handout2

Question 1

Mirai

Answer 1

malware that infects smart devices and turn them into remotely controlled bots, it is known as botnets and used to launch DDOS attacks

Question 2

Stuxnet

Answer 2

Computer worm originally aimed at Iran nuclear facilities, it targeted PLCs (Programmable logic controllers ) and it was capable of crippling hardware

Question 3

What is internet

Answer 3

Networks of networks

Question 4

Network

Answer 4

Collection of interconnected devices

Question 5

Securing the network infrastructure is having

Answer 5

CIA
1- Confidentiality
2- Integrity
3- Availability

Question 6

Security

Answer 6

State of well being of information and infrastructure in which the possibility of successful yet undetected theft, distortion, or tampering of information is kept low or tolerable

Question 7

Information Security

Answer 7

Operations that protect information and information systems

Question 8

Five layers that we must protect

Answer 8

First layer (physical)
Second layer (link)
Third layer (network)
Fourth layer (Transport)
Fifth layer (application)

Question 9

The layers are from botttom to top

Answer 9

PLNTA

physical > Link >Network > Transport > application

Question 10

Asset

Answer 10

Resource that we need to protect

Question 11

Threat

Answer 11

Potential violation of security

Question 12

Vulnerabilitty

Answer 12

Weakness in the security

Question 13

Risk

Answer 13

Potential damage or misuse of an asset

Question 14

Attack

Answer 14

action that violates security

Question 15

Authenticity/Authentication

Answer 15

Sender/receiver wants to confirm identity of each other

Question 16

Authorization

Answer 16

Confirming what a user or entity is allowed to do

Question 17

Confidentiality

Answer 17

Concealment of information or resources

Only sender and intended receiver should understand message content

Question 18

Integrity

Answer 18

preventing unauthorized changes-trustworthiness of data

Question 19

Non repudiation

Answer 19

When a message is received, the receiver can prove that the sender sent the message

When a message is sent , the sender can prove that the receiver received the message

Question 20

Access control

Answer 20

Refers to what entities can use specific information or resources

Question 21

Availability

Answer 21

Services must be available to entities

Question 22

Interception

Answer 22

Unauthorized access to information

Question 23

Fabrication

Answer 23

Unauthorized assumption of others identity

Question 24

Availability attacks

Answer 24

Destroy hardware or software

or Modify software

Question 25

Passive attacks

Answer 25

Learn or make use of information of the system without affecting system resources

Question 26

Active attacks

Answer 26

Attempts to alter system resources or affect their operation

Question 27

Example attacks on the internet ISP

Answer 27

``` Propagating false routing entries Domain name hijacking link flooding configuration change Packet interception ```

Question 28

Example Attacks On corporation/ Campus networks

Answer 28

 Unauthorized access to hosts (client, server)  Disclosure and modification of network data  Denial-of-service (DoS) attacks  Distributed DoS (DDoS) attacks

Question 29

Example Attacks On application layer

Answer 29

Viruses, mail bombs, email attachments

Question 30

Network

Answer 30

Network is secure as it single weakest layer

Question 31

Internet protocol stack is made up from

Answer 31

Physical, Link , network, transport, application

Question 32

Phyiscal Layer

Answer 32

The bits on the wire or in the air

Question 33

Link Layer

Answer 33

data transfer between neighboring network elements (PPP, Ethernet)

Question 34

Network Layer

Answer 34

Routing of datagrams from source to destination like IP , routing protocols

Question 35

Transport layer

Answer 35

process-process data transfer like TCP, UDP

Question 36

Application Layer

Answer 36

Supporting network apps like FTP, SMTP, HTTP

Question 37

Missing layers in internet protocol Stack

Answer 37

Presentation and Session | They are embedded in application

Question 38

Encapsulation

Answer 38

https://www.youtube.com/watch?v=Vk_KQ6fwSxc

Question 39

Application layer like email

Answer 39

They are software programs, and they run on different end systems (Windows, MAC, Linux..) Application layer protocol: HTTP, FTP, SMTP, DNS, RTP, SNMP, etc...

Question 40

Transport layer

Answer 40

Provide logical communication between app processes running on different hosts ( process to process communication) Transport protocols run on end systems Each end system has abstract destination points called ports To communicate with a process , sender needs IP address and port number

Question 41

TCP

Answer 41

reliable in order delivery

Question 42

UDP

Answer 42

``` Unreliable unordered delivery "best-effort" IP Best effort service Usually used for data streaming Loss tolerant ```

Question 43

TCP: Transport control Protocol

Answer 43

Point to point One sender, one receiver, Reliable in order byte system Full duplex (Bi directional data flow in same connection)

Question 44

Internetworking

Answer 44

provides the ability to communicate between many different networks In internetworking we have: Network, Routers, Internet Protocol

Question 45

Network layer

Answer 45

> Transport segment from sending to receiving host > Sender; encapsulates segments into datagrams > Receiver: deliver segment to transport layer

Question 46

Routers examine header fields in all IP datagrams passing through them

Answer 46

True

Question 47

In routers we have

Answer 47

>Interconnection of different networks >Encapsulation of network layer datagrams in MAC layer frames >Fragmentaion if datagram is too large > Forwarding of packets from routers input to appropriate router output > Routing : determine route taken by packet from source to destination

Question 48

IP address

Answer 48

> 32 bits | > Identify host and router interfaces

Question 49

Routing algorithms

Answer 49

> Global : Algorithm has complete knowledge about the network > Decentralized: Router knows physically connected neighbors

Question 50

Data link layer

Answer 50

Responsibility of transferring datagram from one node to adjacent node over a link

Question 51

Data link services : Framing

Answer 51

Encapsulating datagram into frame adding header and trailer

Question 52

Data link services: Error detection/ correction

Answer 52

Receiver detects presence of errors

Question 53

Data link Reliable transmission

Answer 53

Mechanisms for retransmission of frame

Question 54

Multiple access protocols

Answer 54

``` Two different network scenarios: 1- Point to Point (PPP) for dial up access 2- Multiple access: Ethernet Token rings, FDDI ```

Question 55

MAC addresses

Answer 55

Used to get frame from one interface to another 48 bits burnt in the adapter ROM Each adapter has unique MAC address

Question 56

Nodes connect to hub or switches

Answer 56

True

Question 57

Hubs

Answer 57

LAN repeaters

Question 58

What are switches

Answer 58

Switches are link layer devices

Question 59

What switches do

Answer 59

> store and forward Ethernet frames > Examine frame header and selectively forward frame based on MAC addresses >When frame is forwarded , check if channel is free to transmit

Question 60

Hosts are unaware of presence of switches *switches are transparent)

Answer 60

True

Question 61

Switches do not need to be configured

Answer 61

True

Question 62

Switch filter packets

Answer 62

Same LAN segment do not usually forwarded onto other LAN segments

Question 63

Vulnerabilities - Physical Access

Answer 63

Physical access : If a computer can be physically accessed , control can be gained straight forward countermeasure: computers must be kept in a physically secure environment

Question 64

Vulnerabilities - software flaws

Answer 64

> Can occur in OS or application programs

Question 65

Buffer overflaw is the most common software flaw

Answer 65

true

Question 66

Vulnerabilities - Insecure OSs

Answer 66

Windows 3.x doesnot provide any security | Countermeasure: Use as a closed system

Question 67

Vulnerabilities poor configuration

Answer 67

like passwordless accounts | Wrong permisssions on files and directories

Question 68

REached 67

Answer 68

true