Elective 1: Prelim Flashcards
____ defined as the interconnection of two or more computers. It is done to enable the computers to communicate and share available resources.
What is Networking?
computer network
✓ Sharing of resources such as printers
✓ Sharing of expensive software’s and database
✓ Communication from one computer to another
computer
✓ Exchange of data and information among users via network
✓ Sharing of information over geographically wide areas.
Application:
Networking
Computer networks have opened up an entire frontier in the world of computing called the ______
client / server model.
Advantages of Computer Network
✓ Increased speed
✓ Reduced cost
✓ Improved security
✓ Centralized software managements
✓ Electronic mail
✓ Flexible access
Disadvantages of Computer Network
✓High cost of installation
✓Requires time for administration
✓Failure of server
✓Cable faults
Classification of Area by Geography
PAN LAN WAN MAN CAN
A ____ is a computer network organized around an individual person.
PERSONAL AREA NETWORK(PAN)
It generally consists of a mobile, a computer, a cell phone or personal digital assistant. __ enables the communication among these devices.
PERSONAL AREA NETWORK(PAN)
The ___ can be constructed using wireless or cables.
PERSONAL AREA NETWORK(PAN)
___ is a network which is designed to operate over a small physical area such as an office, factory or a group of buildings.
LOCAL AREA NETWORK (LAN)
___ are easy to design and troubleshoot.
LOCAL AREA NETWORK (LAN)
Exchange of information and sharing of resources becomes easy because of ___.
LOCAL AREA NETWORK (LAN)
In ___ all machines are connected to a single cable.
LOCAL AREA NETWORK (LAN)
Different types of topologies such as star, tree, bus, ring, etc Can be used.
LOCAL AREA NETWORK (LAN)
It is usually a privately owned network.
LOCAL AREA NETWORK (LAN)
When network spans over a large distance or when the computers to be connected to each other are at widely separated locations a local area network cannot be used. A ____ is installed.
WIDE AREA NETWORK(WAN)
The communication between different users of __ is established using leased telephone lines, satellite links and similar channels.
WIDE AREA NETWORK(WAN)
It is cheaper and more efficient to use the phone network for the link.
WIDE AREA NETWORK(WAN)
Most ___ networks are used to transfer large blocks of data between its users.
WIDE AREA NETWORK(WAN)
It is in between LAN & WAN technology that covers the entire city.
METROPOLITAN AREA NETWORK (MAN)
It uses similar technology as LAN.
METROPOLITAN AREA NETWORK (MAN)
is derived from two Greek words topo
and logy
TOPOLOGY
The ___ is made up of an interconnection of LAN with limited geographical area.
CAMPUS AREA NETWORK (CAN)
Network equipments such as switches, routers and the transmission media i.e. optical fibers etc are almost entirely owned by the _.
CAMPUS AREA NETWORK (CAN)
_campus owner
It can be a single network such as cable TV network, or a measure of connecting a number of LAN’s or a large network so that resources can be shared LAN to LAN as well as device to device.
METROPOLITAN AREA NETWORK (MAN)
‘place’
topo
‘study’
logy
used to explain how a network is physically connected and the logical flow of information in the network.
TOPOLOGY
describes how devices are connected and interact with each other using communication links.
TOPOLOGY
two types of topologies:
- Physical Topology
- Logical Topology
describes the way in which the computers or nodes are connected with each other in a computer network.
Physical Topology
It is the arrangement of various elements(link, nodes, etc.), including the device location and code installation of a computer network.
Physical Topology
the physical layout of nodes, workstations, and cables in the network.
Physical Topology
describes the way, data flow from
one computer to another.
Logical Topology
It is bound to a network protocol and defines how data is moved throughout the network and which path it takes.
Logical Topology
devices communicate
Internally.
Logical Topology
six types of physical topology:
- Bus Topology
- Ring Topology
- Star Topology
- Mesh Topology
- Tree Topology
- Hybrid Topology
simplest kind of topology in which a common bus or channel is used for communication in the network. The _ is connected to various taps and droplines.
Bus Topology
In other words, there is only a single transmission line for all nodes.
Bus Topology
Taps are the __, while droplines are the __ connecting the bus with the computer.
connectors
cables
___ acts as the backbone of the network, which joins every computer and peripherals in the network. Both ends of the shared channel have line terminators. The data is sent only in one direction and as soon as it reaches the end, the terminator removes the data from the communication line(to prevent signal bounce and data flow disruption).
bus
___, each computer communicates to another computer on the network independently. Every computer can share the network’s total bus capabilities. The devices share the responsibility for the flow of data from one point to the other in the network.
bus topology
which each computer is connected to exactly two other computers to form the _. The message passing is
unidirectional and circular in nature.
Ring topology
_ring
mainly works on a token-based
system and the token travels in a loop in one specific direction.
Ring topology
deterministic in nature, i.e., each computer is given access for transmission at a fixed time interval. All the nodes are connected in a closed-loop.
