Domain 4: (Communication & Network Security) Flashcards
What enables network segmentation at a high scale, overcomes VLAN scale limitations, and is a tunneling protocol that encapsulates layer 2 in a UDP packet?
VXLAN
Virtual Extensible LAN
What enables the network to be intelligently and centrally controlled using software, and can reprogram the data plane?
Software Defined Networks
SDN
What are some vulnerabilities for a software defined network?
Man-in-the-middle attack
Denial of Service
What enables users in branch offices to remotely connect to an enterprise’s network, allows use of many network services (MPLS, LTE) to securely connect users to apps, and security is mainly based on IPsec, VPN, and NGFWs.
Software Defined Wide-Area Networks
SD-WAN
What uses and only needs LEDs to transmit data, can safely function in areas otherwise susceptible to electromagnetic interference, and can transmit at speeds of up to 100 Gbit/s.
Light Fidelity
LiFi
What is a short-range wireless personal area network technology developed to support automation, machine-to-machine communication, remote control, and monitoring of IoT devices?
Zigbee
Personal Area Network
What supports centralized and distributed security models, mesh topology, and assumes that symmetric keys used are transmitted securely for IoT devices?
Zigbee
What is a geographically distributed network of proxy servers and their data centers, delivers content spatially relative to users, and have been targeted to inject malicious content into pages?
Content Delivery Networks
CDN
What are the seven layers of the OSI model in order.
Physical
Data Link
Network
Transport
Session
Presentation
Application
What protocol is on TCP and operates on port 20/21?
File Transfer Protocol
FTP
What protocol is on TCP and operates on port 22?
Secure Shell
SSH
What protocol is on TCP and operates on port 23?
Telnet
What protocol is on TCP and operates on port 25?
Simple Mail Transfer Protocol
SMTP
What protocol is on TCP/UDP and operates on port 53?
Domain Name System
DNS
What protocol is on UDP and operates on port 67/68?
Dynamic Host Configuration Protocol
DHCP
What protocol is on UDP and operates on port 69?
Trivial File Transfer Protocol
TFTP
What protocol is on TCP and operates on port 80?
Hypertext Transfer Protocol
HTTP
What protocol is on TCP and operates on port 110?
Post Office Protocol
POP3
What protocol is on UDP and operates on port 123?
Network Time Protocol
NTP
What protocol is on TCP/UDP and operates on port 137/138/139?
NetBIOS
What protocol is on TCP and operates on port 143?
Internet Message Access Protocol
IMAP
What protocol is on TCP/UDP and operates on port 161/162?
Simple Network Management Protocol
SNMP
What protocol is on TCP and operates on port 179?
Border Gateway Protocol
BGP
What protocol is on TCP/UDP and operates on port 389?
Lightweight Directory Access Protocol
LDAP
What protocol is on TCP and operates on port 443?
HTTPS
What protocol is on TCP/UDP and operates on port 636?
LDAP over TLS/SSL
What protocol is on TCP and operates on port 989/990?
FTP over TLS/SSL
What is the TCP/IP stack?
Link
Internet
Transport
Application
Where does layers 5-7 from the OSI model sit on the TCP/IP stack?
Application
Where does layer 4 sit on the TCP/IP stack?
Transport
Where does layer 3 sit on the TCP/IP stack?
Network
Where does layer 1-2 sit on the TCP/IP stack?
Link
What are the characteristics of TCP over UDP?
Connection Oriented
Byte stream
No support for multicasting/broadcasting
Supports full duplex transmission
Reliable service of data transmission
TCP packet is called a segment
Provides error detection and flow control
What are the characteristics of UDP over TCP?
Connection-less protocol
Message stream
Supports multicasting/broadcasting
No support for full duplex transmission
Unreliable service of data transmission
UDP packet is called a datagram
No support for error detection and flow control
What UTP cable type supports up to 100Mbps and is used for Ethernet, FastEthernet, and Token Rings
CAT5
What UTP cable type supports up to 1 Gbps and is used for Ethernet, FastEthernet, and Gigabit Ethernet?
CAT5e
What UTP cable type supports up to 10 Gbps and is used for Gigabit Ethernet, and 10G Ethernet (55 meters)
CAT6 & CAT6a
What UTP cable type supports up to 10 Gbps and is used for Gigabit Ethernet, and 10G Ethernet (100 meters)
CAT7
What network topology employs a centralized connection device, can be a simple hub or switch, and each sys is connected to the central hub by a dedicated segment?
Star Topology
What network topology connects systems to all other systems using numerous paths and provides redundant connections to systems, allowing multiple segment failures without badly affecting connectivity?
Mesh Topology
What is a ring base network topology, that connects each sys as points on a circle, acts as a unidirectional transmission loop, and only one sys can transmit data at a time while traffic management is performed by a token.
