Domain 4 - Communications and Network Security Flashcards

Question 1

Q

OSI Model

Answer

A

PDNT SPA

Please Do Not Throw Away Sausage Pizzas

Physical
Data Link
Network
Transport
Session
Presentation
Application

Question 2

Q

Application Layer 7 Protocols

Answer

A

AFP
CDP
FTP
GOPHER
HTTP
LDAP
SNMP
SMTP
SMB
TELNET
TFTP

Question 3

Q

What protocols are used to encrypt HTTP documents?

Answer

A

Secure HTTP

S-HTTP

Question 4

Q

SSL, Secure Socket Layer

Answer

A

Eencryption technology to provide secure transactions like credit card numbers exchange.

Two layered: SSL record protocol and handshake protocol.

Same as SSH it uses symmetric encryption for private connections and asymmetric or public key cryptography for peer authentication.

Question 5

Q

Secure Electronic Transaction (SET)

Answer

A

authentication for credit card transactions. Overtaken by SSL

Also uses message authentication code for integrity checking.

Question 6

Q

Telnet

Answer

A

terminal emulation enables user to access resources on another machine. Port 23

Question 7

Q

FTP, File Transfer Protocol

Answer

A

for file transfers. Cannot execute remote files as programs. Authentication. Port 20 and 21

Question 8

Q

TFTP, Trivial File Transfer Protocol

Answer

A

stripped down, can only send/receive but not browse directories.

No authentication thus insecure. Port 6

Question 9

Q

SMTP, Simple Mail Transfer protocol

Answer

A

email queuing. Port 25

Question 10

Q

SNMP, Simple Networking Management Protocol

Answer

A

collection of network information by polling the devices from a management station.

Sends out alerts –called traps- to an database called Management Information Bases (MIBs)

Question 11

Q

Application Layer 7

Answer

A

C, AU, I, NR

The OSI model defines the application layer as the user interface responsible for displaying received information to the user.

Question 12

Q

Presentation Layer 6

Answer

A

C, AU, Encryption

Translations like EBCDIC/ANSI; compression/decompression and encryption/decryption.

Uses a common format to represent data, Standards

Question 13

Q

Presentation Layer 6 Protocols

Answer

A

JPEG,
TIFF,
MID,
HTML

Question 14

Q

Session Layer 5

Answer

A

Inter-host communication, logical persistent connection between peer hosts, a conversation, simplex, half duplex, full duplex

Question 15

Q

Session Layer Protocols

Answer

A

NSF, 
SQL, 
RADIUS, 
RPC.  
PAP, 
PPTP, 
RPC

Question 16

Q

Transport Layer 4

Answer

A

End-to-end data transfer services and reliability. Technology: Gateways. Segmentation, sequencing, and error checking at this layer.

Datagrams

Question 17

Q

TCP Three-way Handshake

Answer

A

SYN, SYN-/ACK, ACK

Question 18

Q

Transport Layer Protocols

Answer

A

TCP, 
UDP, 
SSL, 
SSH-2, 
SPX, 
NetBIOS, 
AT

Question 19

Q

Secure Shell (SSH-2

Answer

A

Authentication,
Compression,
Confidentiality
Integrity

Uses RSA certificates for authentication and triple DES for encryption

Question 20

Q

TCP, Transmission control protocol

Answer

A

reliable, sequences and works with acknowledgements.

Provides a manageable data flow to avoid congestions overloading and data loss.

(Like having a telephone conversation with someone). Connection Oriented.

Question 21

Q

UDP, User Datagram Protocol

Answer

A

unreliable, scaled down version of TCP, no error correction, no sequencing. Less overhead. (Like sending a letter to someone).

Connectionless.

Question 22

Q

Network Layer 3

Answer

A

C, AU, I

Path selection and logical/network addressing. Technology: Virtual circuits (ATM), routers.

Packets

Question 23

Q

Addressing

Answer

A

IP uses the destination IP to transmit packets thru networks until delivered

Question 24

Q

Fragmentation

Answer

A

IP will subdivide a packet if its size is greater than the maximum allowed on a local network

Question 25

Q

Network Layer 3 Protocols

Answer

A

IP,
IPSEC,
ICMP, 
BGP, 
OSPF, 
RIP,  
BOOTP, 
DHCP, 
ZIP, 
DDP, 
X.25, 
NAT 
IGMP

Question 26

Q

OSPF Open Shortest Path First

Answer

A

routing protocol short path

Question 27

Q

SKIP, Simple Key Management for Internet Protocols

Answer

A

provides high availability in encrypted sessions to protect against crashes. Exchanges keys on a session by session basis.

Question 28

Q

ARP, Address resolution protocol

Answer

A

Used to match an IP address to a hardware MAC address.

ARP sends out broadcast to a network node to reply with its hardware address.

