Chapter 3

Question 1

Four Layers of TCP/IP

Answer 1

Application
Host-to-Host
Internet Layer
Network Access Layer

Question 2

Network Access Layer

Answer 2

Responsible for placing and removing packets on the physical network through communications with the network adapters

Question 3

Encapsulation

Answer 3

allows a transport protocol to be sent across the network and utilized by the equivalent service or protocol at the receiving host

Question 4

IANA

Answer 4

Internet Assigned Numbers Authority

Defines the list of well known ports
port 25 is SMTP etc

Question 5

How does TCP establish a session?

Answer 5

The threeway handshake.

A client originates this connection with an ISN (Initial Sequence Number)
The server responds with a TCP segment that includes the ISN and a value buffer
The client then sends back an acknowledgment of the server’s sequence number

Question 6

iSCSI and it’s ports!

Answer 6

Internet Small Computer Systems Interface

Allows data storage and transfers across an existing network

Ports 860 and 3260

Question 7

Fibre Channel

Answer 7

Like an iSCSI but meant for fiber optic. Not routable at the network level

Question 8

Factors of a security topology

Answer 8

DMZ
Subnetting
VLANs
Remote Access
NAT
Telephony
NACs

Question 9

VLAN

Answer 9

Virtual Local Area Network

Allows you to create groups of users and systems and segment them on the network

Question 10

PPTP

Answer 10

Point-to-Point Tunneling Protocol

Supports encapsulation in a single point-to-point environment. Encrypts PPP packets

Question 11

Weakness of packet-capture devices

Answer 11

Capturing the negotiation process can potentially uses that information to determine the connection type and information about how the tunnel works

Question 12

L2F

Answer 12

Layer 2 Forwarding

Created by Cisco as a method of creating tunnels primarily for dial-up connections. Similar in capability to PPP and it shouldn’t carry over to WANs

Question 13

L2TP

Answer 13

Layer 2 Tunneling Protocol

MS and Cisco agreed to combine their respective tunneling protocols into one protocol. Can be used with many different network protocols

Question 14

Problem with L2TP

Answer 14

It doesn’t provide data security: the information isn’t encrypted

Question 15

SSH

Answer 15

Secure Shell

A tunneling protocol originally designed for Unix systems. It uses encryption to establish a secure connection between two systems

Question 16

IPSec

Answer 16

Internet Protocol Security

Not a tunneling Protocol, but used in conjunction with tunneling protocols. Usually for LAN-to-LAN connections

Question 17

RRAS

Answer 17

Routing and Remote Access

previously known as Remote Access Services

Connection accomplished via dial-up POTS

Question 18

Telephony

Answer 18

telephone technology + Info Technology

VoIP is taking over!!!!

Question 19

NAC

Answer 19

Network Access Control

Used for daily operations of the network, connections to other networks, and backup plans

Question 20

Proxy Firewall

Answer 20

Intermediary between you network and any other network. Decides whether a packet should be accepted or refused

Question 21

Dual-homed firewall

Answer 21

Proxy Firewall with 2 NICs. One for outside the network. One for inside the network

Question 22

Application Level Proxies

Answer 22

Reads individual commands of protocols being served. Must know the difference between GET and PUT commands

Question 23

Circuit-level proxy

Answer 23

creates a circuit between the client and the server and doesn’t deal with contents of the packets that are being processed

Question 24

Stateful vs Stateless inspection in firewalls

Answer 24

Stateful inspections (aka SPI filtering) Keeps track of how information is routed or used

Stateless firewalls make decisions based on the data that comes in. More simple

Question 25

Load Balancing

Answer 25

Shifting a load from one device to another

Question 26

IDS

Answer 26

Intrusion Detection Service

software that runs either on individual workstations or on network devices to monitor and track network activity.

Question 27

Types of IDS

Answer 27

Behavior Based: looks for variations in behavior such as unusually high traffic, policy violations, etc

Signature Based Detection: AKA misuse detection IDS. Evaluates attacks based on attack signatures and audit trails

Anomaly Detection IDS: Looks for anything outside the ordinary

Heuristic IDS: uses an algorithm to analyze the traffic passing through the network