CISSP ch 12

Question 1

PPP

Answer 1

Point-to-point Protocol,

An encapsulation protocol designed to support the transmission of IP traffic over dial-up or point-to-point links

Data link layer (layer 2) protocol that allows for multivendor interoperability of WAN devices supporting serial links

Rarely found on typical ethernet networks today

Question 2

SLIP

Answer 2

Serial Line Internet Protocol (SLIP), replaced by PPP

offered no authentication, supported only half-duplex communications, no error detection, required manual link establishment and teardown

Question 3

PPP communication services

Answer 3

Assignment and management of IP addresses

Management of synchronous communications

Standardized encryption

Multiplexing

Link configuration

Link quality testing

Error detection

Feature or option negotiation (such as compression)

Question 4

PPP authentication options

Answer 4

PAP, CHAP, EAP and EAP derivatives

Question 5

EAP derivatives

Answer 5

LEAP, PEAP, EAP-SIM, EAP-FAST, EAP-MD5, EAP-POTP, EAP-TLS, EAP-TTLS

Question 6

PAP

Answer 6

Password Authentication Protocol

Transmits usernames and passwords in cleartext

Offers no encryption, simply transports logon credentials from the client to the authentication source

Question 7

CHAP

Answer 7

Challenge Handshake Authentication Protocol

Based on MD5 and no longer considered secure

Performs authentication using a challenge-response dialogue that cannot be replayed

Challenge is a random number issued by the server, which the client uses along with the password hash to compute the one-way function derived response

Periodically reauthenticates

MS-CHAPv2 uses updated algorithms and is preferred over the original CHAP

Question 8

EAP

Answer 8

Extensible Authentication Protocol

Framework for authentication, not an actual protocol

Allows customized authentication security solutions, such as supporting smartcards, tokens and biometrics

Originally designed for use of physically isolated channels / assumed secured pathways

Some EAP methods use encryption, others do not

Question 9

LEAP

Answer 9

Lightweight Extensible Authentication Protocol

CISCO proprietary alternative to TKIP for WPA

Now a legacy solution to be avoided

Question 10

PEAP

Answer 10

Protected Extensible Authentication Protocol

Encapsulates EAP in a TLS tunnel

Preferred to EAP

Support mutual authentication

Question 11

EAP-SIM

Answer 11

EAP – Subscriber Identity Module

A means of authenticating mobile devices over the Global System for Mobile Communications (GSM) network

Uses each device/subscriber’s subscriber identity module (SIM) card

Question 12

EAP-FAST

Answer 12

EAP – Flexible Authentication via Secure Tunneling

A Cisco protocol proposed to replace LEAP which is now obsolete, given the development of WPA2

Question 13

EAP-MD5

Answer 13

Now deprecated

Question 14

EAP-POTP

Answer 14

EAP – Protected One-Time Password

Supports the use of OTP tokens in multifactor authentication

Question 15

EAP-TLS

Answer 15

EAP – Transport Layer Security

An open IETF standard that is an implementation of the TLS protocol for use in protecting authentication traffic

Most effective when both client and server have a digital certificate

Question 16

EAP-TTLS

Answer 16

EAP – Tunneled Transport Layer Security

An extension of EAP-TLS that creates a VPN-like tunnel between endpoint prior to authentication

Ensures that even client’s username is never transmitted in cleartext

Question 17

IEEE 802.1X

Answer 17

an authentication technology that can be used anywhere authentication is needed that Defines EAP

“Port Based Network Access Control”

Question 18

QoS

Answer 18

Quality of Service

The oversight and management of the efficiency and performance of network communications

Items to measure:

Throughput rate

Bit rate

Packet loss

Latency

Jitter

Transmission delay

Availability

Throttling or shaping can be implemented on a protocol or IP basis to set maximum use or consumption limit

Question 19

PTSN / POTS

Answer 19

Public Switched Telephone Network = plain old telephone service

Question 20

PBX

Answer 20

Private branch exchange

A telephone switching or exchange system deployed in private organizations in order to enable multistation use of a small number of external PSTN lines

Question 21

DISA

Answer 21

Type of telephony, Direct inward system access

Adds authentication requirements to all external connections to the PBX

Question 22

Vishing

Answer 22

Voice based phishing

Question 23

Phreakers

Answer 23

malicious attackers who abuse phone systems in much the same way that hackers abuse computer networks

