Exam Essentials Chap 11 & 12 Flashcards

1
Q

What makes up the fours layers of the TCP/IP model?

A

Application, Transport(Host-to-Host), Internet(Internetworking), and Link(Network Interface or Network Access)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

How can TCP/IP be secured?

A

It can be secured using VPN links between systems. VPN links are encrypted to add privacy, confidentiality, and authentication and to maintain data integrity. You can also use TCP Wrappers.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What are the protocols used to establish VPNs?

A

Point-to-Point Tunneling Protocol (PPTP), Layer 2 Tunneling Protocol (L2TP), and Internet Protocol Security (IPsec).

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What is the difference between TCP and UDP?

A

TCP

  • Supports Full-duplex communications
  • Connection oriented
  • Uses a handshake process(SYN, SYN/ACK, ACK)

UDP

  • Simplex connectionless protocol
  • Connectionless ‘best effort’
  • Low overhead
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What is Telnet? What port does it operate at?

A

This is a terminal emulation network application that supports remote connectivity for executing commands and running applications but does not support transfer of files. TCP Port 23

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What is the File Transfer Protocol(FTP)? What port does it operate at?

A

This is a network application that

supports an exchange of files that requires anonymous or specific authentication. TCP Ports 20 and 21

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What is the Trivial File Transfer Protocol(TFTP)? What port does it operate at?

A

This is a network application that

supports an exchange of files that does not require authentication. UDP Port 69

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What is the Simple Mail Transfer Protocol(SMTP)? What port does it operate at?

A

This is a protocol used to transmit

email messages from a client to an email server and from one email server to another. TCP Port 25

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What is the Post Office Protocol(POP3)? What port does it operate at?

A

This is a protocol used to pull email messages

from an inbox on an email server down to an email client. TCP Port 110

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What is the Internet Message Access Protocol(IMAP)? What port does it operate at?

A

This is a protocol used to pull email messages from an inbox on an email server down to an email client. IMAP is more secure than POP3 and offers the ability to pull headers down from the email server as well as to delete messages directly off the email server without having to download to the local client first. TCP Port 143

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What is the Dynamic Host Configuration Protocol(DHCP)? What port does it operate at?

A

DHCP uses port
67 for server point-to-point response and port 68 for client request broadcasts. It is used to
assign TCP/IP configuration settings to systems upon bootup. DHCP enables centralized
control of network addressing. UDP Ports 67 and 68

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What is the Hypertext Transport Protocol(HTTP)? What port does it operate at?

A

This is the protocol used to transmit

web page elements from a web server to web browsers. TCP Port 80

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What is the Secure Sockets Layer(SSL)? What port does it operate at?

A

This is a VPN-like
security protocol that operates at the Transport layer. SSL was originally designed to support
secured web communications (HTTPS) but is capable of securing any Application
layer protocol communications. TCP Port 443 (for HTTP Encryption)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

What is Line Print Daemon(LPD)? What port does it operate at?

A

This is a network service that is used to spool

print jobs and to send print jobs to printers. TCP Port 515

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

What is X Window? What port does it operate at?

A

This is a GUI API for command-line operating

systems. TCP Ports 6000–6063

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

What is the Bootstrap Protocol(BootP)? What port does it operate at?

A

This is a protocol used to connect diskless workstations to a network through auto assignment of IP configuration and download of basic OS elements. BootP is the forerunner to Dynamic Host Configuration Protocol (DHCP). UDP Ports
67 and 68

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

What is Network File System(NFS)? What port does it operate at?

A

This is a network service used to support file

sharing between dissimilar systems. TCP Port 2049

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

What is the Simple Network Management Protocol(SNMP)? What port does it operate at?

A

This is a network service used to collect network health and status information
by polling monitoring devices from a central monitoring station. UDP Port 161 (UDP Port 162 for Trap
Messages)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

What are some benefits of Multilayer protocols? What are some drawbacks?

A

Benefits
-A wide range of protocols can be used at higher layers.
-Encryption can be incorporated at various layers.
-Flexibility and resiliency in complex network structures is supported.
Drawbacks
-Covert channels are allowed.
-Filters can be bypassed.
-Logically imposed network segment boundaries can be overstepped.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

What is Distributed Network Protocol(DNP3)?

A

It is used to support communications between data
acquisition systems and the system control equipment. This includes substation computers,
RTUs (remote terminal units) (devices controlled by an embedded microprocessor),
IEDs (Intelligent Electronic Devices), and SCADA master stations (i.e., control centers). DNP3 is an open and public standard. DNP3 is a multilayer protocol that functions similarly
to that of TCP/IP, in that it has link, transport, and transportation layers.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

What are some vulnerabilities of TCP/IP?