It stores the address in a dynamic table for the duration of the session, so ARP requests are only sent the first time

Question 29

Q

ICMP, Internet control message protocol

Answer

A

sends messages between network nodes regarding the health of the network.

Also informs about rerouting in case of errors. Utility PING uses ICMP messages to check physical connectivity of the network machines IPX, Appletalk, and NetBEUI are non-IP protocols.

Question 30

Q

IP, Internet protocol

Answer

A

All hosts have an IP address.

Each data packet has an IP address of sender and recipient.

Routing in network is based upon these addresses.

Datagram service is considered unreliable because there’s no guarantee that the packet will be delivered, not even that its delivered only once and no guarantee that its delivered in the same sequence that its sent 32 bits long, IPv6 is 128 bits long

Question 31

Q

DHCP

Answer

A

Dynamic Host Configuration Protocol

Question 32

Q

BootP, Bootstrap Protocol

Answer

A

when wireless workstation is on-lined it sends out a BootP request with its MAC address to get an IP address and the file from which it should boot.

Replaced by DHCP

Question 33

Q

Data Link Layer 2

Answer

A

C

This layer deals with addressing physical hardware.

FRAMES Translates data into bits and formats them into data frames with destination header and source address. Error detection via checksums.

Switches, bridges, hardware addressing

Question 34

Q

LLC, the Logical Link Control

Answer

A

Sub layer - Flow control and error notification

Question 35

Q

MAC: the Media Access Control layer

Answer

A

Physical addressing. Concerns frames, logical topologies and MAC-addresses

Question 36

Q

Data Link Layer 2 Protocols

Answer

A

L2F, 
PPTP,
L2TP, 
PPP, 
SLIP, 
ARP, 
RARP, 
SLARP,  
IARP, 
SNAP, 
BAP, 
CHAP, 
LCP,
LZS, 
MLP, 
Frame Relay,
Annex  A, 
Annex D, 
HDLC, 
BPDU, 
LAPD, ISL, 
MAC, 
Ethernet, 
Token Ring,
FDDI

Question 37

Q

RARP, Reverse address resolution protocol

Answer

A

When a hardware address is known but the IP address has to be found. (like an diskless machine)

Question 38

Q

Physical Layer 1

Answer

A

Physical signaling. Coverts bits into voltages or light impulses.

Electrical, Hardware and software drivers are on this level. It sends and receives bits.

Question 39

Q

Physical Layer 1 Devices?

Answer

A

Repeaters, 
hubs, 
cables, 
USB,
 DSL, 
SDN, 
ATM

Question 40

Q

What are the 4 layers of the TCP/IP Model?

Answer

A

NITA
Network access - Layer 1 (Data link, Physical). Routines for accessing physical networks and the electrical connection.

Internet – Layer 2 (corresponds to OSI network layer) Defines the IP datagram and handles routing

Host-to-Hotst Transport - – Layer 3 (Transport)

End-to-end data delivery Protocols: TCP and UDP

Application – layer 4 (Application/Presentation/Session) Applications and processes that uses the network

Question 41

Q

LPD, Line printer daemon

Answer

A

for printing and spooling

Question 42

Q

What are the Security Modes used in MAC?

Answer

A

Dedicated
Multi-Level
Controlled
Limited Access

Question 43

Q

Security Modes used in MAC: Dedicated

Answer

A

All users can access all data.
Clearance for all information.
Need to know for ALL data system high security mode:
All users can access some data, based on need to know
Clearance for all information
Need to know for SOME data compartmented security mode:
All users can access some data, based on their need to know and approval.
Clearance for all information they access - Need to know for SOME data
Use of information labels

Question 44

Q

Security Modes used in MAC: Multi-level

Answer

A

All users can access some data, based on their need to know, approval and clearance.
Clearance for all information they access
Need to know for SOME data

Question 45

Q

Security Modes used in MAC: controlled

Answer

A

type of multilevel security where a limited amount of trust is placed in the system’s hardware/software along with classification

Question 46

Q

Security Modes used in MAC: limited access

Answer

A

minimum user clearance is not cleared and the maximum data classification is unclassified but sensitive

Question 47

Q

What is a Firewall?

Answer

A

A method of guarding a private network by analyzing the data leaving and entering. Firewalls can also provide network address translation, so the IP addresses of computers inside the firewall stay hidden from view.

Question 48

Q

What are the different types of Firewalls?

Answer

A

Packet-filtering
Stateful packet filtering
Application Proxy
Circuit level proxy

Question 49

Q

Packet-filtering firewalls (layer 3/4)

Answer

A

use rules based on a packet’s source, destination, port or other basic information to determine whether or not to allow it into the network.

Question 50

Q

Stateful packet filtering firewalls (layer 7)

Answer

A

have access to information such as; conversation, look at state table and context of packets; from which to make their decisions.

