Ch.14 - Networking Technology Basics Flashcards

1
Q

3 Basic components in every computer

A
  1. Central Processing Unit: Math calculations with assistance of ALU and RAM
  2. Input/Output: Used to transmit data from CPU for processing (peripheral devices used)
  3. Data Storage: May be fixed in semi-permanent location or removable (ex: hard disk)
  • Multiprocessor computers and computers based on multicore CPUs are designed to deal with
    the demands of process-intensive applications
    o Multiprocessor systems can perform high-security processing with a separation of duties
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Shell

A

UI – command-line or graphical interface

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Determining best computer class

A

Variety of size/prices/processing power/throughput/data storage

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Supercomputers

A

Designed for intense scientific calculations - Nuclear

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Mainframe computers

A

Large/scalable, general-purpose systems to supp big volumes of data

o Multithreading: Execute in parallel to minimize idle time in processor

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Midrange computers

A

To be operated by individual deps or smaller orgs

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Microcomputers

A

PC, notebook, PDA, designed for individual users

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

RAID

A

Redundant Array of Inexpensive Disks or Redundant Array of Independent Disks (view RAID table for different levels)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Protocol

A

Standard procedures/rules to organize comm process (AKA computer port)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Open Systems Interconnect (OSI) Model

A

▪ Application Layer: Interacts with end users through programs interacting within a network
▪ Presentation Layer: Coding of data (file formats and character representations – encryptions)
▪ Session Layer: Maintains comm sessions between computers ((dis)connect)
▪ Transport Layer: Breaks data into packets and properly transmit it over the network
▪ Network Layer: Logical implementation of network (logical addressing takes form of IP address)
▪ Data Link Layer: Transmit/receive info on computers connected to LAN (uses MAC addresses)
▪ Physical Layer: Physical operation of network - Translates binary 1/0 of computer language for T

View OSI Figures

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Network routing

A

Process of directing traffic
to the intended destination.

Data will travel on the network on
predetermined routes to reach their
destinations. Same as driving on the
highway. Can only change it manually by
network admins.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

OSI communication between systems

A

Users make a request in their app software on layer 7. It passes through each layer and transform the request into a series of electrical signals.

The packet is routed to its intended destination computer.

Layer 1 of the other computer receives the signal and passes through each of the layers again.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Routers

A

Forward data traffic when necessary and insulate users on other subnets

  • Router ignores traffic on same subnet (LAN1 to LAN 1)
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Border routers

A

Subject to direct attack from an outside source.

  • When you configure router, determine whether it’s lone point of defense or part of a multilayered defense (multi is better as lone is subject to attack itself)
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Internal routers

A

Provide enhanced features to your internal networks

- Can keep traffic out of a subnet and keep traffic in a subnet (more confidential/ no crossover)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Ethernet Networks

A

Defines the way that computers communicate on the network
- Governs both the Physical (Layer 1) and Data Link layers (Layer 2)
- Defines how computers use MAC addresses to communicate on network
o Ethernet has become the most common LAN technology in use

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

Bus Topology

A

Daisy-chained connection, meaning single coaxial cable passing through connector on back of each computer on network (ties all systems together - if it breaks, everything breaks).

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

Star Topology

A

Each computer has a dedicated cable connection running to network hub/switch. Offers cable redundancy ensuring computers’ network are not interconnected.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

Ring Topology

A

Each LAN computer is connected to a media access unit (MAU). Each MAU is connected to an upstream MAU and downstream MAU to form a backbone loop. Network traffic is bidirectional.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

Meshed Network

A

Series of point-to-point connections between critical backbone connections. Routers determine which link to use based on predefined routing criteria (admin does this).

  • Full Mesh: Has alternate connections for every major backbone point on network
  • Partial Mesh: Only has for most critical links
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

Coaxial Cable

A

Have mesh shielding to prevent electrical interference (old)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

Unshielded Twisted-Pair (UTP) Cable*

A

Wire doesn’t have protection from electrical interference. Pairs are twisted to reduce electromagnetic interference (EMI)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

Fiber Optic Cable

A

LED used to flash signals through glass strands. Commonly used for backbone connections and long-haul installations (dense wave multiplexing)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

Hubs

A

Electrical connection box amplifying and retiming electrical signals for transmission
• Contain number of plugs (or ports) to connect Ethernet cables for different network systems
• Receive packets and automatically retransmit those packets to all the other ports (shared)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
Q

Switches

A

Separate traffic between ports to create appearance of private comms line
• Perform intelligent filtering – capable of running logic programs
• “Know” the MAC address of the system connected to each port
• When they receive a packet on the network, they look at the destination MAC address and send the packet only to the port where the destination system resides

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
26
Q

Virtual LANs (VLANS)

A

To divide users by simulating one subnet for all target computers

  • Any broadcast domain that is isolated from other domains
  • Collection of logically related network devices that are viewed as a partitioned network segment
  • Used to isolate logical groups of devices to reduce network traffic and increase security
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
27
Q

Domain Name System (DNS)

A

The how you end up reaching a website without knowing its IP address
- DNS servers are layer of 7 software app containing list of alias names and their IP addresses

Lack of security

Network productivity shut down if DNS server is lost/attacked

Risk of fake DNS updates

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
28
Q

Dynamic Host Configuration Protocol (DHCP)

A

Automatically configure IP address, subnet mask and DNS settings on computer

  • Used within network to simplify configuration of each user’s computer
  • DHCP server needs to be located on same subnet to hear computer making DHCP requests
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
29
Q

LAN (Local Area Network)

A

▪ Systems on the same LAN do not protect themselves from each other
▪ Good security is important

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
30
Q

WAN (Wide Area Network)

A

▪ The Internet is an open network
▪ Can’t guarantee privacy
▪ Consider the security issues surrounding the use of an open network
▪ Develop your own private WAN

31
Q

WAN connectivity options

A
  • Cable modem
  • Digital subscriber line (DSL) – Integrated Services Digital Network/Dense Wave Multiplexing
  • Fiber optics
  • Satellite
  • Dial-up
  • Cellular 3G and 4G networks
32
Q

Transmission Control Protocol (TCP)/Internet Protocol (IP)

A

▪ Suite of protocols operating both Network and Transport layers of OSI Reference Model
▪ Governs all activity across Internet and through most corporate and home networks
▪ Developed by the DoD to provide a highly reliable and fault-tolerant network infrastructure
(security was not a focus)

TCP results in higher latency. UDP is designed for faster data transmission.
TCP guarantees data delivery by prioritizing data integrity, completeness, and reliability.

33
Q

IPv4 addresses

A

o Four-byte (32-bit) addresses that uniquely identify every device on the network
o Still the most common

34
Q

IPv6 addresses

A

o Are 128 bits long
o Provide more unique device addresses
o Are more secure

35
Q

Network port

A

Number that tells a receiving device where to send messages it receives

36
Q

Dial-in access to the network

A
  1. Individual Modems: Can be connected to computer on network
    a. Bypass majority of network security controls (hackers love these)
  2. Network Access Server (NAS): Have special monitoring and security protocols
    a. Remote connection attached to one of routers which allows Separation of Duties

(see Table: Networking Equipment)

37
Q

Telephone Circuits

A

Telephone companies provide what client can afford

38
Q

Dedicated Telephone Circuits

A

Billed by locations wit actual usage billed by distance

Examples: POTS/ISDN/DSL/T1/T3

39
Q

Wireless Access Solutions: Requires antenna systems – transmitting/receiving capabilities

A
  • Wi-Fi Radio: Uses layer 1 transmitter/receiver to support signal range up to 1,500 feet
  • Station (STA): Wireless device on end of network (PDA, laptop/ mobile phone)
  • Access Point (AP): Wireless transmitter/receiver providing network services (300 feet)
  • Cell: Individual AP broadcast range/ Multiple cells are linked together to increase range
  • Satellite Radio: Signal bounced off a low-orbit satellite in space (huge service area)
  • Microwave: Used in short-distances runes across cities/mountain range (old)
  • Laser: Alternative to microwaves (need to have unobstructed aerial space)
40
Q

Wireless RFID System

A

Radio Frequency Identification
- Tiny tag containing silicon chips and antennas enabling tag to be detected by scanners
o To protect inventory at first

41
Q

Wireless Networks - Wireless Access Points (WAPs)

A

Connection between wired and wireless network

  • Fences don’t stop wireless signals
  • Anyone within range of wireless network can capture data sent on network if not encrypted
42
Q

Network Access Control

A
  • Enable you to add more security requirements before allowing a device to connect to network
  • Perform authentication and posture checking
  • IEEE 802.1x standard
43
Q

Wireless Network Security Controls

A
VPN over Wireless
- Wireless encryption
o WEP (insecure and flawed)
o Counter Mode Cipher Block Chaining Message Authentication Code Protocol
o Wi-Fi Protected Access (WPA)
- SSID broadcast
- MAC address filtering
44
Q

Point-to-Point Tunneling Protocol (PPTP)

A

Easy to set up on client computers because most operating systems include PPTP support

45
Q

Secure Sockets Layer (SSL)

A

Encrypts web communications, and many VPNs use SSL to provide encrypted communication. Users connect to an SSL-protected webpage and log on.

46
Q

Internet Protocol Security (IPSec)

A

Suite of protocols designed to connect sites securely. Many organizations use IPSec to connect one site to another securely over the Internet (easy configuration)

47
Q

Additional wireless security techniques

A

Antenna types: Wireless device antennas can have large impact on the device’s area of coverage. Antennas can transmit/receive in different ways: omnidirectional semi-directional, highly directional.

Antenna placement: place the antennas to provide coverage that you want, and not for anyone else.

Power-level controls: Able to change power a wireless from the configuration settings. Lowering power
settings from default will reduce area the device covers (limit visibility on network)

Captive portals: Webpage that is displayed for all new connections. Wireless device can redirect all
traffic to the captive portal until the connection is authenticated.

Site surveys: Examine physical area you want to serve with wireless network.

48
Q

SaaS

A

Users rely on someone else’s server to process their data (third-party)

49
Q

Advantages of SaaS

A

o Lower initial cost: Vendor provides infrastructure
o Instant Scalability: Expand/upgrade for more money
o Security: Expand/upgrade for more money
o Cheaper Support: Use portion of service as needed

50
Q

Disadvantages of SaaS

A

o Expenses: Costly as processing volume increases (pay-as-you-go)
o Control of Data: Vendor has control over subscriber data
o Liability: Vendor usually not liable for consequential losses

51
Q

Cloud Computing

A

Processing data across Internet on remote server operated by vendor

52
Q

Private Cloud Services

A

Org leases exclusive use of servers and communication equipment. Subs select authorized users and specifies operating rules (confidentiality, protection)

53
Q

Public Cloud Services

A

Subs pay fee or get free starter usage (Google docs, LinkedIn, Twitter, FB). Subs don’t know how data is stored/accessed/used (no confidentiality, save money)

54
Q

Cooperative Cloud Services

A

Professional associations and community group have own private label

55
Q

Hybrid Cloud Services

A

Popular with subs believing they are circumventing cost of using own IT dep

56
Q

Syslog

A

Sends audit log msg to centralized server for aggregation of event logs/alerts

  • Excellent tool to aid monitoring efforts of sys admins
  • Good: Audit logs automatically transmitted to another server for safe storage
  • Bad: Doesn’t contain message authentication – no integrity
57
Q

Automated Cable Tester

A

Check variety of conditions – recommended length, signal strength, transmission cross talk, electrical noise interference, electrical pin connections

58
Q

Protocol Analyzer

A

Packet sniffer – record/analyze network transmissions

59
Q

Simple Network Management Protocol (SNMP)

A

Monitor network devices – servers, routers, gateways,
hubs, workstations (weak mechanism and relies on simple passwords)
- Read: Monitor a device with notification of possible error conditions
- Write: Reconfigure limited system parameters
- Use SNMP to reboot or shut down the network device

60
Q

Remote Monitoring Protocol Version 2 (RMON2)

A

Offers data beyond basic network health. Ability to monitor all seven layers of OSI model

61
Q

Internet control message Protocol (ICMP)

A

Management and control protocol for IP
• Delivers messages between hosts about health of network
o Ping sends a single packet to a target IP address (ICMP echo request)
o Traceroute uses ICMP echo request packets to identify path of packets on network

62
Q

Network Security Risks

A

▪ Reconnaissance
o Act of gathering information about network for use in future attack
▪ Eavesdropping
o When attacker taps data cable to see all data passing through it
▪ Denial of service (DoS)
o Flooding network with traffic and shutting down a single point of failure
▪ Distributed DoS (DDoS)
o Uses multiple compromised systems to flood network from many different directions
▪ Telephony denial of service (TDoS)
o Attempts to prevent telephone calls from being successfully initiated or received

63
Q

Firewalls

A

Controls flow of traffic by preventing unauthorized network traffic from entering or leaving a particular portion of the network

64
Q

Firewall Security Features

A

▪ Flood guard: Rules can limit traffic bandwidth from hosts, reducing ability to flood network
▪ Loop protection: Firewalls can look at message addresses to determine whether a message is being sent around an unending loop (for example, from another form of flooding)
▪ Network separation: Filtering rules enforce divisions between networks, keeping traffic from moving from one network to another

65
Q

Firewall Types

A

Packet filtering
Stateful inspection
Application proxy

66
Q

Packet filtering

A

Compares received traffic with set of rules defining which traffic it will permit to pass
- Makes decision for each packet and has no memory of packets it has encountered in the past

67
Q

Stateful inspection

A

Remembers information about status of a network communication until closed

68
Q

Application proxy

A

Opens separate connections with each of the two communicating systems and then acts as a broker (or proxy) between the two (can analyze info – more protection)

69
Q

Firewall-Deployment techniques

A
  • Border firewalls
  • Separates the protected network from the Internet
  • Screened subnet (or DMZ) firewalls
  • Multilayered firewalls
70
Q

Unified threat management (UTM)

A

• URL filter: Filters web traffic by examining the URL as opposed to the IP address
• Content inspection: Device looks at some or all network packet content to determine if the packet should be allowed to pass
• Malware inspection: Specialized form of content inspection, the device looks at packet content
for signs of malware

71
Q

URL filter

A

Filters web traffic by examining the URL as opposed to the IP address

72
Q

Content inspection

A

Device looks at some or all network packet content to determine if the packet should be allowed to pass

73
Q

Malware inspection

A

Specialized form of content inspection, the device looks at packet content for signs of malware