Celine Flashcards
1
Q
What is the application layer?
A
- Top-most layer
- The interface between the user and the network
- Its protocols define how data is formatted, transmitted and interpreted
2
Q
What are major protocols in the application layer?
A
- DHCP
- SMTP
- IMAP
- HTTP
- QUIC
- RTSP
- RTP
3
Q
What does Dynamic Host Configuration Protocol (DHCP)?
A
- Protocol to automatically assigns IP addresses to devices on a network
4
Q
How does DHCP work?
A
- Devices request an IP address from the DHCP server
- The server leases an available IP address for a specific period
- Once the lease expires, the IP address may be renewed or reassigned
5
Q
What are the advantages of DHCP?
A
- Automated IP assignment
- Efficient IP management
6
Q
What does Simple Mail Transfer Protocol (SMTP)?
A
Responsible for sending emails, but not receiving them
7
Q
How does sending an email work?
A
- Sender’s email connects to the SMTP server and sends the message
- SMTP server checks the recipient’s domain and locates the correct mail server
- Sender’s SMTP server connects to the recipient’s SMTP server and transfers the email
- Recipients SMTP server stores the email until retrieved via IMAP or POP3
8
Q
What is Internet Message Access Protocol?
A
Protocol used by email clients to retrieve and manage emails stored on an email server
9
Q
How does IMAP work?
A
- Connects to the mail server through ports 143 (standard) or 993 (encrypted)
- It synchronizes the mails by keeping a TCP connection open to send requests or receive notifications
10
Q
What is Hypertext Transfer Protocol (HTTP)?
A
Used for web browsing and communication between web servers and clients
11
Q
How does HTTP work?
A
- The browser connects to the web using TCP on port 80 or 443
- The browser sends a request for the server
- The server responds with an HTTP status code and the requested content
- The browser processes the response and displays the webpage
12
Q
What are the main HTTP requests?
A
- GET: Request a webpage or resource
- HEAD: like GET but no data is sent back
- POST: send data to the server, could create
- PUT: update resource on the server
- DELETE: removes a resource
13
Q
What do the HTTP status codes mean?
A
- 1xx: Information
- 2xx: Success
- 3xx: Redirection
- 4xx: Client error
- 5xx: Server error
14
Q
How is HTTP/2 different from HTTP/3?
A
- First major revision of HTTP
- Header compression
- Multiplexing multiple requests over a single TCP connection
15
Q
How is HTTP/3 different from HTTP/2?
A
- Does not use TCP connections but runs over QUIC
16
Q
What does Constrained Application Protocol (CoAP) do?
A
- Provides a lightweight HTTP-like protocol for simpler devices
- Minimal overhead
- Uses UDP instead of TCP, faster
-Similar to HTTP
17
Q
What is Quick UDP Internet Connections (QUIC)?
A
- Transport protocol designed to replace TCP in specific situations
- Real-time communications
- Streaming
18
Q
What is Real Time Streaming Protocol (RTSP)?
A
A network protocol designed for streaming media over the internet
19
Q
What does RTSP do?
A
Controls playback of audio/video streams
20
Q
What is Real-time transport protocol (RTP)?
A
Handles the actual transmission of real-time media
21
Q
How does RTP work?
A
- Runs over UDP for low latency
- Uses sequence to detect lost packets
- Includes timestamps to synchronize audio and video
22
Q
What is the Internet?
A
- Global public network connecting devices worldwide using standardized protocols (TCP/IP)
23
Q
What does the Internet do?
A
Enables communication, information sharing, and online services
24
Q
What are Security Risks associated with the Internet?
A
- Lack of content control
- Privacy concern
- Vulnerable to hacking and malware
25
What is Intranet?
A private network that is restricted to an organisation's employees.
26
What does Intranet do?
Share information, resources and tools within the organisation
27
What are the properties of Intranet?
- Accessible only by authorised personnel
- Can host internal websites , forums and communication tools
- Secure, isolated from public internet threats
28
What is Extranet?
- A private network that extends certain services or access to external partners, clients, or suppliers
29
What are the properties of Extranet?
