Communication & Network Security

Question 1

Decimal

Answer 1

10

Question 2

Binary

Answer 2

2

Question 3

Hex

Answer 3

16

Question 4

Protocol

Answer 4

Agreed upon set of rules

Defines the format and order of messages and actions taken upon receipt of the message

Question 5

Encapsulation

Answer 5

Layered model (OSI)

Question 6

OSI Layer

Answer 6

Please Do No Throw Sausage Pizza Away (Bottom to Top)
Application
Presentation
Session
Transport
Network
Data link
Physical

Question 7

Application Layer

Answer 7

interacts with applications to determine which network service will be required.

Layer 5-7 - considered Data Layers

Question 8

Presentation Layer

Answer 8

data sent from one side of the connection is received Presenting data to application (Characters set/ graphics) in a way that makes sense

Layer 5-7 - considered Data Layers

Question 9

Session Layer

Answer 9

establish and maintains connection between systems

Layer 5-7 - considered Data Layers

Question 10

Transport Layer

Answer 10

ensure transmission end to end
handles sequencing of packets in transmission
Port/TCP & UDP headers

Question 11

Network Layer

Answer 11

interaction network address schemes
How different network segment interact with each
other
IP Address/Routing

Question 12

Data Link Layer

Answer 12

connects physical layer to network 
Ethernet address (MAC)/switches

Question 13

Physical Layer

Answer 13

transmission across physical media

Bits 0/1

Question 14

TCP/IP Model

Answer 14

Layer 5-7 (Application)
Layer 4 - Host to Host transport
Layer 3 - Internet
Layer 1-2 Network Access

Question 15

TCP/IP Protocol Stack

Answer 15

Developed 1970, Darpa, DOD

OSI still referenced when talking about layers

Question 16

IP4 Packets Diagram

Answer 16

32 bits across. Every 32 bit is 4 bytes. 
5 rows so total of 20 bytes
Starts at 0
Bits 0-31
Bytes 0-19

Question 17

IP4 Class Address

Answer 17

Classless Inter-Domain Router (CIDR) (/8 notation)
Class A: /8 - 1.0.0.0 to 127.255.255.255
Class B: /16 - 128.0.0.0 to 191.255.255.255
Class C: /24 - 192.0.0.0 to 223.255.255.255
Class D: Multicast
Class E: Reserved

Question 18

IP Broadcast

Answer 18

Limited broadcast (no router will block ) 255.255.255.255
Direct broadcast - 192.168.1.255 - Broadcast from 192.1.168.0 network

Question 19

RFC-1918 (think of NAT)

Answer 19

Private addresses

10. 0.0.0/8
11. 16.0.0/16 - 172.31.0.0/16
12. 168.0.0/16

Question 20

Network Address Translation (NAT)

Answer 20

one to one -
Pool NAT - maps to a set of public addresses
Many to one - multiple mapped to one
NAT limitation 64k

Question 21

gethostbyname

Answer 21

have fully qualified domain name (eric.sans.org) and need the address

Question 22

gethostbyaddr

Answer 22

when you have address and the need the fully qualified domain name

Question 23

DNS request & response

Answer 23

UDP if under 512 bytes

Question 24

DNS Security issues

Answer 24

Not reliable

DNS Poisoning Attack

Question 25

DNSSEC

Answer 25

does not provide confidentiality

digital signature for packet

Question 26

Authenticated Denial of Existence (DNS)

Answer 26

Proving DNS record does not exist

Question 27

IPv6

Answer 27

IPv4 - 32 bit 4.2 billion unique addresses
IPv6 - 128bit 340 undecillion addresses
Faster, no checksum like IPv4

Question 28

IPv6 Features

Answer 28

route aggregation - method used to minimize the number of routing tables required in an IP network.
Support IPv6 tunneling over IPv4
Fixed header bytes - next header
Auto-configuration - don’t need to assign IP address

Question 29

User Datagram Protocol (UDP)

Answer 29

Layer 4
connection less communication
don't care if the packet gets there
less overhead
Good if small amount of packet loss is acceptable

Question 30

UDP Ports

Answer 30

DNS 53
NTP - 123
BootP - 67 & 68
SNMP - 161

Question 31

Transmission Control Protocol

Answer 31

3 way handshake
SYN
SYN-ACK
ACK

Question 32

TCP Header (Key fields)

