Chapter 3 - Networking and Communications Flashcards

1
Q

What does OSI stand for?

A

Open Systems Interconnection

created by ISO - International Organization for Standardization

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What is the OSI model?

A

A standard model for network communications allowing similar and dis-similar networks and computers to communicate.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What are the 7 layers of the OSI model…in order?

A
  1. ) Physical
  2. ) Data Link
  3. ) Network
  4. ) Transport
  5. ) Session
  6. ) Presentation
  7. ) Application
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What is the OSI mneumonic?

A

Either
All people seem to need data processing.
or
Please do not throw sausage pizza away.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What 3 layers of the OSI model comprise the Protocol Data Unit (PDU)?

A

Session, Presentation, Application

5, 6, 7

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Describe the Physical layer.

A

How data is passed into the network including the transmission method. Responsible for converting media to bit streams and passing to the Data Link Layer.

Includes cabling (&standards), hubs, repeaters, wireless radio, etc.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What is an example of a security threat at the Physical layer.

A

Packet sniffer attached to a cable that transmits unencrypted traffic.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Name 4 types of transmission media.

A
  1. ) Coaxial cable - easy to tap
  2. ) Shielded/Unshielded Twisted Pair - easy to tap
  3. ) Fiber optic - free from EMI and RFI issues. Harder to tap
  4. ) Wireless Transmissions - easiest to tap/intercept
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Describe the Data Link layer.

A

Responsible for reliable packet delivery. It packages data into ordered frames and provides error notifications.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What are the 2 sublayers of the Data Link Layer

A
  1. ) Media Access Control (MAC) - defines physical (aka MAC) addresses.
  2. ) Logical Link Control - Interacts with Physical layer.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What is an example of a security threat at the Data Link layer?

A

MAC address spoofing.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Describe the Network layer.

A

Provides routing for data packets across network by analyzing IP address and determining the best route to the target computer. It controls the flow of data across the network.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What are some devices at the Network layer?

A

Routers and Layer 3 devices. They use ACLs to route/block/filter traffic.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

What is IP and its versions?

A

Internet Protocol - used for addressing. IPv4 and IPv6.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Describe the Transport layer and its primary protocols.

A

Provides reliable end to end communication for services and applications. It matched logical port assignments to upper-layer protocols (i.e. 80 for HTTP).

Protocols

  1. ) TCP - Transmission control protocol
  2. ) UDP - User datagram protocol
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

How is data packaged and transmitted at each layer of the OSI model?

A
  1. ) Physical - Bit streams
  2. ) Data Link - Frames
  3. ) Network - Packets (Datagram if IP)
  4. ) Transport - Segments (Datagram if UDP)
  5. ) Session - Protocol Data Units
  6. ) Presentation - as per standards
  7. ) Application
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

Describe TCP.

A

Connection oriented, using packet sequencing and destination acks to provide reliable communication for network devices. Uses a 3 way handshake to establish communications.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

What is a 3 way handshake?

A

The method in which a client establishes a TCP connection with a server.

  1. ) Client sends packet with SYN flag set
  2. ) Server responds with packet that has SYN and ACK flags set
  3. ) Client sends server a packet with ACK flag set
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

What kind of attack uses TCP 3 way handshake.

A

DDOS (Synflood) attack where Client withholds the 3rd packet to keep the session open, but then floods with more SYN packets.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

How are IP and TCP related?

A

IP does not guarantee delivery, but will layer on TCP to do so.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

Describe UDP.

A

Connectionless protocol that does not check for a connection like TCP. It just sends the packet and does not guarantee or verify delivery.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

Give an example of where UDP is used.

A

Audio or Video streaming

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

Describe the Session Layer

A

Establishes and maintains sessions between apps/components on the local and remote system.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

What is a protocol that operates at the Session layer?

A

RPC - Remote Procedural Call - used to request a service on another computer.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
Q

Describe the Presentation Layer.

A

Standardizes data presentation for the application layer by translating it using standards such as ASCII, EBCDIC, JPEG, MPEG, etc. Data de/encryption and de/compression can be at this layer.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
26
Q

Describe the Application Layer.

A

The layer for User Apps. Provides the services needed for applications that communicate over a network. This is where authentication, access control, encryption, hashing, signatures and other security measures reside.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
27
Q

What is RFC 1122 and 1123?

A

4 and 5 layer TCP/IP models created by DARPA. The 4 Layer model is the authoritative.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
28
Q

What are the layers of the Four-Layer TCP/IP Model?

