Core Technical Skills Flashcards

1
Q

List 5 IP protocols

A

IPv4
IPv6
TCP
UDP
ICMP

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What is IPv4?

A
  • composed of 32- bit address length
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Is the IP address
192.168.10.150
an example of IPv4 or IPv6

A

IPv4

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What is IPv6?

A
  • composed of 128-bit address length
    -latest version of IP
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Is the IP address
002:0bd6:0000:0000:0000:ee00:0033:6778
an example of IPv4 or IPv6?

A

IPv6

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What are some technical differences between IPv4 and IPv6?

A

IPv6 has built in QoS (Quality of Service)
IPv6 has built in network security layer (IPSec)
IPv6 eliminates NAT(Network Address Translation) and allows end-to-end connectivity at IP layer
IPv6 has larger packet headers (2x size of IPv4)
Multicasting is part of base spec in IPv6 but optional in IPv4

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What is Multicasting?

A

Multicasting allows for the transmission of a packet to multiple destinations in a single operation

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What is TCP?

A

Transmission Control Protocol

  • Transport protocol used on top of IP to ensure reliable transmission of packets
  • TCP/IP is a suite of communication protocols used to interconnect network devices on the internet
  • Connection-oriented protocol
  • Can be thousands of packets
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What OSI Layer is TCP?

A

OSI Layer 4: Transport

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What is UDP?

A

User Datagram Protocol
- Communications protocol that establishes low-latency and loss-tolerating connections between applications on the internet
- UDP speeds up transmissions by not formally establishing a connection before data is transferred

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What OSI Layer is UDP?

A

OSI Layer 4: Transport

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What is ICMP?

A

Internet Control Message Protocol
- Used by devices like routers, to communicate with data packet source about transmission issues.
—- if a datagram isn’t delivered, ICMP will report back to the host with details to find out where the transmission went wrong.

  • ICMP gives TCP/IP a way to handle errors
  • ICMP is a single packet - never more than one
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What OSI Layer is ICMP?

A

OSI Layer 3: Network

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

What is 10/100/1000 BaseT?

A

To break down 10/100/1000 ethernet - we get 10 Megabits, 100 Megabits, and 1000 Megabits

1000BASE-T is Gigabit ethernet. 100BASE-T is Fast ethernet.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

What are implications of Cat5, 5e, 6, 7 Ethernet Cables?

A

Implications: A strong magnet near a cable can interfere communications. We can also do cable splicing on a cable to preform man-in-the-middle attacks.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

What is Cat 5/Fibre?

A
  • Category 5 networking cable consisting of four twisted pairs of copper wire terminated with RJ45 connectors.
    -Supports frequencies up to 100MHz and speeds up to 1000Mbps
  • Can be used for ATM, token ring, 10/100/1000Base-T networking
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

What is CAT5e?

A
  • Category 5 enhanced
  • Used for 10/100/1000Base-T networks.
  • Four unshielded twisted pairs (UTP) of copper wire terminated by RJ45 connectors
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

What is CAT6?

A
  • Four unshielded twisted pairs (UTP) of copper wire terminated by RJ45 connectors
  • Can be used for ASE-T, 10/100/1000Base-T networks
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

What is a Token Ring network?

A
  • Used to build LANs
  • A data link for a LAN where all devices are connected in a ring or star topology and pass one or more token from host to host
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

What is a token?

A

A token is a frame of data transmitted between network points

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

What is wireless 802.11?

A

Technical standard for wireless local area network.

IEEE 802.11 uses various frequencies including, but not limited to, 2.4 GHz, 5 >GHz, 6 GHz, and 60 GHz frequency bands.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

What is VLAN?

A

Virtual Local Area Network

  • Often used to separate portions of users or servers
  • VLAN enables this to be run on a single network hardware, without having geographical limitations.
23
Q

What are some security implications of shared media, switched media and VLANs?

A
  • We use VLANs for access control. A person from the guest network cannot access any data on the Sales Department
    This also means that if the sales department suffers an attack, the executive department is safe, even though they are in the same office.

Advanced settings can allow some cross communication/

24
Q

What tool and command would be used to analyse the output after mapping the route between engagement point and number of targets?

A

Nmap

nmap <target_ip></target_ip>

netcat or telnet can talk directly to the port to confirm scan results

25
Q

3 common network tools
(port scanners, network sniffers and other network enumeration tools)

A
  • nmap
  • wireshark
  • tcpdump
26
Q

What is Ingress Filtering?

A

Monitors, controls and restricts traffic entering a network with the objective of ensuring only legitimate traffic is allowed to enter and unauthorised or malicious traffic is prevented from doing so.

27
Q

What is Egress Filtering?

A

Monitors, controls and restricts traffic leaving a network with the objective of ensuring only legitimate traffic is allowed to leave and unauthorised or malicious traffic is prevented from doing so.
This is important to prevent attackers from attaining reverse shells.

28
Q

What is Active Fingerprinting?

A

Directly sending packets to find information about a device.
- e.g. nmap is active fingerprinting

  • When we see NetBIOS, SMB, MSRPC services running - we can assume it’s a windows machine
  • Likely to be caught by intrusion prevention/detection systems
29
Q

What is Passive Fingerprinting?