Question 24

VPC

Answer 24

Virtual private cloud

Question 25

VDI

Answer 25

Virtual desktop interface

Question 26

VMI

Answer 26

Virtual mobile interface

Question 27

Remote access techniques

Answer 27

Service specific remote access

Remote control remote access

Remote node operation

Screen scraper/scraping

Question 28

Service specific remote access

Answer 28

Gives users the ability to remotely connect to and manipulate or interact with a single service, such as email

Question 29

Remote control remote access

Answer 29

Grants a remote user the ability to fully control another system that is physically distant from them

Question 30

Remote node operation

Answer 30

When a remote client establishes a direct connection to a LAN, such as with wireless, VPN or dial-up connectivity

Remote system connects to a remote access server, which provides the remote client with network services and possible internet access

Question 31

Screen scraper/scraping

Answer 31

Could refer to remote control, remote access or remote desktop services (virtual applications/desktops). The screen on the target machine is scraped and shown to the remote operator

Also a technology that allows an automated tool to interact with a human interface

Question 32

Load balancing

Answer 32

obtaining more optimal infrastructure utilization, minimize response time, maximize throughput, reduce overloading and eliminate bottlenecks

Question 33

Load balancer

Answer 33

used to spread or distribute network traffic in a variety of situations

Common implementation is spreading a load across multiple members of a server farm or cluster

Question 34

Scheduling

Answer 34

load balancing methods = means by which a load balancer distributes the work, requests or loads among the devices behind it:

Random choice

Round robin

Load monitoring

Preferencing or weighted

Least connections/traffic/latency

Locality based (geographic)

Locality based (affinity)

Question 35

Random choice (scheduling, load balancing)

Answer 35

Each packet or connection is assigned a destination randomly

Question 36

Round robin (scheduling, load balancing)

Answer 36

Each pack or connection is assigned the next destination in order

Question 37

Load monitoring (scheduling)

Answer 37

Each packet or connection is assigned a destination based on the current load of capacity of the targets

The device/path with the lowest current load receives the next packet or connection

Question 38

Preferencing or weighted (scheduling, load balancing)

Answer 38

Each packet or connection is assigned a destination based on a subjective preference or known capacity difference

E.g., one system can handle twice the capacity of other systems

Question 39

Least connections/traffic/latency (scheduling, load balancing)

Answer 39

Each packet or connection is assigned a destination based on the least number of active connections, traffic load or latency

Question 40

Locality based (geographic) (scheduling, load balancing)

Answer 40

Each packet or connection is assigned a destination based on the destination’s relative distance from the load balancer

Used when cluster members are geographically separated or across numerous router hops

Question 41

Locality based (affinity) (scheduling, load balancing)

Answer 41

Each packet or connection is assigned a destination based on previous connections from the same client, so subsequent requests go to the same destination to optimize continuity of service

Question 42

TLS offloading

Answer 42

process of removing the TLS-based encryption from incoming traffic to relieve a web server of the processing burden of decrypting and/or encrypting traffic

Question 43

Virtual IP addresses

Answer 43

Sometimes used in load balancing

When the IP address is not actually assigned to a physical machine – communications received at the IP address are distributed in a load-balancing schedule to the actual systems operating on some other set of IP addresses

Question 44

Persistence / Affinity (load balancing)

Answer 44

when a session between a client and a member of a load-balanced cluster is established and subsequent communication from the same client are sent to the same server, thus supporting persistence or consistency of communications

Question 45

Active-active system (load balancing)

Answer 45

a form of load balancing that uses all available pathways or systems during normal operations

Used when traffic levels or workload during normal operations need to be maximized, but reduced capacity will be tolerated during adverse conditions

Question 46

active-passive system (load balancing)

Answer 46

a form of load balancing that keeps some pathways or systems in an unused dormant state during normal operations to that if one active element fails, then a passive element is brought online and takes over the workload

Used when the level of throughput or workload needs to be consistent between normal states and adverse conditions

Question 47

Open relay agent or relay agent

Answer 47

an SMTP server that does not authenticate senders before accepting and relaying mail

Question 48

Closet relays

Answer 48

authenticated relays = SMTP server that authenticates senders

Question 49

S/MIME

Answer 49

Secure Multipurpose Internet Mail Extensions

An email security standard that offers authentication and confidentiality to email through public key encryption, digital envelopes and digital signatures

Authentication is provided by X.509 digital certificates issued by trusted third-party CAs (certificate authorities)

Privacy is provided through the use of Public Key Cryptography Standard (PKCS) compliant encryption

