Domain 4: (Communication & Network Security) Flashcards

1
Q

What enables network segmentation at a high scale, overcomes VLAN scale limitations, and is a tunneling protocol that encapsulates layer 2 in a UDP packet?

A

VXLAN
Virtual Extensible LAN

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What enables the network to be intelligently and centrally controlled using software, and can reprogram the data plane?

A

Software Defined Networks
SDN

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What are some vulnerabilities for a software defined network?

A

Man-in-the-middle attack
Denial of Service

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What enables users in branch offices to remotely connect to an enterprise’s network, allows use of many network services (MPLS, LTE) to securely connect users to apps, and security is mainly based on IPsec, VPN, and NGFWs.

A

Software Defined Wide-Area Networks
SD-WAN

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What uses and only needs LEDs to transmit data, can safely function in areas otherwise susceptible to electromagnetic interference, and can transmit at speeds of up to 100 Gbit/s.

A

Light Fidelity
LiFi

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What is a short-range wireless personal area network technology developed to support automation, machine-to-machine communication, remote control, and monitoring of IoT devices?

A

Zigbee
Personal Area Network

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What supports centralized and distributed security models, mesh topology, and assumes that symmetric keys used are transmitted securely for IoT devices?

A

Zigbee

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What is a geographically distributed network of proxy servers and their data centers, delivers content spatially relative to users, and have been targeted to inject malicious content into pages?

A

Content Delivery Networks
CDN

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What are the seven layers of the OSI model in order.

A

Physical
Data Link
Network
Transport
Session
Presentation
Application

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What protocol is on TCP and operates on port 20/21?

A

File Transfer Protocol
FTP

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What protocol is on TCP and operates on port 22?

A

Secure Shell
SSH

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What protocol is on TCP and operates on port 23?

A

Telnet

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What protocol is on TCP and operates on port 25?

A

Simple Mail Transfer Protocol
SMTP

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

What protocol is on TCP/UDP and operates on port 53?

A

Domain Name System
DNS

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

What protocol is on UDP and operates on port 67/68?

A

Dynamic Host Configuration Protocol
DHCP

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

What protocol is on UDP and operates on port 69?

A

Trivial File Transfer Protocol
TFTP

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

What protocol is on TCP and operates on port 80?

A

Hypertext Transfer Protocol
HTTP

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

What protocol is on TCP and operates on port 110?

A

Post Office Protocol
POP3

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

What protocol is on UDP and operates on port 123?

A

Network Time Protocol
NTP

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

What protocol is on TCP/UDP and operates on port 137/138/139?

A

NetBIOS

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

What protocol is on TCP and operates on port 143?

A

Internet Message Access Protocol
IMAP

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

What protocol is on TCP/UDP and operates on port 161/162?

A

Simple Network Management Protocol
SNMP

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

What protocol is on TCP and operates on port 179?

A

Border Gateway Protocol
BGP

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

What protocol is on TCP/UDP and operates on port 389?

A

Lightweight Directory Access Protocol
LDAP

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
Q

What protocol is on TCP and operates on port 443?

A

HTTPS

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
26
Q

What protocol is on TCP/UDP and operates on port 636?

A

LDAP over TLS/SSL

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
27
Q

What protocol is on TCP and operates on port 989/990?

A

FTP over TLS/SSL

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
28
Q

What is the TCP/IP stack?

A

Link
Internet
Transport
Application

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
29
Q

Where does layers 5-7 from the OSI model sit on the TCP/IP stack?

A

Application

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
30
Q

Where does layer 4 sit on the TCP/IP stack?

A

Transport

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
31
Q

Where does layer 3 sit on the TCP/IP stack?

A

Network

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
32
Q

Where does layer 1-2 sit on the TCP/IP stack?

A

Link

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
33
Q

What are the characteristics of TCP over UDP?

A

Connection Oriented
Byte stream
No support for multicasting/broadcasting
Supports full duplex transmission
Reliable service of data transmission
TCP packet is called a segment
Provides error detection and flow control

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
34
Q

What are the characteristics of UDP over TCP?

