Computer Networking & Security

Question 1

What is the Physical Layer?

Answer 1

Represents the Physical devices that interconnect Computers. Copper, Fiber, and Wireless (Radio). Deals with the Cables, Connectors, and their respective Specifications.

Data Unit: Bits (The 1s, and 0s)

Question 2

What is the Data Link Layer?

Answer 2

Responsible for defining a common way of interpreting these signals so network devices can communicate.

Protocol: Ethernet and/ or WiFi (wireless radio)
Data Unit: Frames
Addressing: MAC Address (00:07:5f:d5:2b:84)

Question 3

What is the Network Layer?

Answer 3

Allows different networks to communicate with each other through devices known as routers.

Protocol: IP
Data Unit: Packets/ Datagram
Addressing: IP address (192.168.1.1)

Question 4

What is the Transport Layer?

Answer 4

Sorts out which client and server programs are supposed to receive appropriate data.

Protocol: TCP/ UDP
Data Units: Segmets
Address: Port Numbers (443, 8080)

Question 5

What is the Application Layer?

Answer 5

Home of applications - web browsers to Email clients.

Protocols: HTTP, SMTP
Data: Messages

Question 6

What is Internet Protocol (IP)?

Answer 6

The Heart of the Internet and most smaller networks around the world.

Question 7

Crosstalk

Answer 7

When an electrical pulse on one wire is accidentally detected on another wire.

Question 8

Fiber Cables

Answer 8

Contain individual optical fibers, which are tine tubes made out of glass about the width of a human hair.

-transfer data faster than copper
-more expensive

Question 9

Hub

Answer 9

A physical layer device that allows for connections from many computers at once.

-Layer 1 device

Question 10

Collision Domain

Answer 10

A network segment where only one device can communicate at a time.

Question 11

Switch

Answer 11

Primary device used to connect computers on a single network, referred to as a LAN, Local Area Network.

-Switching is the process of moving data within networks
-Layer 2 device
-inspects Ethernet Data
-Maintains MAC address Table

*Learn
*Flood
*Forward

Question 12

Router

Answer 12

*A device that knows how to forward data between independent networks.
*A network device that forwards traffic depending on the destination address of that traffic.

-Layer 3 device
-Inspects IP Data

*Directly connected
*Static Route
*Dynamic Route

Question 13

Border Gateway Protocol (BGP)

Answer 13

Routers share data with each other via this protocol, which lets them learn about the most optimal paths to forward traffic.

Question 14

Bit

Answer 14

The smallest representation of data that a computer can understand: either a 1 or a 0.

Question 15

Modulation

Answer 15

A way of varying the voltage of this charge moving across the cable

Question 16

Duplex Communication

Answer 16

Concept that information can flow in both directions across the cable

Question 17

Simplex communication

Answer 17

Data flows only one way - unidirectional.

Question 18

Ethernet

Answer 18

The protocol most widely used to send data across individual links. (CAT5, CAT6, CAT7)

Question 19

Carrier Sense Multiple Access / Collision Detection (CSMA/ CD)

Answer 19

Used to determine when the communications channels are clear, and when a device is free to transmit Data.

Question 20

MAC Address

Answer 20

A Globally unique identifier attached to an individual network interface. It consists of a 48-bit number normally represented by 6 groupings of 2 hexadecimal numbers.

First 3 Octets of a MAC = Organizationally Unique Identifier (OUI)
Last 3 Octets of a MAC = Vendor assigned (NIC)

Question 21

Binary

Answer 21

A representation of numbers using only 2-digits.

Question 22

Hexadecimal

Answer 22

A representation of numbers using 16-digits.

Question 23

Octet

Answer 23

In computer networking, any number that can be represented by 8 bits.

Question 24

Unicast

Answer 24

Transmission meant for just One receiving address

Question 25

Multicast

Answer 25

Transmission meant for a certain group (the meets criteria).

