Communication and the Internet Flashcards
What is a LAN?
Local Area Network
- Small area e.g. home or school
- Small geographical area
What is a WAN?
Wide Area Network
- Connects separate LANs over a large geographical area
- Used by large companies
What are the network data speeds?
Bits Per Second (bps): 1
Kilobits Per Second (kbps): 1,000
Megabits Per Second (mbps): 1,000,000
Gigabits Per Second (gbps): 1,000,000,000
What are the two types of computer in a Client-Server network?
File Server - computers which control access and manage the network
Client Workstations - computers which allow users to run applications and to access the server and also network resources
What is a Peer-To-Peer network?
- No server
- All computers have equal status
Where are files held and backed up (Client-Server)?
Held on the servers
Backed up centrally
Where are files held and backed up (Peer-To-Peer)?
Stored on each client
Each user is responsible for backing up each client
What wires are used to connect networks?
Copper Wire
Fibre Optic Cable
How does copper wire work?
Transmits data as electric signals
PRO of copper wire
Cheaper than fibre optiic
How does fibre optic cable work?
Transmits data as pulses of light
PRO of fibre optic cable
Transmits signals at faster speeds AND over greater distances than copper wire
Bandwidth of the different connections?
Copper cable: up to 1Gbps
Fibre optic: up to 10Gbps
Wireless: up to 600Mbps
What type of wave is used in a wireless connection?
Radio Waves
What are the most commonly used frequencies for the data transmission in wireless networks?
- 2.4 GHz
OR
- 5 GHz
What protocols are there when communicating over a network?
- Ethernet Protocols (cable networks)
- Wi-Fi Protocols (wireless networks)
- Other wireless protocols e.g. Bluetooth, 3G, 4G and Wi-Fi Direct
PROS and CONS of cable networks
PROS:
- High Bandwidth (up to 10Gbps)
- Good security (need to plug computer into a socket)
- Little interference
CONS:
- Difficult to install
- Expensive (cables)
- Poor mobility (as has to be plugged in)
PROS and CONS of wireless networks
PROS:
- Easy installation (just need wireless access points)
- Cheap
- Good mobility (can access from anywhere within range)
CONS:
- Low bandwidth (up to 600Mbps)
- Poor security (anyone within range can access SO must use passwords)
- Can get interference (signals can be affected by walls and other electronic equipment)
What is a NIC?
Network Interface Card
- Formats the data sent and received by the computer
- Often built on chips on the motherboard
What is a MAC Address?
Media Access Control
- Each NIC has its own unique MAC number
- Ensures data is directed to the correct computer
What is the difference between a HUB and Switch?
HUBs send every message to every computer on the network (creates unnecessary network traffic)
Switches read the destination address (MAC address) of the messages and only send them to the intended recipients
What is a Router?
- Connect different networks together
- Read address information and forward the messages to the correct network
- Used to transfer data between a home networt and the internet
What is a wireless access point?
- Wireless devices need wireless access points to connect to a cabled network
- They convert data they received through cables into wireless signals and vice versa
- Like Hubs, they DO NOT read the destination addresses and direct messages to all the devices
- Wireless access points are often used for hotspots in public buildings
How is data transferred between computers? Why?
In packets to avoid the high bandwidth needed for large files
What does each packet consist of?
1) Header containing the source and destination addresses and the position of the packet in the complete message
2) Body containing some of the data
3) Footer to inform the receiving device that this is the end of the packet
What protocols are used in transmitting packets?
TCP/IP
What are the 4 layers of the TCP/IP model?