A
  1. ) Application (app, presentation, session from OSI)
  2. ) Transport
  3. ) Internet
  4. ) Link (data link and physical from OSI)
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
29
Q

What are the layers of the Five-Layer TCP/IP Model?

A
  1. ) Application (app, presentation, session from OSI)
  2. ) Transport
  3. ) Network
  4. ) Data Link
  5. ) Physical
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
30
Q

What is network topology?

A

It is the layout of the network for physical components and cables. Examples include, mesh, star, bus, tree, token, ring.

31
Q

What is IEEE 802.3

A

Introduced in 1973 as a standard for Ethernet. Changes with major progressions in bandwidth such as twisted pairs or fiber.

32
Q

Define CSMA/CD.

A

Carrier Sense Multiple Access / Collision Detection.
Network components detect collisions and wait a random amount of time before resend. An issue with half duplex devices. Ethernet standard supports this still.

33
Q

Define CSMA/CA.

A

Carrier Sense Multiple Access / Collision Avoidance.
Listen before sending to avoid collisions, if busy wait random amount of time. 802.11 wireless networks use this as well as Request/Clear to Send to avoid collisions.

34
Q

What is a bus topology?

A

Hosts connected by a single cable an a terminator on each end. Expensive to troubleshoot and a single issue with a terminator or cable takes the whole network down.

35
Q

What is a star topology?

A

All hosts or nodes are connected to a central point like a switch, but not to each other. Used for most Ethernet based networks.

36
Q

What is the difference between a Hub and a Switch?

A

A hub connects network servers, but all traffic that goes into a single port goes out of all others. A switch will only send traffic to a computer that it is directly addressed to sent to. Reduces attack vectors and is more efficient.

37
Q

What is a tree topology?

A

Connects multiple star networks on a bus topology.

38
Q

What is token ring topology?

A
Connects multiple computers in a ring.  They pass around a token to communicate.  
A MASU (multistation access unit) can be centered between them to control traffic around the ring.  This way a loss of one computer does not take the network down.
When scaled, performance is an issue with this topology. Can be designed with a second ring and fiber (FDDI) to help speeds.
39
Q

What is mesh topology?

A

Fault tolerant as there are multiple connections between computers. Can be partial or full. For full number of connections is n(n-1)/2.

40
Q

What is a peer to peer network?

A

Computers are connected to the same network but are independent of each other and authentication is decentralized. In MS it is known as a workgroup.

41
Q

What is a client server network?

A

Centralized authentication. In MS it is known as a domain.

42
Q

What is a key step in server hardening?

A

Removing all unneeded protocols and ports.

43
Q

Key differences between IPv4 vs IPv6.

A
  1. ) 32 bits (4 groups) vs 128 bits (8 groups)
  2. ) Decimal notation vs. Hexidecimal
  3. ) IPv6 representation can be shortened to remove leading zeros by adding a 2nd :
44
Q

What is DHCP Protocol and what is it’s OSI layer?

A

Protocol used to dynamically assign IP, subnet masks, and DNS server addresses to a computer when it connects to the network.
- nearly 70 attributes can be set.
Sits at the Application layer

45
Q

What are the 4 DHCP messages between the client and DHCP server?

A
  1. ) DHCPDiscover - Client broadcasts request for DHCP server
  2. ) DHCPOffer - DHCP Server/Router response for the clients subnet mask. Includes an available IP.
  3. ) DHCPRequest - Client Request to use the offer
  4. ) DHCPAck - Server acknowledges configuration of that IP for client.
46
Q

What is Address Resolution Protocol (ARP)?

A

Resolves IP to MAC. A method of directing a datagram (@IP Layer) to a computer with appropriate MAC address.

47
Q

What is RARP?

A

Reverse Address Resolution Protocol.

Using client IP address to get MAC address.

48
Q

What is network discovery protocol (NDP)?

A

Similar to ARP but for IPv6. Used to:

  1. ) Auto configure nodes
  2. ) Discover other nodes on network
  3. ) Locate available routers on network
  4. ) Detect duplicate addresses on network
49
Q

What is Domain Name System (DNS) and what layer of the OSI does it reside?

A

Resolves IP addresses to hostnames. Uses hierarchical naming and a distributed database. No single server has all mappings.

@Application Layer.

50
Q

How many root DNS Servers are there?

A

13 at the top of the hierarchy for top level domains such as .com, .gov, .edu, etc. Each tier knows the addresses of the tier below it.

51
Q

What are some types of DNS records?