Signed message = provides integrity, sender authentication and nonrepudiation

Enveloped message = provides recipient authentication and confidentiality

Question 50

PGP

Answer 50

Pretty good privacy

A peer-to-peer public-private key-based email system that uses a variety of encryption algorithms to encrypt files and email messages

Not a standard, but an independently developed product with wide support, elevating its proprietary certificates to de facto standard status

Question 51

DKIM

Answer 51

DomainKeys Identified Mail

A means to assert that valid mail is sent by an organization through verification of domain name identity

Question 52

SPF

Answer 52

Sender Policy Framework

Checks that inbound messages originate from a host authorized to send messages by the owners of the SMTP origin domain

Question 53

DMARC

Answer 53

Domain Message Authentication Reporting and Conformance

A DNS-based email authentication system

Intended to protect against business email compromise (BEC), phishing and other email scams

Email servers can verify if a received message is valid by following the DNS-based instructions; if invalid, the email can be discarded, quarantined or delivered anyway

Question 54

STARTTLS

Answer 54

Secure SMTP over TLS = explicit TLS or opportunistic TLS for SMTP

Attempt to set up an encrypted connection with the target email server in the event that it is supported. If not supported, sent as plaintext

Not a protocol, but an SMTP command

Takes place on TCP port 587

Question 55

SMTP

Answer 55

Simple Mail Transfer Protocol (SMTP) is a technical standard for transmitting electronic mail (email) over a network

Question 56

Implicit SMTPS

Answer 56

TLS-encrypted form of SMTP, which assumes the target server supports TLS

If it does, then an encrypted session is negotiated

If not, then the connection is terminated because plaintext is not accepted

TCP port 465

Question 57

VPN concentrator

Answer 57

dedicated hardware device designed to support a large number of simultaneous VPN connections, often hundreds or thousands = VPN server, gateway, firewall, remote access server (RAS), device, proxy or appliance

Question 58

Tunneling

Answer 58

network communications process that protects the contents of protocol packets by encapsulating them in packets of another protocol = VPN protocol acts like a security envelope that provides special delivery capabilities as well as security mechanisms

Enables communications between otherwise disconnected systems (e.g., encapsulates LAN traffic in whatever communication protocol is used by a temporary connection with non LAN)

Question 59

Transport mode links/VPNs

Answer 59

host-to-host VPN = end-to-end encrypted VPN

Anchored or end at the individual hosts connected together

IP Header and IPSec Header left unencrypted

Only used within a trusted network between individual systems

Question 60

Tunnel mode links/VPNs

Answer 60

Terminate at VPN devices on the boundaries of the connected networks

Encrypts IP header, only leaving IPSec header unencrypted

Should be used when crossing untrusted networks or linking multiple systems

Question 61

Remote access VPN

Answer 61

variant of site-to-site VPN = link encryption VPN

Encryption is only provided when the communication is in the VPN link or portion of the communication; there may be network segments before and after the VPN which are not secured by the VPN

Question 62

Always-on VPN

Answer 62

VPN that attempts to auto-connect to the VPN service every time a network link becomes active

Question 63

Split tunnel

Answer 63

a VPN configuration that allows a VPN-connected client systems to access both the organizational network over the VPN and the internet directly at the same tim

Question 64

Full tunnel

Answer 64

a VPN configuration in which all of the client’s traffic is sent to the organizational network over the VPN link, and then any internet-destined traffic is routed out of the organizational network’s proxy or firewall interface to the internet

Question 65

VPN Protocols

Answer 65

PPTP

L2TP

GRE

SSH

OpenVPN

IPsec

Question 66

PPTP

Answer 66

Point-to-Point Tunneling Protocol

Obsolete encapsulation protocol

TCP Port 1723

Offers same authentication protocols as PPP (point-to-point protocol)

PAP = Password Authentication Protocol

CHAP = Challenge Handshake Authentication Protocol

EAP = Extensible Authentication Protocol

MS-CHAPv2 = Microsoft Challenged Handshake Authentication Protocol

Initial tunnel negotiation process is not encrypted

Question 67

L2TP

Answer 67

Layer 2 Tunneling Protocol

An internet standard (RF 2661)

Can support almost any layer 3 networking protocol

Uses UDP port 1701

Can rely on PPP’s supported authentication protocols, specifically IEEE 802.1X, a derivative of EAP

Does not offer native encryption, but supports the use of payload encryption protocols

Often deployed using IPSec’s ESP for payload encryption

Question 68

GRE

Answer 68

Generic Routing Encapsulation

A proprietary Cisco tunneling protocol

Provides encapsulation but not encryption

Question 69

SSH

Answer 69

Secure Shell

A secure replacement for Telnet (TCP port 23)

Operates over TCP Port 22

All SSH transmission (both authentication and data exchange) are encrypted

Limited to transport mode

If S is the prefix of a secure protocol (e.g., SFTP), encryption is provided by SSH. If S is in the suffix (e.g., HTTPS), encryption is provided by TLS.