- Provides controlled access to specific resources and information
- Accessible to external parties with restricted permissions
- Often used for collaboration between different organizations
30
How is intranet and Extranet kept secure?
- Access Controls
- Encryption
- Firewalls and VPNs
31
How does a firewall work?
If the packet matches an allowed rule, it is forwarded. If not, it is blocked
E.g.
- Allows traffic from trusted IP addresses
- Block all incoming traffic on port 80
32
What is a Virtual private Network (VPN)?
Creates a secure connection between a user and the internet, protecting data from external threats
33
How does a VPN work?
- The user connects to a VPN service
- The VPN client encrypts data before it leaves the device
- Data is sent through a secure tunnel to the VPN server
- The VPN server decrypts the data and forwards it to the destination
- Response from the destination is encrypted and sent back to the user via the same secure tunnel
34
Why is a VPN used?
- Security
- Privacy
- Bypass geo-restrictions and censorship
- Secure remote access
35
What are the limitations of VPNs?
- Performance Issues
- Complexity and Management
- Security risks (No end-to-end encryption)
36
What are types of VPN protocols?
- Point-to-Point Tunnelling Protocol (PPTP): Old, faster, less secure
- Layer 2 Tunnelling Protocol with IPsec (L2TP/IPSec): More secure, common
- Internet Key Exchange version 2 (IKEv2/IPSec): Very fast, secure, ideal for mobiles
37
What is WiFi?
Wireless Fidelity is essentially the wireless alternative to Ethernet
38
What is the speed of Wi-Fi?
Slow (up to 9.6 Gbps)
39
How does WiFi work?
- Access point that connect to the wired network
- AP transmits radio signals in a specific frequency range (2.4 or 5 GHz)
- Client devices associate with the AP and receive these signals
- Service Set Identifier (SSID) to identify a network
40
What are the qualities of the 2.4GHz frequency?
- Slow
-Long
- High Interference
- Used in large areas/walls
41
What are the qualities of the 5GHz frequency?
- Fast
- Short
- Low
- Used for high speeds and short range
42
What type of protocols does Wi-Fi use?
It uses the IEEE 802.11 suite of protocols
43
What factors affect Wi-Fi performance?
- Signal Strength
- Interference
- Network congestions
44
What techniques enhance the performance of Wi-Fi?
- MIMO
- Beamforming
- Channel bonding
- Quality of service
45
What challenges are there to Wireless Networks?
- Rely on shared communication channels
- Devices can't always sense each other's transmissions
- Devices can't transmit and receive at the same time
46
What is hidden node?
A situation where two devices can't detect each other's signals but are both communicating with the same access point, leading to collisions
47
How can hidden node be solved?
Request to Send/Clear to Send (RTS/CTS)
48
How does RTS and CTS work?
- Device A sends an RTS to the access point
- The access point replies with CTS if the channel is free
- Device A transmits data, while other devices wait
49
What is CSMA/CA?
Listens to the channel and waits for it to be idle before transmitting; uses ACKs to confirm receipt
50
How does CSMA/CA work?
- Carrier sense (listen before transmitting)
- If busy, wait
- If free, send data
- RTS and CTS
- Acknowledgement (ACK)
51
What is exposed node?
A situation where a device incorrectly assumes the channel is busy and unnecessarily delays transmission
52
Why is wifi security necessary?
- Wireless is inherently less secure than wired connection
- Risk of unauthorised access with wireless networks
53
What is Eavesdropping?
When an attacker secretly listens to a network communication and tries to intercept sensitive data from the two parties, form of passive attack
54
What is Man in the Middle?
An active attack as the attacker changes the communication between the two parties and modifies the data without the knowledge of the sender or receiver
55
What is a deauthentication attack?
Forces Wi-Fi devices to disconnect from a network
56
What is the Evil twin attack?
An attack creates a fake wifi network that looks identical to a legitimate and tricks the user into connecting to it
57
What is Wired Equivalent Privacy (WEP)?
- First security protocol for 802.11 wireless networks (1997)
- Intended to provide data confidentiality comparable to a wired network
58
How does WEP work?
