Chapter 11

Question 1

OSI

Answer 1

Application - PDU (Protocol Data Unit)
Presentation - PDU; encryption, compression
Session - PDU; session mgmt
Transport - TCP segment or UDP datagram
Network - packet
Data Link - frame; arp
Physical - bits

Question 2

TCP/IP Layers

Answer 2

Application (L5, L6, L7)
Transport (L4)
Internet (L3)
Link (L1, L2)

Question 3

TCP Port numbers

Answer 3

Well known, service ports: 0 - 1023
Registered: 1024 - 49,151

FTP - 20/21
SSH - 22
Telnet - 23
SMTP - 25
TACACS+ - 49
DNS - 53
HTTP - 80
POP3 - 110
IMAP4 - 143
HTTPS (TLS) - 443

Question 4

UDP Port Numbers

Answer 4

DNS - 53
DHCP - 67, 68
TFTP - 69
SNMP - 161, 162
RADIUS - 1812, 1813

Question 5

Domain name

Answer 5

3 parts:
Top Level Domain
Registered
Sub-domain or Hostname

Question 6

DNS pharming

Answer 6

Redirect valid URL or IP to fake site

Question 7

Split-DNS
(split-horizon, split-view, split-brain)

Answer 7

• Internal DNS for internal users
• Public DNS for external public
• Use firewall to block requests accordingly from in to out or out to in

Question 8

Wi-fi standard - 802.11

Answer 8

Infra mode SSID types:
- ESSID (extended SSID) - name
- BSSID (base SSID) - MAC of base station

Ad-hoc mode - ISSID

Beacon frame - broadcasts SSID

Question 9

WPA2

Answer 9

128 bit AES-CCMP
WPA2-PER - Preshared key
WPA2-ENT - 802.1X/EAP (use AAA such as RADIUS, TACACS+)

Question 10

WPA3

Answer 10

AES-CCMP
WPA3-PER - SAE (dragonfly for key exchange), 128 bit AES CCMP
WPA3-ENT - 802.1X/EAP, 192 bit AES CCMP

Question 11

Wireless communication

Answer 11

Frequency hopping spread spectrum (FHSS) - diff freq but 1 freq at a time
Direct Sequence spread spectrum (DSSS) - diff freq in parallel; use chipping code
Orthogonal Freq Div Multiplexing (OFDM)

Question 12

Bluetooth

Answer 12

100 meters
Bluetooth LE (low energy) variant
iBeacon - Apple developled location tracking (BLE)

Attacks:
- Blue sniffing
- Blue smacking - DoS
- Blue jacking - Sending unsolicited messages
- Blue snarfing - unauth access to data over connection
- Blue bugging - remote control over hw and sw
- BLUFF attack - compromise bluetooth forward and future secrecy

Question 13

Wireless attacks

Answer 13

• War driving
• Rogue AP - can be internal or attacker
• Evil twin - making use of client reconnect request to retrieve SSID, etc. to make fake AP (evil twin)
• Disassociation - send disassociation or deauthentication message to force reconnect request
• Jamming
• IV abuse
• replay attack

Question 14

Network Access Control

Answer 14

Pre-admission philosophy - must meet required level of security first
Post-admission philosophy - control based on user activity

Question 15

Comm Media Access

Answer 15

CSMA
CSMA/CD - collision detect; Ethernet
CSMA/CA - collision avoidance; 802.11 (wireless)
Token - FDDI and token ring
Polling

Question 16

Stateful firewall - dynamic packet filtering fw; aware of previous and current packets; per session
Stateless firewall - static packet filtering;

Question 17

EDR - detect and respond, endpoint
MDR - detect and respond, more than just endpoints and includes network
EP(rotection) P(latform) - endpoint, but also predict and prevent
XDR - EDR, EPP, MDR
MSSP - managed centralized XDR

Question 18

Routing protocols (L3)

Answer 18

Internal:
Distance vector - RIP, IGRP
Link state - OSPF, IS-IS

External:
BGP

Question 19

DNS

Answer 19

TCP 53 - zone file
UDP 53 - requests

Zone file:
A record - FQDN to IPv4
AAAA - FQDN to IPv6
PTR - IP to FDQN
CNAME - alias, FDQN to FDQN
NS - name server
MX - mail exchange

DNSSEC - adds mutual certificate authentication and encrypted sessions
DoH - DNS over HTTPS

Question 20

IPv6

Answer 20

Characteristics:
- larger address space (128 bits)
- scoped addresses - group & block/allow
- QOS
- IPSEC

Coexistence of IPv4 and IPv6:
- Dual stack
- Tunneling
- NAT-PT translate from v4 to v6

Question 21

VRF (virtual routing & forwarding)

Answer 21

• Diff routing tables (domains) on same router
• Used by service providers for diff customers

Question 22

Switch divides Collision domains

Router divides Broadcast domains

Question 23

Dense Wave Division Multiplexing (DWDM)

Answer 23

For fiber optics, multiple channels over single fiber using different wavelengths of light

Question 24

Transport architecture

Answer 24

Data Plane
Control Plane
Mgmt Plane

Question 25

Medium access mgmt methods

Answer 25

• Arbitration - central auth assigns time slot
• Deconfliction - each given a time slot or freq
• Contention based - CSMA/CD or CSMA/CA

Question 26

Converged protocols

Answer 26

SAN
iSCSI
InfiniBand over Ethernet (IBoE)
CXL (Compute Express Link) - link cpus, gpus, etc. for data-centric applications
VoIP