Ring topology
if a token is free then the node can capture the token and attach the data and destination address to the token, and then leaves the token for communication. When this token reaches the destination node, the data is removed by the receiver and the token is made free to carry the next data.
Ring topology
which all the nodes are connected to a centralized hub.
Star topology
- is a computer network topology in which nodes are interconnected with each other. In other words, direct communication takes place between the nodes in the network.
Mesh topology
hub and switch act as a server, and the other connected devices act as clients. Only one input-output port and one cable are required to connect a node to the central device. This topology is better in terms of security because the data does not pass through every node.
star topology
is a computer network topology in which all the nodes are directly or indirectly connected to the main buscable.
Tree topology
two types of Mesh:
- Full mesh & 2. Partial mesh
In which each node is connected to every other node in the network.
Full Mesh
In which, some nodes are not connected to every node in the network.
Partial Mesh
is a combination of Bus and Star topology.
Tree topology
the whole network is divided into segments, which can be easily managed and maintained. There is a main hub and all the other sub-hubs are connected to each other in this topology.
Tree topology
A _ has multiple layers of protection spread across the computers, networks, programs, or data that one intends to keep safe.
successful cybersecurity approach
points need to be considered when
selecting a physical topology:
- Ease of Installation.
- Fault Tolerance.
- Implementation Cost.
- Cabling Required.
- Maintenance Required.
- Reliable Nature.
- Ease of Reconfiguration and upgradation.
- In this topology, all topologies are interconnected according to the
needs to form a hybrid. All the good features of each topology can be used to make an efficient _.
Hybrid topology
is a computer topology which is a combination of two or more topologies. In practical use, they are the most widely used.
Hybrid topology
is the practice of protecting systems, networks, and programs from digital attacks.
Cybersecurity
These _ are usually aimed at _, _, _, _, _. Implementing effective cybersecurity measures is particularly challenging today because there are more devices than people, and attackers are becoming more innovative
_cyberattacks
accessing, changing, or destroying sensitive information; extorting money from users; or interrupting normal business processes
In an organization, the people, processes, and technology must _ to create an effective
defense from cyber-attacks.
complement one another
A _ can automate integrations across select Cisco Security products and
accelerate key security operations functions: _, _, and _.
_unified threat management system
detection, investigation, and remediation.
Cybersecurity Models :
CIA Triad
is not only about securing information from unauthorized access.
Information security
is basically the practice of preventing unauthorized _, _, _, _, _, _, _ or _.
Information security
_access, use, disclosure, disruption, modification, inspection, recording or destruction of information
can be anything like your profile on social media, your data in mobile phone, your biometrics etc.
Information
spans so many areas like cryptography, mobile computing, forensics, online social media etc.
Information security
Information Security programs are built around 3 objectives, commonly known as CIA –
Confidentiality, Integrity, Availability.
- means that only the authorized individuals/systems can view sensitive or classified information.
Confidentiality
A primary way to avoid this is to use encryption techniques to safeguard your data so that even if the attacker gains access to your data, he/she will not be able to decrypt it.
Confidentiality
Encryption standards include
AES(Advanced Encryption Standard) and DES (Data Encryption Standard).
Another way to protect your data is through a
VPN tunnel
VPN
Virtual Private Network
helps the data to move securely over the network
VPN
making sure that data has not been modified
Integrity
_ is a failure to maintain data integrity.
Corruption of data
To check if our data has been modified or not, we make use of a _.
hash function
This means that the data should be
readily available to its users.
Availability
This applies to systems and to networks - not simply the data, but the technology necessary to obtain and view the data need to be available.
Availability
To ensure _, the network/system administrator should _, _, _ and _ in a network
availability
maintain hardware, make regular upgrades, have a plan for fail-over and prevent bottleneck
The Parkerian Hexad Added The
Following Three Additional Elements:
Authenticity, Possession, Utility
- refers to the veracity of the claim of origin or authorship of the information.
Authenticity
means usefulness
Utility
Avenues of Attack
- A computer system is attacked for one of two general reasons:
- It is specifically targeted by an attacker.
- It is a target of opportunity.
Types of malicious software include:
- Viruses, Trojan horses, logic bombs, spyware, and worms
- _, or _, refers to software that has been designed for some nefarious purpose.
Malicious Code
_malware
Malware can be fairly complex in its construction.
- Multipartite, polymorphic, and metamorphic
The best-known type of malicious code
Virus
a piece of malicious code that replicates by attaching itself to
another piece of executable code.
Virus
The first viruses created were of two types:
- Boot sector viruses and program viruses
attaches itself to executable files so that it is executed before the program executes.
- Most _ also hide a nefarious purpose, such as deleting the hard drive data.
program virus
are pieces of code that attempt to penetrate networks and
computer systems.
* Once a penetration occurs, the worm will create a new copy of itself on the penetrated system.
