Chapter 11 - Secure Network Flashcards
Layer 7 Protocols
FTP, TFTP, SSH, IMAP, PCP, HTTP, HTTPS, LPD, SMTP, POP3, SNMP, DHCP
Layer 6 Protocols
ASCII, EBCDICM, TIFF, JPEG, MPEG, MIDI
Layer 5 Protocols
NFS, SQL, RPC
Layer 4 Protocols
TCP, UDP, SPX, SSL, TLS
Layer 3 Protocols
ICMP, RIP, OSPF, BGP, IGMP, IP, IPSec, IPX, NAT, SKIP
Layer 2 Protocols
SLIP, PPP, ARP, RARP, L2F, L2TP, PPTP, ISDN
Layer 1
• EIA/TIA-232 and EIA/TIA-449 • X.21 • High-Speed Serial Interface (HSSI) • Synchronous Optical Network (SONET) V.24 and V.35
Layer 1 Responsibilities
- Controls throughput rates
- Handles synchronization
- Manages line noise and medium access
- Determines whether to use digital or analog signals or light pulses to transmit or receive data over the physical hardware interface
Layer 2 Formats
○ Ethernet (IEEE 802.3) ○ Token Ring (IEEE 802.5) ○ Asynchronous Transfer Mode (ATM) ○ Fiber Distributed Data Interface (FDDI) Copper DDI (CDDI)
Layer 4 Responsibility
managing the integrity of a connection and controlling the session.
Layer 4 Mechanisms
○ Segmentation ○ Sequencing ○ Error checking ○ Controlling data flow ○ Error correction ○ Multiplexing Network service optimization
Fiber Channel Over Ethernet (FCoE)
• Form of network data storage solution SAN or network attached storage (NAS) that allows for high-speed file transfers at upward of 16GB.
• Used to encapsulate fibre channel communications over ethernet.
• Typically requires 10 GB ethernet to support.
Network/Layer 3.
Multiprotocol Label Switching (MPLS)
- High-throughput high-performance network tech that directs data across a network based on short path labels rather than longer network addresses.
- Faster than IP
- Handles lots of protocols
Internet Small Computer System Interface (iSCSI)
• Networking storage standard based on IP.
• Can be used to enable location-independent file storage, transmission, and retrieval over LAN, WAN or Internet.
Low cost alternative to fibre channel.
Antenna Types
○ Yagi - like TV antenna
○ Cantenna - tubes with one sealed end
○ Panel - flat devices that focus from only one side of panel
Parabolic - used to focus signals from very long distances or weak sources
Static Firewall
• Examines data from message header • cant prform user auth or determine if packet is from inside or outside • 1st generation • Layer 3 Screening routers/common routers
App Level Gateway Firewall
- Aka proxy firewalls
- Proxy - mechanism the copies packets from one network into another, changes source and destination to protect identity of internal network
- Filters traffic based on internet service (app) used to transmit or receive data.
- Each type of app must have own proxy server
- Negatively affects network performance because each packet is examined
- 2nd gen
- Layer 7
Circuit Level Gateway Firewall
- Used to establish communication sessions between trusted partners
- Session layer (5)
- SOCKS (socketsecure) is common implementation.
- Aka circuit proxies
- Manage communications based on circuit rather than content.
- 2nd gen
Stageful Inspection Firewall
• Aka dynamic packet filtering
• Evaluate state or context of network traffic
• Grants broader range of access for authorized users and activities
• Actively watch for and block unauthorized users.
• 3rd gen
Layers 3 and 4
Frequency Hopping Spread Spectrum (FHSS)
early implementation of spread spectrum. Sends only one frequency at a time.
Direct Sequence Spread Spectrum (DSSS)
employs all available frequencies simultaneously. Higher data throughput than FHSS. Chipping code allows message to be constructed if pieces are missing.
Orthogonal Frequency-Division Multiplexing (OFDM)
uses digital multicarrier modulation scheme that allows for more tightly compacted transmission. Signals are perpendicular not causing interference with each other. Requires smaller frequency set but has better data throughput.
Synchronous
rely on timing or clocking mechanism based on either an independent clock or time stamp embedded in the data stream. Supports very high rates of data transfer.
Asynchronous
reply on stop and start delimiter bit to manage transmission of data. Suited for smaller amounts of data. PSTN modems.