Question 70

OpenVPN

Answer 70

Based on TLS

Provides an easy-to-configure but robustly secured VPN option

Can use either pre-shared passwords or certificates for authentication

Question 71

IPsec

Answer 71

Internet Protocol Security

A standard of IP security extension used as an add-on for IPv4 and integrated into IPv6

Primary use is for establishing VPN links between internal and/or external hosts or networks

Works only on IP networks and provides for secured authentication as well as encrypted data transmission

AH = Authentication Header

ESP = Encapsulating Security Payload

HMAC = Hash-based Message Authentication Code

IPComp = IP Payload Compression

Uses public-key cryptography and symmetric cryptography to provide encryption, secure key exchange, access control, nonrepudiation and message authentication

IKE = Internet Key Exchange = mechanism IPsec uses to manage cryptography keys

Question 72

AH (IPsec)

Answer 72

Authentication Header

Provides assurances of message integrity and nonrepudiation

Primary authentication function for IPsec, implements session access control and prevents replay attacks

Question 73

ESP (IPsec)

Answer 73

Encapsulating Security Payload

Provides confidentiality and integrity of payload contents

Provides encryption, offers limited authentication, and prevents replay attacks

Uses AES encryption

Can operate in either transport or tunnel mode

Question 74

HMAC (IPsec)

Answer 74

Hash-based Message Authentication Code

Primary hashing or integrity mechanism used by IPsec

Question 75

IPComp (IPsec)

Answer 75

IP Payload Compression

A compression tool used by IPsec to compress data prior to ESP encrypting it in order to attempt to keep up with wire speed transmission

Question 76

IKE (IPsec)

Answer 76

Internet Key Exchange = mechanism IPsec uses to manage cryptography keys

OAKLEY

SKEME = Secure Key Exchange Mechanism

ISAKMP = Internet Security Association and Key Management Protocol

Question 77

OAKLEY (IKE)

Answer 77

A key generation and exchange protocol similar to Diffie-Hellman

Question 78

SKEME (IKE)

Answer 78

Secure Key Exchange Mechanism

A means to exchange keys securely, similar to a digital envelope

Modern IKE implementations may also use ECDHE (elliptic curve Diffie-Hellman exchange) for key exchange

Question 79

ISAKMP (IKE)

Answer 79

Internet Security Association and Key Management Protocol

Used to organize and manage the encryption keys that have been generated and exchanged by OAKLEY and SKEME

Security association = agreed-on method of authentication and encryption used by two entities

Used to negotiate and provide authenticated keying material for security associations in a secured manner

Each IPsec VPN uses two security associations, one for encrypted transmission and the other for encrypted reception; thus, each IPsec VPN is composed of two simplex communication channels that are independently encrypted

Question 80

Switches - four primary functions

Answer 80

Learning

Forwarding

Dropping

Flooding

Question 81

CAM table

Answer 81

Content Adressable Memory table = used to map MAC addresses and physical port numbers

If a destination MAC address is present in the switch’s CAM table, frame is forwarded to the appropriate port

Question 82

Learning (switch)

Answer 82

How a switch first becomes aware of its local network

Question 83

Forwarding (switch)

Answer 83

CAM table = Content Adressable Memory table = used to map MAC addresses and physical port numbers

If a destination MAC address is present in the switch’s CAM table, frame is forwarded to the appropriate port

Question 84

Dropping

Answer 84

If the destination MAC address came from associated port, frame is dropped

Question 85

Flooding

Answer 85

If the destination MAC is not present in the CAM table, then the frame is flooded/sent out to all ports

Question 86

VLAN

Answer 86

virtual local area network

A hardware-imposed network segmentation created by switches. Used to segment a network logically without altering its physical topology. Can have software-based implementations

By default, all ports on a switch are part of VLAN 1, can be reassigned on a port-by-port basis