Answer 32

Source Port
Destination Port
Sequence number
Acknowledgement number
SYN bit
ACK bit

Question 33

TCP Ports

Answer 33

20 - FTP Data (receive)
21 - FTP - (send)
22 - SSH
23 - Telnet
25 - SNMP
53- DNS
79- Finger
80 - http
443 - https
source port >= 1024 (ephemeral)

Question 34

TCP Code Bit (Flags)

Answer 34

Urg (Urgent)
Ack (Acknowledgement)
PSH (Push) - think of data stream
RST (Reset) - terminate connection
SYN(Synchronize)
FIN(Finish)

Question 35

TCP Port Scanning (response types)

Answer 35

SYN/ACK - port is open and unfiltered
RST/ACT - port is closed and unfiltered
No response: Unknown

Question 36

Socket Pair

Answer 36

Source IP Address
Source Port number
Destination IP Address
Destination Port Number

Question 37

Internet Control Message Protocol (ICMP)

Answer 37

report error (troubleshoot) rather than transfer info
Ping & Traceroute are ICMP

Question 38

TraceRoute

Answer 38

Set TTL to 1 and when router receives it, it will drop it.
Next iteration - TTL decreases for the one below it
Incrementing TTL for each hop

Question 39

Secure Shell (SSH)

Answer 39

Port 22
Supports Authentication, compression, confidentiality, and integrity
Supports wide range of ciphers, 3DES, AES, Blowfish
SSH1 - Man In the middle attack

Question 40

Secure Multipurpose Internet Mail Extension (S/MIME)

Answer 40

Secure MIME

Email

Question 41

Simple Network Management Protocol (SNMP)

Answer 41

Monitoring of network devices 
SNMPv1 and SNMPv2 - clear text community string (NO CONFIDENTIALITY)
Public - read
Private - read & write
Should use SNMPv3 - port 161

Question 42

Multilayer Protocols

Answer 42

TCP/IP - span multiple layers (OSI)

DNP3 (Distributed Network Protocol)

Question 43

DNP3 (Distributed Network Protocol)

Answer 43

Open protocol smarts Smart Grid
SCADA
IEEE 1815- 2010
allowed pre-share key only
IEEE 1815 - 2012 current standard
Supports PK

Question 44

Network Attached Storage (NAS)

Answer 44

Read/Write entire files

Question 45

Storage Area Network (SAN)

Answer 45

block/clusters to files (not entire files like NAS)

Question 46

Internet Small Computer System Interface (ISCSI)

Answer 46

network cables/routed via IP (NAS)
think of SCSI drives that are connected to network
Lun - logical grouping of drives

Question 47

Fibre Channel

Answer 47

Sans Protocol

Does not use Ethernet/does not easily scale across WAN

Question 48

Fibre Channel (FCoE)

Answer 48

Local subnet only

TCP/IP is not used - layer 2

Question 49

Fibre Channel over IP (FCIP)

Answer 49

can route (layer 3)

Question 50

Voice of IP (VOIP)

Answer 50

Digitized before sending across wire
Combining data
Cost-effective
Redundancy
Security issue (PBX)
Expsoures

Question 51

PSTN PBX/VOIP

Answer 51

Common and phased approach

PBX and VOIP network

Question 52

UP PBX/PSTN

Answer 52

must use VOIP phones

IP PBX - soft switch route calls

Question 53

VOIP Components

Answer 53

Media Gateways
Registration & Location servers
Proxy Servers
Messaging Servers
End-User devices (VOIP Phones)

Question 54

VOIP Protocols

Answer 54

Signaling (H.323 SIP) - setup and tear down call, locate users, negotiate protocols
Media (RTP) - transport of package
Supporting (IP, TCP, UDP, etc..)

Question 55

SIP (H.323)

Answer 55

Setup and tear down of calls

Question 56

SIP

Answer 56

Plaintext
TCP/UPD
Looks like HTTP

Question 57

RTP

Answer 57

Transmit voice content between VOIP devices
Over plaintext
Commonly over UDP, can use TCP

Question 58

Virtual Network Computing (VNC)

Answer 58

TCP Port 5900

Question 59

Remote Desktop Sharing (RDP)