A

Improperly implemented TCP/IP stacks in various operating systems are vulnerable to buffer overflows, SYN flood attacks, various DoS attacks, fragment attacks, oversized packet attacks, spoofing attacks, man-in-the-middle attacks, hijack attacks, and coding error attacks. TCP/IP (as well as most protocols) is also subject to passive attacks via monitoring or sniffing.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

What are the three layers from top to bottom of addressing and naming when in use with TCP/IP networks?

A

Domain name, IP address, & MAC address

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

What are the characteristics of 10Base2(Thinnet)?

A
Max Speed: 10 Mbps
Distance: 185 meters
Difficulty of Installation: Medium
Susceptibility to EMI: Medium
Cost: Medium
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

What are the characteristics of 10Base5(Thicknet)?

A
Max Speed: 10 Mbps
Distance: 500 meters
Difficulty of Installation: High
Susceptibility to EMI: Low
Cost: High
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
Q

What are the characteristics of 10Base-T(UTP)?

A
Max Speed: 10 Mbps
Distance: 100 meters
Difficulty of Installation: Low
Susceptibility to EMI: High
Cost: Very low
26
Q

What are the characteristics of STP?

A
Max Speed: 155 Mbps
Distance: 100 meters
Difficulty of Installation: Medium
Susceptibility to EMI: Medium
Cost: High
27
Q

What are the characteristics of 100Base-T/100Base-TX?

A
Max Speed: 100 Mbps
Distance: 100 meters
Difficulty of Installation: Low
Susceptibility to EMI: High
Cost: Low
28
Q

What are the characteristics of 1000Base-T?

A
Max Speed: 1 Gbps
Distance: 100 meters
Difficulty of Installation: Low
Susceptibility to EMI: High
Cost: Medium
29
Q

What are the characteristics of Fiber-optic?

A
Max Speed: 2+ Gbps
Distance: 2+ kilometers
Difficulty of Installation: Very high
Susceptibility to EMI: None
Cost: Very high
30
Q

What are the Cat 1 characteristics of UTP?

A

Throughput: Voice only
Notes: Not suitable for networks but usable by modems

31
Q

What are the Cat 2 characteristics of UTP?

A

Throughput: 4 Mbps
Notes: Not suitable for most networks; often employed for host-to-terminal connections on mainframes

32
Q

What are the Cat 3 characteristics of UTP?

A

Throughput: 10 Mbps
Notes: Primarily used in 10Base-T Ethernet networks (offers only 4 Mbps when used on Token Ring networks) and as telephone cables

33
Q

What are the Cat 4 characteristics of UTP?

A

Throughput: 16 Mbps
Notes: Primarily used in Token Ring networks

34
Q

What are the Cat 5 characteristics of UTP?

A

Throughput: 100 Mbps
Notes: Used in 100Base-TX, FDDI, and ATM networks

35
Q

What are the Cat 6 characteristics of UTP?

A

Throughput: 1,000 Mbps
Notes: Used in high-speed networks

36
Q

What are the Cat 7 characteristics of UTP?

A

Throughput: 10 Gbps
Notes: Used on 10 gigabit-speed networks

37
Q

What is the last six of the eight TCP header flags in the correct order?

A

URG, ACK, PHS, RST, SYN, FIN

38
Q

What are the three main types of LAN technologies?

A

Ethernet, Token Ring, and FDDI

39
Q

What are the two types of mechanisms to transmit signals over a physical medium, such as a cable?

A

Analog & Digital

40
Q

What is the difference between Analog and Digital communication?

A

Analog communication is measured in frequency and becomes more unreliable the longer the distance due to signal interference and degradation.

Digital communication is measured in direct current voltage(on-off pulses or 1-0) resulting in a stream of binary data. Digital is more reliable over long distances or when interference is present.

41
Q

What is the difference between Synchronous and Asynchronous communication?

A

Synchronous communications

  • Uses a timing or clocking based on an independent clock or a time stamp embedded in the data stream
  • Typically able to support very high rates of data transfer

Asynchronous communications

  • relies on a stop and start delimiter bit to manage the transmission of data
  • best suited for smaller amounts of data
  • Public switched telephone networks(PSTN) modems are a good example
42
Q

What are the sub technology characteristic’s that describe how networks communicate?

A
  • Mechanisms to transmit signals over a physical medium(Analog/Digital)
  • Mechanisms to sync with some sort of clock or timing activity(Sync/Async)
  • How many communications can occur over a cable segment(Base/Broadband)
  • Technologies that determine how many destinations a single transmission can reach(Broadcast/Multicast/Unicast)
  • LAN media access technologies that are used to avoid or prevent transmission collisions and define how multiple systems within a collision domain are to communicate(CSMA/CSMA-CD/CSMA-CA/Token Passing/Polling)
43
Q

What is the difference between Baseband and Broadband communication?

