Ch11 Flashcards
LDAP secure communication occurs over port
TCP 636
LDAPS secure communication to a global catalog server occurs over port
TCP 3269
LDAP unsecure port for communication is
TCP 389
Layer 1 - Physical
EIA/TIA-232 EIA/TIA-449 X.21 HSSI SONET V.24 V.35
Layer 2 - Data Link
SLIP, PPP, ARP, RARP, L2F, L2TP, PPTP, FDDI, ISDN
Layer 3 - Network
ICMP, RIP, OSPF, BGP, IGMP, IP, IPSec, IPX, NAT, SKIP
Layer 4 - Transport
SPX, SSL, TLS, TCP, and UDP
Layer 5 - Session
NFS, SQL, and RPC
Layer 6 - Presentation
ASCII, EBCDICM, TIFF, JPEG, MPEG, MIDI & SSL
Layer 7 - Application
HTTP, FTP, LPD, SMTP, Telnet, TFTP, EDI, POP3, IMAP, SNMP, NNTP, S-RPC, and SET
which OSI layer manages the simplex and duplex modes of comunication
Layer 5 Session
What are the 4 TCP/IP Layers and what layers of the OSI model do they correspond to
Application - Layers 5,6,7
Transport - Layer 4
Internet - Layer 3
Link - Layers 1 & 2
what is the name of the wireless attack on bluetooth and what device is most commonly associated with this attack
Bluejacking - cell phone
What are the IEEE 802.xx wireless standards
Ethernet - 802.3 Token Ring - 802.5 Wireless 802.11 Wireless Personal Area Network 802.15 - 802.15.1 Blutooth - 802.15.4 Zigbee Wireless Metropolis Area Network 802.16 Wireless Broadband 802.20 Wireless Regional Area Network 802.22
examining data from a message header. Usually, the rules are concerned with source, destination,
and port addresses. firewall is unable to provide user authentication or to tell whether a packet originated from inside or outside the private network, and it is easily fooled with spoofed packets.
static packet filtering firewall - works on layer 3 of osi
type of firewall that filters traffc based on the Internet service used to transmit or receive the data
application or proxy firewall - works layer 7 osi
type of firewall used to establish communication sessions between trusted partners
circuit gateway firewall - works on layer 5 of OSI
type of firewall used evaluates the state or the context of network traffic. By examining source and destination addresses, application usage, source of origin, and relationship between current packets and the previous packets of the same session
dynamic or stateful inspection firewall
Coax & UTP Cable Category/Throughput/Length
Cat1 voice only usable by modems only
Cat2 4Mbps host to term on mainframes
Cat3 10Mbps 10BaseT Ethernet 300ft
Cat4 16Mbps TokenRing 300ft
Cat5 100Mbps 100BaseTX, FDDI & ATM 300ft
Cat6 1 Gbps on high speed networks
Cat7 10 Gbps on 10 Gb networks
10Base2 10Mbps 550ft
10Base5 10Mbps 1500ft
rule that defines the number of repeaters/concentrators and segments that can be used in a network design.
5-4-3 rule - rule does not apply to switched networks or the use of bridges or routers
you are unlikely to obtain true end-to-end protection from a communications service provider
due to CALEA law which allows wiretapping by law enforcement
what are the mechanisms used to support TCP/
IP communications between mobile phones and the Internet are based on 3G and 4G technologies
WAP, GSM, EDGE, HPDSA, and LTE)
what attack allows hackers to connect with your Bluetooth devices without your knowledge and extract information from them
blue-snarfing
what attack that grants hackers remote control over the feature and functions of a Bluetooth device
blue bugging
what is used to eavesdrop on conversations that are on 900Mhz, 2 & 5Ghz such as baby monitors and codeless phones
frequency scanner
high-speed token-passing technology that employs
two rings with traffc flowing in opposite directions
FDDI Fiber Distributed Data Interface
continuous signal that varies in frequency,
amplitude, phase, voltage, and so on. The variances in the continuous signal produce a wave shape
Analog Communication signal
use of a discontinuous electrical signal and a state change or on-off pulses
Digital Communications signal
rely on a timing or clocking mechanism embedded in the data stream; typically able to support very high rates of data transfer
Synchronous communications
rely on a stop and start delimiter bit to manage the
transmission of data; best suited for smaller amounts of
data.
