning and time transfer system
GPS
Measure of secrecy of information
Confidentiality
Ensures that information is accurate and reliable. Ensures data is not tampered with.
Integrity
Ability of the users to access the information.
Availability
Process by which a subject professes and an identity and accountability is initiated.
Identification
The process of verifying or testing that the identity claimed by a subject is valid or the procedure where the system verified the individual or network device has a right to access the system or system resource
Authentication
What’s the most common method of identification and authentication
Username and password
Weakest form of protection
Knowledge based (username and passwords)
Password-generating devices that subjects must carry with them
Possession-based
Physical means to provide identity. In the forms of a swipe card, smart card, floppy disk or simple as a key
Static token
Generates passwords at a fixed time intervals.
Synchronous dynamic password token
Generates passwords based on the occurrence of an event
Asynchronous dynamic password token
Generates passwords or responses based on instructions from the authentication system.
Challenge-response token
A behavioral or physiological characteristic that is unique to the subject
Biometric based
Way to substantially increase the security of I&A is to use a combination of I&A
Combining methods
A mechanism that employs a third-party entity to prove identification and provide authentication
Ticket authentication
A mechanism that allows a subject to be authentication only once on a system and be able to access resource after resource unhindered by repeated authentication prompts
Singe sign on
Residual representation of data that was previously erased in some way.
Remanence
Use of prescribed safeguards and controls to prevent reconstruction or disclosure of sensitive or classified information to persons who do not have the proper clearance or need-to-know for information.
Remanence security
Removes information to render the sensitive or classified information unrecoverable by normal system utilities or non-technical means while leaving the media usable.
Clearing media
Removes classified and sensitive information from media to render the information unrecoverable by technical means.
Sanitizing media
A process where the magnetic media is erased
Degaussing
Ultimate form of sanitization
Physical destruction
Occurrence that takes place during a certain period of time that appears suspicious
Event
Event that has a negative outcome affecting the confidentiality, integrity, or availability of an organizations data
Incident
Incidents that are reconnaissance attacks that usually precede another, more serious attack.
Scanning attacks
Any unauthorized access to the system or information the system stores.
Compromise
Think of virus or spyware
Malicious code
Easiest to detect.
Normally when a user or automated tool reports that one or more services are unavailable
DOS Denial of Service
Dedicated response team for investigating any computer security incidents that take place
CIRTS AND CSIRTS
DODs practical strategy for achieving IA in today’s network dependent environments.
Defense in depth
What are the 3 steps under Defense in Depth
People
Organization
Technology
Air Force has further developed the defense in depth strategy and established a concept for boundary protection of the network called ?
Barrier Reed
Barrier reef concept is the Air Forces spin on the defense-in-depth using a process known as
Layering
What does a barrier reef concept consist of at a minimum
External router
Perimeter consisting of firewalls/servers
Internal router
What protects the base the bases network perimeter in accordance with Air Force security policies
Boundary protection
First line of defense for AF bases …. Serves as an entry/exit point to DISN
controlled by inosc
Air Force SDP router
Second layer of defense for Air Force bases .
Acls on this router block address that have been explicitly identified as threat to base operations
External routers
A piece of hardware or software program that examines data passing into your computer or network
Firewall
Router that provides additional layer
Used to block high bandwidth or unauthorized traffic
Usually connected to one of the base backbone devices
Internal router
A system that scans, audits, and monitors the security infrastructure for signs of unauthorized access or abuse in progress.
IDS
Which IDS primarily used software
Analyzes encrypted data…
Host based IDS (HIDS)
A system that primarily uses passive hardware sensors to monitor traffic on a specific segment on a network
Cannot analyze encrypted packets
Network based (IDS)
Ability to identify and report vulnerabilities at the host and network level to protect resources directly managed by the NCC
Internal control
Provides the capability to prioritize and guarantee access to traffic at various levels of mission criticality.
Access preservation
Limits access to base systems based on roles or identification that reflects the degree of the users need to know and privileges
Access control
Function that verifies the identity of users attempting to access the network or equipment and applications running on the network
Authentication
Process of encoding information in an attempt to make it secure from in-authorized access, particularly during transmissions
Encryption
Which type of encryption uses a shared key to encrypt and decrypt
Symmetric
Uses two keys a public key and a private key
Asymmetric
Monitor and detect intrusions, security holes and weaknesses in a base network
Security tool precautions
First three sanctioned tools of the Air Force recommended security tools/methods is called
Combat information transport system (CITS)
Performs automated, distributed or event driven proves of geographically dispersed network services, operating system, routers/switches
Internet security systems (ISS)
Agent based intrusion detection tool used by INOSC and NCC.
Intruder alert
Runs a management server and has agents installed on hosts to run checks based on vulnerabilities of a particular operating system.
Enterprise security manager (ESM)
Software is used to prevent, detect, and audit and remove malware, including computer viruses
Anti-Virus
The ability to have a single point of control to accomplish the activities required to manage a network
Network management
Process of detecting, isolating bs correcting network problems
Fault management
3 elements of fault management
Identify, isolate, fix the problem
This occurs when a device sends info to a management device to be recorded or produce a warning
Logging
When the network management software can send out a message to other devices asking them for their status.
Polling
Process of obtaining data from the network and using that data to manage the setup of all managed devices.
Configuration management
3 steps of configuration management
Gathering data
Using the data
Maintaining or storing
A method of managing and controlling hardware configuration and software resources on the network
Control mechanism
Measurement of network usage, costs, charges and access to resources
Accounting management
The goal of this is to ensure all users have adequate users have adequate network resources and are regulated/distributed accordingly.
Accounting management
It’s Goal is to measure and make available various aspects of network performance so that internet work performance can be maintained at an acceptable level.
Performance management
It’s 3 steps are
Gathering data
Analyzing data
Establish thresholds
Performance management
The purpose is to ensure the data and equipment on a network is only used by authorized users.
Security management
Security management involves protecting sensitive information found on devices attached to a data network by?
Controlling access points
What Stops packets or frames from unauthorized hosts before they reach an access point that may have sensitive information?
Packet filtering
What filters network traffic by controlling whether routed packets are forwarded or blocked at the routers interfaces?
Access control lists
What is another name for communication computer facility records
Commonly known as central office records
What is designed to proactively manage small, medium and large scale enterprise networks from local, regional, and central locations simultaneously.
CAIRS
What software modules was adopted by the Air Force as the standard application to maintain and generate central office records?
TMS modules
What provides an automated system to open, close or modify service request?
Work order processor
A client server software application development environment from BMC Software.
Remedy action request system
Provides a common tool to automate and integrate service support processes among functional or regional groups, third-party resources and other parts of the enterprise
Remedy action request system
Provides users a central point to receive help on various computer issues
Help desks
Regulates how much information can be passed over a TCP connection before the receiving host must send an acknowledgement
Sliding windows
Used to reference the location of a particular application or process on each machine.
Identifies the application to the transport layer.
Ports
Combination of port numbers and IP address
Sockets
Assigned port numbers are referred to as?
Also controlled and assigned by IANA
Well known ports
It's four basic steps are Identifying the sensitive information Identify the access points Securing the access points Maintaining and/or monitoring
Security management