Question 26

Broadcast

Answer 26

Transmission sent to every single device on the LAN (Network). Ethernet broadcast address is all “Fs”

FF:FF:FF:FF:FF:FF

Question 27

Start Frame Delimiter (SFD)

Answer 27

Part of the Preamble (the last byte). Signals to a receiving device that the preamble is over and that the actual frame contents will now follow.

Question 28

Ethernet Frame

Answer 28

A highly structured collection of information presented in a specific order.

Consists of the following:

1 - Preamble
2 - Destination MAC
3 - Source MAC
4 - Payload

Question 29

Ether-type field

Answer 29

16 bits long - used to describe the protocol of the contents of the frame

Question 30

Preamble

Answer 30

8 or 64 bits long, split into 2 sections. First part is used to regulate speed at which data is sent.

Question 31

VLAN Header

Answer 31

Indicates that the frame itself is what’s called a VLAN frame

Question 32

Payload

Answer 32

In Networking terms, it is the actual data being transported, which is everything that isn’t a Header.

Question 33

Frame Check Sequence

Answer 33

A 4-byte (32-bit) number that represents a checksum value for the entire frame

Question 34

Checksum value

Answer 34

Is calculated by performing what is known as a cyclical redundancy check against the frame

Question 35

Cyclical Redundancy Check (CRC)

Answer 35

An important concept for data integrity, and is used all over computing, not just network transmissions.

Question 36

IP Datagram

Answer 36

Highly structured series of fields that are strictly defined.

Question 37

IP Header

Answer 37

Consists of:

1 - Version. IPv4 vs IPv6
2 - Header Length. Almost always 20 bytes in length
3 - Service Type. 8 bits used to specify details about Quality of Service (QoS). Determines which IP Datagram has priority.
4 - Total Length. Indicates the total length of the IP datagram it’s attached to.
5 - Identification - 16 bit number used to group messages together.
6 - Flag - use to indicate if a datagram is allowed to be fragmented, or to indicate that the datagram has already been fragmented.
7 - Fragmentation - The process of taking a single IP datagram and splitting it up into several smaller datagrams.
8 - Time to Live (TTL) - 8 bit field that indicates how many router hops a datagram can traverse before it is thrown away “expires.”
9 - Protocol. 8 bit field that contains data about what transport layer protocol is being used (TCP or UDP).
10 - Header Checksum. A checksum of the contents of the entire IP datagram header
11 - Source IP
12 - Destination IP
13 - IP Options. An optional field and is used to set special characteristics for datagrams primarily used for testing purposes
14 - Padding. A series of Zeros used to ensure the header is correct total size.

Question 38

Address Resolution Protocol (ARP)

Answer 38

A protocol used to discover the hardware address of a node with a certain IP address.

Question 39

ARP Table

Answer 39

A list of IP addresses and the MAC addresses associated with them. Entries expire after a short amount of time to ensure changes in the network are accounted for.

Question 40

Subnetting

Answer 40

The process of taking a large network and splitting it up into many individual and smaller subnetworks, or Subnets.

Question 41

IP Address Classes

Answer 41

Class A: 0-127 Range, 16 million hosts
Class B: 128-191 Range, 64,000 hosts
Class C: 192-223 Range, 254
Class D: 224-239 Range, N/A hosts
Class E: 240-255 Range, N/A hosts

Question 42

Subnet Masks

Answer 42

32-bit numbers that are normally written out as four octets in decimal.

Question 43

CIDR

Answer 43

Classless Inter Domain Routing.

Address classes are no longer relevant. Network masks now determines the Network ID. This gives flexibility to Networks and allows Networks to be different sizes.

Question 44

Demarcation Point

Answer 44

Describes where one network or system ends and another one begins

Question 45

Routing Table (Basic)

Answer 45

Destination Network - This column contain a row for each network that the router knows about.

Next Hop - The IP address of the next router that should receive data intended for the destination networking question

Total Hop - a collection of “hops” that Routers maintain to ensure they know the shortest path.

Interface - a collection of IP address (Network) that is assigned to each of the Router’s interface

Question 46

Subnetting

Answer 46

Taking a network and dividing it into SUB-NETWORKS

*Network ID
*Broadcast IP
*First Host IP
*Last Host IP
*Next Network
*Total # of IP Addresses
*CIDR/ Subnet

Question 47

VLAN

Answer 47

Virtual Local Area Network.

