Business data networks and security Flashcards
Who funded the ARPANET?
Defense Advanced Research Projects Agency (DARPA)
What year for ARPA created?
1958
What organization spawned the Network Working Group?
members of ARPANET
What does the Network Working Group do?
Create standards to be used for networking
What does a Network WOrking Group “Request for Comments” (RFC) do
The RFC is the recommendation for a standard. All standard in networking are RFC, but not all RFC are standards
What does the standards body IETF acronym stand for?
Internet Engineering Task Force
When was the standards body IETF founded?
late 1960s
was the IETF faster at producing standards than OSI?
Yes
What is a network standard?
rules of operation that specify how two pieces of hardware/software work together to exchange messages
What are the important standards agencies?
Internet Engeneering Task Force (IETF)
International Organization of Standardization (ISO)
International Telecommunications Union- Telecommunications Standards Sector (ITU-T)
What standards agency creates internet standards
IETF
What other agencies work together to create network standards
ISO and ITU-T
What is a standards architecture?
Similar to software architecture, it is how the standards are designed to make sense and function
What is a standards architecture layer?
a sub-set of the standards architecture that describes a feature of how the standards architecture operates
What are the OSI Architecture layers in order from 1-7
Physical data link network Transport session presentation Application
What are the TCP/IP (IETF) layers from 1-4
Subnet Access Protocol
Internet
Transport
Application
What are the Hybrid TCP/IP-OSI layers 1-5
Physical Data link Internet Transport Application
What is the TCP/IP architecture Subnet Access Protocol (SNAP)
Basically says “Use OSI standards here”
Does a standards agency dominate in the application layer?
No
with regards to the TCP/IP-OSI architecture, what is the function of layer 5
Application layer governs how two applications work with eachother
with regards to the TCP/IP-OSI architecture, what is the function of layer 4
Transport Layer standards govern aspects of end-to-end communication between two end hosts
with regards to the TCP/IP-OSI architecture, what is the function of layer 3
Internet link layer governs the transmission of packets across the internet
with regards to the TCP/IP-OSI architecture, what is the function of layer 2
The data Link layer govern the transmission of frames across a single switched network
with regards to the TCP/IP-OSI architecture, what is the function of layer 1
Physical layer govern transmission between adjacent devices connected by a medium
what is carried inside of a frame
packets
How is the three-step opening performed?
1: Host A sends a TCP SYN to Host B
2: Host B sends a TCP SYN/ACK to Host A
3: Host A sends aback a pure TCP ACK segment to Host B
What are the three TCP control Segments?
SYN
ACK
FIN
in TCP protocol what are the three general parts of a message
Header
data fields
frame trailer
What is a threat environment?
The types of attacks that are commonly used
What is malware?
malicious software that is typically infiltrated into a network
Describe what the spear phishing attack is?
The attacker personalizes an e-mail message for a particular recipient so that information is exfiltrated or malware is infiltrated
What are the three types of malware
Viruses
Worms
Trojan Horses
What is a virus malware?
A piece of malware (typically a script) that leverages vulnerabilities in software which already exists within the network.
What is a worm malware?
Worms are full programs that can be propagated between computers.
What is a Trojan Horse?
A malware which disguises itself as a legitimate, and must be placed in a network by another piece of malware, or attacker
What is a malware payload?
A piece of code that performs the malicious activity
With regards to a cyber attack, what is an APT?
Advanced Persistant Threat
With regard to the OSI model, at what layers do wireless LANs operate?
physical and data link layers
What is the distinction between WI-FI and 802.11?
Wi-Fi steams from the Wi-Fi Alliance, which is an industry consortium of 802.11 compliant product vendors.
with regards to Wi-Fi, what is a service band?
A range of frequencies used for a specific purpose. This is comprised of multiple channels
With regards to Wi-Fi, what is a channel?
A subset of Service band frequencies.
