Ch.14 - Networking Technology Basics

Question 1

3 Basic components in every computer

Answer 1

1. Central Processing Unit: Math calculations with assistance of ALU and RAM
2. Input/Output: Used to transmit data from CPU for processing (peripheral devices used)
3. Data Storage: May be fixed in semi-permanent location or removable (ex: hard disk)

• Multiprocessor computers and computers based on multicore CPUs are designed to deal with
  the demands of process-intensive applications
  o Multiprocessor systems can perform high-security processing with a separation of duties

Question 2

Shell

Answer 2

UI – command-line or graphical interface

Question 3

Determining best computer class

Answer 3

Variety of size/prices/processing power/throughput/data storage

Question 4

Supercomputers

Answer 4

Designed for intense scientific calculations - Nuclear

Question 5

Mainframe computers

Answer 5

Large/scalable, general-purpose systems to supp big volumes of data

o Multithreading: Execute in parallel to minimize idle time in processor

Question 6

Midrange computers

Answer 6

To be operated by individual deps or smaller orgs

Question 7

Microcomputers

Answer 7

PC, notebook, PDA, designed for individual users

Question 8

RAID

Answer 8

Redundant Array of Inexpensive Disks or Redundant Array of Independent Disks (view RAID table for different levels)

Question 9

Protocol

Answer 9

Standard procedures/rules to organize comm process (AKA computer port)

Question 10

Open Systems Interconnect (OSI) Model

Answer 10

▪ Application Layer: Interacts with end users through programs interacting within a network
▪ Presentation Layer: Coding of data (file formats and character representations – encryptions)
▪ Session Layer: Maintains comm sessions between computers ((dis)connect)
▪ Transport Layer: Breaks data into packets and properly transmit it over the network
▪ Network Layer: Logical implementation of network (logical addressing takes form of IP address)
▪ Data Link Layer: Transmit/receive info on computers connected to LAN (uses MAC addresses)
▪ Physical Layer: Physical operation of network - Translates binary 1/0 of computer language for T

View OSI Figures

Question 11

Network routing

Answer 11

Process of directing traffic
to the intended destination.

Data will travel on the network on
predetermined routes to reach their
destinations. Same as driving on the
highway. Can only change it manually by
network admins.

Question 12

OSI communication between systems

Answer 12

Users make a request in their app software on layer 7. It passes through each layer and transform the request into a series of electrical signals.

The packet is routed to its intended destination computer.

Layer 1 of the other computer receives the signal and passes through each of the layers again.

Question 13

Routers

Answer 13

Forward data traffic when necessary and insulate users on other subnets

• Router ignores traffic on same subnet (LAN1 to LAN 1)

Question 14

Border routers

Answer 14

Subject to direct attack from an outside source.

• When you configure router, determine whether it’s lone point of defense or part of a multilayered defense (multi is better as lone is subject to attack itself)

Question 15

Internal routers

Answer 15

Provide enhanced features to your internal networks

- Can keep traffic out of a subnet and keep traffic in a subnet (more confidential/ no crossover)

Question 16

Ethernet Networks

Answer 16

Defines the way that computers communicate on the network
- Governs both the Physical (Layer 1) and Data Link layers (Layer 2)
- Defines how computers use MAC addresses to communicate on network
o Ethernet has become the most common LAN technology in use

Question 17

Bus Topology

Answer 17

Daisy-chained connection, meaning single coaxial cable passing through connector on back of each computer on network (ties all systems together - if it breaks, everything breaks).

Question 18

Star Topology

Answer 18

Each computer has a dedicated cable connection running to network hub/switch. Offers cable redundancy ensuring computers’ network are not interconnected.

Question 19

Ring Topology

Answer 19

Each LAN computer is connected to a media access unit (MAU). Each MAU is connected to an upstream MAU and downstream MAU to form a backbone loop. Network traffic is bidirectional.

