Domain 4 - Networking Security Flashcards
What is a simplex communication?
A one way communication. The direction cannot be changed.
What is a half-duplex connection?
it can only send or receive at a one time
What is a full-duplex connection?
It can send and receive simultaneously
What is a baseband connection?
It can only send one signal at a time
What is an Extranet?
A connection between private intranets
What is the downside of a circuit switching network?
Cost.. It always guarantees full bandwidth though.
What is a packet switching network?
Data is sent in packets but take multiple paths.
What is the UDP protocol best used for?
Close to real-time communication.
Does UDP care if the packets made it?
No. It is connectionless
What is a personal area network?
It is a network for devices that are close to the person.
What is a metropolitan area network?
It spans a large area like a city or campus?
What is a wide area network?
A network that covers large geographic areas like a city, country, or intercontinental distances.
What is a global area network?
A network that supports users across multiple wireless lans. Think cell phone network.
What is layer one of the OSI Model?
The physical layer.
Ethernet, Fibers, cables, radio waves, hubs, etc…
Networking topologies.
What is the least secure cable type?
Copper twisted pair. It is prone to eavesdropping and interference. Cheap though.
Is fiber optic cable prone to eavesdropping?
No. It is secure.
What are the threats at the physical layer?
Theft, eavesdropping, sniffing, interference.
What is layer two of the OSI model?
The data link layer.
Transports data between 2 nodes connected to the same network.
This is where MAC addresses live.
What are the threats at the data link layer?
Mac spoofing and flooding
How large are MAC addresses
48 or 64bit hexadecimal.
What is layer three of the OSI model?
The network layer. It expands to many different nodes.
Protocols like IPSEC, IP, IGMP, IKE, etc..
All protocols start with an “I” except IMAP which is layer 7.
What are the threats at the network level?
Ping of death, smurf, ip modifications, dhcp hacks.
What is layer four of the OSI model?
The transport layer. TCP and UDP
What are the threats at the transport layer?
Fraggle attacks. Syn floods
What does a three way TCP handshake look like?
SYN»_space; SYN»_space; ACK»_space; ACK
What is layer five of the OSI model?
The session layer. A connection between two applications
What is layer six of the OSI model?
The presentation layer. No protocols.. Formatting, compressing, encryption.
What is layer seven of the OSI model?
The application layer. THis is where HTTP, FTP, IMAP, POP, etc.. kive.
What are the threats to layers five through seven?
Viruses, Worms, Trojans, etc…
What are the protocol data units (PDU) for layer 1?
Bits
What are the protocol data units (PDU) for layer 2?
Frames
What are the protocol data units (PDU) for layer 3?
Packets
What are the protocol data units (PDU) for layer 4?
Segments
What are the protocol data units (PDU) for layer 5?
Data
Where are network topologies stored in the OSI model?
The physical later, layer one.
What layer in the OSI model does encryption happen?
The presentation layer, layer six.
How many total layers are in the TCP / IP model and the names?
Four total layers.
Link and Physical ( OSI 1 and 2)
Internetwork layer (OSI 3)
Transport (OSI 4)
Application Layer (OSI 5,6,7)
Does IPv6 require 64 bit MAC addresses?
Yes
What are the first 24 bits of the MAC address
The manufacturer
Is IPv4 a connectionless protocol?
Yes.
What is the well known port range?
0 - 1023
What is the registered port range?
1024 - 4951
What is port 23 used for?
Telnet
What is port 110 for?
POP3
What is port 143 for?
IMAP
Is IPSEC built into IPv6
Yes
What does the ARP protocol do?
It translates IP addresses to MAC addresses.
What does multicast mean?
Everyone on the network gets the request.
How do systems respond to a multicast message?
Using unicast.
When should you hardcode ARP?
For critical devices
What is the DHCP?
Dynamic host configuration protocol. It assigns IP addresses to devices.
What is crosstalk in the context of networking cables?
It is the signal crossing from one cable to another and it can be a confidentiality issue.
What is attenuation in the context of networking cables?
When the signal gets weaker the further it travels.
Does fiber have attenuation problems?
No
What is an RJ 11 connector?
Your phone.. Smaller than RJ45
What speeds can fiber optic cables obtain?
Petabytes per second.
What is single mode fiber?
A single strand of fiber carries a single mode of light used for long distance cables?
What is multi-mode fiber
multiple strands of fiber carrying multiple data streams at the same time. This uses wavelength division multiplexing.
What is a BUS LAN topology?
A line of nodes. If one breaks, the traffic cannot go past it. Think of it like christmas lights.
What is a tree LAN topology?
The base of the tree controls traffic. Also a single point of failure.
What is a ring LAN topology?
All nodes are connected in a ring. Always has a path to the requested node.
What is the star LAN topology?
All nodes are connected to a central device.
What is a Mesh LAN topology?
Nodes are connected in partial or full mesh. Full means all nodes are connected to all other nodes.
What attacks target wi-fi?
Jamming, Interference, Rogue endpoints
What is a wi-fi evil twin?
It uses the same name as the corporate network, but it is not real.
What is the max range of Bluetooth?
Class 1 can go 100 meters. Class 3 under 10 meters.
What are the bluetooth attacks?
Bluejacking - Sending unsoliciated messages
BlueSnarfing - unauthorized access of information from a bluetooth device
Bluebugging - Attacker gains full control of your device.
What is Li-fi?
It uses light to transmit data between devices.
What is Zigbee?
low power mesh wireless network. Needs close proximity.
What is a typical latency for satellite internet?
500ms
What is the benefit of 3G cell service?
larger coverage area
What is the benefit of 5g cell service?
faster speed, but less coverage area.
Where is a VLAN located in the OSI model?
Layer 2
What is a VLAN trunk?
A port connecting two switches to span VLANs across them.
`What is a VXLAN?
What cloud computing providers use.
Where is VXLAN in the OSI model?
Layer 3, the network layer
What is an example of a dynamic route?
BGP
What is a metric?
Used to determine the best path to a destination.
What layer in the OSI model are routers
Layer 3, the networking layer
What is SDx?
This means software-defined everything. Storage, networking, etc..
What is a boot sector virus?
It runs on the master boot record
What is a stealth virus?
It tries to hide from the OS and AV
What is a multipart virus?
It spreads across multiple vectors.
What are worms?
They are spread through self-propagation and do not need human interaction.
What is a RAT?
They give an attacker admin control over the target system.
What is a signature based AV?
Looks for known malware signatures
What is a heuristic AV?
It is behavior based. It looks for abnormal behavior.
What are the two types of IDS / IPS systems
Signature Based
Heuristic Based
What is the downside of heuristic based systems?
Lots of false positives
What is the best practice for IDS / IPS
Having it both at the network and host level
Can network IDS / IPS read encrypted traffic?
No. You need a host based system for that.
What are hybrid based IDS / IPS systems?
They look at behavioral and signature based anomalies.
How can attackers avoid IDS / IPS?
Fragmentation. Sending fragmented packets.
Avoiding default attack vectors
What is the difference between honey pot and honey net?
A honeypot is a single system and a honey net is a group of systems.
What is a big pro of virtualization?
Cost efficiencies and flexibility
What is a Type 1 hypervisor?
Known as bare metal. Part of a virtualization OS that runs on top of the host hardware.
What is a Type 2 hypervisor?
It runs on top of a regular OS like windows 10. Think Hyper V.
What hypervisor type does AWS use?
A type 1 hypervisor
What is a VM escape?
Where an attacker jumps from host to host.
Who creates a private cloud?
Your organization. It is yours.
What is an organization responsible for in a PaaS agreement?
Applications only.
Where should smart devices be kept in the network?
A separate VLAN.
What is hardware hardening?
We harden it ASAP before provisioning it or connecting to the network. routers, laptops, hardware anything… Should be automated.
What is a Power Distribution Unit (PDU) used for?
They make sure that voltage is clean / regulated.
What is the difference between an incremental and differential backup?
An incremental backup will backup everything since the last backup
A differential backup will backup everything since the last FULL backup.
Do incremental backups clear the archive bit?
Yes
Do differential backups clear the archive bit?
No
Can you can use differential and incremental backups in the same policy?
No
What is database shadowing?
Exact real-time copy of the database or files to another location.
What is remote journaling backup strategies?
The logs are sent offsite that can be used to rebuild the database later.
What does Halon, FM200, and Aron suppression do?
It replaces oxygen in a room where there is a fire.
What is a class C fire?
Electrical fire
What is a class A fire?
ordinary combustable
What kind of control is patching?
A corrective Control