A
  1. ) A - resolves hostname to IPv4
  2. ) AAAA - resolves hostname to IPv6
  3. ) PTR - Pointer - Resolves IP to hostname
  4. ) MX - Mail Exchange - Identifies mail server
  5. ) CNAME - Canonical name - Aliases for a system
52
Q

What ports and protocol does DNS use?

A
  • Port 53 for both DNS and TCP

- Protocol - UDP for name resolution. TCP for info transfer between DNS servers.

53
Q

How can you prevent DNS cache poisoning attacks?

A

By implementing DNSSEC and using RRSIGs.

54
Q

What is DNSSEC?

A

DNS Security Extension. Validates DNS responses against a RRSIG.

55
Q

What is a RRSIG?

A

Resource Record Signature. Like a digital signature for DNS responses.

56
Q

What is ICMP and what OSI layer does it reside?

A

Internet Control Message Protocol.
Used to diagnose the health and availability of a network. Ping, Tracert use this.

@Network layer

57
Q

What attack is common with ICMP protocol?

A

DoS - Thus firewalls often block it.

58
Q

What is IGMP and what OSI layer does it reside?

A

Internet Group Messaage Protocol.
IPv4 multicasting from 1:many computers

@Network Layer

59
Q

What is the IGMP group IP range?

A

224.0.0.0 to 239.255.255.255

60
Q

What is the IPv6 multicast protocol?

A

ICMPv6 with MLD (Multicast Listener Discovery)

61
Q

What is SNMP and what OSI layer does it reside?

A

Simple Network Messaging Protocol.

Used to manage network devices. Sends traps/errors and notifications back to central server. Can be use to configure devices remotely.

Agents use UDP on ports 161 to recieve data and 162 to send traps. If over TLS ports 10161 and 10162 respectively.

@Application layer

62
Q

What is FTP and what OSI layer does it reside.

A

File Transfer Protocol
Upload and download of files across servers over TCP ports 20/21.
Trivial FTP is UDP over port 69.
Both are clear text.

@Application Layer

63
Q

What is SFTP?

A

Secure FTP.

Uses SSL encryption

64
Q

What is FTPS?

A

FTP Secure

Uses TLS encryption.

65
Q

What is Telnet and what OSI layer does it reside?

A

Command Line Interface protocol for interface with a remote system. Uses TCP port 23.

@Application Layer

66
Q

What is SSH and what OSI layer does it reside?

A

Secure Shell for creating a secure session between two computers. It encrypts the traffic of other protocols such as FTP, SCP. Replaces Telnet, rLogin, rsh, rexec. Uses TCP port 22.

Uses symmetric and asymmetric encryption as well as supporting mutual auth.

@Application layer.

67
Q

What is HTTP/S and what OSI layer does it reside?

A

Hypertext Transfer Protocol (/Secure).

Used to process Internet traffic.

@Application Layer

68
Q

What is TLS and what OSI layer does it reside?

A

Transport Layer Security
Used to encrypt different types of traffic.
Replacement for SSL (Secure socket layer) traffic as it was vulnerable to POODLE.
@Application Layer(7), Session Layer (5), Transport Layer (4)

69
Q

What is NFS?

A

Network file share

Allows computers on different operating systems to share files.

70
Q

What are the two primary routing protocols and OSI layer do they reside.

A
  1. ) RIPv2 - Routing information protocol (smaller networks)
  2. ) OSPF - Open shortest path first (larger networks)

@Network Layer

71
Q

What are the primary email protocols?

A
  1. ) SMTP - Simple mail transfer protocol. TCP port 25/465.
  2. ) POP3 - Post office protocol - server delivers to client. TCP port 110/995.
  3. ) IMAP4 - Internet message access protocol - stored on server. Allows header download (protect against viruses and phishing) and supports multiple devices. TCP port 143/993.
72
Q

What is IPSec

A

IP Security - provides security for traffic over a network. Provides Mutual auth., integrity and confidentiality. Two primary components.
1.) AH - Auth header. Provides auth and integrity checks. Header is an encrypted hash of the packets and auth data. Systems identify AH packets with protocol 51

2.) ESP - Encapsulating Security Protocol - Encryption of data packets. Systems identify ESP packets with protocol 50.

73
Q

What are common tunneling protocols and what are they used for?

A

Used for creating Virtual Private Networks (VPNs) between private networks across a public network such as the Internet.
1.) L2TP - Layer 2 Tunneling Protocol - uses IPSec for encryption. UDP Port 1701

2.) PPTP - Point to Point Tunneling Protocol - provides encryption. TCP Port 1723