Question 51

Q

Application Proxy firewalls (layer 7) (3-7 actually

Answer

A

which look at content and can involve authentication and encryption, can be more flexible and secure but also tend to be far slower.

Question 52

Q

Circuit level proxy (layer 5)-

Answer

A

looks at header of packet only, protects wide range of protocols and services than app-level proxy, but as detailed a level of control. Basically once the circuit is allowed all info is tunneled between the parties. Although firewalls are difficult to configure correctly, they are a critical component of network security

Question 53

Q

Wireless Protocols

Answer

A

IEEE 802.11 Wireless networking
IEEE 802.15 Bluetooth
IEEE 802.3 Ethernet
IEEE 802.20 LTE

Question 54

Q

802.11

Answer

A

2 Mbps

2.4 GHz

Question 55

Q

802.11a

Answer

A

54 Mbps

5 GHz

Question 56

Q

802.11b

Answer

A

11 Mbps

2.4 GHz

Question 57

Q

802.11g

Answer

A

54 Mbps

2.4 GHz

Question 58

Q

802.11n

Answer

A

200+ Mbps

2.4 or 5 GHz

Question 59

Q

802.11ac

Answer

A

1 Gbps

5 GHz

Question 60

Q

Telnet

Answer

A

Remote terminal access and Secure Telnet

Question 61

Q

SSH

Answer

A

Secure Shell over Telnet for remote server administration via the command line

Question 62

Q

Class A network

Answer

A

number values begin at 1 and end at 127

Question 63

Q

Class B network

Answer

A

number values begin at 128 and end at 191

Question 64

Q

Class C network

Answer

A

number values begin at 192 and end at 223

Answer 65

A

B-channel 64Kbps, D-channel 16Kbps

Answer 66

A

B- and D-channels are 64Kbps

Answer 67

A

a decrease in amplitude as a signal propagates along a transmission medium

Answer 68

A

addresses availability, integrity and recovery but not confidentiality

Answer 69

A

contain 32-bit addresses (in IPv4) and 128 in IPv6. In an Ethernet LAN, however, addresses for attached devices are 48 bits long.

Answer 70

A

SMTP Mail

Answer 71

A

unsecured LDAP

Answer 72

A

LDAP-S over SSL or TLS

Answer 73

A

TFTP (Trivial FTP)

Answer 74

A

NetBIOS services

Answer 75

A

Coaxial
Ethernet twisted pair
Fiber Distributed Data Interface
Frame Relay WAN

Answer 76

A

many workstations, length. 1000Base-T

– 100 M Twisted pair to long. Cat 5 better than cat3 for interference Fiber optics immune to EMI, can be broken and high cost/expertise Topology failures

Answer 77

A

more resistant than coaxial Token Ring because a token is passed by every station, a NIC that’s is set to wrong speed or error can take all network down

Answer 78

A

form of token ring that has second ring that activates on error

Answer 79

A

over a public switched network. High Fault tolerance by relaying fault segments to working.

Speeds; T-1 – 1.544 Mbps, T-3 – 44,736 Mbps (45

Answer 80

A

ATM uses a connection-oriented model in which a virtual circuit must be established between two endpoints before the actual data exchange begins.

These virtual circuits may be “permanent”, i.e. dedicated connections that are usually preconfigured by the service provider, or “switched”, i.e. set up on a per-call basis using signalling and disconnected when the call is terminated.

155 Mbps, ISDN – 64 or 128 Mbps

Answer 81

A

Lightweight Directory Access Protocol, client/server based directory query protocol loosely based upon X.500, commonly manages user information, for accessing directory services and manage certificates Ex. Active Directory,

cn=ben+ou=sales Zero or more, comma separated, no semi-colon, + to join

Answer 82

A

provides secure LDAP authentication

Answer 83

A

default, stores user PW in the clear

Answer 84

A

used to identify clients to servers via SSL (client authentication)

Answer 85

A

used for signed and encrypted emails, can form sign, and use as part of a SSO solution

Answer 86

A

MIME Object Security Services, provides authentication, confidentiality, integrity, and nonrepudiation

Answer 87

A

provides authentication, confidentiality, integrity, and nonrepudiation

Answer 88

A

Domain Keys Identified Mail, domain validation tool

Answer 89

A

Open Authorization

ability to access resources from another service

Answer 90

A

paired with OAuth is a RESTful, JSON-based authentication protocol can provide identity verification and basic profile information, phishing attack possible by sending fake dat

Answer 91

A

The first line of protection between trusted and untrusted networks. Generally includes a firewall and router that help filter traffic.

May also include proxies, IDSs, and IPSs. Zero Day – application white list

Answer 92

A

device that enables more than one signal to be send out of one physical circuit

Answer 93

A

multi-port networking devices that are used in carrier networks. Connect private data over public data by using digital signals.

Data link layer.