Question 20

Meshed Network

Answer 20

Series of point-to-point connections between critical backbone connections. Routers determine which link to use based on predefined routing criteria (admin does this).

• Full Mesh: Has alternate connections for every major backbone point on network
• Partial Mesh: Only has for most critical links

Question 21

Coaxial Cable

Answer 21

Have mesh shielding to prevent electrical interference (old)

Question 22

Unshielded Twisted-Pair (UTP) Cable*

Answer 22

Wire doesn’t have protection from electrical interference. Pairs are twisted to reduce electromagnetic interference (EMI)

Question 23

Fiber Optic Cable

Answer 23

LED used to flash signals through glass strands. Commonly used for backbone connections and long-haul installations (dense wave multiplexing)

Question 24

Hubs

Answer 24

Electrical connection box amplifying and retiming electrical signals for transmission
• Contain number of plugs (or ports) to connect Ethernet cables for different network systems
• Receive packets and automatically retransmit those packets to all the other ports (shared)

Question 25

Switches

Answer 25

Separate traffic between ports to create appearance of private comms line
• Perform intelligent filtering – capable of running logic programs
• “Know” the MAC address of the system connected to each port
• When they receive a packet on the network, they look at the destination MAC address and send the packet only to the port where the destination system resides

Question 26

Virtual LANs (VLANS)

Answer 26

To divide users by simulating one subnet for all target computers

• Any broadcast domain that is isolated from other domains
• Collection of logically related network devices that are viewed as a partitioned network segment
• Used to isolate logical groups of devices to reduce network traffic and increase security

Question 27

Domain Name System (DNS)

Answer 27

The how you end up reaching a website without knowing its IP address
- DNS servers are layer of 7 software app containing list of alias names and their IP addresses

Lack of security

Network productivity shut down if DNS server is lost/attacked

Risk of fake DNS updates

Question 28

Dynamic Host Configuration Protocol (DHCP)

Answer 28

Automatically configure IP address, subnet mask and DNS settings on computer

• Used within network to simplify configuration of each user’s computer
• DHCP server needs to be located on same subnet to hear computer making DHCP requests

Question 29

LAN (Local Area Network)

Answer 29

▪ Systems on the same LAN do not protect themselves from each other
▪ Good security is important

Question 30

WAN (Wide Area Network)

Answer 30

▪ The Internet is an open network
▪ Can’t guarantee privacy
▪ Consider the security issues surrounding the use of an open network
▪ Develop your own private WAN

Question 31

WAN connectivity options

Answer 31

• Cable modem
• Digital subscriber line (DSL) – Integrated Services Digital Network/Dense Wave Multiplexing
• Fiber optics
• Satellite
• Dial-up
• Cellular 3G and 4G networks

Question 32

Transmission Control Protocol (TCP)/Internet Protocol (IP)

Answer 32

▪ Suite of protocols operating both Network and Transport layers of OSI Reference Model
▪ Governs all activity across Internet and through most corporate and home networks
▪ Developed by the DoD to provide a highly reliable and fault-tolerant network infrastructure
(security was not a focus)

TCP results in higher latency. UDP is designed for faster data transmission.
TCP guarantees data delivery by prioritizing data integrity, completeness, and reliability.

Question 33

IPv4 addresses

Answer 33

o Four-byte (32-bit) addresses that uniquely identify every device on the network
o Still the most common

Question 34

IPv6 addresses

Answer 34

o Are 128 bits long
o Provide more unique device addresses
o Are more secure

Question 35

Network port

Answer 35

Number that tells a receiving device where to send messages it receives

Question 36

Dial-in access to the network

Answer 36

1. Individual Modems: Can be connected to computer on network
   a. Bypass majority of network security controls (hackers love these)
2. Network Access Server (NAS): Have special monitoring and security protocols
   a. Remote connection attached to one of routers which allows Separation of Duties

(see Table: Networking Equipment)