Ring Topology
What topology connects each sys to a trunk or backbone cable, and can transmit data simultaneously which can result in collisions.
Bus Topology
What communications method relies on a timing or clocking mechanism based on either an independent clock or time stamp embedded in the data stream and are able to support very high rates of data transfers.
Synchronous communications
What communications method relies on a stop and start delimiter bit to manage the transmission of data and is best suited for smaller amounts of data.
Asynchronous communications
What can only support a single communication channel, uses a direct current applied to the cable, and is a form of digital signal.
Baseband
What can support multiple simultaneous signals, uses frequency modulation to support numerous channels, is suitable for high throughput rates, and is a form of analog signal.
Broadband
What technology supports communications to all possible recipients?
Broadcast
What technology supports communications to multiple specific recipients?
Multicast
What technology support only a single communication to a specific recipient?
Unicast
What was developed to decrease the chances of collisions when two or more stations start sending their signals for the datalink layer and requires that each station first check the state of the medium before sending?
Carrier Sense Multiple Access
CSMA
What attempts to avoid collisions by granting only a single permission to communicate at any given time?
CSMA/CA
What responds to collisions by having each member of the collision domain wait for a short but random period of time before starting the process over?
CSMA/CD
What are the characteristics of CSMA/CD?
Effective after a collision
Used in wired networks
Reduces recovery time
Resends the data frame whenever a conflict occurs
Used in 802.3 standard
More efficient than simple CSMA
What are the characteristics of CSMA/CA?
Effective before a collision
Used in wireless networks
Minimized the possibility of collision
Will first transmit the intent to send for data transmission
Used in 802.11 standard
Similar to simple CSMA
What performs communications using a digital token and once its transmission is complete it releases the token to the next sys.
Token Passing
What performs communications using a master-slave configuration where the primary system polls each secondary sys in turn whether they have a need to transmit data.
Polling
What can prevent collisions in rink networks?
Token Passing
What is a private network that is designed to host the same info services found on the internet?
Intranet
What is a section of an organization’s network that has been sectioned off to act as an intranet for the private network but also serves information to the public internet?
Extranet
What is an extranet for public consumption?
Demilitarized Zone/Perimiter Network
DMZ
What is used to control traffic and isolate static/sensitive environments?
DMZ
What technique is where a person pushes unsolicited messages to engage or annoy other nearby bluetooth users by taking advantage of a loophole in the technology’s messaging options?
Bluejacking
What technique is where thieves wirelessly connect to some early bluetooth-enabled mobile devices without the owner’s knowledge to download and/or alter phonebooks, calendars, etc?
Bluesnarfing
What attack grants hackers remote control over the feature and functions of a bluetooth device?
Bluebugging
What 802.11 standard runs at 54 Mbps with 5GHz?
802.11a
What 802.11 standard runs at 11 Mbps with 2.4GHz?
802.11b
What 802.11 standard runs at 54 Mbps with 2.4GHz?
802.11g
What 802.11 standard runs at 200+ Mbps with 2.4GHz?
802.11n
What 802.11 standard runs at 1 Gbps with 5GHz?
802.11ac
What was created to replace WEP without the need to replace legacy hardware and was implemented into 802.11 wireless networking under the name WPA?
Temporal Key Integrity Protocol
TKIP
What was created to replace WEP and TKIP/WPA and uses AES with a 128-bit key, also known as WPA2.
Counter Mode with Cipher Block Chaining Message Authentication Code Protocol
CCMP
What is a form of network data storage solution that allows for high-speed file transfers?
Fibre Channel
What is used to encapsulate Fire Channel communications over Ethernet networks?
Fibre Channel over Ethernet
FCoE
What is a networking storage standard based on IP?
Internet Small Computer System Interface
iSCSI
What is the process of investigating the presence, strength, and reach of wireless access points deployed in an environment?
Site Survey
What is a Cisco proprietary alternative to TKIP for WPA and was developed to address deficiencies in TKIP before the 802.11i/WPA2 system was ratified as a standard?
Lightweight Extensible Authentication Protocol
LEAP
What encapsulates EAP methods within a TLS tunnel that provides authentication and potentially encryption?
Protected Extensible Authentication Protocol
PEAP
What is an authentication framework that allows for new authentication technologies to be compatible with existing wireless or point-to-point connection technologies?
Extensible Authentication Protocol
EAP
What is a list of authorized wireless client interface MAC addresses and is used by a wireless access point to block access to all nonauthorized devices?
MAC Filtering
What is an authentication technique that redirects a newly connected wireless web client to a portal access control page?
Captive Portals
What antenna type reaches multiple frequencies and commonly used for TV and RFID systems and is Omnidirectional if horizontally mounted.
