CISSP (Domain 2 - Telecommunications and Network Security)

Question 1

Physical Layer (OSI)

Answer 1

• Bits converted to electrical signal

Question 2

Data Link Layer (OSI)

Answer 2

• Switching
• MAC Address
• Breaks data into frames for correct technology
• Error detection
• ARP, RARP

Question 3

802.5

Answer 3

Token Ring, FDDI

Question 4

802.11

Answer 4

Wireless CSMA/CD

Question 5

802.3

Answer 5

Ethernet

Question 6

Carrier Sense Multiple Access with Collision Detection (CSMA/CD)

Answer 6

Sends message, if collision detected, wait random time and resubmit (Ethernet)

Question 7

Carrier Sense Multiple Access with Collision Avoidance (CSMA/CA)

Answer 7

Sends message out to wire to see if its open, if open, send message (Wireless)

Question 8

Network Layer (OSI)

Answer 8

• Routing
• IP, ICMP, RIP, OSPF, BGP, IGMP
• Inserts information into the packet header for routing
• Only layer to provide confidentiality, authentication, and integrity with IPsec

Question 9

Transport Layer (OSI)

Answer 9

• End to End transfer
• Error control and recovery
• Assembled into a stream
• SSL, TCP, UDP, and SPX

Question 10

Session Layer (OSI)

Answer 10

• E2E communication between applications
• Session setup and tear down
• DNS, NFS, SQL, and RPC

Question 11

Presentation Layer (OSI)

Answer 11

• Translate message into a standard format
• GIF, TIFF, JPG
• Encoding: ASCII and EBCDIC
• E2E encryption

Question 12

Application Layer (OSI)

Answer 12

• Closest to users
• Provides message exchange, terminal sessions, …
• Only layer to provide non-repudiation (if encryption is enabled)
• HTTP, FTP, SMTP, POP, IMAP, Telnet, SNMP, TFTP

Question 13

OSI to DoD TCP/IP

Answer 13

• Application, Presentation, Session: Application
• Transport: Host to Host
• Network: Internet
• Data Link, Physical: Network Interface

Question 14

TCP Encapsulation

D/SD/PSD/FPSD-FCS

Answer 14

• Data
• Segment, Data
• Packet, Segment, Data
• Frame, Packet, Segment, Data, FCS

Question 15

How to attack TCP/IP

Answer 15

• SYN flood (fill up buffer) during 3 way handshake

- Guessing TCP sequence number

Question 16

How to attack UDP

Answer 16

DoS with floods

Question 17

IPv6 IP Format Rules (3)

Answer 17

• First half is network address, second part is host address
• Can be shortend by eliminating leading zero’s
• Adjacent blocks of zero’s can be replace with ::; but only once

Question 18

Synchronous Transmission

Answer 18

• Stream of data, no start and stop bits

- Used to transfer large amounts of data

Question 19

Asynchronous Transmission

Answer 19

• Bits are sent sequentially
• Used to transfer small amounts of data
• Start and stop bits used
• Modems and dial-up connections

Question 20

Baseband Signal

Answer 20

Cable only uses one channel

- Ethernet

Question 21

Broadband Signal

Answer 21

Cable uses several channels at once

- T1, T3, DSL, ISDN

Question 22

Bus Topology

Answer 22

• Single cable where computers are connected to drops
• Each computer sees each packet
• Line is the single point of failure
• If one pc has problem, all other computers impacted

Question 23

Ring Topology

Answer 23

• Series of computers and devices connected by unidirectional transmission links
• Each computer is dependent on the preceding computer
• If one goes down, it can take down all systems

Question 24

Star Topology

Answer 24

• All computers connected to a central hub or switch

- Hub is the single point of failure

Question 25

Mesh Topology (2 types)

Answer 25

- Full Mesh: Every device is connected to every other device, expensive - Partial Mesh: Enough interconnections to eliminate single points of failure

Question 26

3 Transmission Methods | UMB

Answer 26

- Unicast: One to one relationship - Multicast: One to many relationship - Broadcast: One to all relationship

Question 27

Address Resolution Protocol (ARP)

Answer 27

- Maps IP address to MAC address | - MAC is only used to forward frames on same network segment

