Domain 4: Communication and Network Security Flashcards
Communications between computers over networks are made possible by ________
Protocols
Protocols
Set of rules and restrictions that define how datat is transmitted iver a network medium
OSI Layers
Physical, Data Link, Network, Transport, Session, Presentation, Application
Encapsulation
Addition of a header to the data received by each layer from the layer above before it’s handed off the the layer below
What does the Physical Layer do?
Accepts frame from Data Link layer and converts into bits for transmission
What does the Data Link Layer do?
protocols convert the packet into the proper format for transmission (i.e. Ethernet), adds MAC address
ARP and RARP
Address Resolution Protocol and Reverse ARP - resolve IP to MAC addresses and vice versa
2 Data Link sublayers
Logical Link Control and MAC
What does the Network Layer do?
adds routing and addressing information to the datagram or segment to create a packet (ICMP)
What does the Transport Layer do?
managing the integrity of a connection, receives data stream/PDU
What does the Session layer do?
establishes, maintains, and terminates communication sessions
What does the Presentation layer do?
transforms data received from the Application layer into a format that any OSI model system can understand, interface btwn network and apps (encrypts and compresses)
What does the Application layer do?
interfacing user applications with the protocol stack
TCP/IP Model to OSI Model
Application, Presentation, Session = Application
Transport = Transport
Network = Internet
Data Link, Physical = Link
Difference btwn TCP and UDP
TCP is full duplex connection-oriented, UDP is simplex connectionless
Which ports are registered software ports?
1024-49151
Which ports are known as random, dynamic, or ephemeral ports?
49152-65535
Describe the three-way handshake.
Clients sends SYN, server responds with a SYN/ACK, Client responds with an ACK
IGMP is used to support what?
Multicasting
IP header protocol field value for ICMP
1 (0x01)
ICMP type field values (0, 3, 5, 8, 9, 10, 11)
0- echo reply 3- destination unreachable 5- redirect 8- echo request 9- router advertisement 10- router solicitation 11- time exceeded
Telnet Port
TCP Port 23
FTP Port
TCP Ports 20 and 21
TFTP Port
UDP Port 69
SMTP Port
TCP Port 25
HTTP Port
TCP Port 80
IMAP Port
TCP Port 143
DHCP Port
UDP Ports 67 and 68
HTTP Port
TCP Port 80
SSL/ HTTPS Port
TCP Port 443
LPD Port
TCP Port 515
X Window Port
TCP Ports 6000-6063
BootP/DHCP Port
UDP Ports 67 and 68
NFS Port
TCP Port 2049
SNMP Port
UDP Port 161 and 162
Data Emanation
transmission of data across electromagnetic signals
802.11 Wireless Network Amendments, Speed and Frequency
- 11 - 2 Mbps, 1.4 GHz
- 11a -54 Mbps, 5 GHz
- 11b - 11 Mbps, 2.4 GHz
- 11g - 54 Mbps, 2.4 GHz
- 11n - 200 Mbps, 2.4 or 5 GHz
- 11ac - 1 Gbps, 5 GHz
Infrastructure Mode
wireless access point is required
Ad Hoc Mode
no centralized control authority
Stand Alone Mode
wireless access point connects wireless clients but no wired resources
Wired Extension Mode
wireless access point acts as a connection point to link wireless to wired
Enterprise Extended Mode
multiple wireless access points are used to connect a large physical area
Two Weaknesses of WEP
Static Common Key and Poor implementation of IV
WPA Weakness
single static passphrase
PEAP
Provides encryption for EAP
Captive Portal
Log in at hotel, cafe, etc.
Static Packet Filtering Firewalls
examines data from message header
Application Level Gateway Firewalls
filters based on the internet service used
Stateful Inspection Firewalls
evaluate the context of the network traffic
SKIP
Simple Key Management for Internet Protocol, protects session less datagram protocols
Software IP Encryption
Security protocol that provides authentication, integrity, and confidentiality using an encapsulation protocol
Secure Remote Procedure Call
Authentication service to prevent unauthorized execution of code on remote systems
Secure Sockets Layer and TLS
Protect comms between a web server and a web browser
Secure Electronics Transaction
Security protocol for transactions over the internet
CHAP
Challenge Handshake Authentication Protocol - encrypts credentials
Password Authentication Protocol
Transmits credentials in the clear
Extensible Authentication Protocol
Framework, not protocol, PEAP encapsulates EAP in a TLS tunnel
Phreaker
Malicious attackers who abuse phone systems
Black, Red, Blue and White Boxes (in terms of secure voice comms)
Trick phones. Black manipulates line voltage, Red mimics the sound of coins, Blue simulates tones to connect with trunk, and White controls the phone system
S/MIME
Secure Multipurpose Internet Mail Extensions - email security standard that offers authentication and confidentiality
MIME Object Security Services
Authentication, confidentiality, integrity, and nonrepudiation
Privacy Enhanced Mail
Email encryption, C, I, Authentication and Nonrepudiation
Pretty Good Privacy
Public-Private key system that encrypts files and email messages
RADIUS
Centralized remote auth service for dial up connections, server sends logon creds to RADIUS server for authentication
TACACS+
Centralized remote auth service, two factor authentication
VPN
comms tunnel that provides point to point transmission of authentication and data traffic
Tunneling
network communication process that protects the contents of protocol packets by encapsulating them in packets of another protocol
4 Common VPN Protocols
PPTP, L2F, L2TP, and IPSec
RADIUS and TACACS
Remote Auth Services
S/MIME, MOSS, PEM, PGP
Email Security Solutions
CHAP, PAP, EAP
Authentication Protocols
SKIP, swIPe, S-RPC, SSL, TLS, SET
Secure Communication Protocols
PPTP
Point to Point Tunneling Protocol- encapsulation protocol operating at Layer 2 for use on IP networks
Most commonly used VPN Protocol
IPSec
Two Primary Components of IPsec
AH and ESP
VLAN
logically segment a network without altering its physical topology
NAT
Network Address Translation - convert the internal IP addresses found in packet headers into public IP addresses for transmission over the Internet
Class A IP Addresses
10.0.0.0-10.255.255.255
Class B Ranges IP Addresses
172.16.0.0-172.31.255.255
Class C Ranges IP Addresses
192.168.0.0-192.168.255.255
Committed Information Rate
guaranteed minimum bandwidth a service provider grants to its customers
Security Boundary
line of intersection between any two ares, subnets, or environment that have different security requirements or needs
DNS Poisoning
attackers alters the domain-name to IP address mappings in a DNS system to direct traffic to a rogue system
DNS Spoofing
attackers sends false replies to a requesting system
Vernam Chiper
One time pad, only mathematically unbreakable form of cryptography
