Domain 4 - Communications and Networking Flashcards

Question

which port is used by our DHCP servers to communicate with the clients

Answer 1

Explanation DHCP uses UDP Port 67 for the DHCP Server and UDP Port 68 for the Client.

Answer 2

1. Discovery 2. offer 3. request 4. acknowledge

Answer 3

answer is C. Application and circuit are the only types of proxy-based firewall solutions listed here. The others do not use proxies. Circuit-based firewalls make decisions based on header information, not the protocol's command structure. Application-based proxies are the only ones that understand this level of granularity about the individual protocols.

Answer 4

Answer is B. Secure Multipurpose Internet Mail Extensions (S/MIME) is a standard for encrypting and digitally signing e-mail and for providing secure data transmissions using public key infrastructure (PKI).

Answer 5

* Transmission control protocol * part of a suite of communication protocols * defines how applications create communication * manages how messages are broken down into packets to be transmitted and reassembled at the destination

Answer 6

* Internet Protocol * part of a suite of protocols * defines how to address and route packets for delivery

Answer 7

• 4 (Link or Physical, network, transport, application)

Answer 8

• protocol data units

Answer 9

* data - session, presentation and application layer * segments - transport layer * packets - network layer * frames - data link layer * bits - physical layer

Answer 10

* network reliability * auto recovery from failure

Answer 11

• link/physical in tcp/ip maps to (physical and data layers in the OSI model)

Answer 12

• same -network layer in OSI

Answer 13

• same - transport layer in OSI

Answer 14

TCP/IP application layer maps to (session, presentation and application in the OSI model)

Answer 15

Tables which included subjects, objects, and access controls / privileges

Answer 16

* Each row of an access control matrix is a capability list. A capability list is tied to the subject; it lists valid actions that can be taken on each object. * List access controls and privileges assigned to a subject. • ACLs focus on objects whereas capability lists focus on subjects.

Answer 17

* (at a theoretical level) that all subject to object access should be controlled. * It establishes an **access control security policy** around a computing device.

Answer 18

* The trusted computer base (TCB) is the sum of all the protection mechanisms within a computer and is responsible for enforcing the security policy. * this includes hardware, software, controls, and processes * the TCB is responsible for confidentiality and integrity * TCB is the only portion of a system that operates at a high level of trust

Answer 19

* DSA * Diffie-Hellman * ElGamal

Answer 20

* if it is implemented by itself it is vulnerable to a man-in-the-middle attack

Answer 21

* digital certificates and PKI

Answer 22

* information about the use requesting the certification - used for proof of identity by the RA * requesting users public key * both of these pieces (user information the users public key) encrypted with the CAs private key so when Alice sends a message to Bob with her digital signature, Bob uses the CA's public key to decrypt the information. Bob knows the CAs public key because his browser has that information

Answer 23

* asymmetric encryption is super slow but a better form of original communication since we are using public/private keys for encryption and decryption * Diffie\_Hellman helps us to determine a shared key over an unsecure media (internet) so that we can use symmetric encryption (faster)

Answer 24

* RSA needs to be appropriately padded to be secure

Answer 25

My suggested answer is B. Cipher block chaining (CBC). explanation: A block cipher is a cryptographic algorithm operating on fixed-length blocks of bits. As a block has a fixed length and messages are variable in length, **padding** is required which adds data to the beginning, middle, or end of a message prior to encryption. * “In cryptography, a padding oracle attack is an attack which uses the **padding** validation of a cryptographic message to decrypt the ciphertext.” ([Wikipedia](https://en.wikipedia.org/wiki/Padding_oracle_attack)) * “The [POODLE](https://en.wikipedia.org/wiki/POODLE) attack (which stands for “Padding Oracle On Downgraded Legacy Encryption”) is a man-in-the-middle exploit which takes advantage of Internet and security software clients’ fallback to SSL 3.0.” ([Wikipedia](https://en.wikipedia.org/wiki/Padding_oracle_attack))

Answer 26

* Diffie\_Hellman key exchange plus elliptic curve cryptography * (all of the math aside) it uses the structure of curves to reduce the size of keys while still providing the equivalent level of security as non-elliptic curve cryptography * a 224 bit elliptic curve key proves roughly the same level of security as 2048 bit RSA key