— There is an important distinction:
** _mcode has to attach itself to something else.
** _ code can “survive” on its own.
Worms
infects the boot sector portion of a floppy disk or hard drive.
Boot sector virus
- One of the primary means of avoiding detection by sensors is the use of polymorphic code.
** This is code that changes on a regular basis.
** These changes or mutations are designed not to affect the functionality of the code, but rather to mask any signature from detection.
*** Polymorphic programs can change their coding after each use, making each replicant different from a detection point of view.
Polymorphic Malware
or simply _, is a piece of software that appears
to do one thing (and may, in fact, actually do that thing) but hides
some other functionality.
* is a standalone program that must be copied and installed by the user.
Trojan Horses
a form of malware specifically designed to modify the operation of the operating system in some fashion to facilitate nonstandard functionality.
* Can do virtually anything that the operating system does
* Designed to avoid the security functions of the operating system to avoid
detection using subversion or evasion
* Can load before the operating system loads, acting as a virtualization layer
* Acts as a form of malware and can exist in firmware and as loadable library modules
Rootkits
a type of malicious software that is deliberately installed, generally by an authorized user.
* is a piece of code that sits dormant for a period of time until some event invokes its malicious payload.
* _ are difficult to detect.
* They demonstrate the need for a separation of duties and a periodic review of all programs and services that are running on a system.
* They reinforce need for active backups.
Logic Bombs
is software that “spies” on users, recording and reporting on their activities.
* Typically installed without user knowledge, spyware can do a wide range of activities.
* It can record keystrokes (commonly called keylogging) when the user logs
into specific web sites.
* It can monitor how a user uses a specific piece of software (monitor attempts to cheat at games).
Spyware
Software that is supported by advertising
Adware
- Adware comes in many different forms:
- Legitimate adware
- Adware in the form of malware
The user is aware of the advertising and agrees to the arrangement in return for free use of the software.
- Legitimate adware
It is characterized by software that presents unwanted ads.
- Adware in the form of malware
- Hackers create armies of machines by installing malware agents on the machines, which then are called _.
zombies
One form of malware that is seemingly benign to a user is a botnet zombie.
Botnets
- These collections of machines are called _.
botnets
- These _ are used to conduct other attacks and to spread spam
and other malware.
zombies machines
nothing more than methods used by software developers to ensure that they could gain access to an application even if something were to happen in the future to prevent normal access methods.
Backdoors and Trapdoors
used to refer to programs that attackers install after gaining unauthorized access to a system to ensure that they can continue to have unrestricted access to the system, even if their initial access method is discovered and blocked.
backdoor
is a form of malware that performs some action and extracts ransom from a user.
– most common form of _ is one that encrypts a key file or set of files, rendering a system unusable, or dataset unavailable.
Ransomware
Malware Defenses
* Malware can be defended against in a couple of simple steps:
- Use an antivirus program
- Keep your software up to date
are attacks against a system that can occur at the network level, at the operating system level, at the application level, or at the user level (social engineering).
Application-level attacks
take advantage of several facts associated with computer applications.
Application-level attacks
- Attacks on computer systems and networks can be grouped into two broad categories:
- Attacks on specific software
- Attacks on a specific protocol or service
Generally possible because of an oversight in the code (and possibly in the testing of that code) or because of a flaw, or bug, in the code
Attacks on specific software
Attempt to take advantage of a specific feature of the protocol or service or to use the protocol or service in a manner for which it was not intended
Attacks on a specific protocol or service
is an attack designed to prevent a system or service from functioning normally.
** Can exploit a known vulnerability in a specific application or operating system
** Can attack features (or weaknesses) in specific protocols or services
** Attempts to deny authorized users access either to specific information or to the computer system or network itself
Denial-of-Service Attack
A DoS attack employing multiple attacking systems
distributed denial-of-service (DDoS) attack.
In a specific DoS attack known as a _, the attacker sends a spoofed packet to the broadcast address for a network, which distributes the packet to all systems on that network.
Smurf attack
relies on lies and misrepresentation, which an attacker uses to trick an authorized user into providing information or access the attacker would not normally be entitled to.
Social Engineering
is when someone examines all the network traffic that passes their NIC, whether addressed for them or not.
Sniffing
is nothing more than making data look like it has come from
a different source.
Spoofing
- generally occurs when attackers are able to
place themselves in the middle of two other hosts that are communicating. - A common method: hijacking.
Man-in-the-Middle Attacks
used to refer to a more specific type of attack—one in which the encrypted traffic issue is addressed.
“man-in-the-middle attack”
not generally considered a social engineering issue, nor a security issue for that matter, spam can, however, be a security concern.
– bulk unsolicited e-mail.
Spam
- is the use of fraudulent e-mails or instant messages that appear to be genuine but are designed to trick users.
- GOAL: is to obtain from the user information
Phishing
consists of misdirecting users to fake web sites that have been made to look official.
Pharming
