Gibson - Chapter 3: Exploring Network Technologies Flashcards

1
Q

Sniffing Attack

A

answer

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

DoS & DDoS

A

answer

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Poisoning Attack

A

answer

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

OSI (Open Systems Interconnection) model

A

answer

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

TCP (Transmission Control Protocol)

  • provides connection-oriented traffic
  • guaranteed delivery
  • uses 3-way handshake
  • SYN : SYN/ACK : ACK
A

Guaranteed delivery via 3- way handshake

  • (vs best effort /connectionless UDP)
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

UDP (User Datagram Protocol)

  • connectionless sessions (w/out 3-way handshake)
  • best effort to deliver traffic (w/out extra traffic to ensure delivery
  • ICMP traffic such as ping, audio/video, network based DoS
A

Best effort / connectionless
- (vs guaranteed delivery via 3- way handshake for TCP)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

IP (Internet Protocol)

  • identifies hosts in a TCP/IP network
  • delivers traffic from one host to another using IP addressed
  • IPv4 (32 bit dotted decimal)
  • IPv6 (128 bit hexadecimal)
A

IP (Internet Protocol)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

ICMP (Internet Control Message Protocol)

  • used for testing basic connectivity
  • tools include ping, pathping, tracert
  • blocking ICMP prevents many DoS attacks
A

ICMP (Internet Control Message Protocol)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

ARP (Address Resolution Protocol)

  • resolves IPv4 addresses to MAC (Media Access Control) addresses
  • ARP poisoning attacks redirect or interrupt network traffic
A

ARP (Address Resolution Protocol)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

RTP (Real Time Transport Protocol)

  • delivers audio & video over IP networks
  • includes VoIP (Voice over Internet Protocol), streaming media, video teleconferencing etc
  • unsecure
A

RTP (Real Time Transport Protocol)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

SRTP (Secure Real-time Transport Protocol)

  • provides encryption
  • provides message authentication
  • provides integrity
  • protects against Replay Attacks
  • can be used for both unicast and multicast transmissions
A

SRTP (Secure Real-time Transport Protocol)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

SIP (Session Initiation Protocol)

  • used to initiate, maintain, and terminate voice, video, and messaging sessions
  • use request and response messages when establishing a session
  • are text so easy to read if captured
  • contain metadata about sessions (not data)
A

SIP (Session Initiation Protocol)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

FTP (File Transfer Protocol)

  • uploads and downloads large files to and from an FTP server
  • by default transmits data in clear text

(Gibson 601; Chapter 3, pg 324)

A

TCP port 20/21

  • TCP port 21 (for CONTROL SIGNALS)

— (both ACTIVE & PASSIVE MODE)

  • TCP port 20 (for DATA in ACTIVE MODE)
  • Passive (PASV) uses random DATA port

(Transmission Control Protocol)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

TFTP (Trivial File Transfer Protocol)

  • used to transfer smaller amounts data

– i.e. when communicating with network devices

  • not essential protocol on most networks
  • commonly disabled

(Gibson 601; Chapter 3, pg 324)

A

UDP port 69

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

SSH (Secure Shell)

  • encrypts traffic in transit
  • SSH + FTP = SFTP (Secure File Transfer Protocol)
  • can also encrypt TCP Wrappers

— (TCP Wrappers are a type of access control list (ACL) used on Linux systems to filter traffic)

  • Secure Copy (SCP) is based on SSH

(Gibson 601; Chapter 3, pg 324)

A

TCP port 22

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

SSL (Secure Sockets Layer)

A

primary encryption for HTTP (Hypertext Transfer Protocol)

compromised, replaced by TLS

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

TLS (Transport Layer Security)

A

replacement for SSL

18
Q

IPSec (Internet Protocol security)

  • used to encrypt IP traffic
  • native to IPv6, also works with IPv4
  • encapsulates and encrypts IP packet payloads
  • uses Tunnel mode to protect VPN (virtual private network) traffic
  • two main components

– AH (Authentication Header)

—-[protocol ID number 51)

– ESP (Encapsulating Security Payload)

—-[protocol number 50)

  • uses IKE (Internet Key Exhange) over UDP 500
A

UDP port 500

19
Q

SFTP (Secure File Transfer Protocol)

  • secure implementation of FTP
  • is an extension of Secure Shell (SSH)
  • uses SSH to transmit the files in an encrypted format

(Gibson 601; Chapter 3, pg 325)

A

TCP port 22

20
Q

FTPS (File Transfer Protocol Secure)

  • an extension of FTP
  • uses TLS (Transport Layer Security) to encrypt FTP traffic
  • difference between FTPS & SFTP is TLS vs SSH
A

TCP ports 989/990

(some) TCP ports 20/21

(Transmission Control Protocol)

21
Q

SMTP (Simple Mail Transfer Protocol)

A

SMTP (Simple Mail Transfer Protocol)

22
Q

POP3 (Post Office Protocol v3)

A

POP3 (Post Office Protocol v3)

23
Q

IMAP4 (Internet Message Access Protocol v4)

A

IMAP4 (Internet Message Access Protocol v4)

24
Q

HTTP (Hypertext Transfer Protocol)

A

HTTP (Hypertext Transfer Protocol)

25
**HTTPS** (**H**yper**t**ext **T**ransfer **P**rotocol **S**ecure)
**HTTPS** (**H**yper**t**ext **T**ransfer **P**rotocol **S**ecure)
26
**LDAP** (**L**ightweight **D**irectory **A**ccess **P**rotocol)
**LDAP** (**L**ightweight **D**irectory **A**ccess **P**rotocol)
27
**LDAPS** (**L**ightweight **D**irectory **A**ccess **P**rotocol **S**ecure)
**LDAPS** (**L**ightweight **D**irectory **A**ccess **P**rotocol **S**ecure)
28
**RDP** (**R**emote **D**esktop **P**rotocol)
**RDP** (**R**emote **D**esktop **P**rotocol)
29
**OpenSSH**
**OpenSSH**
30
**NTP** (**N**etwork **T**ime **P**rotocol)
**NTP** (**N**etwork **T**ime **P**rotocol)
31
**DHCP** (**D**ynamic **H**ost **C**onfiguration **P**rotocol)
**DHCP** (**D**ynamic **H**ost **C**onfiguration **P**rotocol)
32
**IPv4**
**IPv4**
33
**IPv6**
**IPv6**
34
DHCP Snooping
DHCP Snooping
35
DHCP Discover
DHCP Discover
36
DHCP Offer
DHCP Offer
37
DHCP Request
DHCP Request
38
DHCP Acknowledge
DHCP Acknowledge
39
**DNS** (**D**omain **N**ame **S**ystem) * A * AAAA * PTR * MX * CNAME * SOA
**DNS** (**D**omain **N**ame **S**ystem)
40
DNS Poisoning
DNS Poisoning
41
**DNSSEC** (**D**omain **N**ame **S**ystem **Sec**urity Extensions)
**DNSSEC** (**D**omain **N**ame **S**ystem **Sec**urity Extensions)
42