Question 28

Reverse Address Resolution Protocol (RARP)

Answer 28

- Maps MAC address to IP Address

Question 29

Hub

Answer 29

- Used to connect multiple LAN devices | - Layer 1

Question 30

Switch

Answer 30

- Similar to a Bridge but when it receives a frame, it forwards to the correct segment instead of all. - Layer 2 - 10 ports = 10 CDs and 1 BD

Question 31

Router

Answer 31

- Routes packets based on IP Address | - Layer 3

Question 32

3 Routing Protocol types | DV/LS/B

Answer 32

- Algorithms based on distance vector protocols - Algorithms based on link state protocols - Border Protocols

Question 33

Distance Vector Protocols

Answer 33

- RIP/RIP v2 - Small Networks - List of destination networks with direction and distance in hops

Question 34

Link State Protocols

Answer 34

- OSPF - Based on Cost - Each router keeps a topology map of network and identifies all routers

Question 35

Gateway

Answer 35

- Software that links two different networks - IPX/SPX talking to TCP/IP - Layer 7

Question 36

3 Types of Firewalls | SSP

Answer 36

- Static Packet Filtering - Stateful Packet Filtering - Application Proxy

Question 37

Proxy Firewall

Answer 37

- Layer 7 - Middleman between communicating computers - Looks at payload of packet - Low performance

Question 38

Static Packet Filter Firewall

Answer 38

- Uses ACL to make access decisions - Access based on source and destination IP/Port/Protocol - Layer 3 only - Screen routers with rules for rejecting or accepting data - Based on IP Header - Cant keep track of state

Question 39

Stateful Firewall | layers/track/syn

Answer 39

- Packets captured by inspection engine and each OSI layer inspected - All Layer - Keeps track of state - Builds state table - Syn flood detector

Question 40

Bastion Host

Answer 40

- Most secure state - AKA Hardened System or Locked Down System - Limited amount of ports/services/users/software allowed