VLAN management is most commonly used to distinguish between user traffic and management traffic

VLAN 1 is typically the designated management traffic VLAN

Question 87

VLAN management

Answer 87

use of VLANs to control traffic for security or performance reasons

Question 88

Distributed virtual switches

Answer 88

used in cloud and virtual environments

Question 89

Port isolation / private ports

Answer 89

private VLANs that are configured to use a dedicated or reserved uplink port

Members of a private VLAN or a port-isolated VLAN can interact only with each other and over the predetermined exit port or uplink port

Commonly implemented in hotels

Question 90

Port mirror

Answer 90

duplicates traffic one or more other ports out a specific port

Question 91

SPAN port

Answer 91

Switched Port Analyzer port = duplicates the traffic for all other ports, or any port can be configured as the mirror, audit, IDS or monitoring port for one or more other ports

Question 92

Port tap

Answer 92

a means to eavesdrop on network communications, especially when a switch’s SPAN function isn’t available or doesn’t meet the current interception needs

Question 93

Trunk port

Answer 93

a dedicated port with higher bandwidth capacity than the other standard access ports, used to link multiple switches together

Question 94

VLAN tags

Answer 94

modify the standard construction of an Ethernet frame header to include a VLAN tag value

Question 95

MAC flooding attack

Answer 95

an intentional abuse of a switch’s learning function to cause it to get stuck flooding by flooding a switch with Ethernet frames with randomized source MAC addresses; once the CAM table is filled with false MAC addresses, the switch is unable to properly forward traffic, so it reverts to flooding mode (attacker on network will also receive a copy of the communication)

Question 96

FIFO (switches)

Answer 96

first-in, first-out queue, how a CAM table makes room for new MAC addresses

Question 97

MAC limiting

Answer 97

defense against MAC flooding that restricts the number of MAC addresses that will be accepted into the CAM table from each jack/port

Question 98

MAC spoofing

Answer 98

changing the default MAC address to some other value

Question 99

MAC cloning

Answer 99

impersonating another system, often a valid or authorized network device, to bypass port security or MAC filtering limitations

Question 100

NAT

Answer 100

network address translation

Hides the IPv4 configuration of internal clients and substitutes the IPv4 configuration of the proxy server’s own public external NIC in outbound requests; effectively prevents external hosts from learning the internal configuration of the network

Translates the IPv4 addresses of your internal clients to leased addresses outside your environment

One-to-one basis – a single leased public IPv4 address can only allow a single internal system to access the internet

Usually also refers to PAT

Question 101

PAT / NPT/ NAPT

Answer 101

port address translation = overloaded NAT = network and port address translation (NPAT) = network address and port translation (NAPT)

Allows a single public IPv4 address to host up to 65,536 simultaneous communications from internal clients

Question 102

SNTA / Stateful NAT / Dynamic NAT

Answer 102

Source Network Address Translation = NAT = Stateful NAT or Dynamic NAT

NAT that maintains a mapping between requests made by internal clients, a client’s internal IP address and the IP address of the internet service contacted

NAT changes source address in outgoing packet from client’s to NAT server’s; this change is recorded in the NAT mapping database along with destination address

Once a reply is received from the internet server, NAT matches the reply’s source address to an address stored in its mapping database

Question 103

NAT-T

Answer 103

NAT Traversal = RFC 3947

Designed specifically to support IPsec (normally not compatible with NAT because of changes NAT makes to packet headers) and other tunneling VPN protocols, such as L2TP

Question 104

Static NAT / DNAT

Answer 104

reverse proxy = port forwarding = destination network address translation (DNAT)

Allows an external entity to initiate communication with an internal entity behind a NAT by using a public socket that is mapped to redirect to an internal system’s private address

Not usually a secure solution, may be useful for systems in a screened subnet or extranet, but not for accessing systems in the internal private LAN

Question 105

Private IPv4 addresses

Answer 105

Private IPv4 addresses = defined in RFC 1918

10.0.0.0 – 10.255.255.255

Full Class A range

172.16.0.0 – 172.32.255.255

16 Class B ranges

192.168.0.0 – 192.168.255.255

256 Class C ranges

Question 106

APIPA

Answer 106

Automatic Private IP Addressing = link-local address assignment = 169.254.0.01 to 169.254.255.254

Defined in RFC 3927

Assigns an IP address to a system in the event of a Dynamic Host Configuration Protocol (DHCP) assignment failure