Answer 27

* both parties have to use cryptographically secure pseudo random number generators to generate the numbers they use in the Diffie\_Hellman key exchange * if numbers are somewhat predictable, it can make it much easier for a eavesdropping attacker to figure out the shared secret or either of Alice or Bob's secret integers

Answer 28

* 21 (FTP) file transport protocol - TCP * 22 (SSH) secure shell -TCP * 23 Telnet -TCP * 25 (SMTP) simple mail transport protocol - TCP * 53 (DNS) domain name system - both TCP/UDP * 67/68 (DHCP) dynamic host configuration protocol - UDP * 80 (HTTP) hypertext transport protocol * 110 (POP3) post office protocol - TCP * 138 netbios datagram service both TCP/UDP * 143 (IMAP) internet message access protocol - TCP * 443 (HTTPS) hypertext transport protocol secure * 3389 (RDP) remote desktop server both TCP/UDP

Answer 29

* 21 (FTP control) file transport protocol - TCP * 22 (SSH) secure shell -TCP * 23 Telnet -TCP * 25 (SMTP) simple mail transport protocol - TCP

Answer 30

* 53 (DNS TCP/UDP) domain name system - both TCP/UDP * 67/68 (DHCP- UDP) dynamic host configuration protocol * 80 (HTTP) hypertext transport protocol * 110 (POP3) post office protocol - TCP

Answer 31

* 138 netbios datagram service both TCP/UDP * 143 (IMAP - TCP) internet message access protocol * 443 (HTTPS -TCP/UDP) hypertext transport protocol secure * 3389 (RDP - TCP) remote desktop server both TCP

Answer 32

wireless speeds

Answer 33

* 20 (FTP data transport) file transfer protocol domain name system - both TCP/UDP * 88 (Kerberos) * 389 (LDAP TCP/UDP) Lightweight Directory access * 49 (TACACS+) * 1812/1813 Radius TCP

Answer 34

49152-65535

Answer 35

* (CCMP) counter mode with cipher block chaining message authentication code protocol * AES

Answer 36

* fe80::b8:20fa:22ff:fe52:888a

Answer 37

* a gateway connects networks that are using different network protocols. also known as protocol translators, can be stand-alone hardware devices or a software service. * primarily layer 3 * could be any layer

Answer 38

* Used for signing, encrypting, and decrypting texts, e-mails, files, directories, and whole disk partitions and to increase the security of e-mail communications.

Answer 39

* presentation * coding and conversation functions on application layer data

Answer 40

* responsible for "presentation" character conversion, codecs, compression and decompression for streaming audio and video, image conversion, formatting (TIFF, JPEG, MPEG) * establishes, manages, and terminates communication sessions between presentation layer entities

Answer 41

* session * circuit proxy firewall * session management capabilities between hosts * assists in synchronization, remember session information like passwords, so verification does not need to repeat, dialog control

Answer 42

* transport * responsible for end to end connection with error correction and detection * data transport services transparent to upper layers * TLS/SSL, TCP/UDP

Answer 43

* Network * IP addresses * responsible for logical addressing, routing and datagram * routers and packet filtering firewalls (simplest and fastest firewall)

Answer 44

* data link * MAC address * provides reliable transit of data across a physical network link

Answer 45

* physical * hubs, repeaters, concentrators * bit level transmission between different devices, electrical or mechanical interfaces

Answer 46

* Class A - * 127 networks * 16,777,214 hosts per network * Class B - * 16,384 network * 65,534 hosts per network * Class C - * 2,097,152 networks * 254 hosts per network

Answer 47

* TCB (trusted computing base)