A

Baseband

  • Supports a single communication channel
  • Uses a direct current applied to the cable
  • Higher level current equals 1, lower level equals 0
  • Digital signal
  • Ethernet is a baseband technology

Broadband

  • Supports multiple simultaneous signals
  • Uses frequency modulation supporting numerous channels, each supporting a distinct communication session
  • Suitable for high throughput rates, especially when several channels are multiplexed
  • Analog signal
  • Cable television & modems, ISDN, DSL, T1, & T3 are broadband technologies
44
Q

What are the characteristics of Broadcast, Multicast, and Unicast technologies?

A

Broadcast technology supports communications to all possible recipients.

Multicast technology supports communications to multiple specific recipients.

Unicast technology supports only a single communication to a specific recipient.

45
Q

What are the five LAN media access technologies that are used to avoid or prevent transmission collisions?

A

CSMA, CSMA-CA, CSMA-CD, Token Passing, Polling

46
Q

What are the characteristics of Carrier-Sense Multiple Access (CSMA)?

A
  • Does not directly address collisions

- Just listens, if no response sends again

47
Q

What are the characteristics of Carrier-Sense Multiple Access with Collision Avoidance (CSMA/CA)?

A
  • Avoids collisions by granting only a single permission to communicate at any given time
  • Requires designation of master/primary system
  • Appletalk and 802.11 wireless networking
48
Q

What are the characteristics of Carrier-Sense Multiple Access with Collision Detection (CSMA/CD)?

A
  • Allows a collision to occur but responds to it
  • Makes each member wait for a random but short period of time before communicating again
  • Results in a 40% loss in potential throughput
  • Ethernet
49
Q

What are the characteristics of Token Passing?

A
  • Uses a digital token to perform communications
  • Used by Token Ring networks, such as FDDI
  • Prevents collisions since only the system possessing the token is allowed to transmit data
50
Q

What are the characteristics of Polling?

A
  • Attempts to prevent collisions through a permission system
  • Uses master/primary like CSMA/CA but allows clients to request permissions
  • Allows one system higher priority over others
51
Q

What are some important considerations when designing and building a secure network?

A

Consideration of factors such as the topology and placement of hosts within the network, the selection of hardware and software technologies, and the careful configuration of each component. Applying secure design principles such as segmentation, evaluation of networking devices, conducting site surveys, etc.

52
Q

What should network security take into account?

A
  • IP and non-IP protocols
  • Network access control
  • Using security services and devices
  • Managing multilayer protocols
  • Implementing endpoint security
53
Q

What are some examples of network segments or sub networks?

A

Intranet
Extranet
DMZ

54
Q

What is a Intranet?

A

Private network that is designed to host the same information services found on the Internet. Intranets provide users with access to the Web, email, and other services on internal servers that are not accessible to anyone outside the private network.

55
Q

What is a Extranet?

A

An Extranet is a cross between the Internet and an intranet. An extranet is a section of an
organization’s network that has been sectioned off so that it acts as an intranet for the private
network but also serves information to the public Internet. An extranet is often reserved for
use by specific partners or customers. It is rarely on a public network.

56
Q

What is a DMZ?

A

An Extranet for public consumption

57
Q

What are some benefits of Network segmentation?

A

Improve performance, Manage traffic, enforce security

58
Q

How can Network segmentation be created?

A

They can be created individually or in combination by:
Switched-based VLANs
Routers
Firewall

59
Q

What are the characteristics of Cell phone wireless communications?

A
  • Uses a portable device over a specific set of radio wave frequencies to interact with the carrier network, other cell phone devices, or the Internet
  • Uses numerous technologies sorted by generation(1G, 2G, 3G, etc)
  • Uses the Wireless Application Protocol(WAP) protocol suite
60
Q

What are some key issues with cell phone wireless transmissions?

A
  • Not all cell phone traffic is voice
  • Communications over a carrier network are not necessarily secure
  • Subject to sniffing through MITM attacks with the cell towers
  • Connectivity to the Internet provides attackers another avenue of attack
61
Q

What is the Wireless Application Protocol? What are some concerns with it?

A

It is a Industry driven protocol stack to allow users to communicate with the company network. WAP is a suite of protocols that includes Wireless Transport Layer Security (WTLS) which is similar to SSL/TLS.

One very important issue is that you are unable to obtain true end-to-end encryption from your carrier using the protocol. Data must be returned to clear text before being resecured somewhere in the route using WTLS. If possible, feed pre-encrypted data into the link before using WTLS.

62
Q

What are some common Bluetooth attacks?

A

Bluesnarfing: allows hackers to connect with your Bluetooth devices without your knowledge and extract information from them

Bluejacking: allows an attacker to transmit SMS-like messages to your device

Bluebugging: An attack that grants hackers remote control over the
feature and functions of a Bluetooth device