A

Connection-less protocol
Message stream
Supports multicasting/broadcasting
No support for full duplex transmission
Unreliable service of data transmission
UDP packet is called a datagram
No support for error detection and flow control

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
35
Q

What UTP cable type supports up to 100Mbps and is used for Ethernet, FastEthernet, and Token Rings

A

CAT5

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
36
Q

What UTP cable type supports up to 1 Gbps and is used for Ethernet, FastEthernet, and Gigabit Ethernet?

A

CAT5e

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
37
Q

What UTP cable type supports up to 10 Gbps and is used for Gigabit Ethernet, and 10G Ethernet (55 meters)

A

CAT6 & CAT6a

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
38
Q

What UTP cable type supports up to 10 Gbps and is used for Gigabit Ethernet, and 10G Ethernet (100 meters)

A

CAT7

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
39
Q

What network topology employs a centralized connection device, can be a simple hub or switch, and each sys is connected to the central hub by a dedicated segment?

A

Star Topology

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
40
Q

What network topology connects systems to all other systems using numerous paths and provides redundant connections to systems, allowing multiple segment failures without badly affecting connectivity?

A

Mesh Topology

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
41
Q

What is a ring base network topology, that connects each sys as points on a circle, acts as a unidirectional transmission loop, and only one sys can transmit data at a time while traffic management is performed by a token.

A

Ring Topology

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
42
Q

What topology connects each sys to a trunk or backbone cable, and can transmit data simultaneously which can result in collisions.

A

Bus Topology

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
43
Q

What communications method relies on a timing or clocking mechanism based on either an independent clock or time stamp embedded in the data stream and are able to support very high rates of data transfers.

A

Synchronous communications

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
44
Q

What communications method relies on a stop and start delimiter bit to manage the transmission of data and is best suited for smaller amounts of data.

A

Asynchronous communications

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
45
Q

What can only support a single communication channel, uses a direct current applied to the cable, and is a form of digital signal.

A

Baseband

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
46
Q

What can support multiple simultaneous signals, uses frequency modulation to support numerous channels, is suitable for high throughput rates, and is a form of analog signal.

A

Broadband

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
47
Q

What technology supports communications to all possible recipients?

A

Broadcast

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
48
Q

What technology supports communications to multiple specific recipients?

A

Multicast

49
Q

What technology support only a single communication to a specific recipient?

A

Unicast

50
Q

What was developed to decrease the chances of collisions when two or more stations start sending their signals for the datalink layer and requires that each station first check the state of the medium before sending?

A

Carrier Sense Multiple Access
CSMA

51
Q

What attempts to avoid collisions by granting only a single permission to communicate at any given time?

A

CSMA/CA

52
Q

What responds to collisions by having each member of the collision domain wait for a short but random period of time before starting the process over?

A

CSMA/CD

53
Q

What are the characteristics of CSMA/CD?

A

Effective after a collision
Used in wired networks
Reduces recovery time
Resends the data frame whenever a conflict occurs
Used in 802.3 standard
More efficient than simple CSMA

54
Q

What are the characteristics of CSMA/CA?

A

Effective before a collision
Used in wireless networks
Minimized the possibility of collision
Will first transmit the intent to send for data transmission
Used in 802.11 standard
Similar to simple CSMA

55
Q

What performs communications using a digital token and once its transmission is complete it releases the token to the next sys.

A

Token Passing

56
Q

What performs communications using a master-slave configuration where the primary system polls each secondary sys in turn whether they have a need to transmit data.

A

Polling

57
Q

What can prevent collisions in rink networks?

A

Token Passing

58
Q

What is a private network that is designed to host the same info services found on the internet?

A

Intranet

59
Q

What is a section of an organization’s network that has been sectioned off to act as an intranet for the private network but also serves information to the public internet?

A

Extranet

60
Q

What is an extranet for public consumption?

A

Demilitarized Zone/Perimiter Network
DMZ

61
Q

What is used to control traffic and isolate static/sensitive environments?

A

DMZ

62
Q

What technique is where a person pushes unsolicited messages to engage or annoy other nearby bluetooth users by taking advantage of a loophole in the technology’s messaging options?

