Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

IT 443 > Final Exam > Flashcards

Final Exam Flashcards

1
Q

Network Layers

A
  • Application layer
  • Transport layer
  • IP layer
  • Data link layer
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Application layer

A

The application layer is a layer in the Open Systems Interconnection (OSI) seven-layer model and in the TCP/IP protocol suite. It consists of protocols that focus on process-to-process communication across an IP network and provides a firm communication interface and end-user services.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Transport layer

A

The transport layer is the layer in the open system interconnection (OSI) model responsible for end-to-end communication over a network. It provides logical communication between application processes running on different hosts within a layered architecture of protocols and other network components.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

IP layer

A 
Data traffic divided into packets
– Each packet contains a header (with address)
• Packets travel separately through network
– Packet forwarding based on the header
– Network nodes may store packets temporarily
• Destination reconstructs the message
– IP prefix, e.g., 12.34.158.0/24
– Classful Addressing (Class A, B, C)
– Classless Inter-Domain Routing (CIDR)
– Private networks
• 10.0.0.0/8 (255.0.0.0)
• 172.16.0.0/12 (255.240.0.0)
• 192.168.0.0/16 (255.255.0.0)
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

TCP vs UDP

A

TCP is reliable
• Acknowledgement, retransmission, discard duplicates, …
– TCP 3-way handshake
• SYN, ACK, FIN

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

TCP

A

Communication service (socket)
– Ordered, reliable byte stream
– Simultaneous transmission in both directions
• Key mechanisms at end hosts
– Retransmit lost and corrupted packets
– Discard duplicate packets and put packets in order
– Flow control to avoid overloading the receiver buffer
– Congestion control to adapt sending rate to network
load

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

UDP

A

User Datagram Protocol (UDP)
– IP plus port numbers
– Optional error checking on the packet contents
• Lightweight communication between processes
– Avoid overhead and delays of ordered, reliable delivery
• For example: VoIP, video conferencing, gaming

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

SSH

A

Secure Shell (SSH) is a cryptographic network protocol for operating network services securely over an unsecured network.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

HTTP

A

HTTP is the underlying protocol used by the World Wide Web and this protocol defines how messages are formatted and transmitted, and what actions Web servers and browsers should take in response to various commands.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Certification: Threats

A

Eavesdropping
– Password guessing
– Server database reading (compromised)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

• Certification Typical solution:

A

Use a trusted node as a certification authority (CA)
• E.g., VeriSign, GoDaddy
– Everybody needs to know the CA public key
– The CA generates certificates: Signed(A, public-key, validity
information)
– Certificates can be stored in a directory service or exchanged
during the authentication process

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

DNS

A

– Local DNS server / caching
– Hierarchical name space divided into zones
– Translation of names to/from IP addresses
– Distributed over a collection of DNS servers

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

true/false

192.168.x.x is not globally accessible.

A

True

• Not globally delegated
– 10.0.0.0/8 (255.0.0.0)
– 172.16.0.0/12 (255.240.0.0)
– 192.168.0.0/16 (255.255.0.0)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Which of the following header may not contain destination’s
information:
A. TCP header B. IP header
C. Ethernet header D. All of above

A

A. TCP header

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Compare TCP and UDP, and briefly describe their difference.

A

TCP is more secure

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Why do we need SSL

A

– Think about https

17
Q

Main properties of SSL

A

– Negotiate cipher suites
– Authenticate servers
– Verify certificates

18
Q

Firewall / IDS

• What are their roles

A

– Prevent vs. detect

19
Q

Firewall

A

– Packet filtering (stateless) vs. session filtering
(stateful)
– iptables

20
Q

– True or false
In secret key encryption, the encrypted file’s size may be smaller
than the original file’s.

A

False

Encryption makes files larger

21
Q

Which of the following gives the desired properties of hash
functions?
• a. One-way property, that is, it’s easy to reverse the hash
computation, but computationally infeasible to compute the hash
function itself.
• b. Collision free, that is, it’s computationally infeasible to find two
messages that have the same hash value.
• c. Only authorized parties can perform hash functions.

A

• b. Collision free, that is, it’s computationally infeasible to find two

22
Q

What’s a CA?

A

A CA is a trusted node that maintains the public keys for
all nodes (Each node maintains its own private key)
1
2
3
4
5
6
CA
If a new node is inserted in the network, only that new node and the CA need
to be configured with the public key for that node

23
Q

• What is a certificate?

A

A certificate is a signed message vouching that a
particular name goes with a particular public key
• Example:
1. [Alice’s public key is 876234]carol
2. [Carol’s public key is 676554]Ted & [Alice’s public key is
876234]carol

24
Q

– true/false
A longer password/key is always more secure than a shorter
one.

A

True

25
Q

• Which layer is IPsec

A

IP layer

26
Q

Which layer is SSL

A

Application

27
Q

True or false

Applying IPsec and SSL on the same data packet is redundant

A

False

28
Q

Compare IPsec and SSL, and briefly describe their differences.

A

SSL:
– Avoids modifying “TCP stack” and requires minimum changes to
the application
– Mostly used to authenticate servers
• IPsec
– Transparent to the application and requires modification of the
network stack
– Authenticates network nodes and establishes a secure channel
between nodes
– Application still needs to authenticate the users

29
Q

Describe the goal of the following firewall rule:

iptables -A INPUT -p icmp -j DROP

A

This firewall rule blocks incoming ping requests

30
Q

Explain the following snort rule and describe how to trigger the alert:
alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS 80
(msg:“Test attack”; content:”test_attack”; … … )

A

This snort rule checks HTTP requests for a specific message and alerts when it’s found
you would trigger this alert by making an http request containing the string “Test attack”

31
Q

Compare host-based and network-based IDS, and briefly

describe the difference.

A

• Host-based intrusion detection
– monitor activity on a single host
• Network-based intrusion detection (NIDS)
– monitor traffic, examine packet headers and payloads

IT 443 (1 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions