Ch6 The Basic LAN Flashcards
___ filter and forward data based on MAC addresses
switches
MAC addresses are part of layer ___ of the network
2
a ___ involves splitting a Domain and assigning the parts to different ports
VLAN
switches are generally equipped with ___ guarding, which mitigate against the danger of ___
flood; bridge loops
___ Protocol was developed to prevent bridge loops, but must be enabled in the ___ interface
Spanning Tree Protocol (STP); switch
___ filter and forward data based on IP Addresses
routers
___ could also be called layer 3 switches
routers
a router is the interface between different ___
network ID’s
a router connecting a LAN to the Internet is called a ___
Gateway router
because a router assigns private IP addresses to all the devices on a LAN, it will always be running ___
Network Address Translation (NAT)
because a gateway router is interfacing with the Internet, it will have a ___
firewall
in a LAN, computers are connected to create a ___
Broadcast Domain
two or more LAN’s connected form a ___
Wide Area Network (WAN)
several LAN’s and WAN’s connected within a city form a ___
Metropolitan Area Network (MAN)
the protocol underlying both the internet and LAN’s is ___
TCP/IP
when a LAN has two routers, one facing the internet and the other interfacing the rest of the network, the space between them is called a ___
Demilitarized Zone (DMZ)
a Wireless Access Point (WAP) assigns an ___ to every device (cellphone, laptop, etc.) connected to it
Service Set Identifier (SSID)
an ___ network is completely isolated from the outside world
Air-Gapped
the foundation of most protocols, originally designed for Dial-Up connections but still used extensively is ___
Point to Point Protocol (PPP)
the ___ protocol, originally an extension to PPP that just does authentication and has several versions
Extensible Authentication Protocol (EAP)
the EAP protocol ___ hashes passwords, and is identical to Microsoft’s MSCHAP
EAP-MD5
the EAP protocol ___ uses pre-determined symmetric keys
EAP-PSK
the EAP protocol ___ requires server and client certificates, allowing it to use more modern encryption
EAP-TLS
the EAP protocol ___ uses the TLS encryption, but only the Server needs a certificate
EAP-TTLS
firewall settings can broadly be divided into ___ and ___
Stateful; Stateless
firewall settings are stored in an ___
Access Control List
in a ___ Proxy, the proxy forwards requests on behalf of the Client, and more refined filtering and caching of data is achieved
Forward
a ___ Proxy protects the Client, but requires no setup
Transparent
a ___ Proxy is situated outside the internet connection but still behind a firewall with a special VPN called an ___ leading back to the Client, allowing the Client to appear to be, for instance, in another country
Modern Forward; Encrypted Tunnel
a ___ Proxy hides and protects the Server rather than the Client
Reverse
sometimes when network intrusion is suspected a ___ will be created, emulating the server and logging all keystrokes and ports used
Honeypot
___ emulates a machine on a LAN, but if you copy a file using it the file never leaves the LAN
Remote Desktop
using a ___ you can emulate a machine on a remote LAN be assigned a IP address and copy files to your machine as if you were connected via ethernet
Virtual Private Network
a VPN connects two ___ via a ___
Endpoints; VPN Tunnel
in order to speed up internet access on a VPN, ___ is used
Split Tunneling
the earliest VPN Tunnel protocol used, which has no real encryption, was ____, and uses TCP port ___
Point to Point Tunneling Protocol (PPTP); 1723
a proprietary Cisco VPN Tunnel protocol which uses IPsec encryption is called ___ and uses UDP ports ___
Layer 2 Tunneling Protocol (L2TP); 500 & 4500
it is possible to use ___ for both VPN Tunneling and encryption, which is very fast and works particularly well with IPv6
Ipsec
a VPN protocol often used within a web browser that uses TLS encryption is called ___, and uses TCP port ___
Secure Sockets Layer/Transport Layer Security (SSL/TLS); 443
___ is an open standard protocol for VPN, which uses TCP port ___ but can easily be changed
OpenVPN; 1194
IPsec can be done either with just an ___ added to the original IP address for integrity checking (“transport mode”), or within an ___ which assignes a whole new IP address (“tunnel mode”)
Authentication Header; Encapsulating Security Payload (ESP)
IPsec uses the ___ protocol to handle initial authentication, key exchange, certificates, etc…
Internet Security Agreement Key Management Protocol (ISAKMP)
a NIPS uses 4 criteria to detect intrusions:
packet behavior/anomalies; signatures; rule-based; heuristic
NID/NIP systems use a ___ to record all network traffic, and ___ to see what’s happening on all the ports
network tap; port mirroring
when configuring NID/NIP systems, ___ are typically out of band, and ___ in band
IDS; IPS
NID/NIP systems use ___ to gather data and ___ to look for patterns
collectors; correlation engines
a ___ system collects and analyzes network traffic data
Security Information and Event Management (SIEM)
a SIEM system aggregated data using time ___, event ___ and ___ of tables
synchronization; de-duplication; normalization
data logs are maintained according to the principle of ___
Write Once Read Many (WORM)
SIEM systems report on correlations through ___ and ___
Alerts; Triggers
a honeypot would be located in the ___ of the network
DMZ