A

Uses sniffing instead as less likely to be detected
- wireshark - good for manual analysis
- NetworkMiner - good for automatic extraction of files, emails, etc.

30
Q

Determining server types and network application versions from application banners. Evaluation of responsive but unknown network applications.

A

Netcat, telnet

nc<target_ip><target_port>
telnet <target_ip><target_port></target_port></target_ip></target_port></target_ip>

For SMTP - we send HELO or EHLO and if there’s a response, it’s confirmed it’s an SMTP or ESMTP service

For Web - we can send GET /HTTP/1.1 to see if there’s a HTTP response or not

31
Q

What is a Network Access Control?

A

A NAC system can deny network access to non compliant devices, place them in quarantine or give them restricted access to computing resources, keeping insecure nodes from infecting the network.

32
Q

What is Encoding?

A
  • A command ‘language’ to format data so different devices, services and applications can understand each other.
  • ASCII is an encoding format, which can be used to encode alphabets and symbols into HTML format so browsers know how to display them.
  • Encoding is not meant for security.
33
Q

What is encryption?

A
  • Encryption is meant for security.
  • Data can be locked with a key or passphrase - the receiver of the data needs the key to decrypt and access the data
34
Q

What is Symmetric Encryption?

A

Both sender and receiver use the same key to encrypt data - e.g. caesars cipher

35
Q

What is Asymmetric Encryption?

A
  • Uses maths to produce public and private key - public-key cryptography

—A has private and public key
—A sends public key to B
—B encrypts data with public key and sends back to A
—A decrypts the ciphertext with the private key

^ This is more secure- even if public key is stolen - data cant be viewed without private key
- If private key is stolen - security of the data is compromised

  • Often used in current web technologies such as HTTPS. Encryption algorithms - RSA
36
Q

What are 10 Encryption Algorithms?

A
  • DES (Data Encryption Standard)
  • 3DES (Triple DES)
  • AES (Advanced Encryption Standard)
  • RSA
  • RC4
  • Hashing
  • MD5
  • SHA-1
  • SHA-2,3
  • HMAC
37
Q

What does DES stand for? Is is symmetric or asymmetric encryption?

A

Data Encryption Standard
Symmetric encryption

38
Q

What is 3DES?
- symmetric or asymmetric encryption?

A

Triple DES
- Modern and more secure version of DES
- Popular in electronic payment industries
-Symmetric encryption

39
Q

Advanced Encryption Standards (AES) Key Sizes?

A
  • AES 128 bits
  • AES 192 bits
  • AES 256 bits
40
Q

RSA
commonly used for?
symmetric or asymmetric encryption?

A

SSL, HTTPS web technologies
Asymmetric encryption

41
Q

What is RC4 encryption?

A

Insecure
Removed from use in TLS in 2015

42
Q

Hashing?
Commonly used for?

A
  • Used for error checking in data, amongst other users
  • Save passwords as hashed
  • When data is hashed it cannot be unhashed.
43
Q

MD5?
Commonly used for?

A
  • weak hashing
  • not recommended for saving passwords
  • used for error checking
  • turns words into strings
44
Q

SHA
SHA-1
SHA2,3

A
  • SHA-1 is considered weak
  • SHA-2 and 3 are updated versions of SHA
  • SHA-256 and SHA-512 from 2021
45
Q

HMAC
Commonly used for?

A
  • Authenticating messages
46
Q

Applications of Cryptography
What is:
Secure Sockets Layer (SSL) / Transport Layer Security (TLS)

A
  • SSL 3.0 now vulnerable
  • Replaced with TLS
  • TLS 1.3 latest version (2018)
  • SSL/TLS used to secure web traffic for HTTPS
  • SSL/TLS used to generate a certificate for use
47
Q

Applications of Cryptography
What is:
Internet Protocol Security (IPSec)

A
  • Secure network protocol suite to authenticate and encrypt packets of data to provide secure encrypted communication between computers over IP network
  • used in VPNs
  • common VPN tunnelling protocol - other one is TLS/SSL
48
Q

Applications of Cryptography
What is:
Secure-Shell (SSH)

A
  • Used for remote access to a server/computer
49
Q

Applications of Cryptography
What is:
Pretty Good Privacy (PGP)

A
  • Encryption program to encrypt emails and hard drive disks
  • Verifies id of sender
50
Q

Linux File System Permissions Command

A

ls -la
—— Lists files with attributes
——Owner-group-others
——-777

51
Q

Windows File System Permissions Command

A

lcacls <file_path></file_path>

52
Q

Audit Techniques (accessing patch levels)
Linux commands:

A

uname -a
ps-aux
sudo lsof -l -P -n | grep LISTEN
netstat -ano

53
Q

Audit Techniques (accessing patch levels)
Windows commands:

A

gen info:
systeminfo

Patch Level:
wmic qfe get Caption, Description, HotFixID, InstalledOn

Services:
wmic service list brief

Network status and services:
Netstat -ano