- Pre-Shared Key (PSK) manually set on both the Wi-Fi router and the client device (40-bit)
- 24-bit initialisation vector (used to add randomness to the encryption process)
- Sent alongside Plaintext
- Uses RC4 (Rivest Cipher 4) stream cipher to encrypt data
- Sent through a XOR gate
- Receiver does the same in reverse
- Uses a Integrity Check Value (ICV)
59
How is WEP insecure?
- RC4 encryption is weak
- IV is too short (24-bit) and sent in plaintext along packet
- Static pre-shared key
- Weak integrity check
60
What is Wi-Fi Protected Access (WPA)
- An intermediate solution to the weakness of WEP
61
How does WPA differ from WEP?
- Temporary key derived from Pre-Shared Key (PSK) using the Temporal Key Integrity Protocol (TKIP)
- RC4 kept for backwards compatibility
- Key length: 128 bits
- IV extended to 48-bits
61
What are the vulnerabilities of WPA PSK?
- Still based on RC4 encryption which is weak
- Vulnerable to brute-force attacks and dictionary attacks due to reliance on shared password
62
What is Wi-Fi Protected Access II (WPA2)
- Successor to WPA
- Authenticated encryption using AES (Advanced Encryption Standard) with CCMP instead of RC4
63
What is Key Reinstallation Attack (KRACK)?
- Vulnerability discovered in WPA and WPA2
- Attackers force a device to reinstall an already used key, leading to the decryption of data or injection of malicious traffic
64
What is Kr00k?
- A vulnerability in Wi-Fi devices affection WPA2 encryption
- Allows an attack to decrypt data packets
65
What is Wi-FI Protected Access 3 (WPA3)?
- Successor to WPA2
- Still uses AES
- PSK replaced with SAE (Simultaneous Authentication of Equals)
66
What is Wi-Fi Protected Setup (WPS)?
- Intended to make it easier to connect to a WPA-protected network
- User enters an 8-digit pin or presses a button for access point for initial connection
- Pin can be brute forced
- Recommended to disable
67
What is Internet Protocol Security (IPsec)?
It is designed to secure communications over IP networks by providing encryption, authentication, and data integrity
68
Why is IPsec necessary?
- Lack of encryption
- No data integrity
- Lack of authentication
69
How does IPsec?
It has 3 parts
- Authentication Header (AH)
- Encapsulating Security Payload (ESP)
- Internet Key Exchange (IKE)
70
What is an Authentication Header?
Attaches a cryptographic hash (HMAC, Hash-based Message Authentication Code), built from a shared secret key and a has function, to the packet
- Provides data integrity and authentication
- Does not encrypt data
71
What is Encapsulating Security Payload (ESP)?
Encapsulates the original data within a secure header, and encrypts it (AES)
- Integrity and authentication are verified through hashes and cryptographic signatures
- Provides encryption for confidentiality
- Can be used with or without encryption depending on configuration
72
What is Internet Key Exchange (IKE)?
Securely establishes authentication and key exchange between two devices, creating Security Associations (SAs) to enable encrypted communication
- Ensures the confidentiality, integrity and authenticity of the connection
73
How does IPsec work in Transport mode?
- Only the payload (data) is encrypted/authenticated
- The original IP header remains intact and visible
74
How does IPsec work in Tunnel mode?
- Entire original IP packet (header + payload) is encapsulated and encrypted/authenticated
75
What are the downsides of IPsec?
- Performance overhead
- Requires complex setup and configuration
- Incompatibility issues may arise with some network devices if not configured properly
76
What is Domain Name System Security Extensions (DNSSEC)?
A set of security protocols designed to add integrity and authenticity to the DNS
77
Why do we need DNSSEC?
DNS provides no authenticity or integrity
78
How does DNSSEC work?
Uses a public-key cryptography to digitally sign DNS records
RRSIG (Resource Record Signature) - Digital Signature for a DNS record set
DNSKEY (DNS Key) - public key used for verification
79
Why does DNNSEC work?
It relies on 3 properties using digital signatures:
- Authenticity
- Data Integrity
- Nonexistence Proof
80
What are the downsides of DNSSEC?
- No confidentiality (Can be solved by DNS over TLS (DoT) and DNS over HTTPS (DoH))
- Performance overhead