A

Bluejacking

63
Q

What technique is where thieves wirelessly connect to some early bluetooth-enabled mobile devices without the owner’s knowledge to download and/or alter phonebooks, calendars, etc?

A

Bluesnarfing

64
Q

What attack grants hackers remote control over the feature and functions of a bluetooth device?

A

Bluebugging

65
Q

What 802.11 standard runs at 54 Mbps with 5GHz?

A

802.11a

66
Q

What 802.11 standard runs at 11 Mbps with 2.4GHz?

A

802.11b

67
Q

What 802.11 standard runs at 54 Mbps with 2.4GHz?

A

802.11g

68
Q

What 802.11 standard runs at 200+ Mbps with 2.4GHz?

A

802.11n

69
Q

What 802.11 standard runs at 1 Gbps with 5GHz?

A

802.11ac

70
Q

What was created to replace WEP without the need to replace legacy hardware and was implemented into 802.11 wireless networking under the name WPA?

A

Temporal Key Integrity Protocol
TKIP

71
Q

What was created to replace WEP and TKIP/WPA and uses AES with a 128-bit key, also known as WPA2.

A

Counter Mode with Cipher Block Chaining Message Authentication Code Protocol
CCMP

72
Q

What is a form of network data storage solution that allows for high-speed file transfers?

A

Fibre Channel

73
Q

What is used to encapsulate Fire Channel communications over Ethernet networks?

A

Fibre Channel over Ethernet
FCoE

74
Q

What is a networking storage standard based on IP?

A

Internet Small Computer System Interface
iSCSI

75
Q

What is the process of investigating the presence, strength, and reach of wireless access points deployed in an environment?

A

Site Survey

76
Q

What is a Cisco proprietary alternative to TKIP for WPA and was developed to address deficiencies in TKIP before the 802.11i/WPA2 system was ratified as a standard?

A

Lightweight Extensible Authentication Protocol
LEAP

77
Q

What encapsulates EAP methods within a TLS tunnel that provides authentication and potentially encryption?

A

Protected Extensible Authentication Protocol
PEAP

78
Q

What is an authentication framework that allows for new authentication technologies to be compatible with existing wireless or point-to-point connection technologies?

A

Extensible Authentication Protocol
EAP

79
Q

What is a list of authorized wireless client interface MAC addresses and is used by a wireless access point to block access to all nonauthorized devices?

A

MAC Filtering

80
Q

What is an authentication technique that redirects a newly connected wireless web client to a portal access control page?

A

Captive Portals

81
Q

What antenna type reaches multiple frequencies and commonly used for TV and RFID systems and is Omnidirectional if horizontally mounted.

A

Loop

82
Q

What antenna type is omnidirectional and can send and receive signals in all directions perpendicular to the line of the antenna itself?

A

Monopole

83
Q

What antenna type is omnidirectional, can generate a powerful signal in a restricted space, and is composed of two monopoles.

A

Dipole

84
Q

What antenna type is directional and are flat devices that focus from only one side of the panel.

A

Panel

85
Q

What antenna type is directional and are used to focus signals from very long distances or weak sources.

A

Parabolic

86
Q

What antenna type is directional and is crafted from a straight bar with cross sections to catch specific radio frequencies in the direction of the main bar.

A

Yagi

87
Q

What antenna type is directional and is created from tubes with one sealed end and focuses along the directions of the open end of the tube.

A

Cantenna

88
Q

What is used to strengthen the communication signal over a cable segment as well as connect network segments that use the same protocol and operates at layer one.

A

Repeaters, Concentrators, and Amplifiers

89
Q

What is used to connect two networks in order to connect network segments that use the same protocol and operates at layer two.

A

Bridges

90
Q

What are used to connect multiple systems and connect network segments that use the same protocol, is a multiport repeater, and operate at layer one.

A

Hubs

91
Q

What is a remote access, multilayer switch used to connect distant networks over WAN links?

A

LAN Extenders

92
Q

What technology uses virtual circuits instead of dedicated physical circuits and is more efficient and cost effective?