Answer 59

TCP Port 3389

Question 60

802.11 Standard

Answer 60

**Fundamental risk - no physical control of network
Supports two physical layers
Infrared
Radio Frequency

Question 61

802.11 Types

Answer 61

802. 11b - 11 Mbps at 2.4 ghz
803. 11a - 54 Mbps at 5 ghz
804. 11g - 54 Mbps at 5 ghz
805. 11n - 300 Mbps using both 2.4 & 5 ghz
806. 11ac - 1.3 Gbps at 5 ghz

Question 62

802.11 Network modes

Answer 62

Managed - client connect to WAP
Master - Wireless Access point
Ad-hoc - peer to peer
Monitor Mode - ready only/sniffing

Question 63

Wire Equivalent Privacy (WEP)

Answer 63

Inability to rotate WEP keys

Permit recovery of WEP keys in minutes

Question 64

Types of Network

Answer 64

PAN - Personal area network (bluetooth)
LAN - Local Area Netwrk
CAN - Campus Area Network
MAN - Metropolitan Area nework
WAN- Wide Area Network
GAN - Global Area Network

Question 65

LAN transmission method

Answer 65

unicast - from source to single network destination
multicast - from source to multiple network destination
Broadcast - source to all network address

Question 66

Physical Topology

Answer 66

How systems are connected - bus, ring, star

Question 67

Logical Topology

Answer 67

rules of communication

Ethernet/ATM

Question 68

Persistent Carrier Sense

Answer 68

No ack from destination, assumes collision and re-sends immediately

Question 69

Non-Persistent Carrier Sense

Answer 69

no ack from destination, assume collision, waits a random amount of time before resending

Question 70

Carrier Sense Multiple Access with Collision Dectection (CSMA/CD)

Answer 70

Ethernet

Send/transmit simultaneously

Question 71

Carrier Sense Multiple Access with Collision Avoidance (CSMA/CA)

Answer 71

Wireless

Question 72

Polling

Answer 72

Only allowed to send when given permission

Question 73

T1

Answer 73

DS1 - 1.544 mbps

Question 74

T3

Answer 74

DS3 - 44.376 mbps

Question 75

E1

Answer 75

Wide Area Digital Transmission- 2.048 mbps (Europe)

Question 76

E3

Answer 76

Wire Are Digital Transmission - 34.368 mbps

Question 77

SDLC

Answer 77

Normal Response Mode - polling speak when given to speak
Asynchronous Response mode (ARM) - cannot transmit without permission from primary *Error recovery
Asynchronous Balance Mode (ABM)- equally responsibility

Question 78

ISDN

Answer 78

reuse analog line infrastructure for data
High cost/Low speed
2 64K channel - 128k

Question 79

Digital Subscriber Line (DSL)

Answer 79

Point to point use existing phone lines

Symmetrical & Asymmetrical (download faster than upload)

Question 80

Symmetric Digital Subscriber Line (SDSL)

Answer 80

Symmetrical up/download

1.544 (T1 equal)

Question 81

High bit rate Digital Subscriber Line (HDSL)

Answer 81

Symmetrical up/download

1.544 (T1 equal)

Question 82

Single Pair High Speed Digital Subscriber Line (SHDSL)

Answer 82

standardized version of symmetric DSL
replace SDSL & HDSL
Up to 5.696 Mbit/s

Question 83

Asymmetric Digital Digital Subscriber Line (ADSL)

Answer 83

ADSL 2 - 12 mbps/3.5

ADSL 2+ - 24 mbps/3.5

Question 84

Very High Speed Digital Subscriber Line (VDSL)

Answer 84

VSDL 3 - 52 mbps/16 mbps
VDSL 4+ - interoperable with ADSL 2+
1600ft max

Question 85

Cable Modem

Answer 85

date rate - number of concurrent uesrs

1,000-4,500 ft

Question 86

X.25

Answer 86

built in error correction

Precursor to frame relay

Question 87

Asynchronous Transfer Mode (ATM)

Answer 87

Fixed cell size 48 bytes
Fixed header size 5 bytes
Total 53 bytes regardless of the size of the information each time.