Loop
What antenna type is omnidirectional and can send and receive signals in all directions perpendicular to the line of the antenna itself?
Monopole
What antenna type is omnidirectional, can generate a powerful signal in a restricted space, and is composed of two monopoles.
Dipole
What antenna type is directional and are flat devices that focus from only one side of the panel.
Panel
What antenna type is directional and are used to focus signals from very long distances or weak sources.
Parabolic
What antenna type is directional and is crafted from a straight bar with cross sections to catch specific radio frequencies in the direction of the main bar.
Yagi
What antenna type is directional and is created from tubes with one sealed end and focuses along the directions of the open end of the tube.
Cantenna
What is used to strengthen the communication signal over a cable segment as well as connect network segments that use the same protocol and operates at layer one.
Repeaters, Concentrators, and Amplifiers
What is used to connect two networks in order to connect network segments that use the same protocol and operates at layer two.
Bridges
What are used to connect multiple systems and connect network segments that use the same protocol, is a multiport repeater, and operate at layer one.
Hubs
What is a remote access, multilayer switch used to connect distant networks over WAN links?
LAN Extenders
What technology uses virtual circuits instead of dedicated physical circuits and is more efficient and cost effective?
Packet-switching
What are some packet-switching technologies?
X.25 Frame Relay
Asynchronous transfer mode (ATM)
Synchronous Data Link Control (SDLC)
High-Level Data Link Control (HDLC)
What type of firewall operates at layer 3 and up, and filters traffic by examining data from a message header?
Static Packet-Filtering Firewall
What firewall operates at layer 7 and filters traffic based on a single internet service, protocol, or application?
Application-Level Firewalls
What firewall operates at layer 5 and is used to establish connection sessions between trusted partners?
Circuit-Level Firewalls
What firewall evaluates the state, session, or the context of network traffic?
Stateful Inspection Firewalls
What firewall is used to filter the payload contents of a communication rather than only on the header values and operates at layer 7?
Deep Packet Inspection Firewalls
What firewall state can watch network and restrict/block packets based on source and destination addresses or other static values, isn’t aware of traffic patterns or data flows, and typically faster and perform better under heavier traffic loads.
Stateless
What firewall state can watch traffic streams from end to end and are aware of communication paths and can implement various IP security functions such as tunnels and encryption.
Stateful
What can protect web apps by filtering and monitoring HTTP traffic between a web app and the internet, and usually protects web apps from common attacks like XSS, CSRF, and SQL injection.
Web Application Firewall
WAF
What can perform a deep-packet inspection that moves beyond port/protocol inspection and blocking and adds app-level inspection, intrusion prevention, and brings intelligence from outside the firewall.
Next Generation Firewall
NGFW
What method can detect protocol non-compliance, spam, viruses, and intrusions and inspects/filters both the header and payload of a packet.
Deep Packet Inspection
What is a multifunction device composed of several security features in addition to a firewall?
Unified Threat Management
UTM
What allows private subnets to communicate w/ other cloud services and the internet but hides the internal network from internet users and has the network access control list for the private subnets?
Network Access Translation Gateway
NAT
What looks at the content on the requested web page and blocks request depending on filters?
Content/URL Filter
What type of software is where the vendor makes the license freely available and allows access to the source code but there is not vendor support?
Open Source
What type of software is more expensive but tend to provide more/better protection and more functionality and support at a cost?
Proprietary
What analyses whole packets, both header and payload, looking for known events and when a knowns event is detected, a log message is generated.
Intrusion Detection System
IDS
What analyses whole packets, both header and payload, looking for known events, and when a know event is detected, the packet is rejected.
Intrusion Prevention System
IPS
What type of IDS creates a baseline of activity to identify normal behavior and then measures system performance against the baseline to detect abnormal behavior?
Behavior based
What IDS uses signatures similar to the signature definitions used by anti-malware software?
Knowledge based
What computer or appliance that is exposed on the internet and has been hardened by removing all unnecessary elements?
Bastion Hosts
What is a firewall-protected system logically positioned just inside a private network?
Screened Host
What is a DoS attack that involves sending fragmented packets to a target machine, which causes the packets to overlap one another and crash the target network device?
Teardrop Attack
What is a DoS attack that involves sending large amounts of spoofed UDP traffic to a router’s broadcast address within a network?
Fraggle Attack
What is a layer 4 DoS attack in which, the attacker sets the source and destination info of a TCP segment to be the same, which will cause a machine to crash or freeze due to the packet being repeatedly processed by the TCP stack.
Land Attack
What is a form of a DoS attack in which an attacker sends a succession of SYN requests to a target’s system in an attempt to consume enough server resources to make the sys unresponsive to legitimate traffic?
SYN Flood Attack
What attack employs an oversized ping packet?
Ping of Death