Domain 4: Communications and Network Security Flashcards
IEEE 802.3
Ethernet Protocol
SPX
Archaic OSI Layer 4 (transport layer) protocol.
Four network Topologies
Ring - all endpoints are conneted in ring
Bus - one central trunk each pc connects to
Star - central router or hub
Mesh - every endpoint is connected to every other endpoint.
Layer 6 OSI
The Presentation Layer. The presentation layer transforms data into format structures that other systems can understand. Examples of presentation layer formats include JPEG, MPEG, ASCII, and GIF.
Layer 5 OSI
Session Layer: The Session layer of the Open Systems Interconnection (OSI) model is used primarily to track application dialogue. The Session layer (Layer 5) establishes, coordinates, and terminates communication sessions between applications. Examples of Session layer protocols are Remote Procedure Call (RPC) and Network File System (NFS).
DTE vs DCE on old Serial Equipment
Data terminal equipment (DTE) is a term for the interface a customer will connect to when using older serial-based wide-area network (WAN) connections. This is common in Frame Relay and Asynchronous Transfer Mode (ATM) connections. The circuit-terminating equipment (DCE) end connects to the provider.
Layer 2 TCP/IP
Internet layer
802.1AE
MACsec
802.1AE, also known as MACsec, is an Institute of Electrical and Electronics Engineers (IEEE) standard that provides confidentiality and integrity at the data link layer of the Open Systems Interconnection (OSI) model.
WEP
IEEE 802.11
Uses a shared key between clients and APs.
Not considered secure.
Is IP considered a connectionless protocol?
Yes
Is Web Security Gateway an actual term?
Yes - once upon a time this was a dedicated appliance for content filtering.
Most firewalls have this built in as a feature now.
Packet Switching Protocol
TCP, UDP, GRE, SPX, etc
CSMA/CD and CSMA/CA
Carrier-sense multiple access with collision detection
Carrier-sense multiple access with collision avoidance
DSSS
Direct-sequence spread spectrum
Direct-sequence spread spectrum (DSSS) is a modulation technology that increases bandwidth and adds redundancy by adding sub-bits to messages. These sub-bits are called “chips” and can be used to reconstruct data similar to how RAID-5 reconstructs data after a drive failure.
Most fundamental component of a VPN
Tunneling
The communication between the two endpoints is encapsulated and travels through another network medium. Since a VPN is impossible without encapsulation or tunneling, it is the most crucial component.
Baseband
Baseband has only one channel, so it can only send one communication signal at a time. Baseband signaling uses a single channel for the transmifssion of digital signals and is common in twisted-pair cabling.
Ethernet networks are baseband: a “100baseT” UTP cable means 100 megabit, baseband, and twisted pair.
FCoE
Fiber Channel over Ethernet
Phreaker
phone + freak = phreak
Someone who abuses phone systems/telecommunications.
Latest WiFi Standard
Wifi 6E
VLAN Hopping Attack
VLAN hopping occurs when an attacker manipulates a frame, so the switch moves it to a different VLAN. VLAN hopping can happen by spoofing a switch, setting up a dynamic trunk or tagged interface, or creating a double-encapsulated 802.1Q tag.
TCP/IP layers
Layer 1: datalink/Network Access Layer.
Layer 2: network/Internet Layer.
Layer 3: Transport Layer.
Layer 4: Application Layer.
OSI model layers
Physical, Data Link, Network, Transport, Session, Presentation, and Application.
TCP URG header
Marks the packet as urgent, requires immediate attention.T
Pre-admit NAC
Systems are tested BEFORE they are admitted network access.
Post-admit NAC
Systems are tested AFTER they are admitted network access.
Clientless NAC
No Agent deployed to the endpoints being verified by NAC.
Client-based NAC
The NAC Service has an agent running on the endpoint to gather more data.
Disassociation Attack
Attack on WiFI, used to:
Discover SSID of hidden networks - If forced to disassociate, an endpoint will send a connection request with the plaintext of the hidden SSID
Entice clients to connect to a rogue WAP
DOS Attack
APIPA - Automatic Private IP Addressing
AKA link-local address assignment, assigns an IP address to a system if DHCP fails.
169.254.0.1 to 169.254.255.254.
Bluejacking
Bluejacking is the sending of unsolicited messages over Bluetooth. An attacker may also send a malicious attachment via Bluetooth. The goal is for the victim to allow an attacker to connect to the device enabling the hacker can gain access to contacts, images, and other private data.
Bluesnarfing
Bluesnarfing allows hackers to connect with a Bluetooth device without the user’s knowledge and extract information from the device.
Bluebugging
Bluebugging is an attack that grants hackers remote control over the features and functions of a Bluetooth device.
Cat 7 cable
is used for 10 gigabit Ethernet for data up to 10Gbps
OSI Model - Please Do Not Throw Salami Pizza Away
Please Do Not Throw Salami Pizza Away
Physical
Datalink
Network
Transport
Session
Presentation
Application
TCP/IP Model
Network Access (Physical, Data Link)
Internet (Network)
Transport (Transport)
Application (Session, presentation, application)
FDDI
Fiber Distributed Data Interface (FDDI) is a high-speed token-passing technology that employs two rings with traffic flowing in opposite directions.
Screened Subnet/DMZ
A screened subnet is a network between two routers or firewalls and is frequently called a Demilitarized Zone (DMZ). Screened subnets are generally used when internet users need to access internal resources. Designated systems are placed in the DMZ with firewall policies that allow internet users access. This allows firewall administrators to expose only a small network to the internet without adding private networks.
Type of firewall that automatically adjusts filtering based on context and content of traffic.
Stateful firewall.
(For CISSP, NOT a WAF)
WPA3 supported Authentication Mechanisms
ENT - Enterprise WiFi Authenticaition AKA 802.1x
SAE - Simaltaneous auth of equals