Answer 94

A

server that provides dial-in and dial-out connections to the network

Answer 95

A

transmits data over telephone lines

Answer 96

A

digital interface device used to terminate the physical interface on a DTE device. They connect to the closest telephone company switch in a central office (CO)

Answer 97

A

amplify data signals to extend range (physical)

Answer 98

A

connect multiple LAN devices into a concentrator. Is actually a multi-port repeater (physical

Answer 99

A

Forwards data to all other network segments if it’s not on the local segment. Operates at level 2 (thus no IP-addressing)

Answer 100

A

Will only send data to the specific destination address. It’s actually a multi-port bridge. (Data link)

Answer 101

A

opens up data packet, reads hardware or network address and then forwards it to the correct network

Answer 102

A

software that acts as access point to another network or device that translates between different protocols

Answer 103

A

remote access, multi layer switch that connects LANs over a WAN

Answer 104

A

ISDN, cable modems, DSL, and T1/T3 lines that can support multiple simultaneous signals. They are analog and not broadcast technologies.

Answer 105

A

set of systems that can receive a broadcast from each other

Answer 106

A

Challenge-Handshake Authentication Protocol, used by PPP servers to authenticate remote clients.

Encrypts username and PW and performs periodic re authentication while connected using techniques to prevent replay attacks.

Answer 107

A

(committed Information Rate) minimum bandwidth guarantee provided by service provider to customers

Answer 108

A

set of systems that could cause a collision if they transmitted at the same time, more number of systems in domain increases likelihood of network congestion due to more collisions

Answer 109

A

occur at Application, Presentation, and Session layers.

Answer 110

A

an authentication framework. Effectively, EAP allows for new authentication technologies to be compatible with existing wireless or point-topoint connection technologies, extensible was used for PPP connections

Answer 111

A

Fiber Channel Over Ethernet, allows existing high-speed networks to be used to carry storage traffic

Answer 112

A

Fiber Distributed Data Interface, token-passing network uses a pair of rings with traffic flowing in opposite directions, uses tokens

Answer 113

A

translates between protocols

Answer 114

A

Internet Control Message Protocol, means to send error messages for non-transient error conditions and provides a way to probe the network in order to determine general characteristics about the network, ping

Answer 115

A

Internet Small Computer Interface, Converged protocol that allows location-independent file services over traditional network technologies. Cost less than Fiber. Standard for linking data storage sites

Answer 116

A

PRI (Primary Rate Interface) bandwidth of 1.544 Mbps, faster than BRI’s 144 Kbps

Answer 117

A

allow encryption at various layers, support a range of protocols at higher levels. Bad – conceal covert channels, filters can be bypassed, sometimes logical boundaries can be bypassed

Answer 118

A

Multiprotocol Label Switching, high performance networking, uses path labels instead of network addresses, wide area networking protocol, label switching, finds final destination and then labels route for others to follow

Answer 119

A

Password Authentication Protocol, sends PW unencrypted

Answer 120

A

provides encryption for EAP methods and can provide authentication, does not implement CCMP, encapsulates EAS in a TLS tunnel

Answer 121

A

802.1x, can be used with EAP

Answer 122

A

Point-to-Point Protocol, most common, used for dial up connections, replaced SLIP

Answer 123

A

form of gateway that provide clients with a filtering, caching, or other service that protects their information from remote systems

Answer 124

A

Private Virtual Circuits

Answer 125

A

used to reset or disconnect a session, resumed by restarting the connection via a new three-way handshake

Answer 126

A

carries multiple types of traffic like voice, video, and data

Answer 127

A

Software designed networking, defined and configured as code or software, quickly change the network based on organizational requirements

Answer 128

A

may be software defined, but it could also use traditional network devices running as virtual machines

Answer 129

A

identify areas where wireless network may be accessible

Answer 130

A

protocol for sending multiple optical streams over fiber

Answer 131

A

User Datagram Protocol, lightweight service for connectionless data transfer without error detection and correction

Answer 132

A

uses WAP to link wireless clients to a wired network

Answer 133

A

Asymmetric multiprocessing - used in applications that are dedicated, such as embedded systems, when individual processors can be dedicated to specific tasks at design time.

Answer 134

A

Symmetric Multiprocessors, hardware and software architecture where two or more identical processors are connected to a single, shared main memory, have full access to all I/O devices, and are controlled by a single operating system instance that treats all processors equally, reserving none for special purposes.

Answer 135

A

a type of attack in which a malicious actor sends falsified ARP (Address Resolution Protocol) messages over a local area network. This results in the linking of an attacker’s MAC address with the IP address of a legitimate computer or server on the network.

Answer 136

A

when attackers send unsolicited messages via Bluetooth

Answer 137

A

targets the data or information on Bluetoothenabled devices

Answer 138

A

a password recovery tool for Microsoft Windows.

It can recover many kinds of passwords using methods such as network packet sniffing, cracking various password hashes by using methods such as dictionary attacks, brute force and cryptanalysis attacks.

Answer 139

A

when an attacker sends false replies to a requesting system, beating valid replies from the real DNS server

Answer 140

A

when an attacker changes the domain name to IP address mappings of a system to redirect traffic to alternative systems

Answer 141

A

Remote Desktop Protocol (RDP) is a proprietary protocol developed by Microsoft, which provides a user with a graphical interface to connect to another computer over a network connection.

The user employs RDP client software for this purpose, while the other computer must run RDP server software.

Answer 142

A

copy actual screen, subset of remote control

Answer 143

A

Spam over Internet Telephony and targets VoIP systems

Answer 144

A

Nikto,
Burp Suite,
Wapiti

Answer 145

A

Used to overwhelm a targets resources

Filling up hard drive by using huge email attachments or file transfers
Sends messages to reset targets host subnets masks
Using up all system resources

Answer 146

A

performed by sending malformed packets to a system;

can interrupt service or completely deny legitimate users of system resources, an attack that attempts to prevent authorized use of a resource.

This can be done through flaw exploitation, connection overloading, or traffic flooding.

Answer 147

A

botnet, zombie, massive dos attack using multiple computers

Answer 148

A

ICMP requires three players (attacker, victim and amplifying network); attacker spoofs packet header to make it appear that it originated on the victim system with amplifying network broadcasting the message.

Countermeasures – disable broadcast at border routers; border routers should not accept packets that originate within network; restrict ICMP traffic (Hint IC = Its Smurf though spelled wrong)

Answer 149

A

similar to Smurf but uses UDP

Countermeasures – disable broadcast at border routers; border routers should not accept packets that originate within network; restrict UDP traffic; employ IDS;

apply appropriate patches, block UDP port 7 & 9 from entering network

Answer 150

A

The attack involves sending a spoofed TCP SYN packet (connection initiation) with the target host’s IP address and an open port as both source and destination.

The reason a LAND attack works is because it causes the machine to reply to itself continuously.

Answer 151

A

TCP packets requesting a connection (SYN bit set) are sent to the target network with a spoofed source address.

The target responds with a SYN-ACK packet, but the spoofed source never replies.

This can quickly overwhelm a system’s resources while waiting for the half-open connections to time out.

This causes the system to crash or otherwise become unusable.

Counter: sync cookies/proxies, where connections are created later

Answer 152

A

The length and fragmentation offset fields of sequential IP packets are modified, causing the target system to become confused and crash.

Uses fragmented packets to target a TCP flaw in how the TCP stack reassembles them. DOS

Answer 153

A

IP spoofing involves altering a TCP packet so that it appears to be coming from a known, trusted source, thus giving the attacker access to the network. Intercept cookies from a request header

Answer 154

A

intruder tricks target to believe it is connected to a trusted host and then hijacks the session by predicting the targets choice of an initial TCP sequence number

Answer 155

A

x25
Frame Relay 
Link Access Procedure-Balanced (LAPB) 
Frame Relay 
Switched Multimegabit DATA Service (SMDS) 
ATM
VOIP

Answer 156

A

defines point-to-point communication between Data terminal Equipment (DTE) and Data Circuit Terminating Equipment (DCE)

Answer 157

A

Link Access Procedure-Balanced

created for use with X25, LAPB defines frame types and is capable of retransmitting, exchanging and acknowledging frames as detecting out of sequence or missing frames

Answer 158

A

High performance WAN protocol designed for use across ISDN interfaces.

Is fast but has no error correction, supports multiple PVCs, unlike X.25, packet switched technology that provides CIR, requires DTE/DCE at each connection point

Answer 159

A

Switched Multimegabit DATA Service

high speed communication over public switches networks for exchanging ‘bursts of data’ between enterprises

Answer 160

A

very high bandwidth. It uses 53-byte fixed size cells instead of frames like Ethernet.

It can allocate bandwidth up on demand making it a solution for Busty applications.

Requires fiber optics.

Answer 161

A

combines many types of data into a single IP packet. Cost, interoperability and performance wise it’s a major benefit.

Answer 162

A

created by IBM for mainframes to connect to their remote offices.

Uses a polling media access method.

Works with dedicated leased lines permanent up.

Data link layer of OSI model

Answer 163

A

extension to SDLC also for mainframes. Uses data encapsulation on synchronous serial links using frame characters and checksums.

Also data link layer

Answer 164

A

Defines electrical and physical interfaces to use for DTE/DCE communications.

Physical layer of OSI

Answer 165

A

Shielded (STP)

or unshielded (UTP) Cat 3=10BaseT,

Cat5=100BaseT

Answer 166

A

More EMI resistant. Baseband: only one single channel

Broadband: multiple signal types like data, video, audio

Answer 167

A

Most expensive, but hard to tap and resistant to EMI

Answer 168

A

(static) Packet filtering firewall AKA screening router Examines source/destination address, protocol and ports of the incoming package.

Based on ACL’s access can be denied or accepted. Is considered a firewall and operates at Network or Transport layer of OSI

Answer 169

A

Application level firewall AKA proxy server While transferring data stream to another network, it masks the data origin. operating at Application layer of OSI

Answer 170

A

Stateful inspection firewall (also known as Dynamic) All packages are inspected at the Networking layer so it’s faster. By examining the state and context of the data packages it helps to track connectionless protocols like UDP and RPC. Analyzed at all OSI Layers.

Answer 171

A

Dynamic Packet Filtering firewall Enables modification of the firewall rule. It provides limited support for UDP by remembering UDP packages across the network. Fifth

Answer 172

A

Kernel Proxy Firewall / Application level Firewall Runs in windows NT, modular, kernel based, multiplayer session evaluation. Uses dynamic TCP/IP stacks to inspect network packages and enforce security policies.

Answer 173

A

Sits between trusted and un-trusted network, sometimes used as boundary router. Uses ACL’s. Protects against standard generic external attacks. Has no user authentication, has minimal auditing.

Answer 174

A

Has both a packet-filter router and a bastion host. Provides both network layer (package filtering) as application layer (proxy) server.

Answer 175

A

Consists of a host with 2 NIC’s. One connected to trusted, one to un-trusted.

Can thus be used as translator between 2 network types like Ethernet/token ring.

Internal routing capabilities must not be enabled to make it impossible to circumvent inspection of data.

Answer 176

A

Has also defined a De-Militarized Zone (DMZ) : a small network between trusted an untrusted.

Answer 177

A

Every workstation gets some Socks software to reduce overhead

Tiers – design separates distinct protected zones and can be protected by a single firewall that has multiple interfaces

Answer 178

A

CALLBACK; system calls back to specific location (danger in user forwarding number) somewhere you are

CHAP (part of PPP) supports encryption

XTACACS separates authentication, authorization and accounting processes

TACACS+: stronger through use of tokens

Answer 179

A

User passwords are administrated in a central database instead of individual routers.

A network device prompts user for a username and static password then the device queries a TACACS server to verify the password.

TACACSs does not support prompting for password change or use of dynamic password tokens.

Port 49 TACACS: user-id and static password for network access via TCP

Answer 180

A

Enhanced version with use of two factor authentication, ability to change user password, ability of security tokens to be resynchronized and better audit trails and session accounting

Answer 181

A

Client/server protocol, often leads to TACACS+.

Clients sends their authentication request to a central radius server that contains all of the user authentication and network ACL’s RADIUS does not provide two way authentication, therefore it’s not used for routerto-router authentication.

Port 1812. Contains dynamic password and network service access information (Network ACLs) NOT a SSO solution, TLS over TCP – to encrypt, Default UDP, PW encrypted, supports TCP and TLD if set, Remote connectivity via dial in (user dials in to access server, access server prompt for credentials, user enters credentials and forwards to radius server, radius server accepts or rejects).

USES UDP. Incorporates an AS and dynamic/static password user can connect to any network access server, which then passes on the user’s credentials to the RADIUS server to verify authentication and authorization and to track accounting.

In this context, the network access server is the RADIUS client and a RADIUS server acts as an authentication server.

The RADIUS server also provides AAA services for multiple remote access servers.

Answer 182

A

remote connectivity using phone wireless etc, more secure than radius, cordless phone signal is rarely encrypted and easily monitored

Answer 183

A

This is how everyone connects to the internet. Using a public switched telephone network to access an ISP

Answer 184

A

protocol that permits telephone line to carry data, voice and other source traffic.

Two types: BRI Basic rate interface and Primary Rate Interface (PRI) xDSL uses regular telephone lines for high speed digital access Cable Modems Via single shared coaxial cable, insecure because of not being filtered or firewalled

Answer 185

A

Restricted Address
Callback
Caller ID

Answer 186

A

User initiates a connection, supplies identifying code, and then the system will call back a predetermined telephone number. Also less useful for travelling users

Answer 187

A

checks incoming telephone number against an approval list and then uses Callback. Less useful for travelling users.

Answer 188

A

Provides identification and authentication of the user using static replayable passwords. No encryption of user-id or password during communication

Answer 189

A

nonreplayable challenge/response dialog

Answer 190

A

Bus
Ring
Star
Tree
Mesh

Answer 191

A

all transmissions have to travel the full length of the cable

Answer 192

A

Workstations are connected to form a closed loop

Answer 193

A

nodes are connected to a central LAN device

Answer 194

A

bus type with multiple branches

Answer 195

A

all nodes interconnected

Answer 196

A

Analog
Digital
Asynchronous
Synchronous

Answer 197

A

Infinite wave form, continuous signal, varied by amplification

Answer 198

A

Saw-tooth form, pulses, on-off only, digital signals are a means of transmission that involves the use of a discontinuous electrical signal and a state change or on‐off pulses.