Question 37

Telephone Circuits

Answer 37

Telephone companies provide what client can afford

Question 38

Dedicated Telephone Circuits

Answer 38

Billed by locations wit actual usage billed by distance

Examples: POTS/ISDN/DSL/T1/T3

Question 39

Wireless Access Solutions: Requires antenna systems – transmitting/receiving capabilities

Answer 39

• Wi-Fi Radio: Uses layer 1 transmitter/receiver to support signal range up to 1,500 feet
• Station (STA): Wireless device on end of network (PDA, laptop/ mobile phone)
• Access Point (AP): Wireless transmitter/receiver providing network services (300 feet)
• Cell: Individual AP broadcast range/ Multiple cells are linked together to increase range
• Satellite Radio: Signal bounced off a low-orbit satellite in space (huge service area)
• Microwave: Used in short-distances runes across cities/mountain range (old)
• Laser: Alternative to microwaves (need to have unobstructed aerial space)

Question 40

Wireless RFID System

Answer 40

Radio Frequency Identification
- Tiny tag containing silicon chips and antennas enabling tag to be detected by scanners
o To protect inventory at first

Question 41

Wireless Networks - Wireless Access Points (WAPs)

Answer 41

Connection between wired and wireless network

• Fences don’t stop wireless signals
• Anyone within range of wireless network can capture data sent on network if not encrypted

Question 42

Network Access Control

Answer 42

• Enable you to add more security requirements before allowing a device to connect to network
• Perform authentication and posture checking
• IEEE 802.1x standard

Question 43

Wireless Network Security Controls

Answer 43

VPN over Wireless
- Wireless encryption
o WEP (insecure and flawed)
o Counter Mode Cipher Block Chaining Message Authentication Code Protocol
o Wi-Fi Protected Access (WPA)
- SSID broadcast
- MAC address filtering

Question 44

Point-to-Point Tunneling Protocol (PPTP)

Answer 44

Easy to set up on client computers because most operating systems include PPTP support

Question 45

Secure Sockets Layer (SSL)

Answer 45

Encrypts web communications, and many VPNs use SSL to provide encrypted communication. Users connect to an SSL-protected webpage and log on.

Question 46

Internet Protocol Security (IPSec)

Answer 46

Suite of protocols designed to connect sites securely. Many organizations use IPSec to connect one site to another securely over the Internet (easy configuration)

Question 47

Additional wireless security techniques

Answer 47

Antenna types: Wireless device antennas can have large impact on the device’s area of coverage. Antennas can transmit/receive in different ways: omnidirectional semi-directional, highly directional.

Antenna placement: place the antennas to provide coverage that you want, and not for anyone else.

Power-level controls: Able to change power a wireless from the configuration settings. Lowering power
settings from default will reduce area the device covers (limit visibility on network)

Captive portals: Webpage that is displayed for all new connections. Wireless device can redirect all
traffic to the captive portal until the connection is authenticated.

Site surveys: Examine physical area you want to serve with wireless network.

Question 48

SaaS

Answer 48

Users rely on someone else’s server to process their data (third-party)

Question 49

Advantages of SaaS

Answer 49

o Lower initial cost: Vendor provides infrastructure
o Instant Scalability: Expand/upgrade for more money
o Security: Expand/upgrade for more money
o Cheaper Support: Use portion of service as needed

Question 50

Disadvantages of SaaS

Answer 50

o Expenses: Costly as processing volume increases (pay-as-you-go)
o Control of Data: Vendor has control over subscriber data
o Liability: Vendor usually not liable for consequential losses

Question 51

Cloud Computing

Answer 51

Processing data across Internet on remote server operated by vendor

Question 52

Private Cloud Services

Answer 52

Org leases exclusive use of servers and communication equipment. Subs select authorized users and specifies operating rules (confidentiality, protection)

Question 53

Public Cloud Services

Answer 53

Subs pay fee or get free starter usage (Google docs, LinkedIn, Twitter, FB). Subs don’t know how data is stored/accessed/used (no confidentiality, save money)