Question 41

``` Screened Host (Firewall) (RouterFW#/FWLoc/DMZLoc/fil) ```

Answer 41

- Separates trusted and non-trusted networks - Proxy directly behind a packet-filtering router - One router and one firewall - Router filters traffic before it is passed to firewall

Question 42

Dual-homed Firewall

Answer 42

- Two interfaces, one for each network - Forwarding and routing turned off so each packet can be inspected - One firewall

Question 43

Screened Subnet (Firewall)

Answer 43

- Two routers, one firewall - Firewall in-between router - DMZ setup between the two routers - External router filters traffic before it enters DMZ

Question 44

Demilitarized Zone (DMZ)

Answer 44

- Network segment between protected internal network and non-trusted external network - Contains Bastion hosts

Question 45

5 Things Firewalls Should Do | Deny/BlockB/BlockNon/BlockInt/Reass

Answer 45

- Deny all traffic unless expressly permitted (white list) - Block directed broadcasts (defense against smurf and fraggle attacks) - Block traffic leaving network from a non-internal address (possible zombie system) - Block traffic entering the network from an internal address (possible spoofing attack) - Packets should be reassembled before forwarding

Question 46

3 Ways to Secure DNS | Cert/Zone/Queries

Answer 46

- Certificate Validation - Mutual Zone Transfer - Prevent Unauthorized Queries

Question 47

Network Address Translation (NAT)

Answer 47

- Pool of public addresses that get mapped to internal computers - Limits understanding of internal network to external entities - Provides address conversion and hides the identity

Question 48

Static NAT

Answer 48

- Each internal system has a corresponding external routeable IP Address

Question 49

Hiding NAT - All Systems Share

Answer 49

- All systems share same external routeable IP address

Question 50

Private IP Addresses (RFC 1918)

Answer 50

- 10.0.0.0/8 - 172.16-31.255.255/12 - 192.168.0.0/16

Question 51

Socket

Answer 51

IP and port number

Question 52

4 Wide Area Network (WAN) Technologies | FR/X/A/V

Answer 52

- Frame Relay - X.25 - ATM - VOIP

Question 53

4 Bluetooth Attacks | BJ/BS/BB/BB

Answer 53

- *Bluejack: sends spam anonymously to victims - *Bluesnarfing: Stealing info up to a mile away - Bluebof exploit: Overflow of service - Bluebug: Uses AT commands on victims cell

Question 54

X.25

Answer 54

- First packet switching technology that uses switched and permanent virtual circuits - *Protocol used: LAPB for error detection and corrective procedures - Used in older WAN technologies

Question 55

Frame relay

Answer 55

- *Faster WAN packet-switching protocol with no error correction - Data link layer - Fee Based

Question 56

Permanent Virtual Circuit (PVC)

Answer 56

Private line for a customer with an agreed upon bandwidth availability

Question 57

Switched Virtual Circuit (SVC) - Frame Relay

Answer 57

Dynamically built when required

Question 58

Committed Information Rate (CIR) - Frame Relay

Answer 58

Customer pays for a certain monthly payment to ensure a specific bandwidth availability

Question 59

Asynchronous Transfer Mode (ATM)

Answer 59

- High bandwidth technology that uses switching and multiplexing - *53-byte fixed cells instead of various frame lengths over PVC and SVC

Question 60

Voice Over IP (VOIP)

Answer 60

Technology that can combine different types of data (data, voice, video) into one packet

Question 61

3 Challenges with VOIP | jitter/seq/latency

Answer 61

- When voice and data are combined, jittering can result - Connectionless, packets can arrive out of sequence - Each hop has potential in latency

Question 62

4 Components Required for VOIP | D/CP/VM/VG

Answer 62

- IP telephony device - Call-processing manager - Voicemail system - Voice gateway

Question 63

Session Initiation Protocol (SIP) - VOIP | loc/negot/mgmt/change/only

Answer 63

- Allows for establishment of user location (name to network address) - Negotiation occurs so that features are agreed on and supported - Call management mechanism (adding, dropping, transferring participants) - Change features during session - *Only a signaling protocol (ring, dial, busy)

Question 64

5 Security Threats for VOIP | TF/DD/S/P/V

Answer 64

- Toll Fraud - DDos - SPIT (Spam over Internet Telephony) - Phishing - VOMIT (Replacing words in call before received)

Question 65

Point-To-Point Protocol (PPP)

Answer 65

- Layer 2 service - Encapsulate data over a serial line for dial-up - Can encapsulate data that cant route through the internet

Question 66

3 PPP Authentication Mechanisms

Answer 66

- PAP - CHAP - EAP

Question 67

IPsec

Answer 67

- Works at network layer and provides security on top of IP

Question 68

2 IPsec Encryption Modes

Answer 68

- Tunnel Mode: Payload and headers | - Transport Mode: Payload protected

Question 69

Extensible Authentication Protocol (EAP)

Answer 69

- Protocol for authentication that supports multiple authentication methods - Credentials not protected

Question 70

Protected Extensible Authentication Protocol (PEAP)

Answer 70

- Makes a secure channel before credentials | - Only server uses digital certificate

Question 71

6 PEAP Steps to Protect Credentials

Answer 71

- Client makes connection to EAP Server - Public Key given from EAP Server to client - Client Authorizes cert - Session key encrypted with public key - Private key used to decrypt session key on EAP Server - AuthN data encrypted with session key

Question 72

802.11b

Answer 72

- Speed: 11 mb/s - Freq: 2.4 GHz - Enc: WEP

Question 73

802.11a

Answer 73

- Speed: 54 mb/s - Freq: 5 GHz - Enc: WEP

Question 74

802.11g

Answer 74

- Speed: 54 mb/s - Freq: 2.4 GHz - Enc: WEP

Question 75

802.11i

Answer 75

- Speed: N/A - Freq: N/A - Enc: WPA/WPA2

Question 76

802.11n

Answer 76

- Speed: 450 mb/s - Freq: 2.4 & 5 GHz - Enc: WPA - Multiple in multiple out (MiMO) makes connections quick

Question 77

Why is WPA more secure

Answer 77

- Uses Temporal Key Integrity Protocol (TKIP) | - Uses different session key for each packet

Question 78

3 AES Encryption Lengths

Answer 78

128, 192, 256 bit