A

Packet-switching

93
Q

What are some packet-switching technologies?

A

X.25 Frame Relay
Asynchronous transfer mode (ATM)
Synchronous Data Link Control (SDLC)
High-Level Data Link Control (HDLC)

94
Q

What type of firewall operates at layer 3 and up, and filters traffic by examining data from a message header?

A

Static Packet-Filtering Firewall

95
Q

What firewall operates at layer 7 and filters traffic based on a single internet service, protocol, or application?

A

Application-Level Firewalls

96
Q

What firewall operates at layer 5 and is used to establish connection sessions between trusted partners?

A

Circuit-Level Firewalls

97
Q

What firewall evaluates the state, session, or the context of network traffic?

A

Stateful Inspection Firewalls

98
Q

What firewall is used to filter the payload contents of a communication rather than only on the header values and operates at layer 7?

A

Deep Packet Inspection Firewalls

99
Q

What firewall state can watch network and restrict/block packets based on source and destination addresses or other static values, isn’t aware of traffic patterns or data flows, and typically faster and perform better under heavier traffic loads.

A

Stateless

100
Q

What firewall state can watch traffic streams from end to end and are aware of communication paths and can implement various IP security functions such as tunnels and encryption.

A

Stateful

101
Q

What can protect web apps by filtering and monitoring HTTP traffic between a web app and the internet, and usually protects web apps from common attacks like XSS, CSRF, and SQL injection.

A

Web Application Firewall
WAF

102
Q

What can perform a deep-packet inspection that moves beyond port/protocol inspection and blocking and adds app-level inspection, intrusion prevention, and brings intelligence from outside the firewall.

A

Next Generation Firewall
NGFW

103
Q

What method can detect protocol non-compliance, spam, viruses, and intrusions and inspects/filters both the header and payload of a packet.

A

Deep Packet Inspection

104
Q

What is a multifunction device composed of several security features in addition to a firewall?

A

Unified Threat Management
UTM

105
Q

What allows private subnets to communicate w/ other cloud services and the internet but hides the internal network from internet users and has the network access control list for the private subnets?

A

Network Access Translation Gateway
NAT

106
Q

What looks at the content on the requested web page and blocks request depending on filters?

A

Content/URL Filter

107
Q

What type of software is where the vendor makes the license freely available and allows access to the source code but there is not vendor support?

A

Open Source

108
Q

What type of software is more expensive but tend to provide more/better protection and more functionality and support at a cost?

A

Proprietary

109
Q

What analyses whole packets, both header and payload, looking for known events and when a knowns event is detected, a log message is generated.

A

Intrusion Detection System
IDS

110
Q

What analyses whole packets, both header and payload, looking for known events, and when a know event is detected, the packet is rejected.

A

Intrusion Prevention System
IPS

111
Q

What type of IDS creates a baseline of activity to identify normal behavior and then measures system performance against the baseline to detect abnormal behavior?

A

Behavior based

112
Q

What IDS uses signatures similar to the signature definitions used by anti-malware software?

A

Knowledge based

113
Q

What computer or appliance that is exposed on the internet and has been hardened by removing all unnecessary elements?

A

Bastion Hosts

114
Q

What is a firewall-protected system logically positioned just inside a private network?

A

Screened Host

115
Q

What is a DoS attack that involves sending fragmented packets to a target machine, which causes the packets to overlap one another and crash the target network device?

A

Teardrop Attack

116
Q

What is a DoS attack that involves sending large amounts of spoofed UDP traffic to a router’s broadcast address within a network?

A

Fraggle Attack

117
Q

What is a layer 4 DoS attack in which, the attacker sets the source and destination info of a TCP segment to be the same, which will cause a machine to crash or freeze due to the packet being repeatedly processed by the TCP stack.

A

Land Attack

118
Q

What is a form of a DoS attack in which an attacker sends a succession of SYN requests to a target’s system in an attempt to consume enough server resources to make the sys unresponsive to legitimate traffic?

A

SYN Flood Attack

119
Q

What attack employs an oversized ping packet?

A

Ping of Death