1) Application Layer
2) Transport Layer
3) Internet Layer (Network Layer)
4) Network Access Layer (Data Link Layer)
Purpose of and protocols used in the APPLICATION layer
Purpose:
- Provides services to applications such as web browsers and email clients
- Requests are made to web servers or emails are sent
Protocols:
- FTP, HTTP, HTTPS, SMTP, POP, IMAP
Purpose of and protocols used in the TRANSPORT layer
Purpose:
- Divides data sent from the application layer into packets
- Checks that data sent has been received and notifies sender that data has been received
Protocols:
- TCP (transmission Control Protocol)
- UDP (User Datagram Protocol)
Purpose of and protocols used in the INTERNET layer
Purpose:
- Adds the source and destination IP addresses to the data and routes it to the recipient computer
Protocols:
- IP (Internet Protocol)
Purpose of and protocols used in the NETWORK ACCESS layer
Purpose:
- Uses network-specific protocols to ensure correct transmission of data through local network
Protocols:
- Ethernet protocols
OR
- Wi-Fi protocols
What mnemonic helps remember the order of they layers in the TCP/IP protocol stack?
A TIN
Application
Transport
Internet
Network access
Why are protocols needed?
- Ensure that data is sent and received accurately
- Data is sent to the correct address
What do protocols need to include? Why?
1) Data Formats - ensure that data can be exchanged consistently and correctly
2) Address Formats - identify senders and recipients and ensure that data goes to the right places
3) Routing - provide the right information so that data can flow through networks correctly
What is FTP?
File Transfer protocol
- Provides rules for file transfer between computers
- Often used to transfer files that are too large for attachment to emails
What is HTTP?
HyperText Transfer Protocol
- Provides the rules to be followed by a web browser and a web server when requesting and supplying information
- Used for sending requests from a web client (a browser) to a web server and returning web content from the server back to the client
What is HTTPS?
HyperText Transfer Protocol Secure
- Ensure that communications between a host and a client are secure by encrypting communications
What is SMTP?
Simple Mail Transfer Protocol
- Provides the rules for sending email messages from client to server and then from server to server until it reaches its destination
What is POP?
Post Office Protocol
- Used by a client to retrieve emails from a server
- Downloads messages to a single client device
- All of the emails are downloaded when there is a connection between client and server
What is IMAP?
Internet Message Access Protocol
- The messages do NOT have to be downloaded
- Can be read and stored on the message server
- Better for users with many different devices as they can read from all devices rather than being downloaded to just one
What are the tasks carried out by the TCP/IP model?
- Split data into smaller packets
- Reassemble packets on arrival
- Encrypt/ decrypt data necessary
- Add an address of the recipient computer
- Notify sending computer that the data has been received
Reasons for network security
- Ensures that only authorised users can access the network and its resources
- Ensures that users can only access data relevant to them
- Prevents misuse: deleting information, installing software, copying and removing data
- Prevents damage to hardware
What is the importance of network security?
1) Business Success - data on the network is vital for running an organisation –> The business may fail if the data is comprimised
2) Privacy - data stored on the network may be sensitive e.g. medical records and must be stored securely to comply with the law
3) Financial - the data may be financially valuable e.g. details of new products and marketing campaigns
What is authentication?
The process of determining whether someone trying to log into the network is who they claim to be
How is authentication usually accomplished?
Usernames + Passwords
What is access control?
- Used to set a network user’s rights to the files and data stored
- Ensures that confidential data is seen only by the required users and files are not modified or deleted
Examples of access control
- Some users may not be able to view certain folders and files
- Users can be given ‘read-only’ access so that they can only read the files
OR - Users can be given ‘read and write’ access so that they can also modify files
- At a higher level, users can be given the rights to delete the files and also set other users’ rights to particular files
What is Physical Security?
The first line of defence in preventing unauthorised people from entering buildings where the network equipment is kept
Examples of physical security
- Keeping access doors locked and fitting them with security recognition measures e.g. keypads or biometric systems such as fingerprint pads or iris scanners
- Swipe cards: contain users’ details for entry to the building
- Install closed circuit television to monitor the exterior and interior of the building
- Install burglar alarms and monitors in all rooms
- Fit RFID (Radio Frequency Identification) chips to all equipment
- Use chains and locks to attach equipment to desks
What is a firewall?