Question 54

Cooperative Cloud Services

Answer 54

Professional associations and community group have own private label

Question 55

Hybrid Cloud Services

Answer 55

Popular with subs believing they are circumventing cost of using own IT dep

Question 56

Syslog

Answer 56

Sends audit log msg to centralized server for aggregation of event logs/alerts

• Excellent tool to aid monitoring efforts of sys admins
• Good: Audit logs automatically transmitted to another server for safe storage
• Bad: Doesn’t contain message authentication – no integrity

Question 57

Automated Cable Tester

Answer 57

Check variety of conditions – recommended length, signal strength, transmission cross talk, electrical noise interference, electrical pin connections

Question 58

Protocol Analyzer

Answer 58

Packet sniffer – record/analyze network transmissions

Question 59

Simple Network Management Protocol (SNMP)

Answer 59

Monitor network devices – servers, routers, gateways,
hubs, workstations (weak mechanism and relies on simple passwords)
- Read: Monitor a device with notification of possible error conditions
- Write: Reconfigure limited system parameters
- Use SNMP to reboot or shut down the network device

Question 60

Remote Monitoring Protocol Version 2 (RMON2)

Answer 60

Offers data beyond basic network health. Ability to monitor all seven layers of OSI model

Question 61

Internet control message Protocol (ICMP)

Answer 61

Management and control protocol for IP
• Delivers messages between hosts about health of network
o Ping sends a single packet to a target IP address (ICMP echo request)
o Traceroute uses ICMP echo request packets to identify path of packets on network

Question 62

Network Security Risks

Answer 62

▪ Reconnaissance
o Act of gathering information about network for use in future attack
▪ Eavesdropping
o When attacker taps data cable to see all data passing through it
▪ Denial of service (DoS)
o Flooding network with traffic and shutting down a single point of failure
▪ Distributed DoS (DDoS)
o Uses multiple compromised systems to flood network from many different directions
▪ Telephony denial of service (TDoS)
o Attempts to prevent telephone calls from being successfully initiated or received

Question 63

Firewalls

Answer 63

Controls flow of traffic by preventing unauthorized network traffic from entering or leaving a particular portion of the network

Question 64

Firewall Security Features

Answer 64

▪ Flood guard: Rules can limit traffic bandwidth from hosts, reducing ability to flood network
▪ Loop protection: Firewalls can look at message addresses to determine whether a message is being sent around an unending loop (for example, from another form of flooding)
▪ Network separation: Filtering rules enforce divisions between networks, keeping traffic from moving from one network to another

Question 65

Firewall Types

Answer 65

Packet filtering
Stateful inspection
Application proxy

Question 66

Packet filtering

Answer 66

Compares received traffic with set of rules defining which traffic it will permit to pass
- Makes decision for each packet and has no memory of packets it has encountered in the past

Question 67

Stateful inspection

Answer 67

Remembers information about status of a network communication until closed

Question 68

Application proxy

Answer 68

Opens separate connections with each of the two communicating systems and then acts as a broker (or proxy) between the two (can analyze info – more protection)

Question 69

Firewall-Deployment techniques

Answer 69

• Border firewalls
• Separates the protected network from the Internet
• Screened subnet (or DMZ) firewalls
• Multilayered firewalls

Question 70

Unified threat management (UTM)

Answer 70

• URL filter: Filters web traffic by examining the URL as opposed to the IP address
• Content inspection: Device looks at some or all network packet content to determine if the packet should be allowed to pass
• Malware inspection: Specialized form of content inspection, the device looks at packet content
for signs of malware

Question 71

URL filter

Answer 71

Filters web traffic by examining the URL as opposed to the IP address

Question 72

Content inspection

Answer 72

Device looks at some or all network packet content to determine if the packet should be allowed to pass

Question 73

Malware inspection

Answer 73

Specialized form of content inspection, the device looks at packet content for signs of malware