Answer 199

A

sends bits of data sequentially. Same speed on both sides. Modems and dial-up remote access systems

Note: Asynchronous communications, broadband connections, and halfduplex links can be digital or analog.

Answer 200

A

very high speed governed by electronic clock timing signals

Answer 201

A

Ethernet IEEE 802.3
ARCnet
Token Ring IEEE 802.5
FDDI

Answer 202

A

10base2 with coax cables up to 185 meters Thicknet

Answer 203

A

10Base5, coax up to 500 meters

Answer 204

A

10BaseT=10MBps

100baseT=Fast Ethernet =100MBps

1000BaseT=Gigabit Ethernet=1GBps

Ethernet networks were originally designed to work with more sporadic traffic than token ring networks

Answer 205

A

uses token passing in a star technology on coax

Answer 206

A

IBM created. All end stations are connected to a MAU Multi Access Unit. CAU: Controlled Access Units – for filtering allowed MAC (Extended Unique Identifier) addresses.

Answer 207

A

token-passing dual token ring with fiber optic. Long distances, minimal EMI interference permits several tokens at the time active

Answer 208

A

CSMA

CSMA with Collision Avoidance workstations

CSMA with Collision Detection

Answer 209

A

for Ethernet. Workstations send out packet. If it doesn’t get an acknowledgement, it resends

Answer 210

A

are attached by 2 coax cables. In one direction only. Wireless 802.11

Answer 211

A

Only one host can send at the time, using jamming signals for the rest.

Answer 212

A

Host can only transmit when he polls a secondary to see if its free

Answer 213

A

Used in token rings, Hosts can only transit when they receive a clear to send token.

Answer 214

A

Limited geographically to e.g. a building. Devices are sharing resources like printers, email and files. Connected through copper wire or fiber optics.

Answer 215

A

campus area network, multiple building connected to fast backbone on a campus

Answer 216

A

metropolitan network extends over cities

Answer 217

A

Connects LANS over a large geographical area Internet

Answer 218

A

Internet is global,

intranet local for use within companies and

extranet can be used e.g. by your customers and clients but is not public.

Answer 219

A

A VPN is created by dynamically building a secure communications link between two nodes, using a secret encapsulation method via network address translation (NAT) where internal IP addresses are translated to external IP addresses.

Cannot double NAT with the same IP range, same IP address cannot appear inside and outside of a NAT router.

Answer 220

A

PPTP
L2F
L2TP
IPSEC

Answer 221

A

Works at data link layer of OSI
Only one single point-to-point connection per session
Point To Point protocol (PPP) for authentication and tunneling
Dial-up network use
Does not support EAP
Sends initial packets in plaintext

Answer 222

A

Also in data-link layer of OSI
Single point-to-point connection per session
Dial-up network use
Port 115
Uses IPsec

Answer 223

A

Operates at Network Layer of OSI
Enables multiple and simultaneous tunnels
Encrypt and authenticate
Build into IPv6
Network-to-network use
Creates a private, encrypted network via a public network
Encryption for confidentiality and integrity

Answer 224

A

AH Authentication header and ESP Encapsulated Security Payload works with Security Associations (SA’s) works with IKE protocols

IKE IS FOR MANAGING SECURITY ASSOCIATIONS

2 modes: transport, data is encrypted header is not tunneled: new uses rc6; IP header is added, old IP header and data is encrypted cipher types: block (padding to blocks of fixed size) like DES 3DES AES or stream (bit/byte one by one o padding) like RC4, Sober

Answer 225

A

encrypt and protect transactions to prevent sniffing while data is in transit along with VPN and IPsec
most effective control against session hijacking
ephemeral session key is used to encrypt the actual content of communications between a web server and client
TLS - MOST CURRENT not SSL!!!

Answer 226

A

Permanent virtual circuits, is like a dedicated leased line; the logical circuit always exists and is waiting for the customer to send data. Like a walkie-tealie

Answer 227

A

switched virtual circuit, is more like a shortwave or ham radio. You must tune the transmitter and receiver to a new frequency every time you want to communicate with someone.

Answer 228

A

Is hardware or software to create secure tunnels

Answer 229

A

entire data package encrypted

Answer 230

A

only datagram encrypted

Answer 231

A

Network layer

Answer 232

A

Encrypts IP packets and ensured integrity

 ESP Header – contains information showing which security association to use and the packet sequence number. Like the AH, the ESP sequences every packet to thwart replay attacks.

 ESP Payload

Answer 233

A

– Frequency Hopping Spread Spectrum, The entire range of available frequencies is employed, but only one frequency at a time is used.