Answer 48

* access sensitive data if the need arises

Answer 49

prevention obfuscation

Answer 50

Explanation: ISO 27002 is a security standard that recommends security controls based on industry best practices. ISO 27002, which was renumbered from ISO 17799 in 2005, is based on British Standard 7799 (BS 7799); it defines security objectives and provides a list of security controls that are based on industry best practices. ISO 17799, and subsequently ISO 27002, was based on the first part of BS 7799. ISO 27002 includes the following 14 objectives: 1. Security Policy 2. Organization of Information Security 3. Human Resources Security 4. Asset Management 5. Access Control 6. Cryptography 7. Physical and Environmental Security 8. Operations security 9. Communications Security 10. Information Systems Acquisition, Development, Maintenance 11. Supplier Relationships 12. Information Security Incident management 13. Information Security Aspects of Business Continuity 14. Compliance

Answer 51

* circuit proxy firewall * Socks is an example of proxy firewall * Netbios, SMB, RPC, NFS, and SQL * RPC - remote procudure protocol * enables clients to send a request to a remote server to execute a specific procudure with supplied parameters

Answer 52

* privacy act NOTE: it is not electronic communications privacy act

Answer 53

* application layer * greatest intelligence to make decisions * human computer interaction and where applications can access network services * application firewalls (very intelligent, very advanced decisions like deep packet inspection, slow) * HTTP/S, DNS, SSH, SNMP, LDAP, DHCP, Telnet, POP3 IMAP,

Answer 54

* Presentation layer * encryption/decryption * responsible for "presentation" character conversion, codecs, compression and decompression for streaming audio and video, image conversion, formatting (TIFF, JPEG, MPEG)

Answer 55

* Transport layer * responsible for end to end connection with error correction and detection * Ports - 65,535 total (know some common ports) * TCP/UDP and SSL/TLS(used to encrypt http and other data traffic) (makes sure to know tcp/udp nuances)

Answer 56

* nework * IP addresses * responsible for logical addressing, routing and datagram * routers and packet filtering firewalls (simplest and fastest firewall) * IP, ICMP(ping), IPSEC, IKE, ISAKMP, PING, IGMP IGMP, NAT, SKIP, OSPF (routing protocols)

Answer 57

* Data Link * MAC address * switches (L2) and Bridges * 802.1x (protocol used for authenticating network devices to a network -- (Port based NAC/ISE)) * arp, rarp, PPTP, L2TP(vpn tunnels) , ppp (encapsulates IP traffice over analog, provides authentication, encryption (poor) and compression)) * authentication protocols pap, chap and eap * FDDI, ISDN,

Answer 58

* address resolution protocol * converts a IP address at layer 3 (network)to a MAC address at layer 2 (data link)

Answer 59

* layer 2 * connect 2 physical network segments together

Answer 60

* OpenID - provides authentication * is an open standard, It provides decentralized authentication, allowing users to log into multiple unrelated websites with one set of credentials maintained by a third-party service referred to as an OpenID provide * OAuth - provides authorization * is an open standard for authorization, commonly used as a way for Internet users to log into third party websites using their Microsoft, Google, Facebook, Twitter, One Network etc. accounts without exposing their password.

Answer 61

* reconnaissance - gathering information about target * enumeration/scanning - open ports and check network traffic * vulnerability analysis/assessment - using tools to find vulnerabilities to exploit * execute/exploitation - a vulnerability assessment moves to reporting. a pen tester attemps to exploit the vulnerabilities looking to verify if they are false positives or not * reporting - prepare and deliver the documentation (CVEs and CVSS scores)

Answer 62

* one or more per table * a subset of attributes that can be used to uniquely identify any record in a table. No two records in the same table will ever contain the same values for all attributes composing a candidate key. * example: first name last name would work as a good candidate key until you have two employees with the same name. another column something like employee # might work better

Answer 63

* carrier sense multi access Collision Detection (csma/cd) (ethernet) * carrier sense multi access Collision Avoidance (CSMA/CA) (wireless 802.11) * layer 1 of OSI (physical layer)

Answer 64

* substitution * transposition

Answer 65

* An observable change in state, this is neither negative nor positive, it is just something has changed. * A system powered on, traffic from one segment to another, an application started.

Answer 66

* mac spoofing * mac flooding

Answer 67

* 802.11 (wireless family) radio frequency, infrared, microwave, bluetooth * ethernet, wired (twisted, pair, coax, fiber optics, SONET

Answer 68

* establishing the access control security policy by grouping the objects a user can access into a security domain.