- Protects a network connected to a WAN such as the internet
- Can be provided by hardware OR software
- Can be configured to prevent communications from entering the network and prevent programs and users from accessing the internet from within the network
Purpose of a cyberattack
Exploiting the humans using a network or technical weakness to:
- Obtain data stored on the network
- Delete or modify data
- make the system unusable
What is social engineering?
Tricking people into divulging secret information such as passwords and login details
Two types of social engineering
1) Phishing - sending emails claiming to be legit companies asking for password, credit card details etc
2) Shoulder Surfing - watching people enter passwords, PINs etc
Types of technical weaknesses
1) Unpatched Software - security flaws in software is exploited by hackers, updates are needed to fix them but are usually ignored
2) USB Devices - copy sensitive data on flash drive OR install malware onto network from flash drive
3) Smart Devices - usually unprotected and can be targeted by hackers: have been used to launch DoS attacks
4) Eavesdropping - listening to communication (either psychically or by ‘sniffing’)
What is a DoS?
Denial of Service
What is penetration testing?
Used to test a computer system or network in order to find vulnerabilities that an attacker could exploit
What happens in penetration testing?
- Testers take the role of hackers and try to gain unauthorised access
- Assesses the security awareness of users and demonstrates the effectiveness of network security policies
What is ethical hacking?
Systematically attempting to penetrate a computer system or network on behalf of its owners for the purpose of finding security vulnerabilities that a malicious hacker could potentially exploit
What are commercial analysis tools?
- Also called VULNERABILITY SCANNERS
- Assess computers/ computer systems/ networks/ applications for security weaknesses
- Can be bought by hackers and used in a negative way
What rules should network policies set out?
- What users can and cannot do on the network e.g. must not use removable storage devices, install their own software or download files from internet sites
- When backups will be made and where they will be kept
- When and who is responsible for applying software patches and operating system updates
- What should be done if there is a problem or a breach of security
What do software designers need to consider?
- What kind of authentication is needed?
- Will access control be needed?
- Are warnings needed before allowing users to copy or delete large amounts of information?
- Is encryption needed for sensitive information?
- Will the software be exposed to threats from hackers?
What are the vulnerabilities is coding the program?
- Code vulnerabilities: when the code does the task intended but, due to the way it works, it may create a security issue in some circumstances
- Bad coding practice: some programmers write poor-quality code and don’t consider how safe their code is
What is modular testing?
- A module is an independent block of code that implements a small number of routines
- As only a small amount is tested, any problems should be easier to fix
How do audit trails work?
- Audit software can monitor all network activity and keep a record of all user activity: their audit trail
- It allows a technician to study what has happened during a cyberattack
How do you secure the OS?
Installing updates
What is the internet?
- A global system of interconnected computer networks
- Serves billions of users worldwide
- Massive scale WAN
- Provides many services e.g. the World Wide Web and Emails
- There is a huge infrastructure of cables forming the backbone of the internet, provided and maintained by large corporations such has IBM
What does the internet use to allow communication?
TCP/IP protocol stack
What is the World Wide Web?
- Provides access to documents called web pages, which are connected together using hyperlinks
- The web pages form websites which are hosted on computers called web servers throughout the internet
- Created by Tim Berners-Lee in 1989
What is HTML?
HyperText Markup Language
- Used to create web pages
- Scripting language used to describe the format and layout of objects
- Has tags to indicate how text should appear
How to access a web page?
1) All websites/ web pages have a URL e.g. http://example.com
2) The ‘http:’ is the PROTOCOL IDENTIFIER and the ‘example.com’ is the DOMAIN NAME and represents the IP address of the target computer
3) When a user wants to access a web server by entering a URL, the domain name has to be translated into the IP address by the DNS (Domain Name Service)
Why are Domain Names used?
They are easier to remember and enter than binary numbers