Chapter 4: Network and Communications Flashcards
What are the well known/ registerd and dynamic ports
well known : 0 to 1023
Registered : 1024 to 49151
Dynamic: 49152 to 65535
Name a few common session layer protocols
- PAP
- PPTP
- Netbios
- RPC
What is the difference between session layer and transport layer protocols
Session: Application to application communication
Transport: computer to computer
what is a key service that session layer protocols should provide
secure authentication capabilities
what are the sublayers of data link
Logical Link Control (takes care of flow control and error checking)
Media Access control ( knows how to put the data on the wire)
Eg of MAC are 802.3 (ethernet),802.11 etc
What are some of the protocols that work at data link layer
- Point to Point protocol
- Layer 2 tunneling protocol
- ATM
- FDDI
- Ethernet
- Token ring
Acronym for OSI Layers
All People Seem To Need Data Processing
Application
Presentation
Session
Transport
Network
Datalink
Physical
Sample application layer protocols
HTTP, FTP, SNMP, SMTP, TFTP
Application layer data is known as MESSAGE
Services that work at presentation layer
ASCII, EBCDIC, TIFF, JPEG, MPEG, MIDI,
Transport layer protocols
TCP/UDP/SPX
TCP Data - Segment
UDP Data - Datagram
Protocols at network layer
IP, ICMP, IGMP, RIP, OSPF, IPX
Data at network layer is packets
Protocols at data link layer
ARP, RARP,
PPP,
Serial Line internet (SLIP)
Ethernet (802.3), Token ring (802.5), Wireless ethernet (802.11)
Protocols at physical layer
RS/EIA/TIA-422, 423, 449, 485, 10BaseT, 10base2, ISDN, SONET, DSL,
What communication protocol is used by SCADA systems
Distributed Network Protocol 3 (DNP 3)
- Uses simple three layer model called Enhanced performance architecture (EPA)
- Corresponds to layers 2,4, 7 of OSI (roughly)
Controller Area Network Bus (CAN Bus)
allows microcontrollers and other embedded devices to communicate with each other on shared bus
Used in smart/connected cars
What is a socket
Socket = TCP/UDP + IP Address + Port
how can SYN floods be prevented
use of SYN caches that delays the allocation of a socket untill the handshake is completed
how can TCP session hijacking take place
through correctly guessing sequence number and spoofing it
IPV4 vs IPV6
32 bits :: 128 bits
65535 byte packets :: 4.3 billion byts (jumbograms)
Less multicasting:: Better Mutlicasting
No unicast :: new concept of unicast
inefficient forwarding :: efficient forwarding
No labelling and QoS :: Labelling enables QoS
no security support :: supports integrity, authentication, confidentiality
What are some of the IPV6 to IPV4 tunneling protocols
6 to 4 (intersite ie between two networks, hence can be used on internet)
Teredo (intersite, same as above)
Intrasite automatic tunnel addressing protocol (ISATAP)
What are the security standards for data link layer
- 1 AE - for encryption of frames
- 1 AF - for key management and distribution
- 1 AR - unique id for each device
What framework does 802.1AE/F/R work with
802.1X EAP-TLS framework
why is MPLS considered a converged protocol
MPLS is a converged protocol as it can encapsulate any higher level protocol and tunnel it over a variety of links
Difference between bandwidth and data throughput
Bandwidth is the data transfer capability of a link and is associated with the available frequencies in the link and the link speed
Data throughput is the actual amount of data that can be carried acroos this link