Asynchronous communication
Public switched telephone network (PSTN) modems are good examples of asynchronous communication devices.
can support only a single communication channel; digital signal and give examples
Baseband technology
Ethernet
can support multiple simultaneous signals; frequency modulation to support numerous channels; high throughput rates; analog signal. and give examples
Broadband technology
T1, T3, ISDN, DSL
communications to all possible recipients
Broadcast
communications to multiple specific recipients
Multicast
communication to a specific recipient
Unicast
- The host listens to the LAN media to determine whether it is in use.
- If the LAN media is not being used, the host transmits its communication.
- The host waits for an acknowledgment.
- If no acknowledgment is received after a time-out period, the host starts over at step 1
Carrier-Sense Multiple Access (CSMA)
- The host has two connections to the LAN media: inbound and outbound. The host
listens on the inbound connection to determine whether the LAN media is in use. - If the LAN media is not being used, the host requests permission to transmit.
- If permission is not granted after a time-out period, the host starts over at step 1.
- If permission is granted, the host transmits its communication over the outbound connection.
- The host waits for an acknowledgment.
- If no acknowledgment is received after a time-out period, the host starts over at step 1.
Carrier-Sense Multiple Access with Collision Avoidance (CSMA/CA)
examples of networks that employ CSMA/CA technologies
AppleTalk and 802.11 wireless
- The host listens to the LAN media to determine whether it is in use.
- If the LAN media is not being used, the host transmits its communication.
- While transmitting, the host listens for collisions (in other words, two or more hosts transmitting simultaneously).
- If a collision is detected, the host transmits a jam signal.
- If a jam signal is received, all hosts stop transmitting. Each host waits a random period of time and then starts over at step 1.
Carrier-Sense Multiple Access with Collision Detection (CSMA/CD)
LAN media access technology that performs communications using a master-slave configuration Synchronous Data Link Control (SDLC) uses this
Polling
What the four data names within th OSI model and what layers are they at
Layer 1 - bit Layer 2 - frame Layer 3 - packet Layer 4 - segment/datagram Layers 5-7 data stream
Windows sharing protocol of Server Message Block (SMB), which
is also known as
Common Internet File System (CIFS)
non-IP protocols are rare, most firewalls are unable to perform packet header, address, or payload content fltering on those protocols. Thus, when it comes to nonIP protocols, a firewall typically must either block all or allow
true
routing protocols maintain a list of destination networks along with
metrics of direction and distance as measured in hops
Routing Information Protocol (RIP), Interior Gateway Routing Protocol (IGRP), and Border Gateway Protocol (BGP)
Distance Vector
routing protocols maintain a topography map of all connected networks and use this map to determine the shortest path to the destination example Open Shortest Path First (OSPF).
Link State
Common ICMP type field values
0=Echo Reply 3=Destination unreachable 5=Redirect 8=Echo Request 9=Router Advertisement 10=Router Solicitation 11=Time Exceeded
attacker inserts bogus information into the ARP cache
ARP Cache poisoning
TCP port 23
telnet
TCP port 20 & 21
FTP
UDP port 69
TFTP
TCP port 25
SMTP
TCP port 110
POP3
TCP port 143
IMAP
UDP port 67
BootP/DHCP server point to point response
UDP port 68
BootP/DHCP client request broadcast
TCP port 80
HTTP
TCP port 443
SSL
TCP port 515
LPD Line Print Daemon
TCP ports 6000-6063
X Windows - GUI AP for command line operating systems
TCP port 2049
NFS - Network File System for file sharing for dissimilar systems
UDP port 161
SNMP - collect network health information
UDP port 162
SNMP - trap messages
primarily used in the electric and water utility and management industries. It is used to support communications between data
acquisition systems and the system control equipment. This includes substation computers, RTUs (remote terminal units) (devices controlled by an embedded microprocessor), IEDs (Intelligent Electronic Devices), and SCADA master stations (i.e., control centers).
DNP3 - Distributed Network Protocol
open and public standard, multilayer protocol that functions similarly to that of TCP/IP, in that it has link, transport, and transportation layers.