Question 88

Multiprotocol Label Switching (MPLS)

Answer 88

First router - apply label

later router - only inspect label

Question 89

Modem

Answer 89

modulate binary data to be sent over analog network

demodulate analog data to digital binary

Question 90

CSU/DSU

Answer 90

converts LAN protocol to transfer over WAN
Circuit Closet (DMARC)

Question 91

DTE/DCE

Answer 91

Data Terminal Equipment (DTE) customer end of WAN - your router before ISP
Data Communications Equipment (DCE) ISP Network - ISP Router

Question 92

Repeaters

Answer 92

Layer 1
Signal deteriorate with distance
recreate signal before retransmitting

Question 93

Hubs

Answer 93

Layer 1
Operate as multiport repeater
No Security

Question 94

Bridges

Answer 94

Layer 2
Multiple devices to connect to one bridge port
Learn MAC of each systems
Does not forward traffic unless necessary

Question 95

Switch

Answer 95

Layer 2
Learns MAC address
Provides physical and logical separation

Question 96

VLANS

Answer 96

different VLAN will not see each other broadcast

Question 97

Routers

Answer 97

Routing Tables - routing information that points to all reachable network

Question 98

Firewall Types

Answer 98

Packet Filtering
Stateful - remember state information - matching request allowed in
Proxy -
Next Generation Firewalls (NGFW) - payload

Question 99

Coaxial

Answer 99

50 ohm - digital signaling
75 ohm cable for high speed data & analog signal
Baseband - Single channel
Broadband - multiple channel

Question 100

Fiber Optic Cable

Answer 100

resistance to electromagnetic interference

Question 101

Crossover Cable

Answer 101

+Tx to + Rx

-Tx to -Rx

Question 102

Category for twisted Pair

Answer 102

Cat 1 - telephone
Cat 2 - < 4 mbps
Cat 3 -  10 mbps
Cat 4 - 16 mbps
Cat 5 - 100 mbps
Cat 6 - 1000 mbps

Question 103

Analog Signal

Answer 103

continuous signal

Question 104

Digital Signal

Answer 104

pulses signal

Question 105

Asynchronous Communications

Answer 105

Not tied to a clock
Send start bit
Send stop bit

Question 106

Synchronous Communications

Answer 106

Tied to clock

Don’t need to send start & stop bit

Question 107

MAC address

Answer 107

48 bit, 12 hexadecimal

First 24 bit are organizationally unique identifier

Question 108

Routing Information Protocol (RIP)

Answer 108

Legacy
Based on hop count - shortest
Maximum 15 hops
Routing updates every 30 seconds

Question 109

Distance Vector

Answer 109

identify neighbors and figures out distances metrics to each.

Question 110

Open Shortest Path First

Answer 110

routers knows all the paths

factoring in # of hops and bandwidth

Question 111

Border Gateway Protocol (BGP)

Answer 111

Used by the Internet

Question 112

Interautonomous system routing

Answer 112

two or more BGP in different systems

Question 113

Intra-autonomous system routing

Answer 113

two or more BGP in same systems

Question 114

Pass-Through autonomous system routing

Answer 114

two or more BGP across autonomous systems without question

Extranet routing

Question 115

Autonomous System

Answer 115

route to the organization, not network.

Multiple routes - send to the closest/fastest one

Question 116

Software Defined Network (SDN)

Answer 116

Takes routing decision and gives it to server

Router just route, no decision to be made

Question 117

VPN Security Issue

Answer 117

Bypass firewall, IDES’s, virus scanner, web filter

Trusting the “other end “

Question 118

IPSEC

Answer 118

IETF - RFC 2401

Question 119

IPSEC Modes

Answer 119

Tunnel - sender to receiver (1 set of system) - don’t know the sender or receiver
Transport - sender encrypt, received decrypts

Question 120

TACAS Authentication

Answer 120

Start - continue - reply

Single Factor Authentication

Question 121

Extensible Authentication Protocol (EAP)

Answer 121

RFC-2284

AuthN Mechanism

Question 122

EAP-MD5

Answer 122

Client to Server
Weakest
Only one way authentication

Question 123

EAP-TLS

Answer 123

PKI (Client cert) on both server and client

Secure TSL tunnel for authN

Question 124

EAP-TTLS

Answer 124

Can pre-shared key or password

Question 125

PEAP

Answer 125

Cisco, Microsoft, RSA
Similar to EAP-TTLS
Not requiring 3rd party cert

Question 126

802.1X

Answer 126

No IP until you authenticate

Question 127

Supplicant

Answer 127

Software to authenticate 802.1x via Layer 2

Question 128

Authenticator

Answer 128

WAP - open/close port based on authentication

Question 129

Authentication Server

Answer 129

Diameter or Radius to user DB

Question 130

NAC

Answer 130

Health Check
Patches/AntiVirus up to date
Client pass - access is granted
Client failed - place in isolated vlan