Answer 234

A

Direct Sequence Spread Spectrum, employs all the available frequencies simultaneously in parallel. This provides a higher rate of data throughput than FHSS. DSSS also uses a special encoding mechanism known as chipping code to allow a receiver to reconstruct data even if parts of the signal were distorted because of interference.

Answer 235

A

Orthogonal Frequency-Division Multiplexing, employs a digital multicarrier modulation scheme that allows for a more tightly compacted transmission. The modulated signals are perpendicular and thus do not cause interference with each other.

All use spread spectrum techniques to transmit on more than one frequency at the same time. Neither FHSS nor DHSS uses orthogonal modulation, while multiplexing describes combining multiple signals over a shared medium of any sort. Wi-Fi may receive interference from FHSS systems but doesn’t use it.
WAN

Answer 236

A

Dedicated line reserved communication, always available Leased line can be reserved for communications.

Type of dedicated line.

T1 1,5 Mbps through telephone line
T3 44,7 Mbps through telephone line
E1 European 2048 Mbps digital transmission
Serial Line IP (SLIP) TCP/IP over slow interfaces to communicate with external hosts (Berkley UNIX, windows NT RAS), no authentication, supports only half-duplex communications, no error detection, manual link establishment and teardown

Answer 237

A

improvement on slip, adds login, password and error (by CHAP and PAP) and error correction. Data link.

Answer 238

A

combination of digital telephony and data transports. Overtaken by xDSL, not all useable due to “D Channel” used for call management not data

Answer 239

A

uses telephone to transport high bandwidth data to remote subscribers

Answer 240

A

Asymmetric. More downstream bandwidth up to 18,000 feet over single copper cable pair

Answer 241

A

Symmetric up to 10,000 feet over single copper cable pair

Answer 242

A

High Rate T1 speed over two copper cable pairs up to 12,000 feet

Answer 243

A

Very High speed 13-52MBps down, 1,5-2,3 Mbps upstream over a single copper pair over 1,00 to 4500 feet

Answer 244

A

There must be a dedicated physical circuit path exist during transmission. The right choice for networks that have to communicate constantly. Typically for a telephone company network Voice oriented. Sensitive to loss of connection

Answer 245

A

Involves the transmission of messages from node-to-node. Messages are stored on the network until a forwarding path is available.

Answer 246

A

Nodes share bandwidth with each other by sending small data units called packets.

Packets will be send to the other network and reassembled.

Data oriented. Sensitive to loss of data. More cost effective than circuit switching because it creates virtual circuits only when they are needed.

Answer 247

A

Fibre Channel over Ethernet (FCoE)

MPLS

iSCSI

Vo

IP

SDN

Answer 248

A

are the merging of specialty or proprietary protocols with standard protocols, such as those from the TCP/ IP suite.
The primary benefit of converged protocols is the ability to use existing TCP/ IP supporting network infrastructure to host special or proprietary services without the need for unique deployments of alternate networking hardware.

Answer 249

A

a form of network datastorage solution (SAN or NAS) that allows for high-speed file transfers at upward of 16 GBps.

It was designed to be operated over fiber-optic cables; support for copper cables was added later to offer less-expensive options.

Fibre Channel over Ethernet (FCoE) can be used to support it over the existing network infrastructure. FCoE is used to encapsulate Fibre Channel communications over Ethernet networks.

Fibre Channel operates as a Network layer or OSI layer 3 protocol, replacing IP as the payload of a standard Ethernet network.

Answer 250

A

(Multiprotocol Label Switching) is a high-throughput highperformance network technology that directs data across a network based on short path labels rather than longer network addresses.

MPLS is designed to handle a wide range of protocols through encapsulation.

Answer 251

A

Internet Small Computer System Interface (iSCSI) is a networking storage standard based on IP.

This technology can be used to enable location-independent file storage, transmission, and retrieval over LAN, WAN, or public Internet connections.

It is often viewed as a low-cost alternative to Fibre Channel.

Answer 252

A

Voice over IP - a tunneling mechanism used to transport voice and/ or data over a TCP/ IP network.

VoIP has the potential to replace or supplant PSTN because it’s often less expensive and offers a wider variety of options and features.

Answer 253

A

a unique approach to network operation, design, and management.

SDN aims at separating the infrastructure layer (i.e., hardware and hardware-based settings) from the control layer (i.e., network services of data transmission management).

Furthermore, this also removes the traditional networking concepts of IP addressing, subnets, routing, and so on from needing to be programmed into or be deciphered by hosted applications.

SDN offers a new network design that is directly programmable from a central location, is flexible, is vendor neutral, and is open-standards based.

Brainscape's Knowledge GenomeTM

Domain 4 - Communications and Network Security Flashcards

Brainscape's Knowledge Genome^TM