With regards to Wi-Fi, what is the range of frequencies used in the 2.4GHz service band?
2.4GHz -> 2.4835GHz
With regards to Wi-Fi, what is the frequency range of the 5GHz service band?
5GHz -> 5.725GHz
With regards to the 802.11 standard, what is roaming?
The hand-off between multiple access points, while a user is moving between them
What OSI layer are switched and wireless networks governed?
Layer 1 and Layer 2
With regards to a router, what is an interface?
The physical connector for a wired connector
With regards to a switch, what is a port?
The physical connector for a wired connection
Explain the network adage “Switch where you can; route where you must”
This is used to describe the idea that for the same amount of network traffic, a router is much more expensive than a switch
With regards to the Internet, what is a network?
collection of routers and data links owned by a recognized organization
With regards to Ethernet, what is a network
A collection of hosts and clients connected to a single datalink and router
With regards to TCP/IP networking, what are the parts of the hierarchical Addressing?
network, subnet, host
With regards to TCP/IP networking, what is the network part of the hierarchical IPv4 address?
The network part is the first 8 to 24 bits of a network address. This identifies the host’s recognized network on the internet
With regards to TCP/IP networking, what is the subnet part of the hierarchical IPv4 address?
The 8 bits after the network address. This is used to subdivide an organization’s networks into smaller units
With regards to TCP/IP networking, what is the host part of the hierarchical IPv4 address?
The remaining bits that are not a part of the network or the subnet in the address. This is used to identify the specific host in the subnet
Just looking at a IPv4 address, can you determine the network, subnet, host?
No
What does a border router do?
Routes between different networks
What does an internal router do?
connect different subnets
with regards to TCP/IP, how do masks work?
A mask is applied as a binary and with the address to determine the network or subnet.
with regards to TCP/IP, what is routing?
The process of getting a packet closer to its destination host.
With regards to TCP/IP, what is a Routing Table
A table of routes, that a router uses to determine the best route to send a packet.
With regards to IPv4, how many bits are in the version field?
4
With regards to IPv4, how many bits are in the internet header length?
4
With regards to IPv4, how many bits are in the differentiated Service Control Point?
6
With regards to IPv4, how many bits are in the ECN?
2
With regards to IPv4, how many bits are in the Total Length?
16
With regards to IPv4, how many bits are in the Identification?
16
With regards to IPv4, how many bits are in the flags?
3
With regards to IPv4, how many bits are in the Fragment Offset?
13
With regards to IPv4, how many bits are in the time to live?
8
With regards to IPv4, how many bits are in the Protocol
8
With regards to IPv4, how many bits are in the Header Checksum
16
With regards to IPv4, how many bits are in the Source IP Address
32
With regards to IPv4, how many bits are in the destination IPv4 Address?
32
With regards to IPv4, what is the ECN?
Explicit Congestion Notification, used to notify the receiver of congestion
With regards to IPv4, what fields govern transmission quality?
Differentiated Services Control Point
Explicit Congestion Notification (ECN)
With regards to the IPv4 header Protocol Field, what is the value for TCP?
6
With regards to the IPv4 header Protocol Field, what is the value for UDP?
17
With regards to the IPv4 header Protocol Field, what is the value for ICMP?
1
With regards to TCP/IP, what role does the ICMP protocol provide?
This is used for the internet layer supervisory messages
While IPv4 is very common today, what is the largest issue presented to its use?
The Internet Assigned Numbers Authority ran out of unique address.
With regards to TCP/IP wahat is the Canonical Text Notation?
RFC 5952, it is used to create a human readable notation for an IP address
With regards to TCP/IP, what is the notation used for IPv6?