DNP3 - Distributed Network Protocol
merging of specialty or proprietary protocols with standard
protocols, such as those from the TCP/IP suite. the ability to use existing TCP/IP supporting network infrastructure to host special or
proprietary services without the need for unique deployments of alternate networking hardware
Converged protocols
a form of network data-storage solution (storage area network [SAN]) or network-attached storage [NAS]) that allows for high-speed file transfers at upward of 16 Gbps. requires its own dedicated infrastructure (separate cables)
Fibre Channel
can be used to support fiber communication over the existing network infrastructure. used to encapsulate communications over Ethernet networks. It typically requires 10 Gbps Ethernet in order to support the fiber channel protocol
Fibre Channel over Ethernet (FCoE)
high-throughput high-performance network technology that directs data across a network based on short path labels rather than longer network addresses; network is not limited to TCP/IP and compatible protocols. Thisenables the use of many other networking technologies, including T1/E1, ATM, Frame Relay, SONET, and DSL.
MPLS (Multiprotocol Label Switching)
networking storage standard based on IP; Low cost alternative to Fibre Channel
Internet Small Computer System Interface (iSCSI)
Another name for network virtualization. It allows
data transmission paths, communication decision trees, and flow control to be virtualized in the control layer rather than being handled on the hardware on a per-device basis; No longer required to have only one vendor for networking equipment
SDN - Software Defined Networking
a collection of resource services deployed in numerous data centers across the Internet in order to provide low latency, high performance, and high availability of the hosted content
CDN - Content Distributed Network
most widely recognized P2P CDN
BitTorrent
802.11 wireless amendments (versions) and speed of each
- 11 2Mb
- 11a 54Mb
- 11b 11Mb
- 11g 54Mb
- 11n 200+Mb
- 11ac 1Gbps
when the wireless access point acts as a connection point to link the wireless clients to the wired network
Wired Extension mode
when multiple wireless access points (WAPs) are used to connect a large physical area to the same wired network
enterprise extended mode
how many wireless channels are in the US? Europe? Japan?
11, 13, 17
similar in structure to that of traditional roof TV antennas. antennas are crafted from a straight bar with cross sections to catch specifc radio frequencies in the direction of the main bar
Yagi antenna
constructed from tubes with one sealed end. They focus along the direction of the open end of the tube. Some of the first of these antennas were crafted from Pringles cans.
cantennas
constructed from tubes with one sealed end. They focus along the direction of the open end of the tube. Some of the first of these antennas were crafted from Pringles cans.
cantennas antenna
used to focus signals from very long distances or weak sources
parabolic antenna
other names for omni directional antenna
base antenna or rubber duck antenna
What are three benefits to network segmentation
- boost performance
- reduce communications problems
- increase security
what technology is associated with cell phones accessing the internet rather than the 802.11 wireless networking
Wireless Application Protocol (WAP)
alternative to WEP; It is based on the LEAP and TKIP cryptosystem and employs a secret passphrase
Wi-Fi Protected Access (WPA)
known as the Counter Mode with Cipher Block Chaining Message Authentication Code Protocol (CCMP), which is based on
the AES encryption scheme.
WPA2
authentication framework allows for new authentication technologies to be compatible with existing wireless or point-to-point connection technologies
EAP - Extensible Authentication Protocol
encapsulates EAP methods within a TLS tunnel that provides authentication and potentially encryption
PEAP (Protected Extensible Authentication Protocol)
Cisco proprietary alternative to TKIP for WPA
LEAP (Lightweight Extensible Authentication Protocol)
designed as the replacement for WEP without requiring replacement of legacy wireless hardware
TKIP (Temporal Key Integrity Protocol)
authentication technique that redirects a newly connected wireless web client to a access control page
captive portal
what frequency division multiplexing offers high throughput with the least interference.
Orthogonal Frequency‐Division Multiplexing (OFDM)
portable devices use a cell phone carrier’s network to establish communication links with the Internet
Wireless Application Protocol
provides security connectivity services similar to those of SSL or TLS for cell phones
Wireless Transport Layer Security
What are Common private circuit technologies include dedicated
or leased lines
PPP, SLIP, ISDN, and DSL connections.
What are packet-switching technologies
X.25, Frame Relay, asynchronous transfer mode (ATM), Synchronous Data Link Control (SDLC), and High-Level Data Link Control (HDLC), SMDS & HSSI