-Allows you to break up one Physical Switch into multiple Virtual Switches
-Allows to extend Virtual Switches to other Physical Switches
-Cost effective
-Increase Security
-Each VLAN is its own Broadcast Domain
-Enables Logical Topology to be unconstrained by your Physical Topology
-802.1Q is the open standard for Tagging Layer 2 Frames
-Native VLAN can traverse a Trunk (tagged) link without a VLAN Tag

Question 48

Route Precedence

Answer 48

Routers compare 3 items to determine a best patch:

1 - Route Specificity (More Specific is Best)
2 - Admin Distance (lower is better)
3 - Metric (lower is better)

*If all 3 are identical, Routers will load balance across multiple paths (ECMP - Equal Cost Multi Path)

Question 49

NAT

Answer 49

Network Address Translation.

-translates private IP addresses to public IP addresses and vice versa
-used to also conserve Public IP addresses
-masks (hides) internal network infrastructure (private local)

*Inside vs Outside
*Local vs Global

Question 50

HTML & HTTP

Answer 50

Hyper Text Markup Language - how websites are written
Hyper Text Transfer Protocol - how websites are transferred / translated

Question 51

SSL & TLS

Answer 51

Secure Socket Layer & Transport Layer Security - builds a secure, protected Tunnel (conceptual illustration) across the Internet.

Cryptographic protocols used to secure communication over a network. They provide encryption (C), data integrity (I), and authentication (AAA) between client and server.

SSL VPN - can also protect other Data Transfer

*VPN Providers allows for anonymity over the Internet (hides IP Address)

Question 52

Hashing

Answer 52

Used to provide Integrity. Creates what is called a Digest (aka Checksum, Fingerprint, Hash, CRC).

Algorithm which takes as input a message of arbitrary length and produces as output a “fingerprint” of the original message.

hello = (8+5+12+12+15) = 52 Digest

*Infeasible to produce a given digest
*Impossible to extract original message
*Slight changes produce drastic difference
*Resulting digest is fixed width (length)

Question 53

Encryption

Answer 53

Is used to provide Confidentiality (only intended recipient can interpret the data).

Simple Encryption
hello —> Encryption —> lohel
Plain Text (Data before Encryption) —– Cipher Text (Data while/ after Encrypted)

Key Based Encryption
*Symmetric (same Key)
*Asymmetric (Public & Private Keys)
*Algorithm created by Experts
*Secret Keys can be randomly generated
*Scalable

hello —> Encryption + [KEY] —> xH8q9

Question 54

Key Based Encryption

Answer 54

Symmetric Encryption: Encrypt/ Decrypt using SAME keys
*Faster (lower CPU cost
*Cipher is same size as Plain Text
*Secret key must be shared (less secure)
*used for Bulk Data

Asymmetric Encryption: Encrypt / Decrypt using DIFFERENT keys
*2 different keys are mathematically related
*What one Key Encrypts, only the other can Decrypt (Public & Private Keys)
*Slower - requires larger Key sizes
*Private Key is never shared (more secure)
*Restricted to Limited Data

Question 55

Asymmetric vs Symmetric Types

Answer 55

Asymmetric algorithms:
*DSA
*RSA (2048 bits key)
*Diffie-Hellman
*ECDSA
*ECDH

Symmetric algorithms:
*DES (56 bit key)
*RC4 (128 bit key)
*3DES (168 bit key)
*AES (128, 192, 256 bit keys)
*ChaCha20 (128 or 256 bit keys)

Question 56

Public & Private Keys

Answer 56

Each User has a Public Key and a Private Key.

*Encryption - provides Confidentiality
*Signature - provides Integrity & Authentication (Pair of Asymmetric Keys)

Hybrid Encryption - concept of using both Asymmetric and Symmetric Encryption. Best of both worlds.
*How SSH / IPSec protect bulk data
*SSL/ TLS protect bulk data