A feature of Windows

Assigns each failed DHCP client an IP address from the range of 169.254.0.01 to 169.254.255.254 along with the default Class B subnet mask of 255.255.0.0

Allows the system to communicate only with other APIPA-configured clients within the same broadcast domain but not with any system across a router or with a correctly assigned IP address

Question 107

Loopback address

Answer 107

127.0.0.1

Purely a software entity

An IP address used to create a software interface that connects back to itself via TCP/IP

Allows for the testing of local network setting in spite of missing, damaged or nonfunctional network hardware and related device drivers

Entire 127.x.x.x network is reserved for loopback use, though only the 127.0.0.1 address is widely used

Question 108

ISA

Answer 108

Interconnection security agreement

A formal declaration of the security stance, risks and technical requirements of a link between two organizations’ IT infrastructures

Question 109

Circuit switching

Answer 109

Originally developed to manage telephone calls over the public switched telephone network

A dedicated physical pathway is created between the two communicating parties

Grants exclusive use of a communication path to the current communication partners

Question 110

Packet switching

Answer 110

The message or communication is broken up into small segments (fixed-length cell or variable-length packets) and sent across the intermediary networks to the destination

Each segment of data has its own header that contains source and destination information

Header is read by each intermediary system and is used to route each packet to its intended destination

Each channel or communication path is reserved for use only while a packet is actually being transmitted over it; as soon as the packet is sent, the channel is made available for other communications

Question 111

Virtual circuit

Answer 111

A logical pathway or circuit created over a packet-switched network between two specific endpoints

Question 112

PVC

Answer 112

Permanent virtual circuits

Like a dedicated leased line; the logical circuit always exists and is waiting for the customer to send data

Question 113

SVC

Answer 113

Switched virtual circuits

Has to be created each time it is needed using the best paths currently available before it can be used and then disassembled after the transmission is complete

Question 114

Dedicated line = leased line = point-to-point link

Answer 114

A line that is continually reserved for use by a specific customer

Always on and waiting for traffic to be transmitted over it

Connects two specific endpoints and only those two endpoints

Types (mostly been replaced by fiber optic-based solutions):

T1 = Telephone line 1 [1.64 Mbps capacity]

TS3 or DS3 = Digital Service 3 [44.7 Mbps capacity]

X.25

ATM = Asynchronous Transfer Mode

Frame Relay

Question 115

Nondedicated line

Answer 115

Line that requires a connection to be established before data transmission can occur

Question 116

DSL

Answer 116

Digital Subscriber Line

A technology that exploits the upgraded telephone network to grant customers speeds from 144 Kbps to 20 Mbps (or more)

Formats (varies downstream and upstream bandwidth provided):

ADSL

xDSL

CDSL

HDSL

SDSL

RASDSL

IDSL

VDSL

Question 117

ISDN

Answer 117

Integrated Services Digital Network

Planned replacement for PSTN, but did not gain widespread adoption

Question 118

SDH

Answer 118

Synchronous Digital Hierarchy

A fiber-optic high-speed networking standard by the International Telecommunications Union (ITU)

Uses synchronous time-division multiplexing (TDM) to high-speed duplex communications with minimal need for control and management overhead

Supports a foundational speed of 51.48 Mbps

Synchronous Transport Modules (STM) = levels of SDH

Question 119

SONET

Answer 119

Synchronous Optical Network

A fiber-optic high-speed networking standard by the American National Standards Institute (ANSI)

Uses synchronous time-division multiplexing (TDM)

Synchronous Transport Signals (STS) = Optical Carrier (OC) = levels of SONET

Question 120

STM

Answer 120

Synchronous Transport Modules (STM) = levels of SDH

STS-768/OC-768 = STM-256 = 39.813 Gbps

Question 121

STS and OC

Answer 121

Synchronous Transport Signals (STS) = Optical Carrier (OC) = levels of SONET

STS-768/OC-768 = STM-256 = 39.813 Gbps

Question 122

Transmission logging

Answer 122

a form of auditing focused on communications

Records the particulars about source, destination, time stamps, identification codes, transmission status, number of packets, size of message and so on

Question 123

Transmission error correction

Answer 123

a capability built into connection- or session-oriented protocols and services

if it is determined that a message was corrupted, altered or lost, a request can be made for the source to resend the message

Question 124

CRC

Answer 124

cyclic redundancy check = check for communication integrity?

Question 125

Modification attacks

Answer 125

captured packets are altered and then played against a system