Hexadecimal notation
With regards to IPv$, what is the notation used
dotted decimal notation
with regards to IPv4 what are the two addresses that hosts cannot have?
all 1’s
all 0’s
with regards to IPv6, what are the three parts of an address?
routing prefix
subnet ID
interface ID
with regards to IPv6, what is the IPv4 equivalent to the routing prefix?
network part of the address
with regards to IPv6, what is the IPv4 equivalent to the subnet ID?
the subnet part of the address
with regards to IPv6, what is the IPv4 equivalent to the interface ID?
The host part of the address
With regards to 802.11, what is war driving?
When an attacker uses the wireless signal of the access points to collect information from a victim. In unsecured networks, this could even lead to man in the middle attacks
with regards to 802.11, do public hot-spots protect your transmission
No
What does the 802.11i standard provide?
This standard provides encrypted wireless communication between an access point and a host
With regards to cybersecurity, what does the CIA acronym stand for?
Confidentiality
Integrity
Authentication
With regards to 802.11, why does turning off the periodic broadcast of the access point SSID not provide protection
If there is communication to that access point and a host, each packet header contains an unencrypted SSID for the network.
With regards to 802.11, why does whitelisting the EUI-48 addresses not provide additional security?
During communication between the access point and the host, the EUI-48 is unencrypted in each packet header
With regards to 802.11i, what layer is protected?
The 802.11 standard is focused on protecting the data-link layer
What are some data-link security standards that existed prior to 802.11i?
Advanced Encryption Standard (AES)
Wired Equivalent Privacy (WEP)
Wireless Protected Access (WPA)
With regards to 802.11, Why is WEP no longer used?
It is easily compromised, due to design level issues.
With regards to 802.11 data-link security, which is superior 802.11i or WPA?
802.11i
With regards to cyber-security, what is end-to-end encryption?
Encryption that spans from client to target server
With regards to 802.11i, what is the initial authentication?
The wireless client is the supplicant, which must prove its identity before the access point will allow the client to connect.
With regards to 802.11i, what are the two methods for initial authentication?
Pre-Shared Key (for use in home networks)
802.1X (for use in enterprises)
With regards to 802.11i, how does the pre-shard key (PSK) for initial authentication work?
The wireless host sends a request to the access point
The access point sends an unencrypted challenge message to the host
The host uses the PSK to encrypt the challenge message and sends it to the access point
The access point can decrypt the challenge message and allow access or not
With regards to 802.11i, what is the pairwise session key?
This is the key used for subsequent communication to the access point.
With regards to 802.11i, what are some threats?
The PSK is too publicly known.
An ex-employee can still have the PSK when they leave
With regards to 802.11i, what is the minimum password length for a strong Pre-Shared Key(PSK)?
20 characters
with regards to 802.11i, how is the 802.1X initial authentication performed?
The wireless host contacts the Access point
The access point notifies the 802.1X server
The 802.1X server sends requirements for authentication to the access point
The access point sends the requirements to the wireless host
The wireless hosts sends credentials to access point
The access point sends the credentials to the 802.11X server to perform credentials check
The 802.11X server sends an authorization message to the wireless access point
The wireless access point authorizes the connection to the wireless client, and passes the authorization message
With regards to 802.11i, what are two types of attacks that can occur?
Rogue access point
evil twin attack
With regards to 802.11i, what is the evil twin attack
a man-in-the-middle attack in which the evil twin intercepts traffic passing between a wireless hosts and a legit access point
with regards to 802.11, what defeats an evil twin attack?
A VPN will defeat an evil twin attack
With regards to networking, what is the Simple Network Management Protocol (SNMP) used for?
Management of access points
with regards to networks, what are 4 categories of Quality of Service (QoS)?
Speed
Errors
Availability
Latency
with regards to 802.3, what are the OSI standard layers impacted?
Datalink
Physical
With regards to 802.3, what is a workgroup switch?
A switch to connect individual hosts to the network
With regards to 802.3, what is a core switch?
A switch to connect to other switches
With regards to 802.3, what is an access link?
A physical connection between host and switch
With regards to 802.3, what is a Trunk link?
A physical connection between switches
